Skip to content

Instantly share code, notes, and snippets.

@e-cite

e-cite/gitlab-and-runner-installation.md

Last active September 13, 2024 08:30
Show Gist options
  • Save e-cite/b6854548145fdb0e2e3dbce7fbb4f253 to your computer and use it in GitHub Desktop.
Save e-cite/b6854548145fdb0e2e3dbce7fbb4f253 to your computer and use it in GitHub Desktop.
Download ZIP
Debian gitlab and gitlab-runner installation tutorial
Raw
gitlab-and-runner-installation.md

Debian gitlab and gitlab-runner installation tutorial

https://about.gitlab.com/install/?version=ce#debian

Gitlab (Community Edition)

  1. Install dependencies 
    sudo apt-get install -y curl openssh-server ca-certificates perl
(sudo apt-get install -y postfix)
  2. Add official gitlab repository and install gitlab community edition 
    curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash
sudo EXTERNAL_URL="http://gitlab.example.com" apt-get install gitlab-ce
  3. Ready - Login to the webinterface

Gitlab-Runner

  1. Install dependencies 
    sudo apt-get install -y curl openssh-server ca-certificates perl
(sudo apt-get install -y postfix)
  2. Add official gitlab repository and install gitlab community edition 
    curl -L "https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.deb.sh" | sudo bash
export GITLAB_RUNNER_DISABLE_SKEL=true; sudo -E apt-get install gitlab-runner
  3. Install docker accoring to my docker-installation.md tutorial
  4. Register runner to gitlab
    • sudo gitlab-runner register
    • Use URL and Token from gitlab Admin-Area / Overview / Runners
    • Description: gitlab-runner1
    • Tags: tag1,tag2 (Don't really know what tags are doing. Probably the runner gets limited to run only when specific project tags are present.)
    • Executor: docker
    • Docker default image: debian:buster
  5. Allow runner to run without tags present
    • In Admin-Area / Overview / Runners set checkbox "Indicates whether this runner can pick jobs without tags".
  6. Enable an 'if-not-present' pull policy to only download containers from Docker Hub, when not present on localhost by: 
    sudo nano /etc/gitlab-runner/config.toml
  [runners.docker]
    pull_policy = "if-not-present

Gitlab container registry

The Gitlab Container Registry enables to store custom built containers on the gitlab instance and use them in CI/CD jobs.

https://docs.gitlab.com/ee/administration/packages/container_registry.html#configure-container-registry-under-an-existing-gitlab-domain

  1. Ensure gitlab is accessible on HTTPS The custom certificate hast to be placed at:
    • /etc/gitlab/ssl/gitlab.example.com.crt
    • /etc/gitlab/ssl/gitlab.example.com.key
  2. Enable container registry 
    sudo nano /etc/gitlab/gitlab.rb
registry_external_url 'https://gitlab.example.com:5050'
gitlab-ctl reconfigure
  3. You should see the Container-Registry in Project / Package & Repositories.
  4. Enable gitlab container registry garbage collection: https://docs.gitlab.com/ee/administration/packages/container_registry.html#running-the-garbage-collection-on-schedule
  5. To enable docker access to self-signed certificate registry, place the gitlab public certificate server.crt on the gitlab runner to /etc/docker/certs.d/gitlab.example.com:5050/ca.crt
  6. Create a deploy token with at least read_registry and write_registy permissions in the project.
  7. Login with docker by: 
    docker login gitlab.example.com:5050 -u token-name-1 -p <Deploy-Token>
  8. To build docker images by CI/CD, please read: https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#use-docker-socket-binding
  9. Docker socket binding on the gitlab runner host by adding: 
    sudo nano /etc/gitlab-runner/config.toml
  [runners.cache]
    Insecure = false
  [runners.docker]
    image = "docker:latest"
    privileged = false
    volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment