Gitlab and Apache

Using Gitlab with Apache server isn’t quite difficult to manage but it costs me some time to find the right resources and hints. To avoid this search again, here are some useful steps to get it work.

First of all this is my configuration:

Preparation

  • Download the following configuration files from the Gitlab Apache Server Configuration Files site:gitlab-omnibus-ssl-apache24.conf
    gitlab-omnibus-apache24.confCopy them to /etc/apache2/sites-available and create a system link to /etc/apache2/sites-enabled

    >> ln -s /etc/apache2/sites-available/gitlab-omnibus-ssl-apache24.conf /etc/apache2/sites-enabled/gitlab-omnibus-ssl-apache24.conf
    >> ln -s /etc/apache2/sites-available/gitlab-omnibus-apache24.conf /etc/apache2/sites-enabled/gitlab-omnibus-apache24.conf
  • Install missing mod and enable dependencies for Apache (listed in the *.conf files)
    >> apt-get install libapache2-mod-proxy-html
    >> a2enmod rewrite
    >> a2enmod ssl
    >> a2enmod proxy
    >> a2enmod proxy_http
    >> a2enmod headers

Configuration

  • Add new domain to your /etc/hosts configuration
    /etc/hosts
    ...
    123.123.123.123 gitlab.yourdomain.com
  • If you do have a static IP, configure your DNS on your domain hoster website for correct redirection
  • Change in the configuration files (*.conf) the YOUR_SERVER_FQDN entries to your domain name, e.g. gitlab.yourdomain.com
  • For the Gitlab configuration follow these steps:
    /etc/gitlab/gitlab.rb
    add
    gitlab_workhorse['listen_network'] = "tcp"
    gitlab_workhorse['listen_addr'] = "127.0.0.1:8181"
    
    set
    nginx['enable'] = false
    ...
    web_server['external_users'] = ['www-data']
    
    >> gitlab-ctl reconfigure
  • Restart Apache server
    >> service apache2 restart | systemctl status apache2.service

Hint

If you are using Letsencrypt for SSL then change the following lines in the gitlab-omnibus-ssl-apache24.conf file

/etc/apache2/sites-available/gitlab-omnibus-ssl-apache24.conf
...
SSLEngine on
#strong encryption ciphers only
#see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
#SSLProtocol all -SSLv2
#SSLHonorCipherOrder on
#SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
#Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
#SSLCompression Off
SSLCertificateFile /etc/letsencrypt/live/gitlab.yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/gitlab.yourdomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
#SSLCACertificateFile /etc/httpd/ssl.crt/your-ca.crt
...

Visual Studio 2015 CE and GitLab

Here is a small example of how you can use Visual Studio 2015 CE with Gitlab:

  1. Create a new project in GitLab and clone it to your local file system. Notice you will need the http link to your project in a later step.
  2. Open Visual Studio 2015 CE and create a new project in the cloned directory. VS 2015 CE will automatically detect the git version control.
  3. Go to the Team Explorer register tab and follow these steps:
    vs2015_ce_git_1
    Next open the the Repository Settings by clicking on the combobox in the top area of the register card.
    vs2015_ce_git_2
    Go to the Remotes section and ente your GitLab projectlink from step 1.
    vs2015_ce_git_3
    Go to the Changes section and make a comment to the included files.
    vs2015_ce_git_4
    If all is successfully configured you can now go to the Synchronization section and sync, fetch, pull or push your project.
    vs2015_ce_git_5
Congratulation! You managed to use Visual Studio 2015 CE with your GitLab repository!

TortoiseGit and GitLab

Here are the steps to use TortoiseGit with GitLab:

  1. Create a new project or use an existing one und notice the SSH link, e.g.
    git@SERVER:user/test.git
  2. Create secret keys with puttygen
    C:\Program Files\TortoiseGit\bin\puttygen.exe
    puttygen_1
    a) Press Generate
    b) Move mouse in the empty area until key has been generated
    c) Save public and private key (fill out Key passphrase)
    d) Copy public key from the Public key for pasting into OpenSSH… area
  3. Log into your GitLab site and go to your Profile settings menu, select the SSH Keys button and paste your copied public key in the empty area. Save your profile.
  4. Select local repository folder, right click and select Git clone. Fill out the form like this example below:
    Gitclone_1
    Press OK (and enter your Key passphrase from your private key)
Congratulation! You successfully configured your TortoiseGit with GitLab!

Linux OpenSSL Certificate for Gitlab

This is a small tutorial of creating a self-signed OpenSSL certificate.

Create a private key:
>> openssl genrsa -des3 -out gitlab.domain.key 2048

Create request:
>> openssl req -new -key gitlab.domain.key -out gitlab.domain.csr
Fill out form:
--> 'Server Hostname': your gitlab.domain
--> skip 'Challenge Password'
--> skip 'Optional Company Name'

Clear pass phrase:
>> cp -v gitlab.domain.{key,original}
>> openssl rsa -in gitlab.domain.original -out gitlab.domain.key
>> rm -v gitlab.domain.original

Create certificate:
>> openssl x509 -req -days 1460 -in gitlab.domain.csr -signkey gitlab.domain.key -out gitlab.domain.crt
>> rm -v gitlab.domain.csr

Change file permissions:
>> chmod 600 gitlab.domain.*