Installation from source

This is the official installation guide to set up a production GitLab server using the source files. To set up a development installation or for many other installation options, see the main installation page. It was created for and tested on Debian/Ubuntu operating systems. Read for hardware and operating system requirements. If you want to install on RHEL/CentOS, we recommend using the Omnibus packages.

This guide is long because it covers many cases and includes all commands you need, this is one of the few installation scripts that actually work out of the box. The following steps have been known to work. Use caution when you deviate from this guide. Make sure you don’t violate any assumptions GitLab makes about its environment. For example, many people run into permission problems because they changed the location of directories or run services as the wrong user.

If you find a bug/error in this guide, submit a merge request following the contributing guide.

Consider the Omnibus package installation

Since an installation from source is a lot of work and error prone we strongly recommend the fast and reliable Omnibus package installation (deb/rpm).

One reason the Omnibus package is more reliable is its use of runit to restart any of the GitLab processes in case one crashes. On heavily used GitLab instances the memory usage of the Sidekiq background worker will grow over time.

Omnibus packages solve this by letting the Sidekiq terminate gracefully if it uses too much memory. After this termination runit will detect Sidekiq is not running and will start it. Since installations from source don’t use runit for process supervision, Sidekiq can’t be terminated and its memory usage will grow over time.

Select a version to install

Make sure you view this installation guide from the branch (version) of GitLab you would like to install (e.g., 11-7-stable). You can select the branch in the version dropdown in the top left corner of GitLab (below the menu bar).

If the highest number stable branch is unclear, check the GitLab blog for installation guide links by version.

GitLab directory structure

This is the main directory structure you will end up with following the instructions of this page:

|-- home
|   |-- git
|       |-- .ssh
|       |-- gitlab
|       |-- gitlab-shell
|       |-- repositories
  • /home/git/.ssh - Contains OpenSSH settings. Specifically, the authorized_keys file managed by GitLab Shell.
  • /home/git/gitlab - GitLab core software.
  • /home/git/gitlab-shell - Core add-on component of GitLab. Maintains SSH cloning and other functionality.
  • /home/git/repositories - Bare repositories for all projects organized by namespace. This is where the Git repositories which are pushed/pulled are maintained for all projects. This area contains critical data for projects. Keep a backup.
Note: The default locations for repositories can be configured in config/gitlab.yml of GitLab and config.yml of GitLab Shell.

For a more in-depth overview, see the GitLab architecture doc.


The GitLab installation consists of setting up the following components:

  1. Packages and dependencies.
  2. Ruby.
  3. Go.
  4. Node.
  5. System users.
  6. Database.
  7. Redis.
  8. GitLab.
  9. NGINX.

1. Packages and dependencies

sudo is not installed on Debian by default. Make sure your system is up-to-date and install it.

# run as root!
apt-get update -y
apt-get upgrade -y
apt-get install sudo -y
Note: During this installation, some files will need to be edited manually. If you are familiar with vim, set it as default editor with the commands below. If you are not familiar with vim, skip this and keep using the default editor.
# Install vim and set as default editor
sudo apt-get install -y vim
sudo update-alternatives --set editor /usr/bin/vim.basic

Install the required packages (needed to compile Ruby and native extensions to Ruby gems):

sudo apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libre2-dev \
  libreadline-dev libncurses5-dev libffi-dev curl openssh-server checkinstall libxml2-dev \
  libxslt-dev libcurl4-openssl-dev libicu-dev logrotate rsync python-docutils pkg-config cmake \

Ubuntu 14.04 (Trusty Tahr) doesn’t have the libre2-dev package available, but you can install re2 manually.

If you want to use Kerberos for user authentication, install libkrb5-dev:

sudo apt-get install libkrb5-dev
Note: If you don’t know what Kerberos is, you can assume you don’t need it.

Make sure you have the right version of Git installed:

# Install Git
sudo apt-get install -y git-core

# Make sure Git is version 2.27.0 or higher (minimal supported version is 2.25.0)
git --version

Starting with GitLab 12.0, Git is required to be compiled with libpcre2. Find out if that’s the case:

ldd $(command -v git) | grep pcre2

The output should contain

Is the system packaged Git too old, or not compiled with pcre2? Remove it:

sudo apt-get remove git-core

On Ubuntu, install Git from its official PPA:

# run as root!
add-apt-repository ppa:git-core/ppa
apt update
apt install git
# repeat libpcre2 check as above

On Debian, use the following compilation instructions:

# Install dependencies
sudo apt-get install -y libcurl4-openssl-dev libexpat1-dev gettext libz-dev libssl-dev build-essential

# Download and compile pcre2 from source
curl --silent --show-error --location --output pcre2.tar.gz
tar -xzf pcre2.tar.gz
cd pcre2-10.33
chmod +x configure
./configure --prefix=/usr --enable-jit
sudo make install

# Download and compile from source
cd /tmp
curl --remote-name --location --progress
echo '77ded85cbe42b1ffdc2578b460a1ef5d23bcbc6683eabcafbb0d394dffe2e787  git-2.27.0.tar.gz' | shasum -a256 -c - && tar -xzf git-2.27.0.tar.gz
cd git-2.27.0/
./configure --with-libpcre
make prefix=/usr/local all

# Install into /usr/local/bin
sudo make prefix=/usr/local install

# When editing config/gitlab.yml later, change the git -> bin_path to /usr/local/bin/git

For the Custom Favicon to work, GraphicsMagick needs to be installed.

sudo apt-get install -y graphicsmagick

Note: In order to receive mail notifications, make sure to install a mail server. By default, Debian is shipped with exim4 but this has problems while Ubuntu does not ship with one. The recommended mail server is postfix and you can install it with:

sudo apt-get install -y postfix

Then select ‘Internet Site’ and press enter to confirm the hostname.

GitLab Workhorse requires exiftool to remove EXIF data from uploaded images.

sudo apt-get install -y libimage-exiftool-perl

2. Ruby

The Ruby interpreter is required to run GitLab.

Note: The current supported Ruby (MRI) version is 2.6.x. GitLab 12.2 dropped support for Ruby 2.5.x.

The use of Ruby version managers such as RVM, rbenv or chruby with GitLab in production, frequently leads to hard to diagnose problems. Version managers are not supported and we strongly advise everyone to follow the instructions below to use a system Ruby.

Linux distributions generally have older versions of Ruby available, so these instructions are designed to install Ruby from the official source code.

Remove the old Ruby 1.8 if present:

sudo apt-get remove ruby1.8

Download Ruby and compile it:

mkdir /tmp/ruby && cd /tmp/ruby
curl --remote-name --progress
echo '2d78048e293817f38d4ede4ebc7873013e97bb0b  ruby-2.6.6.tar.gz' | shasum -c - && tar xzf ruby-2.6.6.tar.gz
cd ruby-2.6.6

./configure --disable-install-rdoc
sudo make install

Then install the Bundler gem (a version below 2.x):

sudo gem install bundler --no-document --version '< 2'

3. Go

Since GitLab 8.0, GitLab has several daemons written in Go. To install GitLab we need a Go compiler. The instructions below assume you use 64-bit Linux. You can find downloads for other platforms at the Go download page.

# Remove former Go installation folder
sudo rm -rf /usr/local/go

curl --remote-name --progress
echo '512103d7ad296467814a6e3f635631bd35574cab3369a97a323c9a585ccaa569  go1.13.5.linux-amd64.tar.gz' | shasum -a256 -c - && \
  sudo tar -C /usr/local -xzf go1.13.5.linux-amd64.tar.gz
sudo ln -sf /usr/local/go/bin/{go,godoc,gofmt} /usr/local/bin/
rm go1.13.5.linux-amd64.tar.gz

4. Node

Since GitLab 8.17, GitLab requires the use of Node to compile JavaScript assets, and Yarn to manage JavaScript dependencies. The current minimum requirements for these are:

  • node >= v10.13.0. (We recommend node 12.x as it is faster)
  • yarn >= v1.10.0.

In many distros, the versions provided by the official package repositories are out of date, so we’ll need to install through the following commands:

# install node v12.x
curl --location | sudo bash -
sudo apt-get install -y nodejs

curl --silent --show-error | sudo apt-key add -
echo "deb stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update
sudo apt-get install yarn

Visit the official websites for node and yarn if you have any trouble with these steps.

5. System users

Create a git user for GitLab:

sudo adduser --disabled-login --gecos 'GitLab' git

6. Database

Note: Starting from GitLab 12.1, only PostgreSQL is supported. Since GitLab 13.0, we require PostgreSQL 11+.
  1. Install the database packages:

    sudo apt-get install -y postgresql postgresql-client libpq-dev postgresql-contrib
  2. Start the PostgreSQL service and confirm that the service is running:

    sudo service postgresql start
    sudo service postgresql status
  3. Create a database user for GitLab:

    sudo -u postgres psql -d template1 -c "CREATE USER git CREATEDB;"
  4. Create the pg_trgm extension (required for GitLab 8.6+):

    sudo -u postgres psql -d template1 -c "CREATE EXTENSION IF NOT EXISTS pg_trgm;"
  5. Create the GitLab production database and grant all privileges on the database:

    sudo -u postgres psql -d template1 -c "CREATE DATABASE gitlabhq_production OWNER git;"
  6. Try connecting to the new database with the new user:

    sudo -u git -H psql -d gitlabhq_production
  7. Check if the pg_trgm extension is enabled:

    SELECT true AS enabled
    FROM pg_available_extensions
    WHERE name = 'pg_trgm'
    AND installed_version IS NOT NULL;

    If the extension is enabled this will produce the following output:

    (1 row)
  8. Quit the database session:

    gitlabhq_production> \q

7. Redis

GitLab requires at least Redis 5.0.

If you are using Debian 10 or Ubuntu 20.04 and up, you can install Redis 5.0 with:

sudo apt-get install redis-server

Once done, you can configure Redis:

# Configure redis to use sockets
sudo cp /etc/redis/redis.conf /etc/redis/redis.conf.orig

# Disable Redis listening on TCP by setting 'port' to 0
sudo sed 's/^port .*/port 0/' /etc/redis/redis.conf.orig | sudo tee /etc/redis/redis.conf

# Enable Redis socket for default Debian / Ubuntu path
echo 'unixsocket /var/run/redis/redis.sock' | sudo tee -a /etc/redis/redis.conf

# Grant permission to the socket to all members of the redis group
echo 'unixsocketperm 770' | sudo tee -a /etc/redis/redis.conf

# Create the directory which contains the socket
sudo mkdir -p /var/run/redis
sudo chown redis:redis /var/run/redis
sudo chmod 755 /var/run/redis

# Persist the directory which contains the socket, if applicable
if [ -d /etc/tmpfiles.d ]; then
  echo 'd  /var/run/redis  0755  redis  redis  10d  -' | sudo tee -a /etc/tmpfiles.d/redis.conf

# Activate the changes to redis.conf
sudo service redis-server restart

# Add git to the redis group
sudo usermod -aG redis git

8. GitLab

# We'll install GitLab into the home directory of the user "git"
cd /home/git

Clone the Source

Clone Community Edition:

# Clone GitLab repository
sudo -u git -H git clone -b X-Y-stable gitlab

Clone Enterprise Edition:

# Clone GitLab repository
sudo -u git -H git clone -b X-Y-stable gitlab

Make sure to replace X-Y-stable with the stable branch that matches the version you want to install. For example, if you want to install 11.8 you would use the branch name 11-8-stable.

Caution: You can change X-Y-stable to master if you want the bleeding edge version, but never install master on a production server!

Configure It

# Go to GitLab installation folder
cd /home/git/gitlab

# Copy the example GitLab config
sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml

# Update GitLab config file, follow the directions at top of the file
sudo -u git -H editor config/gitlab.yml

# Copy the example secrets file
sudo -u git -H cp config/secrets.yml.example config/secrets.yml
sudo -u git -H chmod 0600 config/secrets.yml

# Make sure GitLab can write to the log/ and tmp/ directories
sudo chown -R git log/
sudo chown -R git tmp/
sudo chmod -R u+rwX,go-w log/
sudo chmod -R u+rwX tmp/

# Make sure GitLab can write to the tmp/pids/ and tmp/sockets/ directories
sudo chmod -R u+rwX tmp/pids/
sudo chmod -R u+rwX tmp/sockets/

# Create the public/uploads/ directory
sudo -u git -H mkdir -p public/uploads/

# Make sure only the GitLab user has access to the public/uploads/ directory
# now that files in public/uploads are served by gitlab-workhorse
sudo chmod 0700 public/uploads

