Heptapod: GitLab with Mercurial support


Install and configure Heptapod: a fork of the GitLab software development platform that works with both Git and Mercurial.

Specify the replace_data_directory directory to store the data in the preferred location.
Choose a container name replace_container, a hostname replace_hostname and volume names replace_volume.
Specify the network replace_network to serve behind a reverse proxy.

Create the directories and the volumes.



data_directory="replace_data_directory" # data_directory=/data/services

container=replace_container # container=gitlab
container_hostname=replace_hostname # container_hostname=gitlab
volume=replace_volume # volume=gitlab
volume_configuration=${volume}_configuration
volume_data=${volume}_data
volume_logs=${volume}_logs
network=replace_network # network=services

sudo mkdir --parents "$data_directory/gitlab"
sudo chmod --recursive a+rwX "$data_directory/gitlab/"

mkdir "$data_directory/gitlab/configuration"
mkdir "$data_directory/gitlab/data"
mkdir "$data_directory/gitlab/logs"

docker volume create \
--name $volume_configuration \
--driver local-persist \
--opt mountpoint="$data_directory/gitlab/configuration/"
docker volume create \
--name $volume_data \
--driver local-persist \
--opt mountpoint="$data_directory/gitlab/data/"
docker volume create \
--name $volume_logs \
--driver local-persist \
--opt mountpoint="$data_directory/gitlab/logs/"

Edit and place the configuration file.
Set the web server hostname and form the Heptapod location replace_location that users will access.
Specify the internal network definition replace_network_addresses so that GitLab trusts the reverse proxy and correctly displays user addresses, not the reverse proxy address. The address and the mask of the network replace_network can be easily checked with the Docker command line interface or with Portainer.

It is worth tailoring one's own configuration from scratch. For that, export the template configuration file from the latest image and change the defaults, toggle features and specify integrations.



docker container create \
--name $container \
--hostname $container_hostname \
--mount type=tmpfs,destination=/etc/gitlab \
--mount type=tmpfs,destination=/var/opt/gitlab \
--mount type=tmpfs,destination=/var/log/gitlab \
octobus/heptapod
docker cp $container:/opt/gitlab/etc/gitlab.rb.template gitlab.rb
docker container rm $container

docker network inspect $network

# edit the template gitlab.rb or use the supplied one and diff with the latest

cp gitlab.rb "$data_directory/gitlab/configuration/"

Configure the reverse proxy. Put the configuration file to the web server directory. Set the Heptapod hostname replace_hostname in the configuration file to forward requests to the container. Apply the web server configuration.



container_caddy=replace_container_caddy # container_caddy=caddy

cp gitlab.caddy "$data_directory/caddy/configuration/"
docker container restart $container_caddy

Finally, start the container.



docker run --detach --restart unless-stopped \
--name $container \
--hostname $container_hostname \
--network $network \
--mount type=volume,source=$volume_configuration,destination=/etc/gitlab \
--mount type=volume,source=$volume_data,destination=/var/opt/gitlab \
--mount type=volume,source=$volume_logs,destination=/var/log/gitlab \
--shm-size 256m \
--mount type=bind,source=/etc/timezone,destination=/etc/timezone,readonly \
--mount type=bind,source=/etc/localtime,destination=/etc/localtime,readonly \
octobus/heptapod

Optionally, tweak the default password constraints.



docker container exec --interactive --tty $container /bin/bash
sed --regexp-extended --in-place \
's|'\
'^(  DEFAULT_MINIMUM_PASSWORD_LENGTH = 8)$|'\
'#\1\n  DEFAULT_MINIMUM_PASSWORD_LENGTH = 1|'\
'w /dev/stdout' \
/opt/gitlab/embedded/service/gitlab-rails/\
app/models/application_setting_implementation.rb
quit
docker container restart $container

Sign in to the site at the /gitlab path as root with the automatically generated password and perform configurations.



sudo cat "$data_directory/gitlab/configuration/initial_root_password"

General

Account and limit
Session duration (minutes)
User OAuth applications
Prompt users to upload SSH keys

Sign-up restrictions
Sign-up enabled
Minimum password length (number of characters)

Customer experience improvement and third-party offers
Do not display offers from third parties

Repository
Default branch

CI/CD

Continuous Integration and Deployment
Default to Auto DevOps pipeline for all projects

Metrics and profiling

Metrics - Prometheus
Self monitoring
Usage statistics
Enable version check
Enable Service Ping

Preferences

Email
Enable in-product marketing emails

What's new
Disable What's new

Localization
Default first day of the week

Overview
Users

Administrator
Edit
Password

New user
Edit
Password

Continuous Integration — Heptapod Runner


Set up continuous integration agents. Heptapod Runner is similar to Gitlab Runner.

