Personal tools
You are here: Home Linux Installing Gitlab on CentOS 6
 

Installing Gitlab on CentOS 6

— filed under:

These are my notes on installing Gitlab on CentOS 6.3

!!! THIS WAS WRITTEN FOR GITLAB 3.x !!!

I've written a new howto for Gitlab 4.0 and posted it here with the intention that it is included in the main gitlab documentation set: 
https://github.com/nielsbasjes/gitlab-recipes/blob/master/install/CentOS_6.md

 

 

Introduction

This document is heavily based on http://dlaxar.blogspot.co.at/2012/06/installing-gitlab-with-gitolite-on.html and https://github.com/gitlabhq/gitlabhq/blob/master/doc/installation.md

Why another guide?

I found that the other guides on the internet I've found so far either do it for Ubuntu or document "most" of the steps for CentOS.

So what I've tried is to be as complete and as accurate as possible.

Also I do not like setup guides that simply state: "disable selinux and firewall".

So I do not disable them, I configure them.

Installing the base system (CentOS 6.3 Minimal)

We start with a completely clean CentOS 6.3 "minimal" installation which can be accomplished by downloading the appropriate installation iso file. Just boot the system of the iso file and install the system.

Bug in CentOS 6.3 minimal: The Networking is broken

So we need to edit /etc/sysconfig/network-scripts/ifcfg-eth0 and make it look something like this (I have a dhcp server in my network):

DEVICE=eth0
HWADDR=00:50:56:00:12:34
ONBOOT=yes
BOOTPROTO=dhcp
TYPE=Ethernet
Now enable the network
ifup eth0

Updating and adding basic software and services

Add EPEL repository
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
Install the required tools for gitlab and gitolite 
yum -y groupinstall 'Development Tools'

### 'Additional Development'
yum -y install httpd readline readline-devel ncurses-devel gdbm-devel glibc-devel \
               tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc \
               gitolite sqlite-devel gcc-c++ libyaml libyaml-devel libffi libffi-devel \
               libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel \
               system-config-firewall-tui python-devel redis sudo mysql-server wget \
               mysql-devel crontabs logwatch logrotate sendmail-cf qtwebkit qtwebkit-devel

Update the whole thing to the latest set of patches

yum -y update

Configure redis

Just make sure it is started at the next reboot
chkconfig redis on

Configure mysql

Make sure it is started at the next reboot and start it immediately so we can configure it.
chkconfig mysqld on
service mysqld start
Secure MySQL by entering a root password and say "Yes" to all questions with the next command
/usr/bin/mysql_secure_installation
Create gitlab database tables and grants (each command asks for the mysql root user password)
echo "CREATE DATABASE gitlab CHARACTER SET UTF8;" | mysql -u root -p
In the next command you must REPLACE supersecret with the password you want.
echo "GRANT ALL PRIVILEGES ON gitlab.* TO 'gitlabusr'@'localhost' IDENTIFIED BY 'supersecret' WITH GRANT OPTION;" | mysql -u root -p

Configure httpd

Just make sure it is started at the next reboot
chkconfig httpd on
We want to be able to reach gitlab using the normal http ports (i.e. not the :3000 thing)
So we create a file called /etc/httpd/conf.d/gitlab.conf with this content (replace the git.example.org with your hostname!!)
<VirtualHost *:80>
  ServerName git.example.org
  ProxyRequests Off
    <Proxy *>
       Order deny,allow
       Allow from all
    </Proxy>
    ProxyPreserveHost On
    ProxyPass / http://localhost:3000/
    ProxyPassReverse / http://localhost:3000/
</VirtualHost>
 
Poke an selinux hole for httpd so it can httpd can be in front of gitlab
setsebool -P httpd_can_network_connect on
Poke an iptables hole so uses can access the httpd (http and https ports) and ssh
The quick way is to put this in the file called /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Configure email

cd /etc/mail

Edit  /etc/mail/sendmail.mc

Add a line with the smtp gateway hostname

define(`SMART_HOST', `smtp.example.com')dnl

Then comment out this line 

EXPOSED_USER(`root')dnl

by putting 'dnl ' in front of it

dnl EXPOSED_USER(`root')dnl
 
Now enable these settings
make
service sendmail restart
chkconfig sendmail on

 Now we want all logging of the system to be forwarded to a central email address

echo adminlogs@example.com > /root/.forward
restorecon /root/.forward

Allow backups with rsync

 
@@@ TODO: PROVIDE MORE INFORMATION @@@
setsebool -P rsync_export_all_ro on
 

Reboot

Now that we have the basics right we reboot the system to load the new kernel and everything.
After the reboot all of the so far installed services will startup automatically.
reboot -n

