GitLab Docker

 Ref:https://docs.gitlab.com/ee/install/docker.html

Set up the volumes location

Before setting everything else, configure a new environment variable $GITLAB_HOME pointing to the directory where the configuration, logs, and data files will reside. Ensure that the directory exists and appropriate permission have been granted.

For Linux users, set the path to /srv/gitlab:

export GITLAB_HOME=/srv/gitlab

For macOS users, use the user’s $HOME/gitlab directory:

export GITLAB_HOME=$HOME/gitlab

The GitLab container uses host mounted volumes to store persistent data:

Local location Container location Usage

$GITLAB_HOME/data /var/opt/gitlab For storing application data.

$GITLAB_HOME/logs /var/log/gitlab For storing logs.

$GITLAB_HOME/config /etc/gitlab For storing the GitLab configuration files.

Installation

The GitLab Docker images can be run in multiple ways:

Using Docker Engine

Using Docker Compose

Using Docker swarm mode

Install GitLab using Docker Engine

You can fine tune these directories to meet your requirements. Once you’ve set up the GITLAB_HOME variable, you can run the image:

sudo docker run --detach \

  --hostname gitlab.example.com \

  --publish 443:443 --publish 80:80 --publish 22:22 \

  --name gitlab \

  --restart always \

  --volume $GITLAB_HOME/config:/etc/gitlab \

  --volume $GITLAB_HOME/logs:/var/log/gitlab \

  --volume $GITLAB_HOME/data:/var/opt/gitlab \

  --shm-size 256m \

  gitlab/gitlab-ee:latest

This will download and start a GitLab container and publish ports needed to access SSH, HTTP and HTTPS. All GitLab data will be stored as subdirectories of $GITLAB_HOME. The container will automatically restart after a system reboot.

If you are on SELinux, then run this instead:

sudo docker run --detach \

  --hostname gitlab.example.com \

  --publish 443:443 --publish 80:80 --publish 22:22 \

  --name gitlab \

  --restart always \

  --volume $GITLAB_HOME/config:/etc/gitlab:Z \

  --volume $GITLAB_HOME/logs:/var/log/gitlab:Z \

  --volume $GITLAB_HOME/data:/var/opt/gitlab:Z \

  --shm-size 256m \

  gitlab/gitlab-ee:latest

This will ensure that the Docker process has enough permissions to create the configuration files in the mounted volumes.

If you’re using the Kerberos integration , you must also publish your Kerberos port (for example, --publish 8443:8443). Failing to do so prevents Git operations with Kerberos.

The initialization process may take a long time. You can track this process with:

sudo docker logs -f gitlab

After starting a container you can visit gitlab.example.com (or http://192.168.59.103 if you used boot2docker on macOS). It might take a while before the Docker container starts to respond to queries.

Visit the GitLab URL, and log in with username root and the password from the following command:

sudo docker exec -it gitlab grep 'Password:' /etc/gitlab/initial_root_password

Remove credentials from Git

 

Ref: https://stackoverflow.com/questions/15381198/remove-credentials-from-git

If this problem comes on a Windows machine, do the following.

• Go to Credential Manager

  • in German, it is called: Anmeldeinformationsverwaltung
  • in French, it is called: Gestionnaire d'identification
  • in Polish, it is called: Menedżer poświadczeń
  • in Portuguese, it is called: Gerenciador de Credenciais
  • in Russian, it is called: Диспетчер учётных данных
  • in Spanish, it is called: Administrador de credenciales
  

• Go to Windows Credentials

• Delete the entries under Generic Credentials

  

  
  

• Try connecting again. This time, it should prompt you for the correct username and password.

Configure your Git username/email

Ref:https://support.atlassian.com/bitbucket-cloud/docs/configure-your-dvcs-username-for-commits/ 

Configure your Git username/email

You typically configure your global username and email address after installing Git. However, you can do so now if you missed that step or want to make changes. After you set your global configuration, repository-specific configuration is optional.

Git configuration works the same across Windows, macOS, and Linux.

To set your global username/email configuration:

1. Open the command line.

2. Set your username:
   git config --global user.name "FIRST_NAME LAST_NAME"

3. Set your email address:
   git config --global user.email "MY_NAME@example.com"

To set repository-specific username/email configuration:

1. From the command line, change into the repository directory.

2. Set your username:
   git config user.name "FIRST_NAME LAST_NAME"

3. Set your email address:
   git config user.email "MY_NAME@example.com"

4. Verify your configuration by displaying your configuration file:
   cat .git/config

Installing the trusted root certificate

Ref:https://docs.microsoft.com/en-us/skype-sdk/sdn/articles/installing-the-trusted-root-certificate

Adding certificate snap-ins

1. Launch MMC (mmc.exe).

2. Choose File > Add/Remove Snap-ins.

3. Choose Certificates, then choose Add.

4. Choose My user account.

5. Choose Add again and this time select Computer Account.

6. Move the new certificate from the Certificates-Current User > Trusted Root Certification Authorities into Certificates (Local Computer) > Trusted Root Certification Authorities.

Install Cygwin (without admin rights)

 

1. Download setup-x86_64.exe.
2. Open command line window (WIN+R and type cmd).
3. Go to the download directory, e. g.:

   cd %USERPROFILE%\Downloads
   

4. Run setup-x86_64.exe with the --no-admin option:

   setup-x86_64.exe --no-admin

How to Assign a Static IP to a Docker Container

 Ref: https://www.howtogeek.com/devops/how-to-assign-a-static-ip-to-a-docker-container/

Setting Up Static IPs

First, you’ll need to set up a Docker network, and since we care about the IP address, you’ll need to specify a fixed subnet:

docker network create --subnet=172.20.0.0/16 customnetwork

Then, you can run a container, specifying the network with the --net flag, and specifying the IP with the -ip flag:

docker run --net customnetwork --ip 172.20.0.10 -d container

Linux shell restricting access and disable shell with nologin

Ref: https://www.cyberciti.biz/tips/howto-linux-shell-restricting-access.html

To block shell access for the user named ‘vivek’. Please note that an account named ‘vivek’ must exist on your system. Run the usermod command or chsh command:
# usermod -s /sbin/nologin vivek
Debain or Linux Linux user modify above command as follows:
# usermod -s /usr/sbin/nologin vivek