GitLab: Difference between revisions

Latest revision as of 04:01, 5 April 2023

Kubernetes Administration

Notes on deploying GitLab using their Helm chart.

Setup

To use your own PVs and PVCs,

Create your own PVs and PVCs for gitaly, postgres, and redis.
Setup a PV for minio.
- Note that the gitaly PVC should be named repo-data-gitlab-gitaly-0
Set the following values:

minio:
  replicas: 2
  persistence:
    volumeName: gitlab-minio
redis:
  persistence:
    existingClaim: gitlab-redis
postgresql:
  persistence:
    existingClaim: gitlab-postgres

Migration from Omnibus Install

See Migrate from the Linux package to the Helm chart

Docker-in-docker CI/CD

The Gitlab CI/CD is useful for building docker images.
You will need to deploy setup Gitlab runners.

Due to some issues with fastly [1], you will want to set command: ["--mtu=1300"] on your dind service containers.

Omnibus Administration

Here are notes on running your own gitlab instance.
Note: I've migrated from the Omnibus install to the helm charts.

Terms

unicorn - this is the web server portion of gitlab
sidekiq - the background job processor

Basic Commands

sudo gitlab-ctl start
sudo gitlab-ctl stop
sudo gitlab-ctl restart

LFS

LFS Administration

Edit the config in /etc/gitlab/gitlab.rb and set the following:

### Git LFS
gitlab_rails['lfs_enabled'] = true
gitlab_rails['lfs_storage_path'] = "/var/opt/gitlab/gitlab-rails/shared/lfs-objects"

Notes

If you change the LFS directory, you should run sudo gitlab-ctl reconfigure
- The LFS directory should be 700 and git:root.
- Parent directories need to have permissions 775 with git in the group or owned by user git.
- See https://docs.gitlab.com/omnibus/settings/configuration.html#disable-storage-directories-management for more details.

Email

The easiest way if you have very few users like me is to setup a separate gmail account.
Then use forwardemail.net such that the separate gmail account can send using your domain.
Then fill in the configuration.
See settings:smtp#gmail. Also set:

gitlab_rails['gitlab_email_from'] = '[email protected]'

Container Registry

In /etc/gitlab/gitlab.rb, edit the following:

registry_external_url 'https://registry.gitlab.davidl.me'

### Settings used by GitLab application
gitlab_rails['registry_enabled'] = true
gitlab_rails['registry_host'] = "registry.gitlab.davidl.me"
gitlab_rails['registry_path'] = "/var/opt/gitlab/gitlab-rails/shared/registry"

registry_nginx['enable'] = false

Then have your reverse proxy to 5000.

@@ Line 1: / Line 1: @@
-==Administration==
+==Kubernetes Administration==
-Here are notes on running your own gitlab instance.
+Notes on deploying GitLab using their Helm chart.
+===Setup===
+To use your own PVs and PVCs,
+* Create your own PVs and PVCs for gitaly, postgres, and redis.
+* Setup a PV for minio.
+** Note that the gitaly PVC should be named <code>repo-data-gitlab-gitaly-0</code>
+* Set the following values:
+<pre>
+minio:
+  replicas: 2
+  persistence:
+    volumeName: gitlab-minio
+redis:
+  persistence:
+    existingClaim: gitlab-redis
+postgresql:
+  persistence:
+    existingClaim: gitlab-postgres
+</pre>
+===Migration from Omnibus Install===
+See [https://docs.gitlab.com/charts/installation/migration/package_to_helm.html Migrate from the Linux package to the Helm chart]
+===Docker-in-docker CI/CD===
+The Gitlab CI/CD is useful for building docker images.<br>
+You will need to deploy setup Gitlab runners.
+Due to some issues with fastly [https://github.com/gliderlabs/docker-alpine/issues/307], you will want to set <code>command: ["--mtu=1300"]</code> on your <code>dind</code> service containers.
+==Omnibus Administration==
+Here are notes on running your own gitlab instance.<br>
+'''Note: I've migrated from the Omnibus install to the helm charts.'''
 ===Terms===
 * unicorn - this is the web server portion of gitlab
@@ Line 21: / Line 54: @@
 gitlab_rails['lfs_enabled'] = true
 gitlab_rails['lfs_storage_path'] = "/var/opt/gitlab/gitlab-rails/shared/lfs-objects"
-# gitlab_rails['lfs_object_store_enabled'] = false
-# gitlab_rails['lfs_object_store_direct_upload'] = false
-# gitlab_rails['lfs_object_store_background_upload'] = true
-# gitlab_rails['lfs_object_store_proxy_download'] = false
-# gitlab_rails['lfs_object_store_remote_directory'] = "lfs-objects"
-# gitlab_rails['lfs_object_store_connection'] = {
-#   'provider' => 'AWS',
-#   'region' => 'eu-west-1',
-#   'aws_access_key_id' => 'AWS_ACCESS_KEY_ID',
-#   'aws_secret_access_key' => 'AWS_SECRET_ACCESS_KEY',
-#   # # The below options configure an S3 compatible host instead of AWS
-#   # 'aws_signature_version' => 4 # For creation of signed URLs. Set to 2 if provider does not support v4.
-#   # 'endpoint' => 'https://s3.amazonaws.com' # default: nil - Useful for S3 compliant services such as DigitalOcean Spaces
-#   # 'host' => 's3.amazonaws.com',
-#   # 'path_style' => false # Use 'host/bucket_name/object' instead of 'bucket_name.host/object'
-# }
 </pre>
@@ Line 45: / Line 62: @@
 ** See [https://docs.gitlab.com/omnibus/settings/configuration.html#disable-storage-directories-management https://docs.gitlab.com/omnibus/settings/configuration.html#disable-storage-directories-management] for more details.
-===Gitlab===
+===Email===
 The easiest way if you have very few users like me is to setup a separate gmail account.
 Then use forwardemail.net such that the separate gmail account can send using your domain.
@@ Line 54: / Line 71: @@
 gitlab_rails['gitlab_email_from'] = '[email protected]'
 </pre>
+===Container Registry===
+In <code>/etc/gitlab/gitlab.rb</code>, edit the following:
+<pre>
+registry_external_url 'https://registry.gitlab.davidl.me'
+### Settings used by GitLab application
+gitlab_rails['registry_enabled'] = true
+gitlab_rails['registry_host'] = "registry.gitlab.davidl.me"
+gitlab_rails['registry_path'] = "/var/opt/gitlab/gitlab-rails/shared/registry"
+registry_nginx['enable'] = false
+</pre>
+Then have your reverse proxy to 5000.