This vagrant environment configures a basic GitLab Community Edition installation using the Omnibus GitLab package.
After launching this environment, you can test GitLab CI by launching the rgl/gitlab-ci-vagrant environment.
Nginx (HTTP/2 enabled) is configured with a self-signed certificate at:
PostgreSQL is configured to allow (and trust) any connection from the host. For example, you can use pgAdmin III with these settings:
Host: gitlab.example.com
Port: 5432
Maintenance DB: postgres
Username: gitlab-psql
GitLab is also configured to use the optional ldaps://dc.example.com
Active Directory LDAP endpoint as configured by rgl/windows-domain-controller-vagrant.
rgl/gitlab-source-link-proxy is installed to let you use SourceLink to access the source code from within the Visual Studio debugger.
Some example repositories are automatically installed, if you do not want that, comment the line that calls create-example-repositories.sh
inside the provision.sh
file before running vagrant up
.
Email notifications are sent to a local mailpit SMTP server running at localhost:1025 and you can browse them at http://gitlab.example.com:8025.
Prometheus is available at http://gitlab.example.com:9090/.
Install the Ubuntu 22.04 Base Box.
Start the environment:
vagrant up --no-destroy-on-error
Configure your host system to resolve the gitlab.example.com
domain to this vagrant environment IP address, e.g.:
echo '10.10.9.99 gitlab.example.com' | sudo tee -a /etc/hosts
Sign In into GitLab using the root
username and the HeyH0Password
password at:
When using the default LDAP settings you can also login with LDAP credentials as the following users:
Username | Password |
---|---|
john.doe |
HeyH0Password |
jane.doe |
HeyH0Password |
After login, you should add your public SSH key, for that open the SSH Keys page at:
Add a new SSH key with your SSH public key, for that, just copy the contents of
your id_rsa.pub
file. Get its contents with, e.g.:
cat ~/.ssh/id_rsa.pub
Create a new repository named hello
at:
You can now clone that repository with SSH or HTTPS:
git clone [email protected]:root/hello.git
git clone https://[email protected]/root/hello.git
NB This vagrant environment does not have a proper SSL certificate, as such,
HTTPS cloning will fail with SSL certificate problem: self signed certificate
.
To temporarily ignore that error set the GIT_SSL_NO_VERIFY
environment
variable
with export GIT_SSL_NO_VERIFY=true
.
Make some changes to the cloned repository and push them:
cd hello
echo '# Hello World' >> README.md
git add README.md
git commit -m 'some change'
git push
List this repository dependencies (and which have newer versions):
GITHUB_COM_TOKEN='YOUR_GITHUB_PERSONAL_TOKEN' ./renovate.sh
Create the required virtual switches:
pwsh -NoLogo -NoProfile -ExecutionPolicy Bypass <<'EOF'
@(
@{Name='gitlab'; IpAddress='10.10.9.1'}
) | ForEach-Object {
$switchName = $_.Name
$switchIpAddress = $_.IpAddress
$networkAdapterName = "vEthernet ($switchName)"
$networkAdapterIpAddress = $switchIpAddress
$networkAdapterIpPrefixLength = 24
# create the vSwitch.
New-VMSwitch -Name $switchName -SwitchType Internal | Out-Null
# assign it an host IP address.
$networkAdapter = Get-NetAdapter $networkAdapterName
$networkAdapter | New-NetIPAddress `
-IPAddress $networkAdapterIpAddress `
-PrefixLength $networkAdapterIpPrefixLength `
| Out-Null
}
# remove all virtual switches from the windows firewall.
Set-NetFirewallProfile `
-DisabledInterfaceAliases (
Get-NetAdapter -name "vEthernet*" | Where-Object {$_.ifIndex}
).InterfaceAlias
EOF
You can also use Git Large File Storage (LFS). As this is an external Git plugin, you need to install git-lfs before you continue.
NB git-lfs
needs to be on your PATH
. Normally the installer configures
your system PATH
, but you still need to restart your shell or Git Client
application for it to pick it up.
Give it a try by cloning the example repository (created by create-example-repositories.sh):
git clone https://root:[email protected]/example/use-git-lfs.git
NB git-lfs
always uses an https
endpoint (even when you clone with ssh
).
Lets get familiar with git-lfs
by running some commands.
See the available lfs commands:
git lfs
Which file patterns are currently being tracked:
git lfs track
NB do not forget, only the tracked files are put outside the git repository. So don't forget to
track. e.g., with git lfs track "*.iso"
.
See which files are actually tracked:
git lfs ls-files
See the git-lfs
environment:
git lfs env
For more information read the tutorial and the documentation.
Watch the logs:
sudo su -l
tail -f /var/log/gitlab/gitlab-rails/*.log
Do a self-check:
sudo gitlab-rake --trace gitlab:env:info
sudo gitlab-rake --trace gitlab:check SANITIZE=true
By default Prometheus is configured to scrap the metric targets every 15 seconds and to store them for 15 days.
You can see the current targets at:
http://gitlab.example.com:9090/targets
WARNING prometheus is configured to listen at 0.0.0.0
, you probably want to change this.
GitLab has an API which can be used from different applications, one of those, is the gitlab
cli application, which is already installed in the vagrant environment (see provision-gitlab-cli.sh) and can be used as:
vagrant ssh
sudo su -l
# list all users.
gitlab -o yaml -f id,name,email user list --get-all
# list all groups and projects.
gitlab -o yaml -f id,visibility,full_path,web_url group list --get-all
gitlab -o yaml -f id,visibility,tag_list,path_with_namespace,web_url project list --get-all
# list all the projects protected branches, tags, members.
gitlab -o json -f id,visibility,tag_list,web_url project list --get-all >projects.json
jq '.[].id' projects.json | xargs -L1 gitlab project-protected-branch list --get-all --project-id
jq '.[].id' projects.json | xargs -L1 gitlab project-protected-tag list --get-all --project-id
jq '.[].id' projects.json | xargs -L1 gitlab project-member list --get-all --project-id
python-gitlab is also available as the gitlab
python library, which can be used as:
import gitlab
gl = gitlab.Gitlab.from_config()
# list all users.
for user in gl.users.list(all=True):
print(f'{user.id}\t{user.name}\t{user.email}')
# list all groups and projects.
for group in gl.groups.list(all=True):
print(f'{group.id}\t{group.visibility}\t{group.full_path}\t{group.web_url}')
for project in gl.projects.list(all=True):
print(f'{project.id}\t{project.visibility}\t{project.tag_list}\t{project.path_with_namespace}\t{project.web_url}')
# list project protected branches.
for project in gl.projects.list(all=True):
has_i = False
for i in project.protectedbranches.list(all=True):
print(f'{project.web_url}\t{i.name}')
has_i = True
if not has_i:
print(project.web_url)
# list project members.
# NB these members do not include the ones added to the group.
for project in gl.projects.list(all=True):
has_member = False
for member in project.members.list(all=True):
# NB the member object does not contain the email attribute, so we also fetch the user.
user = gl.users.get(id=member.id)
print(f'{project.web_url}\t{user.username}\t{user.email}')
has_member = True
if not has_member:
print(project.web_url)
# see more examples at https://python-gitlab.readthedocs.io/en/stable/api-objects.html
Also check the set-example-groups-users.py script to see how you could add users to all groups.