Commit b52bb468c6a5f5bd3d207bb35bca0e3936935959
1 parent
0c570a7e
Exists in
master
and in
13 other branches
Group the configuration changes to prevent https://twitter.com/thepoch/status/452013928415907840
Showing
1 changed file
with
79 additions
and
76 deletions
Show diff stats
README.md
| ... | ... | @@ -13,7 +13,7 @@ Please [download the package][downloads] and follow the steps below. |
| 13 | 13 | ``` |
| 14 | 14 | sudo apt-get install openssh-server |
| 15 | 15 | sudo apt-get install postfix # sendmail or exim is also OK |
| 16 | -sudo dpkg -i gitlab-x.y.z-omnibus-x.ubuntu.12.04_amd64.deb # this is the .deb you downloaded | |
| 16 | +sudo dpkg -i gitlab_x.y.z-omnibus-x.ubuntu.12.04_amd64.deb # this is the .deb you downloaded | |
| 17 | 17 | sudo gitlab-ctl reconfigure |
| 18 | 18 | ``` |
| 19 | 19 | |
| ... | ... | @@ -24,7 +24,7 @@ sudo yum install openssh-server |
| 24 | 24 | sudo yum install postfix # sendmail or exim is also OK |
| 25 | 25 | sudo rpm -i gitlab-x.y.z_omnibus-x.el6.x86_64.rpm # this is the .rpm you downloaded |
| 26 | 26 | sudo gitlab-ctl reconfigure |
| 27 | -sudo lokkit -s http -s ssh # Open up the firewall for HTTP and SSH | |
| 27 | +sudo lokkit -s http -s ssh # open up the firewall for HTTP and SSH requests | |
| 28 | 28 | ``` |
| 29 | 29 | |
| 30 | 30 | ### After installation |
| ... | ... | @@ -68,6 +68,8 @@ sudo touch /etc/gitlab/gitlab.rb |
| 68 | 68 | sudo chmod 600 /etc/gitlab/gitlab.rb |
| 69 | 69 | ``` |
| 70 | 70 | |
| 71 | +Below several examples are given to change settings in `/etc/gitlab/gitlab.rb`. | |
| 72 | + | |
| 71 | 73 | ### Configuring the external URL for GitLab |
| 72 | 74 | |
| 73 | 75 | In order for GitLab to display correct repository clone links to your users |
| ... | ... | @@ -80,6 +82,81 @@ external_url "http://gitlab.example.com" |
| 80 | 82 | |
| 81 | 83 | Run `sudo gitlab-ctl reconfigure` for the change to take effect. |
| 82 | 84 | |
| 85 | + | |
| 86 | +### Storing Git data in an alternative directory | |
| 87 | + | |
| 88 | +By default, omnibus-gitlab stores Git repository data in `/var/opt/gitlab/git-data`. | |
| 89 | +You can change this location by adding the following line to `/etc/gitlab/gitlab.rb`. | |
| 90 | + | |
| 91 | +```ruby | |
| 92 | +git_data_dir "/mnt/nas/git-data" | |
| 93 | +``` | |
| 94 | + | |
| 95 | +Run `sudo gitlab-ctl reconfigure` for the change to take effect. | |
| 96 | + | |
| 97 | +### Setting up LDAP sign-in | |
| 98 | + | |
| 99 | +If you have an LDAP directory service such as Active Directory, you can configure | |
| 100 | +GitLab so that your users can sign in with their LDAP credentials. Add the following | |
| 101 | +to `/etc/gitlab/gitlab.rb`, edited for your server. | |
| 102 | + | |
| 103 | +```ruby | |
| 104 | +# These settings are documented in more detail at | |
| 105 | +# https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/gitlab.yml.example#L118 | |
| 106 | +gitlab_rails['ldap_enabled'] = true | |
| 107 | +gitlab_rails['ldap_host'] = 'hostname of LDAP server' | |
| 108 | +gitlab_rails['ldap_port'] = 389 | |
| 109 | +gitlab_rails['ldap_uid'] = 'sAMAccountName' | |
| 110 | +gitlab_rails['ldap_method'] = 'plain' # 'ssl' or 'plain' | |
