gitlab/README.md

Vimium GitLab

Self hosted GitLab instance on Vimium.com. Deployed on Hetzner Cloud in the Nuremberg datacentre.

Prerequisites

Create an API key in the Hetzner Cloud GUI (Project -> Security -> API Tokens) with the name gitlab. This may already be accessible via pass api/hetzner/gitlab.

SSH key

Replace :bearer with your API token from above and :sshkey with your SSH key.

POST https://api.hetzner.cloud/v1/ssh_keys HTTP/1.1
Authorization: Bearer :bearer
Content-Type: application/json

{
  "name": "jordan",
  "public_key": ":sshkey"
}

Create the primary server

This instance will run GitLab CE.

POST https://api.hetzner.cloud/v1/servers HTTP/1.1
Authorization: Bearer :bearer
Content-Type: application/json

{
  "name": "gitlab-nbg1-1",
  "server_type": "cx31",
  "location": "nbg1",
  "start_after_create": true,
  "image": "debian-10",
  "labels": {"gitlab-role": "primary"},
  "ssh_keys": [
    "jordan"
  ],
  "automount": false
}

Create the GitLab Runner instance

POST https://api.hetzner.cloud/v1/servers HTTP/1.1
Authorization: Bearer :bearer
Content-Type: application/json

{
  "name": "gitlab-runner-nbg1-1",
  "server_type": "cpx11",
  "location": "nbg1",
  "start_after_create": true,
  "image": "debian-10",
  "labels": {"gitlab-role": "runner"},
  "ssh_keys": [
    "jordan"
  ],
  "automount": false
}

Deployment

Ansible is used to provision both the primary GitLab instance and the GitLab runner.

Run:

ansible-galaxy -r requirements.yml
ansible-playbook main.yml

First time setup

SSH onto the GitLab instance and run:

grep 'Password:' /etc/gitlab/initial_root_password

Then login to the web interface with the username root and the password from above.

1. Change admin password
2. Disable sign ups

Resources

• https://github.com/geerlingguy/ansible-role-gitlab
• https://github.com/riemers/ansible-gitlab-runner
• https://wyssmann.com/blog/2021/04/dynamic-inventory-with-ansible-and-hetzner-robot-and-hetzner-cloud/