Miscellaneous Notes | Record the process of installing gitlab-ce using Docker (including configuring swap memory)

---

01 Preparation

Recently, I wanted to build a gitlab service to save my own projects, so I found the gitlab-ce method.
Before starting work, sort out the situation:

• Have a cloud server (I use Tencent Cloud)
• For CentOS7 system, docekr and docker-compose have been installed (if not installed, install them yourself first)
• The server memory is 4G (this memory is a bit tight, so I’ll make do with it first)
• The service is not directly exposed to the outside world, but uses nginx as a reverse proxy (actually using nginx proxy manager to do it, with one main focus: peace of mind)
• You have your own domain name for easy access. If you don’t have it, you can also access it using IP (it is recommended to use domain name, it is more comfortable with HTTPS)

My cloud server configuration is as follows, it is recommended not to be lower than my configuration:

02 (Optional) Configure swap memory

Since my server has only 4G of memory, and Tencent Cloud's server did not allocate swap memory to me, I decided to configure swap memory myself, which is equivalent to virtual memory.
If there is already swap memory, it can also be added and expanded through configuration.
Below are the Linux commands

# 先查看内存状况
free -h

# 在根目录创建swap文件夹
mkdir /swap

# 进入到swap目录
cd /swap

# 创建一个4096M的交换内存（根据自己情况修改结尾的count属性）
dd if=/dev/zero of=swapfile bs=1MB count=4096

# 设置并建立交换文件
mkswap ./swapfile

# 赋予交换文件600权限（安全起见）
chmod 600 ./swapfile

# 启用交换分区
swapon ./swapfile

# 设置开机自动挂载
echo '/swap/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab

# 重启服务器
reboot

# 查看交换内存是否设置成功
free -h

03 Edit docker-compose.yml

Next, create a new gitlab folder in the root directory, create docker-compose.ymlfiles and edit the contents in it.

version: '3'
services:
  gitlab:
    image: 'gitlab/gitlab-ce:latest'
    restart: always
    hostname: '10.0.12.13'  # 因为我打算用nginx反向代理，这里填的宿主机的内网ip
    environment:  # 配置外部访问链接，这里不建议使用https，否则启动和访问都可能变慢，https在nginx那里去配置
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://10.0.12.13'
    ports:
      - '83:80'
      # - '443:443'  # 因为docker中没使用https，这里注释了
      # - '22:22'  # 暂时用不到，也注释了，注意端口冲突的问题
    volumes:
      - './config:/etc/gitlab'
      - './logs:/var/log/gitlab'
      - './data:/var/opt/gitlab'

04 Start and modify configuration

Pull the image before starting

# 在上一步创建的docker-compose.yml所在的目录执行
docker-compose pull

# 拉取完成后使用命令启动容器
docker-compose up -d

It takes some time to start. It took me 5 minutes. Don't access it for now.

05 nginx reverse proxy

For security reasons, I made an nginx reverse proxy. This is actually done using nginx proxy manager. nginx can also be configured by itself.

If nginx.confthe configuration is as follows:
(I have not tried it in real life, it is for reference only)

http {
    
    
	...
    server {
    
    
        listen 443 ssl http2;  # 使用443 开启https
        server_name www.xxx.com;  # 改成访问的域名或ip
        location / {
    
    
            proxy_pass http://127.0.0.1:83;  # 内网ip或127.0.0.1加容器外部端口
        }
        # 配置证书
        ssl_certificate /etc/ssl/certificates/www.xxx.com.pem;
        ssl_certificate_key /etc/ssl/certificates/www.xxx.com.key;
    }
	...
}

06 (Optional) Modify configuration file

After my gitlab is started, the memory usage remains at 90%+. You can consider modifying the configuration file and sacrificing some functions to ensure operation.
The measured memory usage dropped from 93% to 83%, which is pretty impressive.

# 找到外部卷上对应的配置文件
cd ~/gitlab  # 这个文件夹是我存放docker-compose.yml的文件夹

# 使用编辑器编辑配置文件
vim ./config/gitlab.rb

# 将下面两项置为false 因为是个人使用 用不到这些功能
prometheus['enable'] = false  # Prometheus 监控
mattermost['enable'] = false  # Mattermost 聊天

# tips 可能会用到的vim命令
/world  # 斜杠后跟要查找的词
n  # 跳转到下一个
N  # 跳转到上一个
yy  # 复制这一行
p  # 粘贴复制的内容
u  # 撤销一步操作
:noh  # 取消高亮显示
:wq  # 保存并退出

# 接下来进入容器内部
docker exec -it <gitlab容器名或id> /bin/bash

# 重载配置
gitlab-ctl reconfigure

# 退出容器
exit

07 Visit and log in

Then enter the domain name or IP just configured to access.
You can register an account for your first visit or root账户log in.

# 获取root用户初始密码：
docker exec -it <gitlab容器名或id> grep 'Password:' /etc/gitlab/initial_root_password

# 结果如下
Password: xxxxxxxxxxxxxxxxx

(You can set it to Chinese at the bottom of the page)

---

08 Supplement

The following content was updated on 2023.08.17

After successful deployment, during use, the request link in some places is not the domain name, but the intranet IP, causing the request to fail.
Solved after updating docker-compose.yml

version: '3'
services:
...
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'https://www.xxx.com'  # 这里改成了https+域名
    ports:
      - '83:443'  # 这里从80改成了443
...

In addition, when using npm as a reverse proxy, the proxy http is also changed to https.

(over)