Your Ultimate Guide to Installing and Configuring GitLab on Linux
Managing source code, automating builds, and streamlining developer workflows are cornerstones of modern software development. For teams seeking ultimate control over their DevOps lifecycle, a self-hosted GitLab instance is the gold standard. It provides a powerful, all-in-one platform for version control, continuous integration (CI/CD), and project management, all running on your own infrastructure.
This comprehensive guide will walk you through the entire process of installing, configuring, and securing GitLab on a Linux server, empowering you to take full command of your development pipeline.
Step 1: Preparing Your Linux Server (Prerequisites)
Before diving into the installation, it’s crucial to ensure your server meets the necessary requirements. A properly provisioned server prevents performance bottlenecks and ensures a smooth GitLab experience.
Here are the minimum system requirements for a smooth operation:
- Operating System: A recent version of a major Linux distribution like Ubuntu, Debian, CentOS, or Red Hat Enterprise Linux (RHEL).
- CPU: 4 cores is the recommended minimum for supporting up to 500 users.
- RAM: 4 GB of RAM is the absolute minimum, but 8 GB is strongly recommended for better performance, especially if you plan to use CI/CD features.
- Storage: At least 30-50 GB of free disk space to start. Your storage needs will grow depending on the size of your repositories.
- Domain Name: A fully qualified domain name (FQDN) pointing to your server’s public IP address (e.g.,
gitlab.yourcompany.com).
Once your server is ready, ensure it’s updated with the latest security patches and packages.
# For Ubuntu/Debian
sudo apt update && sudo apt upgrade -y
# For CentOS/RHEL
sudo dnf update -y
Step 2: Installing Essential Dependencies
GitLab requires a few key dependencies to function correctly. The installation script typically handles most of these, but it’s good practice to install them beforehand.
# For Ubuntu/Debian
sudo apt install -y curl openssh-server ca-certificates
# For CentOS/RHEL
sudo dnf install -y curl policycoreutils-python-utils openssh-server
You’ll also need to configure your firewall to allow HTTP, HTTPS, and SSH traffic.
# For Ubuntu/Debian (using UFW)
sudo ufw allow http
sudo ufw allow https
sudo ufw allow ssh
# For CentOS/RHEL (using firewalld)
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --reload
Step 3: Installing GitLab with the Omnibus Package
The easiest and most recommended way to install GitLab is by using the Omnibus package. This is a self-contained package that includes all the necessary services and tools (like Nginx, PostgreSQL, and Redis) pre-configured to work together seamlessly.
First, add the official GitLab package repository to your system.
For Ubuntu/Debian:
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash
For CentOS/RHEL:
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
Now, you can install the GitLab Community Edition (CE) package. During this step, you must specify your domain name using the EXTERNAL_URL variable. This is a critical step for proper configuration.
# Replace 'http://gitlab.yourcompany.com' with your actual domain
sudo EXTERNAL_URL="http://gitlab.yourcompany.com" apt install gitlab-ce
# For CentOS/RHEL
sudo EXTERNAL_URL="http://gitlab.yourcompany.com" dnf install gitlab-ce
The installation process will take several minutes as it downloads and configures all the components.
Step 4: Initial Configuration and First Login
Once the installation is complete, the main configuration file for your instance is located at /etc/gitlab/gitlab.rb. This file contains all the settings for your GitLab instance.
Anytime you make a change to this file, you must run the following command to apply the new configuration:
sudo gitlab-ctl reconfigure
This command will read your configuration file and make the necessary changes to the live services. It can take a few minutes to complete.
Accessing Your GitLab Instance:
- Open your web browser and navigate to the
EXTERNAL_URLyou set during installation (e.g.,http://gitlab.yourcompany.com). - You will be prompted to set a new password for the administrator account, which is named
root. - After setting the password, you can log in using the username
rootand your new password.
Your GitLab instance is now up and running!
Essential Security Best Practices
A self-hosted GitLab instance contains your organization’s most valuable intellectual property—your source code. Securing it is not optional.
Enable HTTPS with an SSL/TLS Certificate: Never run a production GitLab instance over unencrypted HTTP. The easiest way to secure your site is with Let’s Encrypt. Open
/etc/gitlab/gitlab.rb, set your external URL to usehttps://, and add the following lines:external_url 'https://gitlab.yourcompany.com' letsencrypt['enable'] = true letsencrypt['contact_emails'] = ['[email protected]'] # Use your emailThen run
sudo gitlab-ctl reconfigureto automatically obtain and apply the certificate.Disable New User Sign-ups: To prevent unauthorized access, it’s wise to disable public sign-ups. Log in as the
rootuser, navigate to Admin Area > Settings > General, and uncheck the “Sign-up enabled” box under the “Sign-up restrictions” section.Configure Regular Backups: GitLab provides a simple command to back up your entire instance, including the database, repositories, and configuration files.
sudo gitlab-rake gitlab:backup:createYou should automate this command using a cron job and ensure the backup files are stored in a secure, offsite location.
Enable Two-Factor Authentication (2FA): Encourage or enforce the use of 2FA for all users to add a critical layer of security to their accounts. This can be configured in the Admin Area settings.
By following these steps, you have successfully deployed a powerful, secure, and self-hosted GitLab server. You are now ready to create projects, invite collaborators, and build robust CI/CD pipelines, all within an environment you fully control.
Source: https://www.fosslinux.com/128519/how-to-install-and-use-gitlab-on-linux.htm
