Gitlab is an open source repository management tool. It comes as both a community and enterprise edition. Getting either of them to run on UCS as well as integrating them with UCS is fast and easy.
UCS 4.1 and 4.2
Gitlab uses sudo. Please make sure it is installed before proceeding.
Using the scripts provided by Gitlab, installation becomes a breeze. The only care has to be taken to specify the underlying Debian system.
For the Community Edition, the installation works the following:
First determine the version of Debian the UCS instance is based on.
For UCS 4.1 this will be Debian version 7 and for UCS 4.2 version 8.
wget https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh chmod +x ./script.deb.sh os=Debian dist=7 ./script.deb.sh
For UCS 4.2 dist would have to be set to 8.
Afterward, the respective packages can be installed through the package management system
apt-get install gitlab-ce
The only difference for the enterprise edition is the path of the script and the name of the install package.
wget https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.deb.sh chmod +x ./script.deb.sh os=Debian dist=<DIST> ./script.deb.sh apt-get install gitlab-ee
UCS 4.3 and 4.4
When installing GitLab directly on UCS 4.3 and 4.4 one might encounter a segmentation fault in one of the libraries of GitLab during configuration. This however does not happen when using docker containers.
The docker images provided by GitLab can be used to run the service on UCS 4.3 and UCS 4.4. The process is as described on [https://docs.gitlab.com/ee/install/docker.html], but here is a short version of it.
Since docker is already used in UCS there are no further dependencies to be installed. Just run
sudo docker run --detach \ --hostname gitlab.example.com \ --publish 444:443 --publish 81:80 --publish 23:22 \ --name gitlab \ --restart always \ --volume /srv/gitlab/config:/etc/gitlab \ --volume /srv/gitlab/logs:/var/log/gitlab \ --volume /srv/gitlab/data:/var/opt/gitlab \ gitlab/gitlab-ce:latest
to download an run the official docker container. The image for the enterprise edition would be called gitlab/gitlab-ee. UCS already uses the ports 443, 80, and 22 for Apache2 and SSH. GitLab uses the same ports inside the docker container. To grant external external access to GitLab we have to forward those ports to unused ones. In this example we used 444, 81, and 23.
To configure GitLab we can either open a shell inside the container with
sudo docker exec -it gitlab /bin/bash
or directly edit the configuration file /etc/gitlab/gitlab.rb
sudo docker exec -it gitlab vi /etc/gitlab/gitlab.rb
The configuration is the same as for UCS 4.1 and 4.2 except that the conflicting HTTP port is already handled.
Most of the configuration is fine for usage with UCS. However to connect to the LDAP server of the host system we need to make some configurations. For this, you will need the LDAP server name and the LDAP base. You can find the name with the command
ucr get ldap/server/name
While the following command gives you the ldap/base
ucr get ldap/base
To create a LDAP user for the gitlab container to search with
udm users/ldap create --position "cn=users,$(ucr get ldap/base)" \ --set username="gitlabauth" \ --set password="<password>"
Now go into the container
sudo docker exec -it gitlab /bin/bash
On the command line open
/etc/gitlab/gitlab.rb with your favourite editor.
Then find the line
# gitlab_rails['ldap_enabled'] = false
and just above it enter the following code block
gitlab_rails['ldap_enabled'] = true gitlab_rails['ldap_servers'] = YAML.load <<-'EOS' main: label: 'LDAP' sync_time: host: '<ldap/server/name>' port: 389 uid: 'uid' method: "tls" # "tls" or "ssl" or "plain" bind_dn: "uid=gitlabauth,cn=users,<ldap/binddn>" password: "<password>" active_directory: false allow_username_or_email_login: false base: "cn=users,<ldap/base>" user_filter: "(objectClass=organizationalPerson)" block_auto_created_users: false verify_certificates: false attributes: username: 'uid' email: 'mailPrimaryAddress' cn: 'displayName' first_name: 'givenName' last_name: 'sn' EOS
Reconfigure gitlab with
and then you can start gitlab
Multiple LDAP Servers
The enterprise edition offers integration with multiple LDAP servers. To configure multiple LDAP servers add the second server in the block above before the EOS
backup: label: 'LDAP' sync_time: host: '<name of the ldap backup>' port: 7389 uid: 'uid' method: "tls" # "tls" or "ssl" or "plain" bind_dn: "uid=gitlabauth,cn=users,<ldap/binddn>" password: "<password>" active_directory: false allow_username_or_email_login: false base: "cn=users,<ldap/base>" user_filter: "(objectClass=organizationalPerson)" block_auto_created_users: false verify_certificates: false attributes: username: 'uid' email: 'mailPrimaryAddress' cn: 'displayName' first_name: 'givenName' last_name: 'sn'