« Gitlab » : différence entre les versions
De Banane Atomic
Aller à la navigationAller à la recherche
(13 versions intermédiaires par le même utilisateur non affichées) | |||
Ligne 8 : | Ligne 8 : | ||
sudo pacman gitlab | sudo pacman gitlab | ||
</kode> | </kode> | ||
<filebox fn='/etc/webapps/gitlab/gitlab.yml'> | |||
host: gitlab.domain.net | |||
port: 443 | |||
https: true | |||
</filebox> | |||
== [https://wiki.archlinux.org/index.php/GitLab#Secret_strings Secret string] == | == [https://wiki.archlinux.org/index.php/GitLab#Secret_strings Secret string] == | ||
Fill the following files with a secret: | |||
<kode lang='bash'> | <kode lang='bash'> | ||
hexdump -v -n 64 -e '1/1 "%02x"' /dev/urandom | sudo dd of=/etc/webapps/gitlab/secret | hexdump -v -n 64 -e '1/1 "%02x"' /dev/urandom | sudo dd of=/etc/webapps/gitlab/secret | ||
sudo chmod 640 /etc/webapps/gitlab/secret | |||
hexdump -v -n 64 -e '1/1 "%02x"' /dev/urandom | sudo dd of=/etc/webapps/gitlab-shell/secret | hexdump -v -n 64 -e '1/1 "%02x"' /dev/urandom | sudo dd of=/etc/webapps/gitlab-shell/secret | ||
sudo chmod 640 /etc/webapps/gitlab-shell/secret | |||
</kode> | </kode> | ||
Set secrets in the following configuration file: | |||
<filebox fn='/etc/webapps/gitlab/secrets.yml'> | <filebox fn='/etc/webapps/gitlab/secrets.yml'> | ||
production: | production: | ||
secret_key_base: secret | secret_key_base: [secret] | ||
db_key_base: secret | db_key_base: [secret] | ||
otp_key_base: [secret] | |||
openid_connect_signing_key: [secret] | |||
</filebox> | </filebox> | ||
Ligne 24 : | Ligne 37 : | ||
<kode lang='bash'> | <kode lang='bash'> | ||
# Add user gitlab to group redis | # Add user gitlab to group redis | ||
cat /etc/group | grep redis | |||
sudo gpasswd -a gitlab redis | sudo gpasswd -a gitlab redis | ||
</kode> | </kode> | ||
[https://wiki.archlinux.org/title/Redis Listen on socket] | |||
<filebox fn='/etc/redis/redis.conf'> | |||
unixsocket /run/redis/redis.sock | |||
unixsocketperm 770 | |||
# don't listen on TCP | |||
#port 6379 | |||
port 0 | |||
</filebox> | |||
<filebox fn='/etc/webapps/gitlab/resque.yml'> | |||
development: | |||
url: unix:/run/redis/redis.sock | |||
test: | |||
url: unix:/run/redis/redis.sock | |||
production: | |||
url: unix:/run/redis/redis.sock | |||
</filebox> | |||
== [https://wiki.archlinux.org/index.php/GitLab#PostgreSQL_database PostgreSQL database] == | == [https://wiki.archlinux.org/index.php/GitLab#PostgreSQL_database PostgreSQL database] == | ||
<kode lang='bash'> | |||
# switch to the PostgreSQL user | |||
sudo -iu postgres | |||
# create a user named gitlab with superuser rights | |||
createuser --interactive | |||
# login into the databases server | |||
psql | |||
# change the password of the gitlab user | |||
\password gitlab | |||
# create the database | |||
create database gitlabdb OWNER gitlab; | |||
</kode> | |||
<filebox fn='/var/lib/postgres/data/pg_hba.conf'> | |||
# TYPE DATABASE USER METHOD | |||
local gitlabdb gitlab scram-sha-256 | |||
</filebox> | |||
<kode lang='bash'> | |||
# login as gitlab | |||
psql -U gitlab -d gitlabdb | |||
</kode> | |||
<filebox fn='/etc/webapps/gitlab/database.yml'> | |||
production: | |||
main: | |||
adapter: postgresql | |||
encoding: unicode | |||
database: gitlabdb | |||
username: gitlab | |||
password: [password] | |||
host: localhost | |||
</filebox> | |||
<kode lang='bash'> | |||
# start redis and gitlab-gitaly | |||
sc-start redis | |||
sc-start gitlab-gitaly | |||
cd /usr/share/webapps/gitlab | |||
sudo -u gitlab $(cat environment | xargs) bundle-2.7 exec rake gitlab:setup | |||
</kode> |
Version du 29 mai 2023 à 16:00
Links
Installation
- install and configure PostgreSQL
sudo pacman gitlab |
/etc/webapps/gitlab/gitlab.yml |
host: gitlab.domain.net port: 443 https: true |
Secret string
Fill the following files with a secret:
hexdump -v -n 64 -e '1/1 "%02x"' /dev/urandom | sudo dd of=/etc/webapps/gitlab/secret sudo chmod 640 /etc/webapps/gitlab/secret hexdump -v -n 64 -e '1/1 "%02x"' /dev/urandom | sudo dd of=/etc/webapps/gitlab-shell/secret sudo chmod 640 /etc/webapps/gitlab-shell/secret |
Set secrets in the following configuration file:
/etc/webapps/gitlab/secrets.yml |
production: secret_key_base: [secret] db_key_base: [secret] otp_key_base: [secret] openid_connect_signing_key: [secret] |
Redis
# Add user gitlab to group redis cat /etc/group | grep redis sudo gpasswd -a gitlab redis |
/etc/redis/redis.conf |
unixsocket /run/redis/redis.sock unixsocketperm 770 # don't listen on TCP #port 6379 port 0 |
/etc/webapps/gitlab/resque.yml |
development: url: unix:/run/redis/redis.sock test: url: unix:/run/redis/redis.sock production: url: unix:/run/redis/redis.sock |
PostgreSQL database
# switch to the PostgreSQL user sudo -iu postgres # create a user named gitlab with superuser rights createuser --interactive # login into the databases server psql # change the password of the gitlab user \password gitlab # create the database create database gitlabdb OWNER gitlab; |
/var/lib/postgres/data/pg_hba.conf |
# TYPE DATABASE USER METHOD local gitlabdb gitlab scram-sha-256 |
# login as gitlab psql -U gitlab -d gitlabdb |
/etc/webapps/gitlab/database.yml |
production: main: adapter: postgresql encoding: unicode database: gitlabdb username: gitlab password: [password] host: localhost |
# start redis and gitlab-gitaly sc-start redis sc-start gitlab-gitaly cd /usr/share/webapps/gitlab sudo -u gitlab $(cat environment | xargs) bundle-2.7 exec rake gitlab:setup |