Setting up Gitlab from scratch on centos 7

From Define Wiki
Jump to navigation Jump to search

Install prerequisites

Install the following packages before we start 

yum -y install curl policycoreutils openssh-server openssh-clients postfix
systemctl enable postfix
systemctl start postfix

Install gitlab

curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
yum -y install gitlab-ce

Setup the gitlab config file 

cd /etc/gitlab/
vim gitlab.rb
external_url 'https://gitlab.define-technology.com'

Setup letsencrypt certs

yum -y install epel-release
yum -y install letsencrypt
letsencrypt certonly --standalone -d gitlab.define-technology.com
mkdir -p /etc/gitlab/ssl/
openssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048
chmod 600 /etc/gitlab/ssl/*

Setup nginx

Change the external URL to https if not done so already and add the nginx stuff below 

# back to the /etc/gitlab/gitlab.rb file 
external_url 'https://gitlab.define-technology.com'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/letsencrypt/live/gitlab.define-technology.com/fullchain.pem"
nginx['ssl_certificate_key'] = "/etc/letsencrypt/live/gitlab.define-technology.com/privkey.pem"
nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem"

Reconfigure gitlab

gitlab-ctl reconfigure


Optional firewall

If not already behind an openstack security group then set this up 

yum -y install firewalld
systemctl start firewalld
systemctl enable firewalld
firewall-cmd --permanent --add-service ssh
firewall-cmd --permanent --add-service http
firewall-cmd --permanent --add-service https
firewall-cmd --reload
firewall-cmd --list-all
Retrieved from "http://wiki.define-technology.com/mediawiki-1.35.0/index.php?title=Setting_up_Gitlab_from_scratch_on_centos_7&oldid=32377"