Afficher/cacher Sommaire
GitLab/Yunohost (Debian Jessie)
Installation et paramétrage GitLab+Nginx
Installation gitlab avec utilisation du serveur nginx existant sur yunohost
Gitlab Gitlab-ce APT/YUM repository for GitLab Community Edition packages
curl -LJO https://packages.gitlab.com/gitlab/gitlab-ce/packages/debian/jessie/gitlab-ce_9.2.2-ce.0_amd64.deb/download
sudo dpkg -i gitlab-ce_9.2.2-ce.0_amd64.deb
GitLab-Using a non-bundled web-server
Config nginx
Configuration , on n'utilise pas le serveur nginx embarqué dans gitlab-ce
sudo nano /etc/gitlab/gitlab.rb
nginx['enable'] = false
web_server['external_users'] = ['www-data']
Valider la configuration
sudo gitlab-ctl reconfigure
Ajout www-data au groupe gitlab-www
sudo usermod -aG gitlab-www www-data
Le fichier de configuration nginx /etc/nginx/conf.d/gitlab.xeuyakzas.xyz.conf
sudo nano /etc/nginx/conf.d/gitlab.xeuyakzas.xyz.conf
## GitLab
##
## Modified from nginx http version
## Modified from http://blog.phusion.nl/2012/04/21/tutorial-setting-up-gitlab-on-debian-6/
## Modified from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
##
## Lines starting with two hashes (##) are comments with information.
## Lines starting with one hash (#) are configuration parameters that can be uncommented.
##
##################################
## CONTRIBUTING ##
##################################
##
## If you change this file in a Merge Request, please also create
## a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
##
###################################
## configuration ##
###################################
##
## See installation.md#using-https for additional HTTPS configuration details.
upstream gitlab-workhorse {
server unix:/var/opt/gitlab/gitlab-workhorse/socket fail_timeout=0;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name gitlab.xeuyakzas.xyz;
ssl_certificate /etc/yunohost/certs/xeuyakzas.xyz/crt.pem;
ssl_certificate_key /etc/yunohost/certs/xeuyakzas.xyz/key.pem;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!aNULL:!eNULL:!LOW:!EXP:!RC4:!3DES:+HIGH:+MEDIUM;
add_header Strict-Transport-Security "max-age=31536000;";
ssl_dhparam /etc/ssl/private/dh4096.pem;
## Individual nginx logs for this GitLab vhost
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
client_max_body_size 0;
gzip off;
## https://github.com/gitlabhq/gitlabhq/issues/694
## Some requests take more than 30 seconds.
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://gitlab-workhorse;
}
}
Vérifier et relancer le serveur nginx
sudo nginx -t
sudo service nginx restart
Certificat gitlab.xeuyakzas.xyz
Pour le domaine xeuyakzas.xyz et sous-domaine gitlab.xeuyakzas.xyz
Modifier /etc/ssowat/conf.json.persistent
sudo nano /etc/ssowat/conf.json.persistent
{
unprotected_urls : [
"xeuyakzas.xyz/.well-known/acme-challenge",
"gitlab.xeuyakzas.xyz/.well-known/acme-challenge"
]
}
Modifier /usr/local/etc/letsencrypt/xeuyakzas.xyz.ini
sudo nano /usr/local/etc/letsencrypt/xeuyakzas.xyz.ini
#################################
# Let's encrypt configuration #
#################################
# Taille de la clef
rsa-key-size = 4096
# Email de notification / contact si nécessaire dans le futur
email = webmaster@xeuyakzas.xyz
# domaine(s)
domains = xeuyakzas.xyz,gitlab.xeuyakzas.xyz
# Utiliser la méthode d'authentification webroot
# avec le contenu dans /tmp/letsencrypt-auto
webroot-path = /tmp/letsencrypt-auto
Créer ou renevouler les certificats
sudo -s
cd /opt/certbot
./certbot-auto certonly -a webroot --renew-by-default --config /usr/local/etc/letsencrypt/xeuyakzas.xyz.ini
Les certificats sont sous /etc/letsencrypt/live/xeuyakzas.xyz/
Gitlab , première utilisation
A la première connexion au site https://gitlab.xeuyakzas.xyz , il faut renseigné le mot de passe “admin”
Créer un utilisateur et son mot de passe : xyz@xeuyakzas.xyz xxxxx
Se connecter et créer un groupe spm avec accès Public
Créer un projet wikistatic dans le groupe spm avec accès Public
Sur l’ordinateur local , créer l’utilisateur pour git
git config --global user.name "xyz"
git config --global user.email "xyz@xeuyakzas.xyz"
Dépôt local ~/media/devel/git/wikistatic existe , mise à jour du dépôt distant par git
# se positionner dans le dossier du dépot local
cd ~/media/devel/git/wikistatic
# effacer si nécessaire toutes traces
sudo rm -r .git
# initialisation du dépôt
git init
# initialisation du dépôt distant
git remote add origin https://gitlab.xeuyakzas.xyz/spm/wikistatic.git
# lister tous les dossiers et fichiers
git add .
