Skip to content
Snippets Groups Projects
Select Git revision
  • develop
  • main default protected
2 results
Compare
Olivier Benz's avatar
Update README and FUNDING
Olivier Benz authored 
- Remove fosspay
51e55c60
History
Olivier Benz's avatar 51e55c60
History
Name Last commit Last update
.github
custom
references
.gitignore
CODE_OF_CONDUCT.md
LICENSE
README.md
sample..env
sample.docker-compose.yml
README.md

minimal-readme compliant Project Status: Active – The project has reached a stable, usable state and is being actively developed. Donate using Liberapay

GitLab Community Edition (CE)

This project serves as a template to run gitlab-ce in a docker container using docker compose.

The docker image is a monolithic image of GitLab running all the necessary services in a single container.

Features

  • GitLab CE with Mattermost Team Edition (TE) and Container Registry enabled.
    • Disabled: LDAP, Reply by email and Gitlab Pages
    • Includes gitlab-runner to register shared runners.
  • Pre-configured to run at subdomains of your own domain:
    • GitLab: gitlab.mydomain.com
    • Mattermost: mattermost.mydomain.com
    • Registry: registry.gitlab.mydomain.com
  • Exposes GitLab shell on port 10022 by default.
  • Sends emails through an exim-relay container by default.
  • Use of an .env file for variable substitution in the Compose file.

About GitLab

Table of Contents

Prerequisites

The following is required:

  • DNS records for all subdomains pointing to this host.
  • Allowing connections on port 10022 to access GitLab shell (Git over SSH).

Hardware requirements:

  • Storage: As a rule of thumb you should have at least as much free space as all your repositories combined take up
  • CPU: 4 cores is the recommended minimum number of cores and supports up to 500 users
  • Memory: 4 GB RAM is the required minimum memory size and supports up to 500 users

Install

This project depends on the following Docker Deployment:

  • Træfik: TLS termination, reverse proxy

Usage

  1. Create an external docker network named "vcs": 
    docker network create vcs
  2. Make a copy of all sample. files: 
    for file in sample.*; do cp "$file" "${file#sample.}"; done;
  3. Update at least environment variables GL_DOMAIN and GL_CERTRESOLVER_NAME in '.env':
    • Replace mydomain.com with your own domain that serves the subdomains.
    • Replace mydomain-com with a valid certificate resolvers name of Træfik.
  4. Optional: Set these environment variables in '.env':
    • GL_TZ: A valid tz database time zone (default: Etc/UTC)
    • GITLAB_SHELL_SSH_PORT: GitLab Shell SSH port (default: 10022)
    • GL_INITIAL_ROOT_PASSWORD: Initial default admin password (default: password)
    • GL_INITIAL_SHARED_RUNNERS_REGISTRATION_TOKEN: Initial shared runners registration token (default: set by GitLab)
      Generate random registration token: 
      LC_ALL=C tr -cd 'A-Za-z0-9' < /dev/urandom | fold -w 20 | head -n 1
    • GL_SMTP_PASSWORD: SMTP server password (disabled)
    • GL_SMTP_ADDRESS: SMTP server address (default: gitlab-smtp)
    • GL_SMTP_PORT: SMTP server port (default: 8025)
    • MM_PUBLIC_LINK_SALT: Mattermost Public Link Salt (default: set by GitLab)
      Generate random salt: 
      LC_ALL=C tr -cd 'a-z0-9' < /dev/urandom | fold -w 32 | head -n 1
  5. Optional: Set these environment variables in 'docker-compose.yml':
    • Uncomment line 69 if you have set GL_INITIAL_SHARED_RUNNERS_REGISTRATION_TOKEN in step 4.
    • Uncomment line 119 if you have set MM_FILESETTINGS_PUBLICLINKSALT in step 4.
  6. Start the container in detached mode: 
    docker compose up -d

GitLab

Open https://gitlab.mydomain.com, log in as user root and check the following settings:

  • Admin Area > Settings > General > Visibility and access controls:
    • Default project visibility
    • Default snippet visibility
    • Default group visibility
    • Restricted visibility levels
  • Admin Area > Settings > General > Sign-up restrictions:
    • Sign-up enabled
  • Admin Area > Settings > General > Sign-in restrictions > Email notification for unknown sign-ins:
    • Notify users by email when sign-in location is not recognized
  • Admin Area > Settings > Preferences > Localization:
    • Default first day of the week

Change the following settings:

  • Admin Area > Settings > General > Third party offers:
    • Tick "Do not display offers from third parties within GitLab"
  • Admin Area > Settings > Metrics and profiling > Usage statistics:
    • Untick "Enable usage ping"
  • Admin Area > Settings > Network > Outbound requests:
    • Tick "Allow requests to the local network from web hooks and services"
  • Admin Area > Settings > Preferences > Email:
    • Untick "Enable in-product marketing emails"

Add Mattermost to Applications:

  • Admin Area > Applications: Click "New application"
    • Name: GitLab Mattermost
    • Redirect URL: 
      https://mattermost.mydomain.com/signup/gitlab/complete
https://mattermost.mydomain.com/login/gitlab/complete
      → Replace mydomain.com with your own domain that serves the subdomains.
    • Tick "Trusted"
    • Scopes:
      • Tick "api"
  • Click "Submit" and copy "Application ID" and "Secret"

Mattermost

  1. Set the following environment variables in '.env':
    • MM_GITLAB_APPLICATION_ID: "Application ID" from GitLab
    • MM_GITLAB_SECRET: "Secret" from GitLab
  2. Reconfigure GitLab: 
    docker compose up -d
  3. Wait until GitLab container is ready again.
  4. Log into https://mattermost.mydomain.com using "GitLab Single Sign-On".

Register shared runners

docker exec -ti vcs-gitlab-runner-1 bash -c "gitlab-runner register"
  1. Enter your GitLab instance URL: 
    Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com )
https://gitlab.mydomain.com
  2. Enter the token you obtained to register the Runner: 
    Please enter the gitlab-ci token for this runner
<registration token>
  3. Enter a description for the Runner, you can change this later in GitLab’s UI: 
    Please enter the gitlab-ci description for this runner
Shared Runner
  4. Enter the tags associated with the Runner, you can change this later in GitLab’s UI: 
    Please enter the gitlab-ci tags for this runner (comma separated):
<Enter>
  5. Enter the Runner executor: 
    Please enter the executor: ssh, docker+machine, docker-ssh+machine, kubernetes, docker, parallels, virtualbox, docker-ssh, shell:
docker
  6. If you chose Docker as your executor, you’ll be asked for the default image to be used for projects that do not define one in .gitlab-ci.yml: 
    Please enter the Docker image (eg. ruby:2.1):
alpine:latest

See also Configuring GitLab Runner.

Further reading

GitLab

Mattermost

Contributing

PRs accepted.

This project follows the Contributor Covenant Code of Conduct.

License

MIT © 2019 b-data GmbH