Gitlab installation on OpenVZ container

From Notes_Wiki
Revision as of 01:52, 15 September 2019 by Saurabh (talk | contribs)

<yambe:breadcrumb self="Gitlab installation on OpenVZ container">Gitlab|Gitlab</yambe:breadcrumb>

Gitlab installation on OpenVZ container

There is bitnami installer for Gitlab which can be used instead of manual steps mentioned below.

For installing gitlab on container steps mentioned at https://about.gitlab.com/downloads/#centos6 dont work as chef does not works properly inside an OpenVZ container. Hacks which disable sysctl also do not solve complete issues. Hence to setup gitlab on an OpenVZ container use following steps:

  1. yum -y install epel-release
  2. Install PLUIS computational repository ( https://puias.math.ias.edu/wiki/YumRepositories6#Computational ) using:
    wget -O /etc/yum.repos.d/PUIAS_6_computational.repo https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/install/centos/PUIAS_6_computational.repo
    wget -O /etc/yum.repos.d/PUIAS_6_computational.repo https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/install/centos/PUIAS_6_computational.repo
    rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-puias
  3. Fully update system and then install necessary packages
    yum -y update --skip-broken
    yum -y groupinstall 'Development Tools'
    yum -y install readline readline-devel ncurses-devel gdbm-devel glibc-devel tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc sqlite-devel libyaml libyaml-devel libffi libffi-devel libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel system-config-firewall-tui redis sudo wget crontabs logwatch logrotate perl-Time-HiRes git cmake libcom_err-devel.i686 libcom_err-devel.x86_64 nodejs
    yum -y install vim-enhanced
    yum -y install python-docutils
  4. Replace sendmail with postfix, if sendmail is already installed
    service sendmail stop
    chkconfig sendmail off
    yum -y install postfix
    #Ensure /etc/hosts first line has "127.0.0.1 mapped with FQDN"
    service postfix start
    chkconfig postfix on
  5. Remove and upgrade ruby
    yum -y remove ruby
    wget ftp://ftp.ruby-lang.org/pub/ruby/2.1/ruby-2.1.2.tar.gz
    tar xzf ruby-2.1.2.tar.gz
    cd ruby-2.1.2
    ./configure --disable-install-rdoc
    make
    make prefix=/usr/local install
    gem install bundler --no-doc
  6. Create git user
    adduser --system --shell /bin/bash --comment 'GitLab' --create-home --home-dir /home/git/ git
  7. Update /etc/sudoers ('visudo') so that it has /usr/loca/bin as part of secure_path
    Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
  8. Install and setup postgreSQL using latest custom repo
    yum remove postgresql
    yum localinstall http://yum.postgresql.org/9.3/redhat/rhel-6-x86_64/pgdg-centos93-9.3-1.noarch.rpm
    yum install postgresql93-server postgresql93-devel
    mv /etc/init.d/{postgresql-9.3,postgresql}
    service postgresql initdb
    service postgresql start
    chkconfig postgresql on
    su - postgres
    psql
    CREATE USER git CREATEDB;
    CREATE DATABASE gitlabhq_production OWNER git;
    \q
    exit
  9. Test connection using "sudo -u git psql -d gitlabhq_production"
  10. Configure redis
    chkconfig redis on
    cp /etc/redis.conf /etc/redis.conf.orig
    sed 's/^port .*/port 0/' /etc/redis.conf.orig | sudo tee /etc/redis.conf
    echo 'unixsocket /var/run/redis/redis.sock' | sudo tee -a /etc/redis.conf
    echo -e 'unixsocketperm 0770' | sudo tee -a /etc/redis.conf
    mkdir -p /var/run/redis
    chown redis:redis /var/run/redis
    chmod 755 /var/run/redis
    if [ -d /etc/tmpfiles.d ]; then
    echo 'd /var/run/redis 0755 redis redis 10d -' | sudo tee -a /etc/tmpfiles.d/redis.conf
    fi
    service redis restart
    usermod -aG redis git
  11. Clone latest stable gitlab version
    su - git
    git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-4-stable gitlab
    cd gitlab
    cp config/gitlab.yml.example config/gitlab.yml
    vim config/gitlab.yml #Edit various settings such as production -> gitlab -> host
    chown -R git log/
    chown -R git tmp/
    chmod -R u+rwX log/
    chmod -R u+rwX tmp/
    mkdir /home/git/gitlab-satellites
    chmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites
    chmod -R u+rwX tmp/pids/
    chmod -R u+rwX tmp/sockets/
    chmod -R u+rwX public/uploads
    cp config/unicorn.rb.example config/unicorn.rb
    nproc #Look at number of cores
    vim config/unicorn.rb #Set workers as number of cores
    cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb
    git config --global user.name "GitLab"
    git config --global user.email "example@example.com"
    git config --global core.autocrlf input
    cp config/resque.yml.example config/resque.yml
    vim editor config/resque.yml #Ensure production socket is correct
    cp config/database.yml.postgresql config/database.yml
    vim config/database.yml #Update values appropriately, if required
    chmod o-rwx config/database.yml
    bundle config build.pg --with-pg-config=/usr/pgsql-9.3/bin/pg_config
    bundle install --deployment --without development test mysql aws
    bundle exec rake gitlab:shell:install[v2.0.1] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production
    vim /home/git/gitlab-shell/config.yml #Update if necessary
    restorecon -Rv /home/git/.ssh #Perhaps as root, not required inside openVZ container
    bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=newpassword #Set correct password before executing, yes to prompt
  12. Configure gitlab as service as root
    wget -O /etc/init.d/gitlab https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/sysvinit/centos/gitlab-unicorn
    chmod +x /etc/init.d/gitlab
    chkconfig --add gitlab
    chkconfig gitlab on
    cp /home/git/gitlab/lib/support/logrotate/gitlab /etc/logrotate.d/
  13. Compile various assets
    cd gitlab; bundle exec rake assets:precompile RAILS_ENV=production #As git user
  14. Check running status using as git user:
    bundle exec rake gitlab:env:info RAILS_ENV=production
  15. service gitlab start
  16. Install and configure apache using:
    yum -y install httpd mod_ssl
    chkconfig httpd on
    wget -O /etc/httpd/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/web-server/apache/gitlab-apache22.conf
    sed -i 's/logs\///g' /etc/httpd/conf.d/gitlab.conf
  17. Edit /etc/httpd/conf.d/gitlab.conf and replace gitlab.example.com with FQDN.
    Change AllowEncodedSlashes from NoDecode to On
  18. service httpd restart
  19. Enable ports 80, 443, 22 in firewall using
    lokkit -s http -s https -s ssh
    service iptables restart
  20. Check everything once again with following command as git user
    bundle exec rake gitlab:check RAILS_ENV=production
    Ignore init script re-install error
  21. Try initial login with root:<password>
  22. If you do not remember password as git user do
    bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=<new-password>
    To set new password. Do this only on a new installation, else all data might be lost.

These steps are learned from https://github.com/gitlabhq/gitlab-recipes/tree/master/install/centos


<yambe:breadcrumb self="Gitlab installation on OpenVZ container">Gitlab|Gitlab</yambe:breadcrumb>