# mettre à jour le dépôt distant
git commit -m "Initial commit"
git push -u origin master
# login et mot de passe demandés pour accès au site gitlab.xeuyakzas.xyz
Username for 'https://gitlab.xeuyakzas.xyz': xyz
Password for 'https://xyz@gitlab.xeuyakzas.xyz':
Si tout se déroule correctement , message suivant :
La branche master est paramétrée pour suivre la branche distante master depuis origin.
Le groupe spm et les dépots sont en accès Public pour le clonage :
git clone https://gitlab.xeuyakzas.xyz/spm/wikistatic.git
How to remove/uninstall Gitlab completely
There are many instructions and tutorials available, providing a step-by-step guidance, on how to install Gitlab on your Linux system. But what if you completely want to remove it from your system? Let me help you out with this: How to completely remove/uninstall Gitlab
As described by Gitlab you normally install it by extending your sources with the Gitlab repository using the provided script. This extension allows you to use apt-get to install Gitlab as any application. Furthermore this also applies for removing Gitlab. Check out this step-by-step instruction for how to uninstall Gitlab:
1 – Stop the gitlab service
If Gitlab is running you first have to stop its service to correctly remove it later. Use the Gitlab own command to stop the Gitlab service completely. Gitlab will confirm it and shut down with some console output.
sudo gitlab-ctl stop
2 – Self-Uninstall using the Gitlab control script
Gitlab comes with a self-contained uninstall script removing some files, dependencies and services. It will also automatically backup your configuration files and provide them as archive in your home folder. Use the following command to self-uninstall Gitlab. Gitlab will confirm the execution with some console output.
sudo gitlab-ctl uninstall
3 – Delete the package of gitlab
To fully delete Gitlab you have to use the apt-get packaging tool and remove the Gitlab package from your system. If you purge Gitlab from your system you will remove everything. This especially means your configuration files and user data.
Command to fully remove:
sudo apt-get purge gitlab-ce
Command to save-remove:
sudo apt-get remove gitlab-ce
4 – Remove the remaining files and folders
After removing the gitlab-ce package the system warns you which folder could not be deleted successfully. Normally that should be /opt/gitlab/ , /var/opt/gitlab/ and /var/log/gtitlab . To remove them you have to execute the systems remove command to recursively remove the remaining folders.
Command (may replace the path):
sudo rm -rf /org/gitlab/
sudo rm -rf /var/opt/gitlab/
5 – Remove gitlab from your sources
Gitlab creates a custom source list entry for your machine to seamlessly work with apt-get. You should consider to remove this entry after uninstalling Gitlab. I wrote a short post about this topic here: Remove apt respository sources
6 – Restart your machine
You do not have to but if your system behaves not like usual you should consider to restart. Just in case.