Private GitLab warehouse – build GitLab private code warehouse locally and remotely access “intranet penetration” at any time

Article directory

  • foreword
  • 1. Download Gitlab
  • 2. Install GitLab
  • 3. Start Gitlab
  • 4. Install cpolar intranet penetration
  • 5. Create a tunnel configuration access address
  • 6. Fixed GitLab access address
    • 6.1 Reserved second-level subdomains
    • 6.2 Configure the second-level subdomain name
  • 7. Test access to the second-level subdomain

Reproduced from the remote control source article: Linux builds GitLab private warehouse, and intranet penetration to achieve public network access

Foreword

GitLab is an open source project for warehouse management systems, using Git as a code management tool, and a web service built on this basis.

Gitlab is a widely used git-based open source code management platform. It is built on Ruby on Rails and mainly manages code and documents generated during the software development process. Gitlab mainly manages code and documents in two dimensions: group and project. A group is a group, and a project is an engineering project. A group can manage multiple projects. It can be understood that there are multiple software development tasks in a group, and a project may contain multiple branches, which means that there are multiple branches in each project. Branches are independent of each other, and different branches can be merged.

Next, we build a GitLab private warehouse in Linux centOS8 and combine it with the Cpolar intranet penetration tool to realize that the private warehouse Gitlab can also be accessed in the public network environment.

1. Download Gitlab

Create a directory in the system, named GitLab, to store the downloaded installation package

mkdir /usr/local/gitlab

Enter the created directory

cd /usr/local/gitlab

Download the Gitlab installation package and wait for the download to complete

wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/8/gitlab-ce-15.0.2-ce.0.el8.x86_64.rpm/download .rpm

1678717872337

2. Install Gitlab

After the download is successful, start to install Gitlab, first install a toolkit, it takes a long time, wait for the installation to complete:

yum install policycoreutils-python-utils

1678720861569

Then install Gitlab, go to the /usr/local/gitlab directory we created above and execute:

rpm -Uvh gitlab-ce-15.0.2-ce.0.el8.x86_64.rpm

1678721095616

After the installation is complete, update the configuration, it will take a little time, wait patiently, after completion, we can see the user name and password

gitlab-ctl reconfigure

We can see the user name and password for the following information, the user name is: root, and the password needs to be viewed separately

1678721702117

The above path is the password path, check the password:

cat /etc/gitlab/initial_root_password

1678721881291

3. Start Gitlab

The test starts, no errors indicate success

gitlab-ctl start

1678722005864

Then modify the access address, edit the Gitlab configuration file,

vim /etc/gitlab/gitlab.rb

Change the value of external_url to http://127.0.0.1:8088, the port number can be specified by yourself, specify 8088 here, and then save

image-20230314003117292

Reload the configuration file after modification

gitlab-ctl reconfigure

Then restart Gitlab

sudo gitlab-ctl restart

If there is a firewall, add the firewall port: 8088

firewall-cmd --zone=public --add-port=8088/tcp --permanent

Then open the browser and enter the Linux LAN ip + 8088 to access successfully

1678725368861

Enter the user name above: root and the password viewed above to log in successfully

1678725526795

4. Install cpolar intranet penetration

Above we installed Gitlab on the local Linux virtual machine. Next, we installed cpolar intranet traditional tools. Through cpolar’s http public network address, we can easily access GitLab remotely and without registering a domain name. The following is the installation of cpolar intranet Penetration steps:

首页

  • Install commands using one-click scripts
curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash
  • token authentication

Log in to the background of the cpolar official website, click the verification on the left to view your own authentication token, and then paste the token in the command line:

cpolar authtoken xxxxxxx

20230206171248

  • Add services to the system and configure cpolar to start automatically at boot
sudo systemctl enable cpolar
  • Start the cpolar service
sudo systemctl start cpolar

5. Create tunnel configuration access address

After successfully starting the cpolar service, we access the Linux LAN ip address + port 9200 on the browser, and log in to the cpolar web UI management interface.

After successful login, click Tunnel Management on the left dashboard – Create Tunnel, and create an http protocol tunnel pointing to port 8088 set above:

  • Tunnel name: can be customized, be careful not to duplicate the existing tunnel name
  • protocol: http
  • Local address: 8088
  • Domain name type: choose a random domain name for free
  • Region: Select China VIP

Click Create

1678724119867

Then open the online tunnel list, view and copy the public network address

1678724278844

Then open the browser, enter the public network address, you can access successfully

1678725654998

6. Fixed GitLab access address

Since the tunnel just created uses a random temporary address, the address will change within 24 hours. For long-term remote access, we will configure this public network address as fixed next.

6.1 Reserved second-level subdomains

You need to upgrade to the basic package or above to support the configuration of second-level subdomains

Log in to the background of the cpolar official website, click Reserved on the left dashboard, find Reserve the second-level subdomain name, and reserve a second-level subdomain name for the http tunnel.

  • Region: select server region
  • Name: Fill in the second-level subdomain name you want to reserve (customizable)
  • Description: Remarks, which can be customized

1678725876220

In this example, a second-level subdomain named gitlabTest is reserved. After the subdomain name is successfully reserved, we copy the subdomain name, and then we need to configure it in the tunnel.

1678725912846

6.2 Configure the second-level subdomain

Log in to the cpolar web ui management interface. Click Tunnel Management on the left dashboard–Tunnel List, find the tunnel that needs to be configured with a second-level subdomain name, and click Edit on the right

1678725955880

Modify the tunnel information and configure the second-level subdomain name into the tunnel:

  • Domain name type: choose secondary subdomain name instead
  • Sub Domain: Fill in the second-level subdomain we just reserved (in this case gitlabTest)

After modification, click Update

1678725995744

After the tunnel is successfully updated, click Status on the left dashboard–Online Tunnel List, and you can see the public network address of the tunnel, which has been updated to a second-level subdomain name. Copy the public network address.

1678726056852

7. Test access to the second-level subdomain

Open the browser, let’s test access to the successfully configured second-level subdomain name, the test is successful, and it can be accessed normally. Now, our only private second-level subdomain name in the entire network has been created. And this address will not change randomly anymore, it is fixed, as long as the tunnel is online, we can use this public network address to remotely access anytime and anywhere, without the need for a public network IP or setting up a router.

1678726105739

There is an exchange learning area below the article! Let’s learn and progress together!
The first CSDN blog is not easy to create. If you think the article is good, you can like itFavoriteComment
Your support and encouragement is the driving force for my creation?