Hi Mike and others,
The latest state is that the installation is indeed working except the httpS (SSL) by Let's Encrypt. For some reason the installation fails to authenticate/verify itself correctly to the Let's encrypt server. Normally this works fine, and you will get a free Let's Encrypt certificate that is used by GitLab instance. For now the instance is using a self-signed certificate (which is not ideal).
You can execute: 'gitlab-ctl reconfigure' on the VM to trigger a certificate deployment of Let's Encrypt. Maybe somebody knows why is goes wrong in this VM?
More info: https://docs.gitlab.com/omnibus/settings/ssl.html
Off-topic: Too bad I also hurt by wrist, so that is why I take it a bit easy now. Sorry about that, a wrist injury is taking some time to heal again. :\
Kind regards, Melroy van den Berg
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ Op dinsdag, juli 7, 2020 11:06 PM, Mike Gabriel <mike.gabriel@das-netzwerkteam.de> schreef:
HI Melroy,
On Di 09 Jun 2020 23:01:24 CEST, Melroy van den Berg wrote:
Hi, I just discovered that GitLab tries to also set the following during > "sysctl -e --system" command: cat /etc/sysctl.d/90-omnibus-gitlab-kernel.sem.conf kernel.sem = 250 32000 32 262 And also: cat /etc/sysctl.d/protect-links.conf ###################################################################
Protected links
================
==
Protects against creating or following links under certain conditions
======================================================================
Debian kernels have both set to 1 (restricted)
===============================================
See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
===========================================================
fs.protected_hardlinks = 1 fs.protected_symlinks = 1 You maybe want to change this as well in the host & container? I disabled the command "reload all sysctrl conf" for now in in the > GitLab recipes (Ruby code): /opt/gitlab/embedded/cookbooks/package/recipes/sysctl.rb As well as, I commented-out where "reload all sysctrl conf" is used in: /opt/gitlab/embedded/cookbooks/package/resources/gitlab_sysctl.rb I will create a GitLab issue or comment on an existing GitLab issue > regarding support LXC containers without this much hassle. Next issue I'm facing is regarding Let's Encrypt. But the terminal > is now in use by somebody else... Regards, Melroy van den Berg
I haven't got back to your mail, I am sorry.
Unfortunately, the host hosting gitlab.x2go.org has been taken offline by the provide due to some NIC misconfiguration. We are investigating on that.
I'd like to use gitlab.x2go.org starting next week for some new projects related to X2Go. Melroy, do you think the system is already usable (once it's online again)?
Sorry, for having not followed up on your work, but I was really busy the last bit of June.
Mike
DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de