User:SBassett (WMF)/Explorations/Gitlab
Gitlab local installation[edit]
The following setup steps were tested under MacOS Mojave (10.14.6) on a 2.2 Ghz Intel i7 running 8 Gb RAM.
- Install Docker locally, if you haven't, probably via Docker Desktop.
- Give Docker enough local resources. Via Docker Desktop, setting 3 cores, 5 Gb of RAM and 2 Gb of swap worked fine.
- Add
127.0.0.1 gitlab.test.wmf
(or similar - whatever hostname you want to use) to your/etc/hosts
file. - Run
sudo killall -HUP mDNSResponder
to refresh your DNS. - Run the following docker command:
GITLAB_HOME=$PWD \ docker run --detach \ --hostname gitlab.test.wmf \ --publish 80:80 \ --name gitlab \ --restart always \ --volume $GITLAB_HOME/config:/etc/gitlab \ --volume $GITLAB_HOME/logs:/var/log/gitlab \ --volume $GITLAB_HOME/data:/var/opt/gitlab \ gitlab/gitlab-ce:latest
- This will pull the latest gitlab-ce docker image and run it. It might take a little while to download the relevant images, especially since
gitlab-ce
is almost a Gb by itself. The above runs Gitlab on port 80 as opposed to also running https on port 443 and ssh on port 22, which likely won't be needed for the Security Team's local development needs. - Edit
$GITLAB_HOME/config/gitlab.rb
and setexternal_url
to whatever you set the development hostname to within your/etc/hosts
file. - Run
docker exec -it gitlab bash
to get abash
prompt within the running container. - Run
gitlab-ctl reconfigure
within the aforementionedbash
prompt. This might take several minutes. - You should be able to see your Gitlab installation within a browser at http://gitlab.test.wmf/
- Run
docker container stop gitlab
to stop the container. - Run
docker container start gitlab
to start the container again. The container likely should not need to be "run" again, if you already ran thedocker run
command above at least once. You may need to rungitlab-ctl reconfigure
again within the container as per above, if you receive an error page when attempting to load Gitlab within your browser, but this command should run much faster this time around. That being said, Gitlab may still take several minutes to get up and running and display the web frontend within your browser. - Run
docker container stop gitlab && docker container rm gitlab
to stop and remove the container. Starting the container again will require the container to be created via thedocker run
command above and to run through all of the time-intensive setup steps once more, such as thegitlab-ctl reconfigure
. It's only recommended to remove the container if you need to start over completely from scratch.
Post-installation setup and troubleshooting[edit]
- There are some additional, post-installation steps for the Wikimedia Gitlab setup which are documented here for now. These steps likely are not critical to the Security Team's work with Gitlab, though are still good to review and understand.
- Once you load your local instance of Gitlab in your web browser, you should be prompted to enter a new
root
user password. Theroot
user is the default administrative account for Gitlab. - To create some test users, which may or may not be necessary, navigate to the admin area (
/admin
) and towards the top-middle of the default page, there should be a user section with a New User button. Click that button to access the new user form and follow the instructions. Mail likely isn't set up to be routable for this test instance, so confirmation e-mails won't be sent. - To import a new project, to use as test data, navigate to
Home > New Project > Import Project
. From there, you can click the "Repo by URL" button. The form fields here should be fairly straight-forward, and for the url, make sure you select the clone url from gerrit and add a.git
at the end, e.g.https://gerrit.wikimedia.org/r/mediawiki/extensions/StopForumSpam.git
. Most repositories should import fairly quickly, except for something like mediawiki/core. You can use the default gitlab instance name as part of the url slug and you should make these test repositories public, since that will likely be the default in Wikimedia's Gitlab instance.