Bonjour,
Voici comment installer gitlab sur LXC
Installer les dépendances :
sudo yum install -y perl curl postfix
sudo systemctl enable --now postfix
Editer le sysctl :
sudo nano /etc/sysctl.conf
kernel.shmall = 4194304
kernel.sem = 250 32000 32 262
net.core.somaxconn = 1024
kernel.shmmax = 17179869184
reboot
Installer Gitlab CE : (Au choix)
curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
sudo EXTERNAL_URL="https://git.example.com" yum install -y gitlab-ce
Installer Gitlab EE : (Au choix)
curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
sudo EXTERNAL_URL="https://git.example.com" yum install -y gitlab-ee
Définir le mot de passe root :
gitlab-rake "gitlab:password:reset"
Votre certificat SSL : (Optionnel)
Éditer le fichier de configuration :
nano /etc/gitlab/gitlab.rb
external_url 'https://git.example.com'
nginx['enable'] = true
nginx['client_max_body_size'] = '250m'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/git.example.com.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/git.example.com.key"
nginx['ssl_ciphers'] = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
nginx['ssl_prefer_server_ciphers'] = "off"
nginx['ssl_protocols'] = "TLSv1.2 TLSv1.3"
Vos certificats ce trouve ici :
cd /etc/gitlab/ssl/
/etc/gitlab/ssl/git.example.com.key
/etc/gitlab/ssl/git.example.com.crt
Email Notification : (Optionnel)
Éditer le fichier de configuration :
nano /etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.server"
gitlab_rails['smtp_port'] = 465
# gitlab_rails['smtp_user_name'] = "smtp user"
# gitlab_rails['smtp_password'] = "smtp password"
gitlab_rails['smtp_domain'] = "example.com"
gitlab_rails['smtp_authentication'] = false
gitlab_rails['smtp_enable_starttls_auto'] = false
# gitlab_rails['smtp_tls'] = false
# gitlab_rails['smtp_pool'] = false
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = 'git@example.com'
gitlab_rails['gitlab_email_display_name'] = 'Gitlab (no reply)'
gitlab_rails['gitlab_email_reply_to'] = 'noreply@example.com'
Permission Utilisateur : (Optionnel)
Éditer le fichier de configuration :
nano /etc/gitlab/gitlab.rb
gitlab_rails['gitlab_default_can_create_group'] = false
gitlab_rails['gitlab_username_changing_enabled'] = false
Authentification AD : (Optionnel)
###! **remember to close this block with 'EOS' below**
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'My_AD'
host: 'exemple.com'
port: 636
uid: 'sAMAccountName'
bind_dn: 'user@exemple.com'
password: 'My_Password'
encryption: 'simple_tls' # "start_tls" or "simple_tls" or "plain"
verify_certificates: true
smartcard_auth: false
active_directory: true
allow_username_or_email_login: true
lowercase_usernames: false
block_auto_created_users: false
base: 'OU=Users,OU=MY,DC=exemple,DC=com'
user_filter: '(&(objectClass=user)(memberOf=CN=GROUP_APP-GITLAB-Users,OU=Gitlab,OU=Appli,OU=Groups,OU=MY,DC=exemple,DC=com))'
## EE only
group_base: 'OU=Gitlab,OU=Appli,OU=Groups,OU=MY,DC=exemple,DC=com'
admin_group: 'GROUP_APP-GITLAB'
sync_ssh_keys: false
verify_certificates: true
EOS
Pour appliquer votre configuration :
gitlab-ctl reconfigure
Vous pouvez vous connecter à votre serveur : https://git.example.com
Voilà vous avez installé Gitlab sur LXC