# Change the permissions of the directory where CI job logs are stored
sudo chmod -R u+rwX builds/

# Change the permissions of the directory where CI artifacts are stored
sudo chmod -R u+rwX shared/artifacts/

# Change the permissions of the directory where GitLab Pages are stored
sudo chmod -R ug+rwX shared/pages/

# Copy the example Puma config
sudo -u git -H cp config/puma.rb.example config/puma.rb

# Refer to for more information.
# You should scale Puma workers and threads based on the number of CPU
# cores you have available. You can get that number via the `nproc` command.
sudo -u git -H editor config/puma.rb

# Copy the example Rack attack config
sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb

# Configure Git global settings for git user
# 'autocrlf' is needed for the web editor
sudo -u git -H git config --global core.autocrlf input

# Disable 'git gc --auto' because GitLab already runs 'git gc' when needed
sudo -u git -H git config --global 0

# Enable packfile bitmaps
sudo -u git -H git config --global repack.writeBitmaps true

# Enable push options
sudo -u git -H git config --global receive.advertisePushOptions true

# Enable fsyncObjectFiles to reduce risk of repository corruption if the server crashes
sudo -u git -H git config --global core.fsyncObjectFiles true

# Configure Redis connection settings
sudo -u git -H cp config/resque.yml.example config/resque.yml

# Change the Redis socket path if you are not using the default Debian / Ubuntu configuration
sudo -u git -H editor config/resque.yml
Caution: Make sure to edit both gitlab.yml and puma.rb to match your setup. If you want to use the Unicorn web server, see Using Unicorn for the additional steps.
Note: If you want to use HTTPS, see Using HTTPS for the additional steps.

Configure GitLab DB Settings

sudo -u git cp config/database.yml.postgresql config/database.yml

# Remove host, username, and password lines from config/database.yml.
# Once modified, the `production` settings will be as follows:
#   production:
#     adapter: postgresql
#     encoding: unicode
#     database: gitlabhq_production
#     pool: 10
sudo -u git -H editor config/database.yml

# Remote PostgreSQL only:
# Update username/password in config/database.yml.
# You only need to adapt the production settings (first part).
# If you followed the database guide then please do as follows:
# Change 'secure password' with the value you have given to $password
# You can keep the double quotes around the password
sudo -u git -H editor config/database.yml

# Make config/database.yml readable to git only
sudo -u git -H chmod o-rwx config/database.yml

Install Gems

Note: As of Bundler 1.5.2, you can invoke bundle install -jN (where N is the number of your processor cores) and enjoy parallel gems installation with measurable difference in completion time (~60% faster). Check the number of your cores with nproc. For more information, see this post.

Make sure you have bundle (run bundle -v):

  • >= 1.5.2, because some issues were fixed in 1.5.2.
  • < 2.x.
sudo -u git -H bundle install --deployment --without development test mysql aws kerberos
Note: If you want to use Kerberos for user authentication, omit kerberos in the --without option above.

Install GitLab Shell

GitLab Shell is an SSH access and repository management software developed specially for GitLab.

# Run the installation task for gitlab-shell:
sudo -u git -H bundle exec rake gitlab:shell:install RAILS_ENV=production

# By default, the gitlab-shell config is generated from your main GitLab config.
# You can review (and modify) the gitlab-shell config as follows:
sudo -u git -H editor /home/git/gitlab-shell/config.yml
Note: If you want to use HTTPS, see Using HTTPS for the additional steps.
Note: Make sure your hostname can be resolved on the machine itself by either a proper DNS record or an additional line in /etc/hosts (“ hostname”). This might be necessary, for example, if you set up GitLab behind a reverse proxy. If the hostname cannot be resolved, the final installation check will fail with Check GitLab API access: FAILED. code: 401 and pushing commits will be rejected with [remote rejected] master -> master (hook declined).

