This guide covers the full process of setting up a self-hosted GitLab instance with SSL certificates, Docker runners for CI/CD, Kubernetes integration via GitLab Agent, and automating Docker image builds and deployments through the pipeline.
1. Installing GitLab on Ubuntu with SSL
Prerequisites
- Ubuntu 20.04 LTS VPS
- Domain pointing to your VPS (e.g.,
gitlab.example.com
) - Minimum: 4 CPUs, 4GB RAM
Step 1: Update the System
sudo apt update && sudo apt upgrade -y
Step 2: Install Dependencies
sudo apt install curl ca-certificates apt-transport-https gnupg2 -y
Step 3: Add GitLab Repository
curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash
sudo apt update
Step 4: Install GitLab
sudo apt install gitlab-ce -y
Step 5: Configure SSL and Domain
Edit GitLab config:
sudo nano /etc/gitlab/gitlab.rb
Set domain and SSL:
external_url 'https://gitlab.example.com'
letsencrypt['enable'] = true
letsencrypt['contact_emails'] = ['admin@example.com']
letsencrypt['auto_renew'] = true
Apply configuration:
sudo gitlab-ctl reconfigure
2. Install Docker Runner for GitLab CI/CD
Step 1: Install Docker
sudo apt install docker.io -y
sudo systemctl enable docker && sudo systemctl start docker
Step 2: Install GitLab Runner
curl -L --output /usr/local/bin/gitlab-runner https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-linux-amd64
chmod +x /usr/local/bin/gitlab-runner
useradd --comment 'GitLab Runner' --create-home gitlab-runner --shell /bin/bash
Step 3: Register the Runner
sudo gitlab-runner register
Respond to prompts:
- GitLab URL:
https://gitlab.example.com
- Token: Get it from your GitLab project > Settings > CI/CD > Runners
- Description:
docker-runner
- Executor:
docker
- Docker Image:
docker:20.10.16
Step 4: Start Runner
sudo gitlab-runner start
3. Connect Kubernetes Cluster via GitLab Agent
Prerequisites
- A running Kubernetes cluster
- Helm CLI installed
- Access to GitLab project
Step 1: Register Kubernetes Agent
- Go to GitLab project > Operate > Kubernetes Clusters
- Click Connect a cluster (agent), give it a name, and register
- Save the Helm command and agent token
Step 2: Install Agent in Kubernetes
helm repo add gitlab https://charts.gitlab.io
helm repo update
helm upgrade --install gitlab-agent gitlab/gitlab-agent \
--namespace gitlab-agent \
--create-namespace \
--set config.token=<your_token> \
--set config.kasAddress=wss://gitlab.example.com/-/kubernetes-agent/
4. Build and Push Docker Images in GitLab CI
.gitlab-ci.yml Example
default:
image: docker:20.10.16
services:
- docker:20.10.16-dind
before_script:
- echo "$CI_REGISTRY_PASSWORD" | docker login $CI_REGISTRY -u $CI_REGISTRY_USER --password-stdin
variables:
IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
stages:
- build
- deploy
build:
stage: build
script:
- docker build -t $IMAGE_TAG .
- docker push $IMAGE_TAG
deploy:
stage: deploy
script:
- kubectl rollout restart deployment your-deployment-name -n your-namespace
only:
- main
Notes:
-
$CI_REGISTRY_IMAGE
is provided by GitLab CI. - Use
kubectl
inside a custom Docker image if needed.
5. Customize Helm for Secure Agent Deployment
For production systems:
- Create a custom service account with limited RBAC.
- Add flags like
--set rbac.create=false
and manually bind roles.
helm upgrade --install gitlab-agent gitlab/gitlab-agent \
--namespace gitlab-agent \
--set config.token=<your_token> \
--set rbac.create=false \
--set serviceAccount.create=false \
--set serviceAccount.name=my-custom-sa
Summary
By following this guide, you've:
- Installed GitLab with SSL
- Set up Docker runners for CI/CD
- Registered and installed Kubernetes agents
- Configured GitLab CI to build and push Docker images
- Integrated Kubernetes to deploy builds automatically
This full-stack setup gives you a robust, automated DevOps pipeline entirely self-managed and secure.
For maintenance, regularly update GitLab, rotate tokens, and monitor logs via gitlab-ctl
and kubectl logs
.
Top comments (0)