Review the configuration file and consider applying other security and performance enhancing features.
Update ssl_certificate and ssl_certificate_key. Alternatively use the gitlab-ssl Nginx example config instead of the gitlab config. Set the certificates using either the ca_file or ca_path option.ģ. Set gitlab_url option to the HTTPS endpoint of GitLab (e.g. Set the https option in section 1 to true. Note: If you want to use HTTPS, see Using the following HTTPS for the additional steps. Make sure to edit both gitlab.yml and unicorn.rb to match your setup. # Change the Redis socket path if you are not using the default Debian / Ubuntu configuration Sudo -u git -H cp config/ config/resque.yml Sudo -u git -H git config -global tocrlf input # Configure Git global settings for git user, used when editing via web editor Sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb # Set the number of workers to at least the number of cores change amount of workers to 3 for 2GB RAM server # Enable cluster mode if you expect to have a high load instance # Find number of CPU cores in order to configure Redis properly Sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb # Make sure GitLab can write to the public/uploads/ directoryĬhmod -R u+rwX public/uploads Configure Unicorn # Make sure GitLab can write to the tmp/pids/ and tmp/sockets/ directories Sudo -u git -H mkdir /home/git/gitlab-satellitesĬhmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites # Content of /home/git/gitlab/config/gitlab.ymlĮmail_from: Make sure GitLab can write to the log/ and tmp/ directories # Also set the email_from and support_email to the email addresses intended for GitLab. # You need to change the value of host to the fully-qualified domain of your server. Sudo -u git -H cp config/ config/gitlab.yml # Make sure GitLab can write to the log/ and tmp/ directoriesĬhmod -R u+rwX # Give the ownership to git user of transferred repository If then echo 'd /var/run/redis 0755 redis redis 10d -' | tee -a /etc/tmpfiles.d/nf fi # Persist the directory which contains the socket, if applicable # Create the directory which contains the socket # Grant permission to the socket to all members of the redis groupĮcho 'unixsocketperm 770' | tee -a /etc/redis/nf # Enable Redis socket for default Debian / Ubuntu pathĮcho 'unixsocket /var/run/redis/redis.sock' | sudo tee -a /etc/redis/nf */port 0/' /etc/redis/ | sudo tee /etc/redis/nf # Disable Redis listening on TCP by setting ‘port’ to 0
# Type the password you replaced $password with earlierĬp /etc/redis/nf /etc/redis/ Sudo -u git -H mysql -u git -p -D gitlabhq_production # Try connecting to the new database with the new user Mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, LOCK TABLES ON `gitlabhq_production`.* TO Quit the database session # Grant the GitLab user necessary permissions on the database
Mysql> CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci` `/etc/mysql/*.cnf`, `/etc/mysql/conf.d/*`) for the setting “innodb = off” # If this fails, check your MySQL config files (e.g. # Ensure you can use the InnoDB engine which is necessary to support long indexes Mysql> CREATE USER IDENTIFIED BY '$password' # change $password in the command below to a real password you pick Note: do not type the ‘mysql>’, this is part of the prompt # Secure your installation (not really needed in this set-up if the server for for internal use) # Retype the MySQL root password and press enter
# Pick a MySQL root password (can be anything), type it and press enter
5.5.24Īpt-get install -y mysql-server mysql-client libmysqlclient-devĮnsure you have MySQL version 5.5.24 or later The above site mentions the Mysql Bug () but it has been fixed in MySQL Ver. Make & make install Installing Mysql Server configure -without-X11 -disable-install-rdoc -prefix=/usr/local # Make sure ruby is de-installed (we need the manually installed version >2.0 for Gitlab) Note: Instructions based on but have been modified in a few places to make it work with mySQL:Īdduser -disabled-login -gecos 'GitLab' gitĪpt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libreadline-dev libncurses5-dev libffi-dev curl openssh-server redis-server checkinstall libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev logrotate python-docutils pkg-config cmake nodejsĪpt-get install postfix git libpq-dev sudo nodejs