GitLab

From Bitpost wiki
Revision as of 00:11, 22 January 2022 by M (talk | contribs) (→‎Runners)

Yes it's Ruby. Yes it's time for yet another shitty "solution to everything" framework... sigh...

Configure

  • To turn on/off registration:
Admin > Settings > General > Signup restrictions

Tools

  • service
sudo gitlab-ctl # to see commands
sudo gitlab-ctl restart nginx
sudo gitlab-ctl restart
    ok: run: alertmanager: (pid 463302) 1s
    ok: run: gitaly: (pid 463311) 0s
    ok: run: gitlab-exporter: (pid 463336) 0s
    ok: run: gitlab-workhorse: (pid 463338) 0s
    ok: run: grafana: (pid 463351) 1s
    ok: run: logrotate: (pid 463440) 0s
    ok: run: nginx: (pid 463446) 1s
    ok: run: node-exporter: (pid 463454) 0s
    ok: run: postgres-exporter: (pid 463461) 1s
    ok: run: postgresql: (pid 463475) 0s
    ok: run: prometheus: (pid 463484) 0s
    ok: run: puma: (pid 463499) 0s
    ok: run: redis: (pid 463504) 0s
    ok: run: redis-exporter: (pid 463510) 1s
    ok: run: sidekiq: (pid 463519) 0s
sudo gitlab-ctl stop
sudo gitlab-ctl tail
  • to get to a rails console:
sudo gitlab-rails console

Install

  • set up shitcutter.com in domains.google.com and certbot
  • Set up haproxy redirection; see haproxy.cfg for details. Note that you will be redirecting shitcutter.com https to glam:8095 http.
  • Install up to the point where you configure
  • configure; see MDM comments
sudo emacs /etc/gitlab/gitlab.rb
  • build
sudo gitlab-ctl reconfigure # whoa, this builds/bakes everything
  • fix root pw RIGHT AWAY
sudo gitlab-rake "gitlab:password:reset[root]"
  • browse to admin console and get configuring; for now, turn off sign-up (if anyone wants in later, we can turn it on as it has admin approval turned on)

SSH

First, each user needs to add their [.ssh/id_ed25519.pub] public key to their GitLab profile to use git with GitLab.

Once you add your [.ssh/id_ed25519.pub] key to your GitLab profile, this is the test to make sure GitLab has your ssh key:

ssh -T git@shitcutter.com

Being able to ssh in this specific way is essential to host code. If you have any problems, debug it!

[glam] sudo tail -f /var/log/auth.log
---
[client] ssh -vvv git@shitcutter.com

WARNING: It took me a while to realize THERE'S NO DIRECT SSH PATHWAY to to my GitLab host machine (shitcutter.com), as it's on proxmox VM glam. I had to update [.ssh/config] to use bitpost.com as a jump server to get to glam from shitcutter.com ssh requests, like I do with morosoph. NICE!

# Allow shitcutter-via-bitpost for gitlab
Host shitcutter.com sc shit
   ProxyCommand ssh -q bitpost.com nc -q0 glam 22

The next problem was that on glam, because I had set git up previously, the git user was "locked" (it had a password). Fix:

sudo passwd -d git

Next, I needed to add git to ssh AllowUsers. Done in the common file, so this should be good into the future.

sudo emacs ~/develop/config/common/etc/ssh/sshd_config
sudo service sshd restart

And FINALLY, it works:

ssh -T git@shitcutter.com
Welcome to GitLab, @moodboom!

SMTP

See /etc/gitlab/gitlab.rb

Runners

You have to install and config runners, to actually perform jobs, and CI. Whatevs.

[glam] sudo apt install gitlab-runner

Then follow the somewhat byzantine instructions in GitLab, provided on the Admin > Runners page.

WARNING - These first steps were already done by apt...

# Create a GitLab CI user
sudo useradd --comment 'GitLab Runner' --create-home gitlab-runner --shell /bin/bash 
# Install and run as service
sudo gitlab-runner install --user=gitlab-runner --working-directory=/home/gitlab-runner
sudo gitlab-runner start

WARNING 2: BUT you have to do this with your specially-provided unique token... and you have to provide a name... and all this executor shit...

Command to register a runner:

sudo gitlab-runner register --url https://shitcutter.com/ --registration-token ##########

 enter the executor: docker
 enter the gitlab-ci description: glam gitlab runner ("glam" was default, maybe should have used that...)
 enter the gitlab-ci tags: (none)
 enter the default Docker image: node:17-slim