Tutorial based from: https://about.gitlab.com/downloads/#centos7

As root:

yum install curl policycoreutils openssh-server openssh-clients
systemctl enable sshd
systemctl start sshd
yum install postfix
systemctl enable postfix
systemctl start postfix
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
systemctl reload firewalld
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
yum install gitlab-ce
gitlab-ctl reconfigure

yum install python-certbot-apache
CERT_VHOST='your.host.name'
CERT_MAIL='youremail@address.com'
certbot certonly --standalone --email $CERT_MAIL -d $CERT_VHOST

nano /etc/gitlab.rb
nginx['enable'] = true
nginx['client_max_body_size'] = '250m'
nginx['redirect_http_to_https'] = true
nginx['redirect_http_to_https_port'] = 80

nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
nginx['ssl_prefer_server_ciphers'] = "on"
nginx['ssl_certificate'] = "/etc/letsencrypt/live/your.host.name/fullchain.pem"
nginx['ssl_certificate_key'] = "/etc/letsencrypt/live/your.host.name/privkey.pem"

gitlab-ctl reconfigure

touch /var/log/letsencrypt.log
nano /etc/crontab
# Certbot
0 0 * * * root certbot renew >> /var/log/letsencrypt.log

systemctl restart crond

 

 

dsfsfdsf

Advertisements