GitLab: Difference between revisions
No edit summary |
(→SSH) |
||
| Line 56: | Line 56: | ||
==== SSH ==== | ==== SSH ==== | ||
First, each user needs to add their [.ssh/id_ed25519.pub] public key to their GitLab profile to use git with GitLab. | |||
Once you add your [.ssh/id_ed25519.pub] key to your GitLab profile, this is the test to make sure GitLab has your ssh key: | Once you add your [.ssh/id_ed25519.pub] key to your GitLab profile, this is the test to make sure GitLab has your ssh key: | ||
ssh -T git@shitcutter.com | ssh -T git@shitcutter.com | ||
WARNING: | Being able to ssh in this specific way is essential to host code. If you have any problems, debug it! | ||
[glam] sudo tail -f /var/log/auth.log | |||
--- | |||
[client] ssh -vvv git@shitcutter.com | |||
WARNING: It took me a while to realize THERE'S NO DIRECT SSH PATHWAY to to my GitLab host machine (shitcutter.com), as it's on proxmox VM glam. I had to update [.ssh/config] to use bitpost.com as a jump server to get to glam from shitcutter.com ssh requests, like I do with morosoph. NICE! | |||
# Allow shitcutter-via-bitpost for gitlab | # Allow shitcutter-via-bitpost for gitlab | ||
Host shitcutter.com sc shit | Host shitcutter.com sc shit | ||
ProxyCommand ssh -q bitpost.com nc -q0 glam 22 | ProxyCommand ssh -q bitpost.com nc -q0 glam 22 | ||
The next problem was that on glam, because I had set git up previously, the git user was "locked" (it had a password). Fix: | |||
sudo passwd -d git | |||
Next, I needed to add git to ssh AllowUsers. Done in the common file, so this should be good into the future. | |||
sudo emacs ~/develop/config/common/etc/ssh/sshd_config | |||
sudo service sshd restart | |||
And FINALLY, it works: | |||
ssh -T git@shitcutter.com | |||
Welcome to GitLab, @moodboom! | |||
==== SMTP ==== | ==== SMTP ==== | ||
* again, see /etc/gitlab/gitlab.rb | * again, see /etc/gitlab/gitlab.rb | ||
Revision as of 22:18, 20 January 2022
Yes it's Ruby. Yes it's time for yet another shitty "solution to everything" framework... sigh...
Configure
- To turn on/off registration:
Admin > Settings > General > Signup restrictions
Tools
- service
sudo gitlab-ctl # to see commands
sudo gitlab-ctl restart nginx
sudo gitlab-ctl restart
ok: run: alertmanager: (pid 463302) 1s
ok: run: gitaly: (pid 463311) 0s
ok: run: gitlab-exporter: (pid 463336) 0s
ok: run: gitlab-workhorse: (pid 463338) 0s
ok: run: grafana: (pid 463351) 1s
ok: run: logrotate: (pid 463440) 0s
ok: run: nginx: (pid 463446) 1s
ok: run: node-exporter: (pid 463454) 0s
ok: run: postgres-exporter: (pid 463461) 1s
ok: run: postgresql: (pid 463475) 0s
ok: run: prometheus: (pid 463484) 0s
ok: run: puma: (pid 463499) 0s
ok: run: redis: (pid 463504) 0s
ok: run: redis-exporter: (pid 463510) 1s
ok: run: sidekiq: (pid 463519) 0s
sudo gitlab-ctl stop
sudo gitlab-ctl tail
- to get to a rails console:
sudo gitlab-rails console
Install
- set up shitcutter.com in domains.google.com and certbot
- Set up haproxy redirection; see haproxy.cfg for details. Note that you will be redirecting shitcutter.com https to glam:8095 http.
- Install up to the point where you configure
- configure; see MDM comments
sudo emacs /etc/gitlab/gitlab.rb
- build
sudo gitlab-ctl reconfigure # whoa, this builds/bakes everything
- fix root pw RIGHT AWAY
sudo gitlab-rake "gitlab:password:reset[root]"
- browse to admin console and get configuring; for now, turn off sign-up (if anyone wants in later, we can turn it on as it has admin approval turned on)
SSH
First, each user needs to add their [.ssh/id_ed25519.pub] public key to their GitLab profile to use git with GitLab.
Once you add your [.ssh/id_ed25519.pub] key to your GitLab profile, this is the test to make sure GitLab has your ssh key:
ssh -T git@shitcutter.com
Being able to ssh in this specific way is essential to host code. If you have any problems, debug it!
[glam] sudo tail -f /var/log/auth.log --- [client] ssh -vvv git@shitcutter.com
WARNING: It took me a while to realize THERE'S NO DIRECT SSH PATHWAY to to my GitLab host machine (shitcutter.com), as it's on proxmox VM glam. I had to update [.ssh/config] to use bitpost.com as a jump server to get to glam from shitcutter.com ssh requests, like I do with morosoph. NICE!
# Allow shitcutter-via-bitpost for gitlab Host shitcutter.com sc shit ProxyCommand ssh -q bitpost.com nc -q0 glam 22
The next problem was that on glam, because I had set git up previously, the git user was "locked" (it had a password). Fix:
sudo passwd -d git
Next, I needed to add git to ssh AllowUsers. Done in the common file, so this should be good into the future.
sudo emacs ~/develop/config/common/etc/ssh/sshd_config sudo service sshd restart
And FINALLY, it works:
ssh -T git@shitcutter.com Welcome to GitLab, @moodboom!
SMTP
- again, see /etc/gitlab/gitlab.rb