| 111 | +gitlab_rails['ldap_bind_dn'] = 'CN=query user,CN=Users,DC=mycorp,DC=com' | |
| 112 | +gitlab_rails['ldap_password'] = 'query user password' | |
| 113 | +gitlab_rails['ldap_allow_username_or_email_login'] = true | |
| 114 | +gitlab_rails['ldap_base'] = 'DC=mycorp,DC=com' | |
| 115 | + | |
| 116 | +# GitLab Enterprise Edition only | |
| 117 | +gitlab_rails['ldap_group_base'] = '' # Example: 'OU=groups,DC=mycorp,DC=com' | |
| 118 | +gitlab_rails['ldap_user_filter'] = '' # Example: '(memberOf=CN=my department,OU=groups,DC=mycorp,DC=com)' | |
| 119 | +``` | |
| 120 | + | |
| 121 | +Run `sudo gitlab-ctl reconfigure` for the LDAP settings to take effect. | |
| 122 | + | |
| 123 | +### Enable HTTPS | |
| 124 | + | |
| 125 | +By default, omnibus-gitlab runs does not use HTTPS. If you want to enable HTTPS you can add the | |
| 126 | +following line to `/etc/gitlab/gitlab.rb`. | |
| 127 | + | |
| 128 | +```ruby | |
| 129 | +external_url "https://gitlab.example.com" | |
| 130 | +``` | |
| 131 | + | |
| 132 | +Redirect `HTTP` requests to `HTTPS`. | |
| 133 | + | |
| 134 | +```ruby | |
| 135 | +external_url "https://gitlab.example.com" | |
| 136 | +nginx['redirect_http_to_https'] = true | |
| 137 | +``` | |
| 138 | + | |
| 139 | +Change the default port and the ssl certificate locations. | |
| 140 | + | |
| 141 | +```ruby | |
| 142 | +external_url "https://gitlab.example.com:2443" | |
| 143 | +nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.crt" | |
| 144 | +nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.key" | |
| 145 | +``` | |
| 146 | + | |
| 147 | +Create the default ssl certifcate directory and add the files: | |
| 148 | + | |
| 149 | +``` | |
| 150 | +sudo mkdir -p /etc/gitlab/ssl && sudo chmod 700 /etc/gitlab/ssl | |
| 151 | +sudo cp gitlab.example.com.crt gitlab.example.com.key /etc/gitlab/ssl/ | |
| 152 | +# run lokkit to open https on the firewall | |
| 153 | +sudo lokkit -s https | |
| 154 | +# if you are using a non standard https port | |
| 155 | +sudo lokkit -p 2443:tcp | |
| 156 | +``` | |
| 157 | + | |
| 158 | +Run `sudo gitlab-ctl reconfigure` for the change to take effect. | |
| 159 | + | |
| 83 | 160 | ### Creating an application backup |
| 84 | 161 | |
| 85 | 162 | To create a backup of your repositories and GitLab metadata, run the following command. |
| ... | ... | @@ -162,43 +239,6 @@ Omnibus-gitlab uses four different directories. |
| 162 | 239 | - `/var/log/gitlab` contains all log data generated by components of |
| 163 | 240 | omnibus-gitlab. |
| 164 | 241 | |
| 165 | -### Storing Git data in an alternative directory | |
| 166 | - | |
| 167 | -By default, omnibus-gitlab stores Git repository data in `/var/opt/gitlab/git-data`. | |
| 168 | -You can change this location by adding the following line to `/etc/gitlab/gitlab.rb`. | |
| 169 | - | |
| 170 | -```ruby | |
| 171 | -git_data_dir "/mnt/nas/git-data" | |
| 172 | -``` | |
| 173 | - | |
| 174 | -Run `sudo gitlab-ctl reconfigure` for the change to take effect. | |
| 175 | - | |
| 176 | -### Setting up LDAP sign-in | |
| 177 | - | |
| 178 | -If you have an LDAP directory service such as Active Directory, you can configure | |
| 179 | -GitLab so that your users can sign in with their LDAP credentials. Add the following | |
