How To Install GitLab on Fedora 43

GitLab has transformed how development teams manage code repositories, collaborate on projects, and implement continuous integration pipelines. This comprehensive guide walks you through installing GitLab Community Edition on Fedora 43, enabling you to host your own DevOps platform with complete control over your data and infrastructure.

Whether you’re managing a small development team or building an enterprise-level version control system, self-hosting GitLab on Fedora 43 provides flexibility, security, and cost savings compared to cloud-based solutions. Fedora’s cutting-edge technology stack and robust package management make it an excellent choice for running GitLab’s resource-intensive services.

This tutorial covers everything from system preparation to SSL configuration, ensuring you have a production-ready GitLab instance. You’ll learn essential configuration techniques, troubleshooting strategies, and security best practices.

Understanding GitLab and Its Benefits

GitLab represents a complete DevOps lifecycle platform that extends far beyond simple Git repository hosting. The platform integrates source code management, issue tracking, code review, continuous integration, continuous deployment, and container registry functionality into a unified interface.

Community Edition offers remarkable value for teams of all sizes. The open-source version includes most features developers need daily, while Enterprise Edition adds advanced capabilities for larger organizations. Self-hosting provides complete data sovereignty, customizable security policies, and unlimited private repositories without subscription costs.

Development teams use GitLab to streamline workflows, automate testing, and accelerate deployment cycles. The platform’s built-in CI/CD capabilities eliminate the need for separate tools, reducing complexity and maintenance overhead.

System Requirements and Prerequisites

Proper hardware allocation ensures smooth GitLab operation. The platform requires substantial resources due to its multiple integrated services including PostgreSQL database, Redis cache, and Sidekiq background processor.

Hardware Requirements

CPU capacity directly impacts GitLab performance. A minimum of 4 CPU cores handles basic installations supporting up to 500 users. Production environments benefit from 8 or more vCPU cores, particularly when running intensive CI/CD pipelines.

Memory allocation proves critical for stability. GitLab requires at least 8 GB of RAM combined with swap space for minimal deployments. Allocate 16 GB or more for production systems with active user bases. Insufficient memory causes service crashes and slow response times.

Storage requirements vary based on repository size and usage patterns. The GitLab installation itself occupies approximately 2.5 GB. Reserve substantial additional space for repositories, artifacts, container images, and backups. SSD storage significantly improves database query performance and page load times.

Software Requirements

Fedora 43 provides a modern foundation for GitLab installation. Ensure you have root or sudo access to execute administrative commands. An active internet connection enables package downloads and repository access.

Domain names or static IP addresses simplify access management. While optional for testing environments, production deployments should use fully qualified domain names for professional appearance and SSL certificate compatibility.

Network Requirements

Configure firewall rules to permit incoming connections. HTTP traffic uses port 80, HTTPS requires port 443, and SSH access operates on port 22. Proper DNS configuration ensures users can reach your GitLab instance reliably.

Pre-Installation Preparation

System preparation prevents installation issues and ensures optimal performance. Start with a clean, updated Fedora 43 installation for best results.

Updating System Packages

Update all existing packages before installing GitLab:

sudo dnf update -y

This command downloads and installs the latest security patches and bug fixes. System updates may include kernel modifications requiring a reboot. Check for pending kernel updates:

sudo dnf list installed kernel

Reboot if necessary to ensure all updates take effect.

Setting Hostname and FQDN

Proper hostname configuration prevents authentication and email delivery problems. Set your system hostname:

sudo hostnamectl set-hostname gitlab.yourdomain.com

Verify the change:

hostnamectl

Edit the hosts file for local name resolution:

sudo nano /etc/hosts

Add an entry mapping your IP address to the hostname:

192.168.1.100 gitlab.yourdomain.com gitlab

Save the file and test resolution:

ping gitlab.yourdomain.com

Firewall Configuration

Fedora 43 includes firewalld for network security management. Check firewall status:

sudo systemctl status firewalld

Open required ports for GitLab access:

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --permanent --add-service=ssh

Reload firewall rules:

sudo firewall-cmd --reload

Verify the configuration:

sudo firewall-cmd --list-all

Installing Required Dependencies

GitLab relies on several system packages for full functionality. These dependencies handle network operations, email delivery, and security policy enforcement.

