Installing Gitlab CE 11.10 and authenticating with AD

Install Required Dependencies.

yum update
yum install policycoreutils-python curl

Setup GitLab repo and install GitLab CE. Installation will take a while.

curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
EXTERNAL_URL="http://gitlab.bdn.com" yum install -y gitlab-ce

Note: If you want to change your main URL, you can configure it in the GitLab main configuration file /etc/gitlab/gitlab.rb in the external_url section. Once changed, don’t forget to reconfigure GitLab to apply the recent changes in the configuration file using the following command.

gitlab-ctl reconfigure

Allow access in Firewalld.

firewall-cmd --permanent --add-service=80/tcp
firewall-cmd --permanent --add-service=443/tcp
systemctl reload firewalld

GitLab is installed successfully. Now access through a browser and change the root password. http://gitlab.bdn.com.np

Deploy SSL Certificate

After purchasing your certificate, download the Certificate file and put it with the private key to the /etc/gitlab/ssl/ directory. ls -l

 -rw-r--r-- 1 root root 2264 May 8 13:53 gitlab.bdn.com.np.crt
 -rw-r--r-- 1 root root 1704 May 8 13:45 gitlab.bdn.com.np.key

Now configure SSL in /etc/gitlab/gitlab.rb file.

   # change to https
 external_url 'https://git.bdn.com.np'

 Under the ## GitLab NGINX section, enable Nginx and provide SSL key and certificate paths
 nginx['enable'] = true
 nginx['client_max_body_size'] = '250m'
 nginx['redirect_http_to_https'] = true
 nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.bdn.com.np.crt"
 nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.bdn.com.np.key"
 nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
 nginx['ssl_protocols'] = "TLSv1.1 TLSv1.2"

  gitlab-ctl reconfigure

Now visit the GitLab through
https://gitlab.bdn.com.np

Authenticate GitLab Access with Active Directory

Add AD settings in /etc/gitlab/gitlab.rb file.

### LDAP Settings
gitlab_rails['ldap_enabled'] = true
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'LDAP'
host: 'bdn.com.np'
port: 389
uid: 'uid'
method: 'plain' # "tls" or "ssl" or "plain"
bind_dn: 'uid=users,cn=admins,cn=users'
password: 'xxxxxx'
# active_directory: true
allow_username_or_email_login: true
block_auto_created_users: false
base: 'DC=bdn,DC=com,DC=np'
user_filter: ''
## EE only
group_base: ''
admin_group: ''
sync_ssh_keys: false
EOS

gitlab-ctl reconfigure

That’s it!!

We have Installed GitLab CE version 11.10 with SSL and AD for Authentication. Now access GitLab through URL https://gitlab.bdn.com.np

Comments