Prerequisites and Planning Your Git Server Setup
Running your own Git server gives you complete control over repositories, user access, and data privacy. This tutorial walks through a complete GitLab Community Edition installation on Ubuntu 24.04 with SSL certificates and user management.
You'll need root access and at least 4GB RAM for smooth operation. The entire setup takes about 45 minutes.
Start by checking your system meets the requirements:
free -h
df -h /
lsb_release -aGitLab CE requires 4GB RAM minimum and 10GB disk space. Your Ubuntu version should be 20.04 or newer.
HostMyCode VPS plans include the resources needed for reliable Git hosting.
System Preparation and Dependencies
Update your packages before installation. This ensures compatibility with the latest GitLab release:
sudo apt update && sudo apt upgrade -y
sudo apt install curl openssh-server ca-certificates tzdata perl -yConfigure your firewall for HTTP, HTTPS, and SSH traffic:
sudo ufw allow OpenSSH
sudo ufw allow http
sudo ufw allow https
sudo ufw enableSet your system hostname to match your domain. Replace git.yourdomain.com with your actual domain:
sudo hostnamectl set-hostname git.yourdomain.com
echo "127.0.0.1 git.yourdomain.com" | sudo tee -a /etc/hostsInstalling GitLab Community Edition
Add the official GitLab repository and install the package. This method provides automatic updates and official support:
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bashInstall GitLab with your domain configuration. The installer handles most settings automatically:
sudo EXTERNAL_URL="https://git.yourdomain.com" apt-get install gitlab-ceInstallation takes 5-10 minutes. GitLab configures itself and starts all required services.
You'll see a message about the initial root password location when installation completes.
Retrieve your initial root password:
sudo cat /etc/gitlab/initial_root_passwordSave this password immediately. GitLab removes this file after 24 hours for security.
Domain and SSL Certificate Configuration
Configure your DNS records before proceeding. Create an A record pointing your subdomain to your VPS IP address.
Wait for DNS propagation. This usually takes 15-30 minutes.
Install Certbot for Let's Encrypt SSL certificates:
sudo apt install certbot -yStop GitLab temporarily to allow Certbot to bind to port 80:
sudo gitlab-ctl stop nginxGenerate your SSL certificate:
sudo certbot certonly --standalone -d git.yourdomain.comFollow the prompts to complete certificate generation. Certbot stores certificates in /etc/letsencrypt/live/git.yourdomain.com/.
Configure GitLab to use your SSL certificate by editing /etc/gitlab/gitlab.rb:
sudo nano /etc/gitlab/gitlab.rbFind and modify these lines:
external_url 'https://git.yourdomain.com'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/letsencrypt/live/git.yourdomain.com/fullchain.pem"
nginx['ssl_certificate_key'] = "/etc/letsencrypt/live/git.yourdomain.com/privkey.pem"Reconfigure GitLab to apply SSL settings:
sudo gitlab-ctl reconfigureInitial Configuration and Security Setup
Access your GitLab instance at https://git.yourdomain.com. Log in with username root and the password from the initial_root_password file.
Change the root password immediately. Navigate to User Settings > Password and set a strong password.
Use at least 12 characters including uppercase, lowercase, numbers, and symbols.
Configure basic security settings in Admin Area > Settings > General:
- Disable sign-up unless you need public registration
- Set password complexity requirements
- Configure session timeout (recommended: 8 hours)
- Enable two-factor authentication enforcement
Set up automated SSL renewal by creating a cron job:
sudo crontab -eAdd this line to renew certificates monthly:
0 2 1 * * /usr/bin/certbot renew --quiet --deploy-hook "gitlab-ctl restart nginx"User Management and Access Control
Create user accounts through Admin Area > Users > New User. Set usernames, emails, and initial passwords.
Users receive email notifications with login instructions.
Configure user groups for better access management. Navigate to Admin Area > Groups > New Group.
Create groups like "developers", "maintainers", and "guests".
Set up SSH key authentication for users. Each developer should add their public key in User Settings > SSH Keys.
Test SSH access:
ssh -T git@git.yourdomain.comConfigure project access levels:
- Guest: View issues and merge requests
- Reporter: Clone projects, view CI/CD results
- Developer: Push to non-protected branches, create merge requests
- Maintainer: Push to protected branches, manage project settings
- Owner: Full project control including deletion
Enable LDAP integration if you have existing user directories. Edit /etc/gitlab/gitlab.rb and configure the LDAP settings section.
Repository Creation and Management
Create your first repository through the GitLab interface. Click "New Project" and choose "Create blank project".