Install Ruby, Rails and a lot of gems

curl http://python-distribute.org/distribute_setup.py | python  
easy_install pip  
pip install pygments  
cd ~ ; mkdir Install ; cd Install
curl -O http://www.mirrorservice.org/sites/ftp.ruby-lang.org/pub/ruby/ruby-1.9.3-p194.tar.gz
tar xzvf ruby-1.9.3-p194.tar.gz  
cd ruby-1.9.3-p194  
./configure --enable-shared --disable-pthread  
make && make install  
gem update --system  
gem update  
gem install rails bundler charlock_holmes

Create accounts and configure gitolite

adduser --system --shell /bin/bash --comment 'gitolite' --create-home --home-dir /home/git git
adduser --shell /bin/bash --create-home --home-dir /home/gitlab gitlab  
usermod -a -G git gitlab 

 Because the gitlab user will need a password later on, we configure it right now, so we are finished with all the user stuff.

passwd gitlab # please choose a good password :)

Fix a permission setting in gitolite

sed -i 's@REPO_UMASK = 0077;@REPO_UMASK = 0007;@g' /usr/share/gitolite/conf/example.gitolite.rc

Now we need to initialize gitolite and link ssh:

su - gitlab  -c "ssh-keygen -t rsa" 
cp /home/gitlab/.ssh/id_rsa.pub /home/git/gitlab.pub 
su - git -c "gl-setup /home/git/gitlab.pub"
Fix the permissions 
chmod -R g+rwX /home/git/repositories/  
chmod g+x /home/git  

Link both accounts 

su - gitlab 
ssh git@localhost
exit   # Back to the root account

Now we want all logging of the system to be forwarded to a central email address

echo adminlogs@example.com > /home/gitlab/.forward
chmod 600 /home/gitlab/.forward
restorecon /home/gitlab/.forward


 

Installing gitlab

@@@@@@

First we need to install the dependencies for the capybare-webkit. See: https://github.com/thoughtbot/capybara-webkit/wiki/Installing-Qt-and-compiling-capybara-webkit

yum install --enablerepo=atrpms-testing qt47-webkit-devel
yum install --enablerepo=atrpms-testing qt47-webkit-devel
export QMAKE=/usr/bin/qmake-qt47
@@@@@@ 

 

 

During the installation of gitlab the gitlab user unfortunately needs sudo...

visudo  

Add gitlab ALL=(ALL) ALL after root ALL=(ALL) ALL so it looks like this:

...  
root     ALL=(ALL)    ALL  
gitlab   ALL=(ALL)    ALL  
...  

We now switch to our gitlab user:

su - gitlab

Get the GitLab software and install it:

git clone git://github.com/gitlabhq/gitlabhq.git  gitlab
cd gitlab  
bundle install

 

We now configure GitLab by copying the configuration files from example to real:

cp ~/gitlab/config/database.yml{.example,}
cp ~/gitlab/config/gitlab.yml{.example,}

In database.yml you have to edit the production settings of your database (at the very top of the file). You have to change the database-name, username and password.

Given the settings above it should look something like this

production:
  adapter: mysql2
  encoding: utf8
  reconnect: false
  database: gitlab
  pool: 5
  username: gitlabusr
  password: supersecret
  # socket: /tmp/mysql.sock

 

In the gitlab.yml you need to set the correct hostname for the webinterface

I.e. something like this:

# Web application specific settings
web:
  host: git.example.org
  port: 80
  https: false
@@@ EDIT THE FROM ADDRESS ???

 

We will now create the database structure (pwd = /home/gitlab/gitlab):

RAILS_ENV=production rake db:setup  
RAILS_ENV=production rake db:seed_fu  

 

I'm not quite sure about these next statements. They seem to be required

chmod g+rx /home/git/.gitolite/
chmod g+rx /home/git/.gitolite/hooks/
chmod g+rx /home/git/.gitolite/hooks/common/ 

 

Start gitlab

@@@ TODO: Enable automatic starting and stopping under centos

 

  

And start the server and a resque worker

bundle exec rails s -e production -d
bundle exec rake environment resque:work QUEUE=* RAILS_ENV=production BACKGROUND=yes
 

Enable merging via webinterface

RAILS_ENV=production bundle exec rake gitlab:app:enable_automerge 
 

Now do visudo again and undo the change we did at the start of this section.

exit   # back to the root user
visudo
 
 

And we have everything running.

You can now login into the site and start working.

The first username and password (Which you REALLY should change):

 

 

login.........admin@local.host

password......5iveL!fe

 
Document Actions
« May 2013 »
May
MoTuWeThFrSaSu
12345
6789101112
13141516171819
20212223242526
2728293031