Essential Packages

Install all required dependencies with a single command:

sudo dnf install -y curl postfix openssh-server openssh-clients policycoreutils-python-utils perl

Each package serves specific purposes. Curl downloads files from the internet. Postfix manages email notifications. OpenSSH packages enable secure remote access. SELinux utilities configure security policies. Perl executes GitLab management scripts.

Configuring Postfix

Email functionality enables notifications, password resets, and collaboration features. Start the Postfix service:

sudo systemctl start postfix

Enable automatic startup:

sudo systemctl enable postfix

Verify Postfix runs correctly:

sudo systemctl status postfix

The service should display “active (running)” status.

Enabling Services

Ensure critical services start automatically after system reboot:

sudo systemctl enable sshd
sudo systemctl start sshd

Check service status:

sudo systemctl is-enabled postfix sshd

Both services should return “enabled”.

Adding GitLab Repository

GitLab packages aren’t available in Fedora’s default repositories. Add the official GitLab repository to access Community Edition packages.

Using GitLab Installation Script

The recommended method uses GitLab’s automated repository setup script:

curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash

This script configures repository URLs, imports GPG keys, and sets up package management. The process completes in seconds and displays confirmation messages.

Manual Repository Configuration

Advanced users can manually create repository configuration:

sudo nano /etc/yum.repos.d/gitlab-ce.repo

Add the following content:

[gitlab_gitlab-ce]
name=gitlab_gitlab-ce
baseurl=https://packages.gitlab.com/gitlab/gitlab-ce/el/8/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

Save the file. This method provides more control over repository settings.

Verifying Repository

Confirm repository addition:

sudo dnf repolist | grep gitlab

The output should display the GitLab repository. Update package cache:

sudo dnf makecache

Installing GitLab Community Edition

With repositories configured, install GitLab using Fedora’s package manager. The installation process downloads approximately 1 GB of packages.

Installation Process

Install GitLab Community Edition:

sudo dnf install -y gitlab-ce

The process may take several minutes depending on internet speed. DNF automatically resolves dependencies and installs required libraries.

Environment Variable Configuration

Set the external URL during installation to avoid manual configuration:

sudo EXTERNAL_URL="http://gitlab.yourdomain.com" dnf install -y gitlab-ce

This method automatically configures GitLab with your domain name. Replace the URL with your actual domain or IP address.

Installation Completion

Successful installation displays configuration messages. GitLab files install to /opt/gitlab/, while configuration resides in /etc/gitlab/. The installation includes all necessary services: PostgreSQL database, Redis cache, Nginx web server, and GitLab application components.

Post-Installation Checks

Verify package installation:

rpm -qa | grep gitlab

Check GitLab version:

sudo gitlab-rake gitlab:env:info

This command displays GitLab version, Ruby version, and system information.

Configuring GitLab

Configuration customization tailors GitLab to your specific requirements. The main configuration file uses Ruby syntax for settings.

Initial Configuration

Open the configuration file:

sudo nano /etc/gitlab/gitlab.rb

The file contains hundreds of configuration options with extensive comments. Most settings use sensible defaults requiring no modification.

External URL Configuration

Locate the external_url setting near the top of the file:

external_url 'http://gitlab.yourdomain.com'

Replace the placeholder with your actual URL. Use HTTPS for production environments:

external_url 'https://gitlab.yourdomain.com'

This setting affects URL generation in emails and repository clone addresses.

Email Settings

Configure SMTP for email delivery. Locate the SMTP settings section and add:

gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.gmail.com"
gitlab_rails['smtp_port'] = 587
gitlab_rails['smtp_user_name'] = "your-email@gmail.com"
gitlab_rails['smtp_password'] = "your-password"
gitlab_rails['smtp_domain'] = "smtp.gmail.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['gitlab_email_from'] = 'your-email@gmail.com'

Adjust settings for your email provider.

Running GitLab Reconfigure

Apply configuration changes:

sudo gitlab-ctl reconfigure

This command generates service configuration files, initializes databases, and starts all GitLab components. The first reconfigure takes 5-10 minutes. Subsequent reconfigurations complete faster.