Install GitLab Workhorse

GitLab-Workhorse uses GNU Make. The following command-line will install GitLab-Workhorse in /home/git/gitlab-workhorse which is the recommended location.

sudo -u git -H bundle exec rake "gitlab:workhorse:install[/home/git/gitlab-workhorse]" RAILS_ENV=production

You can specify a different Git repository by providing it as an extra parameter:

sudo -u git -H bundle exec rake "gitlab:workhorse:install[/home/git/gitlab-workhorse,]" RAILS_ENV=production

Install GitLab-Elasticsearch-indexer on Enterprise Edition

GitLab-Elasticsearch-Indexer uses GNU Make. The following command-line will install GitLab-Elasticsearch-Indexer in /home/git/gitlab-elasticsearch-indexer which is the recommended location.

sudo -u git -H bundle exec rake "gitlab:indexer:install[/home/git/gitlab-elasticsearch-indexer]" RAILS_ENV=production

You can specify a different Git repository by providing it as an extra parameter:

sudo -u git -H bundle exec rake "gitlab:indexer:install[/home/git/gitlab-elasticsearch-indexer,]" RAILS_ENV=production

The source code will first be fetched to the path specified by the first parameter. Then a binary will be built under its bin directory. You will then need to update gitlab.yml’s production -> elasticsearch -> indexer_path setting to point to that binary.

Note: Elasticsearch is a feature of GitLab Enterprise Edition and isn’t included in GitLab Community Edition.

Install GitLab Pages

GitLab Pages uses GNU Make. This step is optional and only needed if you wish to host static sites from within GitLab. The following commands will install GitLab Pages in /home/git/gitlab-pages. For additional setup steps, consult the administration guide for your version of GitLab as the GitLab Pages daemon can be run several different ways.

cd /home/git
sudo -u git -H git clone
cd gitlab-pages
sudo -u git -H git checkout v$(</home/git/gitlab/GITLAB_PAGES_VERSION)
sudo -u git -H make

Install Gitaly

# Fetch Gitaly source with Git and compile with Go
cd /home/git/gitlab
sudo -u git -H bundle exec rake "gitlab:gitaly:install[/home/git/gitaly,/home/git/repositories]" RAILS_ENV=production

You can specify a different Git repository by providing it as an extra parameter:

sudo -u git -H bundle exec rake "gitlab:gitaly:install[/home/git/gitaly,/home/git/repositories,]" RAILS_ENV=production

Next, make sure that Gitaly is configured:

# Restrict Gitaly socket access
sudo chmod 0700 /home/git/gitlab/tmp/sockets/private
sudo chown git /home/git/gitlab/tmp/sockets/private

# If you are using non-default settings you need to update config.toml
cd /home/git/gitaly
sudo -u git -H editor config.toml

For more information about configuring Gitaly see the Gitaly documentation.

Start Gitaly

Gitaly must be running for the next section.


sudo -u git -H sh -c "$gitlab_path/bin/daemon_with_pidfile $gitlab_path/tmp/pids/ \
  $gitaly_path/gitaly $gitaly_path/config.toml >> $gitlab_path/log/gitaly.log 2>&1 &"

Initialize Database and Activate Advanced Features

cd /home/git/gitlab
sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production
# Type 'yes' to create the database tables.

# or you can skip the question by adding force=yes
sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production force=yes

# When done, you see 'Administrator account created:'
Note: You can set the Administrator/root password and e-mail by supplying them in environmental variables, GITLAB_ROOT_PASSWORD and GITLAB_ROOT_EMAIL respectively, as seen below. If you don’t set the password (and it is set to the default one), wait to expose GitLab to the public internet until the installation is done and you’ve logged into the server the first time. During the first login, you’ll be forced to change the default password. An Enterprise Edition license may also be installed at this time by supplying a full path in the GITLAB_LICENSE_FILE environment variable.
sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=yourpassword GITLAB_ROOT_EMAIL=youremail GITLAB_LICENSE_FILE="/path/to/license"

Secure secrets.yml

The secrets.yml file stores encryption keys for sessions and secure variables. Backup secrets.yml someplace safe, but don’t store it in the same place as your database backups. Otherwise, your secrets are exposed if one of your backups is compromised.

Install Init Script

Download the init script (will be /etc/init.d/gitlab):

sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab

And if you are installing with a non-default folder or user copy and edit the defaults file:

sudo cp lib/support/init.d/gitlab.default.example /etc/default/gitlab

If you installed GitLab in another directory or as a user other than the default, you should change these settings in /etc/default/gitlab. Do not edit /etc/init.d/gitlab as it will be changed on upgrade.

