nixos/modules/services/misc/gitlab.xml at release-16.03-start · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / services / misc / gitlab.xml
at release-16.03-start 2.8 kB view raw
  1<chapter xmlns="http://docbook.org/ns/docbook"
  2         xmlns:xlink="http://www.w3.org/1999/xlink"
  3         xmlns:xi="http://www.w3.org/2001/XInclude"
  4         version="5.0"
  5         xml:id="module-services-gitlab">
  6
  7<title>Gitlab</title>
  8
  9<para>Gitlab is a feature-rich git hosting service.</para>
 10
 11<section><title>Prerequisites</title>
 12
 13<para>The gitlab service exposes only an Unix socket at
 14<literal>/run/gitlab/gitlab-workhorse.socket</literal>. You need to configure a
 15webserver to proxy HTTP requests to the socket.</para>
 16
 17<para>For instance, this could be used for Nginx:
 18
 19<programlisting>
 20services.nginx.httpConfig = ''
 21  server {
 22    server_name git.example.com;
 23    listen 443 ssl spdy;
 24    listen [::]:443 ssl spdy;
 25
 26    ssl_certificate /var/lib/acme/git.example.com/fullchain.pem;
 27    ssl_certificate_key /var/lib/acme/git.example.com/key.pem;
 28
 29    location / {
 30      proxy_http_version 1.1;
 31      proxy_set_header    Host                $http_host;
 32      proxy_set_header    X-Real-IP           $remote_addr;
 33      proxy_set_header    X-Forwarded-Ssl     on;
 34      proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
 35      proxy_set_header    X-Forwarded-Proto   $scheme;
 36
 37      proxy_pass http://unix:/run/gitlab/gitlab-workhorse.socket;
 38    }
 39  }
 40'';
 41</programlisting>
 42</para>
 43
 44</section>
 45
 46<section><title>Configuring</title>
 47
 48<para>Gitlab depends on both PostgreSQL and Redis and will automatically enable
 49both services. In the case of PostgreSQL, a database and a role will be created.
 50</para>
 51
 52<para>The default state dir is /var/gitlab/state. This is where all data like
 53the repositories and uploads will be stored.</para>
 54
 55<para>A basic configuration could look like this:
 56
 57<programlisting>
 58services.gitlab = {
 59  enable = true;
 60  databasePassword = "eXaMpl3";
 61  initialRootPassword = "UseNixOS!";
 62  https = true;
 63  host = "git.example.com";
 64  port = 443;
 65  user = "git";
 66  group = "git";
 67  extraConfig = {
 68    gitlab = {
 69      default_projects_features = { builds = false; };
 70    };
 71  };
 72};
 73</programlisting>
 74</para>
 75
 76<para>Refer to <xref linkend="ch-options" /> for all available configuration
 77options for the <literal>services.gitlab</literal> module.</para>
 78
 79</section>
 80
 81<section><title>Maintenance</title>
 82
 83<para>You can run all Gitlab related commands like rake tasks with
 84<literal>gitlab-runner</literal> which will be available on the system
 85when gitlab is enabled. You will have to run the commands as the user that
 86you configured to run gitlab.</para>
 87
 88<para>For instance, to backup a Gitlab instance:
 89
 90<programlisting>
 91$ sudo -u git -H gitlab-runner exec rake gitlab:backup:create
 92</programlisting>
 93
 94A list of all availabe rake tasks can be obtained by running:
 95
 96<programlisting>
 97$ sudo -u git -H gitlab-runner exec rake -T
 98</programlisting>
 99</para>
100
101</section>
102
103</chapter>