ADLER-TECH

GitLab Installation & Configuration

2 days (16 hours total)

Day 1 – Architecture, Installation, Core Configuration

1. GitLab Architecture

Components: Rails app, Workhorse, Gitaly, Redis, PostgreSQL, Sidekiq.
Omnibus vs source install. Backup model. Runner ecosystem.

2. System Requirements & Pre-Install Checks

OS choice (Ubuntu preferred), CPU/RAM/storage needs, open ports, SSH setup, FQDN, certificates, firewall.

3. GitLab Installation (Omnibus)

Package repos, installing omnibus, reconfiguring, first admin login, directory structure, /etc/gitlab/gitlab.rb.

4. GitLab External Services

PostgreSQL tuning (basic), Redis role, object storage backend (S3, GCS), SMTP settings, time sync.

5. User & Group Management

User registration settings, groups vs subgroups, permissions, roles, access model.

6. Project Configuration

Repositories, mirroring, branches, push rules, LFS, protected branches, tags.

7. Backup & Restore

Omnibus backup commands, artifacts backup, registry backup, external S3 backups, restore workflow.

Day 2 – CI/CD, Runners, Security, Monitoring & Upgrades

8. GitLab Runners (Core Administration)

Shell, Docker, Kubernetes runners, shared vs specific, concurrency, autoscaling basics.

9. CI/CD Configuration

Pipelines overview, .gitlab-ci.yml structure, runners assignment, variables, secrets, caching.

10. Registry & Package Registry

Container registry setup, authentication, retention, Package Registry for artifacts, cleanup policies.

11. HTTPS & TLS Configuration

Let’s Encrypt integration, external certs, reverse proxy mode (NGINX external), HSTS, TLS hardening.

12. Security & Access Controls

SSH key management, deploy keys, deploy tokens, 2FA, SSO/SAML overview, audit logs.

13. Monitoring

Built-in Prometheus exporters, metrics browsing, Sidekiq queue health, logging structure, slow request hunting.

14. Upgrades & Maintenance

Safe upgrade path, package channels, zero-downtime migrations basics, rake checks, trimming old data.

15. Integration with External Services

Webhook events, Jira integration, email notifications, LDAP/AD integration (high-level), OAuth apps.