Verification

Check all services:

sudo gitlab-ctl status

All components should show “run” status. Services include:

• gitaly: Git repository storage
• gitlab-workhorse: Smart reverse proxy
• logrotate: Log management
• nginx: Web server
• postgresql: Database
• puma: Application server
• redis: Cache server
• sidekiq: Background job processor

Accessing GitLab Web Interface

First-time access requires retrieving the automatically generated root password.

First-Time Access

Retrieve the initial root password:

sudo cat /etc/gitlab/initial_root_password

This file contains a randomly generated secure password. The password expires 24 hours after installation for security.

Copy the password from the output:

Password: RDr2u50wloMV7CqnPpVFPN3WwxTBt03yFtscw/eOlvg=

Initial Login

Open your web browser and navigate to your configured URL:

http://gitlab.yourdomain.com

The GitLab login page appears. Enter credentials:

• Username: root
• Password: (paste the retrieved password)

Click “Sign in”.

Changing Root Password

Immediately change the root password after first login. Click the user avatar in the top-right corner. Select “Edit profile” then “Password”.

Enter your current password and new password twice. Use a strong password with:

• Minimum 8 characters
• Uppercase and lowercase letters
• Numbers
• Special characters

Click “Save password”. Log out and log back in to verify the new password works.

SSL/TLS Configuration with Let’s Encrypt

HTTPS encryption protects data transmission and enables modern browser features.

Prerequisites for HTTPS

Ensure you have:

• A registered domain name
• DNS A record pointing to your server’s public IP
• Ports 80 and 443 accessible from the internet

Verify DNS propagation:

dig gitlab.yourdomain.com

Enabling Let’s Encrypt Integration

Edit the GitLab configuration:

sudo nano /etc/gitlab/gitlab.rb

Modify the external URL to use HTTPS:

external_url 'https://gitlab.yourdomain.com'

Enable Let’s Encrypt:

letsencrypt['contact_emails'] = ['admin@yourdomain.com']
letsencrypt['auto_renew'] = true
letsencrypt['auto_renew_hour'] = 2
letsencrypt['auto_renew_minute'] = 30
letsencrypt['auto_renew_day_of_month'] = "*/7"

These settings enable automatic certificate renewal.

Applying SSL Configuration

Save the file and reconfigure GitLab:

sudo gitlab-ctl reconfigure

GitLab automatically requests a Let’s Encrypt certificate, validates domain ownership, and configures Nginx for HTTPS.

Verification

Access GitLab via HTTPS:

https://gitlab.yourdomain.com

Click the padlock icon in your browser’s address bar to verify certificate validity. The certificate should show “Let’s Encrypt” as the issuer.

Check certificate expiration:

sudo gitlab-ctl renew-le-certs

Certificates automatically renew before expiration.

Configuring Firewall Rules

Proper firewall configuration balances security and accessibility.

Firewalld Configuration

Firewalld manages network traffic on Fedora 43. Verify firewall status:

sudo firewall-cmd --state

Add permanent rules for HTTP:

sudo firewall-cmd --permanent --add-service=http

Add permanent rules for HTTPS:

sudo firewall-cmd --permanent --add-service=https

Ensure SSH access remains available:

sudo firewall-cmd --permanent --add-service=ssh

Reload firewall to apply changes:

sudo firewall-cmd --reload

List active rules:

sudo firewall-cmd --list-services

SELinux Configuration

SELinux provides additional security layers. Allow web services through SELinux:

sudo semanage port -a -t http_port_t -p tcp 80
sudo semanage port -a -t http_port_t -p tcp 443

Enable SELinux boolean for web connections:

sudo setsebool -P httpd_can_network_connect on

These commands permit GitLab’s Nginx service to bind to HTTP/HTTPS ports.

Post-Installation Configuration

Optimize GitLab for your specific use case.

User Management

Create additional administrator accounts for team members. Navigate to “Admin Area” from the user menu. Click “Users” then “New user”.

Fill in user details:

• Name
• Username
• Email address
• Access level

Configure email confirmation requirements under “Settings” → “General” → “Sign-up restrictions”.