| 180 | -to `/etc/gitlab/gitlab.rb`, edited for your server. | |
| 181 | - | |
| 182 | -```ruby | |
| 183 | -# These settings are documented in more detail at | |
| 184 | -# https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/gitlab.yml.example#L118 | |
| 185 | -gitlab_rails['ldap_enabled'] = true | |
| 186 | -gitlab_rails['ldap_host'] = 'hostname of LDAP server' | |
| 187 | -gitlab_rails['ldap_port'] = 389 | |
| 188 | -gitlab_rails['ldap_uid'] = 'sAMAccountName' | |
| 189 | -gitlab_rails['ldap_method'] = 'plain' # 'ssl' or 'plain' | |
| 190 | -gitlab_rails['ldap_bind_dn'] = 'CN=query user,CN=Users,DC=mycorp,DC=com' | |
| 191 | -gitlab_rails['ldap_password'] = 'query user password' | |
| 192 | -gitlab_rails['ldap_allow_username_or_email_login'] = true | |
| 193 | -gitlab_rails['ldap_base'] = 'DC=mycorp,DC=com' | |
| 194 | - | |
| 195 | -# GitLab Enterprise Edition only | |
| 196 | -gitlab_rails['ldap_group_base'] = '' # Example: 'OU=groups,DC=mycorp,DC=com' | |
| 197 | -gitlab_rails['ldap_user_filter'] = '' # Example: '(memberOf=CN=my department,OU=groups,DC=mycorp,DC=com)' | |
| 198 | -``` | |
| 199 | - | |
| 200 | -Run `sudo gitlab-ctl reconfigure` for the LDAP settings to take effect. | |
| 201 | - | |
| 202 | 242 | ### Starting a Rails console session |
| 203 | 243 | |
| 204 | 244 | For advanced users only. If you need access to a Rails production console for your |
| ... | ... | @@ -210,43 +250,6 @@ sudo /opt/gitlab/bin/gitlab-rails console |
| 210 | 250 | |
| 211 | 251 | This will only work after you have run `gitlab-ctl reconfigure` at least once. |
| 212 | 252 | |
| 213 | -### Enable HTTPS | |
| 214 | - | |
| 215 | -By default, omnibus-gitlab runs does not use HTTPS. If you want to enable HTTPS you can add the | |
| 216 | -following line to `/etc/gitlab/gitlab.rb`. | |
| 217 | - | |
| 218 | -```ruby | |
| 219 | -external_url "https://gitlab.example.com" | |
| 220 | -``` | |
| 221 | - | |
| 222 | -Redirect `HTTP` requests to `HTTPS`. | |
| 223 | - | |
| 224 | -```ruby | |
| 225 | -external_url "https://gitlab.example.com" | |
| 226 | -nginx['redirect_http_to_https'] = true | |
| 227 | -``` | |
| 228 | - | |
| 229 | -Change the default port and the ssl certificate locations. | |
| 230 | - | |
| 231 | -```ruby | |
| 232 | -external_url "https://gitlab.example.com:2443" | |
| 233 | -nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.crt" | |
| 234 | -nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.key" | |
| 235 | -``` | |
| 236 | - | |
| 237 | -Create the default ssl certifcate directory and add the files: | |
| 238 | - | |
| 239 | -``` | |
| 240 | -sudo mkdir -p /etc/gitlab/ssl && sudo chmod 700 /etc/gitlab/ssl | |
| 241 | -sudo cp gitlab.example.com.crt gitlab.example.com.key /etc/gitlab/ssl/ | |
| 242 | -# run lokkit to open https on the firewall | |
| 243 | -sudo lokkit -s https | |
| 244 | -# if you are using a non standard https port | |
| 245 | -sudo lokkit -p 2443:tcp | |
| 246 | -``` | |
| 247 | - | |
| 248 | -Run `sudo gitlab-ctl reconfigure` for the change to take effect. | |
| 249 | - | |
| 250 | 253 | ## Building your own package |
| 251 | 254 | |
| 252 | 255 | See [the separate build documentation](doc/build.md). | ... | ... |