Make GitLab start on boot:

sudo update-rc.d gitlab defaults 21

Set up Logrotate

sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab

Check Application Status

Check if GitLab and its environment are configured correctly:

sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production

Compile GetText PO files

sudo -u git -H bundle exec rake gettext:compile RAILS_ENV=production

Compile Assets

sudo -u git -H yarn install --production --pure-lockfile
sudo -u git -H bundle exec rake gitlab:assets:compile RAILS_ENV=production NODE_ENV=production

If rake fails with JavaScript heap out of memory error, try to run it with NODE_OPTIONS set as follows.

sudo -u git -H bundle exec rake gitlab:assets:compile RAILS_ENV=production NODE_ENV=production NODE_OPTIONS="--max_old_space_size=4096"

Start Your GitLab Instance

sudo service gitlab start
# or
sudo /etc/init.d/gitlab restart


Note: NGINX is the officially supported web server for GitLab. If you cannot or do not want to use NGINX as your web server, see GitLab recipes.


sudo apt-get install -y nginx

Site Configuration

Copy the example site config:

sudo cp lib/support/nginx/gitlab /etc/nginx/sites-available/gitlab
sudo ln -s /etc/nginx/sites-available/gitlab /etc/nginx/sites-enabled/gitlab

Make sure to edit the config file to match your setup. Also, ensure that you match your paths to GitLab, especially if installing for a user other than the git user:

# Change YOUR_SERVER_FQDN to the fully-qualified
# domain name of your host serving GitLab.
# Remember to match your paths to GitLab, especially
# if installing for a user other than 'git'.
# If using Ubuntu default nginx install:
# either remove the default_server from the listen line
# or else sudo rm -f /etc/nginx/sites-enabled/default
sudo editor /etc/nginx/sites-available/gitlab

If you intend to enable GitLab Pages, there is a separate NGINX config you need to use. Read all about the needed configuration at the GitLab Pages administration guide.

Note: If you want to use HTTPS, replace the gitlab NGINX config with gitlab-ssl. See Using HTTPS for HTTPS configuration details.

Test Configuration

Validate your gitlab or gitlab-ssl NGINX config file with the following command:

sudo nginx -t

You should receive syntax is okay and test is successful messages. If you receive errors check your gitlab or gitlab-ssl NGINX config file for typos, etc. as indicated in the error message given.

Note: Verify that the installed version is greater than 1.12.1 by running nginx -v. If it’s lower, you may receive the error below: nginx: [emerg] unknown "start$temp=[filtered]$rest" variable nginx: configuration file /etc/nginx/nginx.conf test failed


sudo service nginx restart


Double-check Application Status

To make sure you didn’t miss anything run a more thorough check with:

sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production

If all items are green, congratulations on successfully installing GitLab!

Supply SANITIZE=true environment variable to gitlab:check to omit project names from the output of the check command.

Initial Login

Visit YOUR_SERVER in your web browser for your first GitLab login.

If you didn’t provide a root password during setup, you’ll be redirected to a password reset screen to provide the password for the initial administrator account. Enter your desired password and you’ll be redirected back to the login screen.

The default account’s username is root. Provide the password you created earlier and login. After login, you can change the username if you wish.


You can use sudo service gitlab start and sudo service gitlab stop to start and stop GitLab.

Advanced Setup Tips

Relative URL support

See the Relative URL documentation for more information on how to configure GitLab with a relative URL.


To use GitLab with HTTPS:

  1. In gitlab.yml:
    1. Set the port option in section 1 to 443.
    2. Set the https option in section 1 to true.
  2. In the config.yml of GitLab Shell:
    1. Set gitlab_url option to the HTTPS endpoint of GitLab (e.g.
    2. Set the certificates using either the ca_file or ca_path option.
  3. Use the gitlab-ssl NGINX example config instead of the gitlab config.
    1. Update YOUR_SERVER_FQDN.
    2. Update ssl_certificate and ssl_certificate_key.
    3. Review the configuration file and consider applying other security and performance enhancing features.

Using a self-signed certificate is discouraged but if you must use it, follow the normal directions. Then:

  1. Generate a self-signed SSL certificate:

    mkdir -p /etc/nginx/ssl/
    cd /etc/nginx/ssl/
    sudo openssl req -newkey rsa:2048 -x509 -nodes -days 3560 -out gitlab.crt -keyout gitlab.key
    sudo chmod o-r gitlab.key
  2. In the config.yml of GitLab Shell set self_signed_cert to true.