Specify the data directory replace_data_directory.
Choose a container name replace_container, a hostname replace_hostname and volume names replace_volume.
Specify the network replace_network to interact with Heptapod.

Create the directories and the volumes.



data_directory="replace_data_directory" # data_directory=/data/services

container=replace_container # container=gitlab_ci
container_hostname=replace_hostname # container_hostname=gitlab-ci
volume=replace_volume # volume=gitlab_ci
volume_configuration=${volume}_configuration
volume_builds=${volume}_builds
volume_cache=${volume}_cache
network=replace_network # network=services

sudo mkdir --parents "$data_directory/gitlab_ci"
sudo chmod --recursive a+rwX "$data_directory/gitlab_ci/"

mkdir "$data_directory/gitlab_ci/configuration"
mkdir "$data_directory/gitlab_ci/builds"
mkdir "$data_directory/gitlab_ci/cache"

docker volume create \
--name $volume_configuration \
--driver local-persist \
--opt mountpoint="$data_directory/gitlab_ci/configuration/"
docker volume create \
--name $volume_builds \
--driver local-persist \
--opt mountpoint="$data_directory/gitlab_ci/builds/"
docker volume create \
--name $volume_cache \
--driver local-persist \
--opt mountpoint="$data_directory/gitlab_ci/cache/"

Place the configuration file, adapt as necessary.
Assign a description replace_container to the agent. It will be visible in the user interface. Set the Heptapod hostname replace_hostname_gitlab and the runner hostname replace_hostname so they can reach out to and interact with each other within the internal network.

Get an access token for the agent.
Navigate the settings and generate a registration token replace_token.

Overview
Runners
Register an instance runner

Execute the registration command. A configuration file will be created containing the access token. Save the token replace_token and paste it into the prepared file.
Be aware that the registration procedure is undergoing a redesign currently.



hostname_gitlab=replace_hostname_gitlab # hostname_gitlab=gitlab
token='replace_token' # token=********************

docker run --rm --interactive --tty \
--name $container \
--hostname $container_hostname \
--network $network \
--mount type=volume,source=$volume_configuration,destination=/etc/gitlab-runner \
octobus/heptapod-runner \
register --non-interactive \
--name $container \
--url "http://$hostname_gitlab/gitlab" \
--registration-token $token \
--executor docker --docker-image docker

sudo cat "$data_directory/gitlab_ci/configuration/config.toml"
sudo rm "$data_directory/gitlab_ci/configuration/config.toml"

# save the access token into the composed config.toml

cp config.toml "$data_directory/gitlab_ci/configuration/"

Now, if you are going to utilize Docker in Docker approach for builds, consider centralized volume management.
The --volumes-from parameter might come in handy for decoupling build steps from build environments. A running reference container is mandatory for other containers to be able to copy its volume configuration. Carefully define the volumes container name replace_container_volumes and the builds and cache volume names replace_volume.
The network replace_network also has to be repeated for pipeline connectivity.
Environment variables pass all possibly required options to pipelines. The container name replace_container and the hostname replace_hostname of the agent prepend the naming patterns for job containers. Overriding the location replace_hostname_gitlab on the runner level forces communication through the internal network.

There are sample scripts for pulling sources manually. They also demonstrate the use of the technique.



container_volumes=replace_container_volumes # container_volumes=gitlab_ci_volumes

docker run --detach --restart unless-stopped --interactive --tty --init \
--name $container_volumes \
--hostname $(echo $container_volumes | tr '_' '-') \
--network none \
--mount type=volume,source=$volume_builds,destination=/builds \
--mount type=volume,source=$volume_cache,destination=/cache \
--mount type=bind,source=/etc/timezone,destination=/etc/timezone,readonly \
--mount type=bind,source=/etc/localtime,destination=/etc/localtime,readonly \
alpine sleep infinity

# chmod +x here or in pipelines
cp --recursive scripts "$data_directory/gitlab_ci/builds/"

Start the container.
Check the logs and the user interface and verify that the agent works.



docker run --detach --restart unless-stopped \
--name $container \
--hostname $container_hostname \
--network $network \
--mount type=volume,source=$volume_configuration,destination=/etc/gitlab-runner \
--mount type=volume,source=$volume_cache,destination=/home/gitlab-runner \
--mount type=bind,source=/var/run/docker.sock,destination=/var/run/docker.sock \
--mount type=bind,source=/etc/timezone,destination=/etc/timezone,readonly \
--mount type=bind,source=/etc/localtime,destination=/etc/localtime,readonly \
octobus/heptapod-runner