Set visibility level (private, internal, or public) based on your security requirements.
Configure protected branches to prevent accidental changes to main/master branches. Go to Project Settings > Repository > Protected Branches.
Add main with push and merge restrictions.
Set up merge request templates by creating .gitlab/merge_request_templates/ directory in your repository root. Add template files like Default.md with standard review requirements.
Enable repository mirroring for backup purposes. Navigate to Project Settings > Repository > Mirroring repositories.
Add external Git repositories as mirrors.
Configure webhooks for integration with external services. Go to Project Settings > Webhooks.
Add URLs for CI/CD systems, chat notifications, or deployment triggers.
Backup and Monitoring Configuration
GitLab includes built-in backup tools. Configure automated backups by editing /etc/gitlab/gitlab.rb:
gitlab_rails['backup_keep_time'] = 604800 # 7 days
gitlab_rails['backup_path'] = "/var/opt/gitlab/backups"Create a backup cron job:
sudo crontab -eAdd daily backup at 2 AM:
0 2 * * * /opt/gitlab/bin/gitlab-backup create CRON=1Monitor GitLab health using built-in metrics. Access https://git.yourdomain.com/-/health for basic health checks.
Configure Prometheus monitoring in Admin Area > Settings > Metrics and profiling.
Set up log monitoring to track authentication attempts, push events, and system errors:
sudo tail -f /var/log/gitlab/gitlab-rails/production.logConfigure email notifications for system events in Admin Area > Settings > Email. Test email delivery to ensure administrators receive critical alerts.
For comprehensive monitoring, consider the system log analysis tutorial for advanced log processing and alerting.
Performance Optimization and Scaling
Optimize GitLab performance by adjusting worker processes in /etc/gitlab/gitlab.rb:
unicorn['worker_processes'] = 3 # Adjust based on CPU cores
postgresql['shared_buffers'] = "256MB" # 25% of RAM for 4GB system
redis['maxmemory'] = "1gb"Configure Git repository housekeeping to maintain performance:
gitlab_rails['gitlab_shell_git_timeout'] = 800
gitlab_rails['git_timeout'] = 60Enable object storage for large repositories. Configure external storage in Admin Area > Settings > General > Repository storage.
This offloads Git LFS and artifacts.
Monitor resource usage and scale your VPS as needed. GitLab provides usage statistics in Admin Area > Analytics > Usage Trends.
The performance monitoring tutorial covers comprehensive resource tracking.
Consider upgrading to managed VPS hosting if you need professional support for your Git server infrastructure.
Troubleshooting Common Issues
Git clone failures often result from SSH key problems. Verify SSH configuration and key permissions:
ssh-keygen -lf ~/.ssh/id_rsa.pub
ls -la ~/.ssh/Ensure private keys have 600 permissions and public keys have 644 permissions.
GitLab startup failures usually indicate configuration errors. Check the configuration and restart services:
sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart
sudo gitlab-ctl statusMemory issues cause slow performance or crashes. Monitor memory usage:
free -h
sudo gitlab-ctl tailIf memory usage exceeds 80%, consider upgrading your VPS or optimizing worker processes.
SSL certificate renewal failures require manual intervention. Check Certbot logs and renew manually if needed:
sudo certbot renew --dry-run
sudo certbot renew --force-renewalDatabase connectivity issues appear in GitLab logs. Restart PostgreSQL if necessary:
sudo gitlab-ctl restart postgresql
sudo gitlab-ctl restartFrequently Asked Questions
How much RAM does GitLab CE require for a small team?
GitLab CE needs 4GB RAM minimum for basic functionality. For 5-10 users with moderate repository activity, 8GB RAM provides comfortable performance.
Larger teams or heavy CI/CD usage require 16GB or more.
Can I migrate existing Git repositories to GitLab?
Yes, GitLab supports importing from GitHub, Bitbucket, and other Git providers. Use the built-in import tools in the New Project screen.
You can also clone repositories manually and push to GitLab remotes.
How do I backup GitLab data including repositories?
Use GitLab's built-in backup command: sudo gitlab-backup create. This creates a complete backup including repositories, database, and configuration.
Store backups on external storage for disaster recovery.
What's the difference between GitLab CE and EE?
GitLab Community Edition (CE) is free and includes core Git hosting, CI/CD, and issue tracking. Enterprise Edition (EE) adds advanced security features, compliance tools, and premium support for larger organizations.
How do I update GitLab to newer versions?
Update GitLab using your package manager: sudo apt update && sudo apt upgrade gitlab-ce. Always backup before upgrading.
Test in a staging environment for major version changes.