Enable Reply by email

See the “Reply by email” documentation for more information on how to set this up.

LDAP Authentication

You can configure LDAP authentication in config/gitlab.yml. Restart GitLab after editing this file.

Using Custom OmniAuth Providers

See the OmniAuth integration documentation.

Build your projects

GitLab can build your projects. To enable that feature, you need GitLab Runners to do that for you. See the GitLab Runner section to install it.

Adding your Trusted Proxies

If you are using a reverse proxy on a separate machine, you may want to add the proxy to the trusted proxies list. Otherwise users will appear signed in from the proxy’s IP address.

You can add trusted proxies in config/gitlab.yml by customizing the trusted_proxies option in section 1. Save the file and reconfigure GitLab for the changes to take effect.

Custom Redis Connection

If you’d like to connect to a Redis server on a non-standard port or a different host, you can configure its connection string via the config/resque.yml file.

# example
  url: redis://redis.example.tld:6379

If you want to connect the Redis server via socket, use the “unix:” URL scheme and the path to the Redis socket file in the config/resque.yml file.

# example
  url: unix:/path/to/redis/socket

Also, you can use environment variables in the config/resque.yml file:

# example
  url: <%= ENV.fetch('GITLAB_REDIS_URL') %>

Custom SSH Connection

If you are running SSH on a non-standard port, you must change the GitLab user’s SSH config.

# Add to /home/git/.ssh/config
host localhost          # Give your setup a name (here: override localhost)
    user git            # Your remote git user
    port 2222           # Your port number
    hostname; # Your server name or IP

You also need to change the corresponding options (e.g. ssh_user, ssh_host, admin_uri) in the config\gitlab.yml file.

Additional Markup Styles

Apart from the always supported Markdown style, there are other rich text files that GitLab can display. But you might have to install a dependency to do so. See the github-markup gem README for more information.

Using Unicorn

As of GitLab 12.9, Puma has replaced Unicorn as the default web server for installations from source. If you want to switch back to Unicorn, follow these steps:

  1. Finish the GitLab setup so you have it up and running.
  2. Copy the supplied example Unicorn config file into place:

    cd /home/git/gitlab
    # Copy config file for the web server
    sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb
  3. Edit the system init.d script and set USE_WEB_SERVER="unicorn". If you have /etc/default/gitlab, then you should edit it instead.
  4. Restart GitLab.

Using Sidekiq instead of Sidekiq Cluster

As of GitLab 12.10, Source installations are using bin/sidekiq-cluster for managing Sidekiq processes. Using Sidekiq directly will still be supported until 14.0. So if you’re experiencing issues, please:

  1. Edit the system init.d script to remove the SIDEKIQ_WORKERS flag. If you have /etc/default/gitlab, then you should edit it instead.
  2. Restart GitLab.
  3. Create an issue describing the problem.


“You appear to have cloned an empty repository.”

If you see this message when attempting to clone a repository hosted by GitLab, this is likely due to an outdated NGINX or Apache configuration, or a missing or misconfigured GitLab Workhorse instance. Double-check that you’ve installed Go, installed GitLab Workhorse, and correctly configured NGINX.

google-protobuf “LoadError: /lib/x86_64-linux-gnu/ version `GLIBC_2.14’ not found”

This can happen on some platforms for some versions of the google-protobuf gem. The workaround is to install a source-only version of this gem.

First, you must find the exact version of google-protobuf that your GitLab installation requires:

cd /home/git/gitlab

# Only one of the following two commands will print something. It
# will look like: * google-protobuf (3.2.0)
bundle list | grep google-protobuf
bundle check | grep google-protobuf

Below, 3.2.0 is used as an example. Replace it with the version number you found above:

cd /home/git/gitlab
sudo -u git -H gem install google-protobuf --version 3.2.0 --platform ruby

Finally, you can test whether google-protobuf loads correctly. The following should print ‘OK’.

sudo -u git -H bundle exec ruby -rgoogle/protobuf -e 'puts :OK'

If the gem install command fails, you may need to install the developer tools of your OS.

On Debian/Ubuntu:

sudo apt-get install build-essential libgmp-dev

On RedHat/CentOS:

sudo yum groupinstall 'Development Tools'