Project Settings

Set default project visibility levels. Navigate to “Admin Area” → “Settings” → “General”. Expand “Visibility and access controls”.

Configure:

• Default project visibility (Private, Internal, or Public)
• Default branch protection
• Repository size limits

Enable or disable project features like issues, merge requests, and wikis.

Backup Configuration

Regular backups prevent data loss. GitLab stores backups in /var/opt/gitlab/backups by default.

Configure backup settings:

sudo nano /etc/gitlab/gitlab.rb

Add backup configuration:

gitlab_rails['backup_path'] = "/var/opt/gitlab/backups"
gitlab_rails['backup_keep_time'] = 604800

This retains backups for 7 days. Reconfigure GitLab:

sudo gitlab-ctl reconfigure

Create a manual backup:

sudo gitlab-backup create

Schedule automatic backups using cron:

sudo crontab -e

Add a daily backup at 2 AM:

0 2 * * * /opt/gitlab/bin/gitlab-backup create CRON=1

Performance Tuning

Optimize resource allocation based on server capacity. Edit configuration:

sudo nano /etc/gitlab/gitlab.rb

Adjust Puma workers for CPU count:

puma['worker_processes'] = 4

Configure PostgreSQL for available RAM:

postgresql['shared_buffers'] = "256MB"
postgresql['effective_cache_size'] = "1GB"

Set Redis memory limits:

redis['maxmemory'] = "256mb"

Apply changes:

sudo gitlab-ctl reconfigure

GitLab Runner Installation

GitLab Runner executes CI/CD jobs for automated testing and deployment.

What is GitLab Runner

Runners are agents that process pipeline jobs defined in .gitlab-ci.yml files. Self-hosted runners provide complete control over build environments.

Installing GitLab Runner

Add the Runner repository:

curl -L "https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.rpm.sh" | sudo bash

Install GitLab Runner:

sudo dnf install -y gitlab-runner

Verify installation:

gitlab-runner --version

Registering Runner

Obtain registration token from GitLab. Navigate to “Settings” → “CI/CD” → “Runners”.

Register the runner:

sudo gitlab-runner register

Enter requested information:

• GitLab instance URL
• Registration token
• Runner description
• Runner tags
• Executor type (shell, docker, kubernetes)

Verify runner registration in GitLab UI under “Settings” → “CI/CD” → “Runners”.

Common GitLab Commands and Management

Master essential commands for daily GitLab administration.

Essential gitlab-ctl Commands

Start all services:

sudo gitlab-ctl start

Stop all services:

sudo gitlab-ctl stop

Restart all services:

sudo gitlab-ctl restart

Check service status:

sudo gitlab-ctl status

Apply configuration changes:

sudo gitlab-ctl reconfigure

View real-time logs:

sudo gitlab-ctl tail

View specific service logs:

sudo gitlab-ctl tail nginx

Backup and Restore

Create immediate backup:

sudo gitlab-backup create

List available backups:

sudo ls -lh /var/opt/gitlab/backups

Restore from backup:

sudo gitlab-backup restore BACKUP=1635789012_2021_11_01

Restore requires stopping services that connect to the database:

sudo gitlab-ctl stop puma
sudo gitlab-ctl stop sidekiq

After restoration, restart GitLab:

sudo gitlab-ctl restart

Troubleshooting Common Issues

Resolve typical problems encountered during installation and operation.

Installation Issues

Repository not found errors occur when repository URLs are incorrect. Verify repository configuration:

cat /etc/yum.repos.d/gitlab-ce.repo

Dependency conflicts resolve by updating all packages:

sudo dnf update -y

Package download failures indicate network problems. Test connectivity:

curl -I https://packages.gitlab.com

Configuration Problems

Reconfigure failures often result from syntax errors in gitlab.rb. Check syntax carefully. View reconfigure logs:

sudo gitlab-ctl tail reconfigure

Port conflicts occur when other services use ports 80 or 443. Identify processes:

sudo netstat -tulpn | grep :80

Stop conflicting services or change GitLab ports.

Permission errors require ownership corrections:

sudo chown -R git:git /var/opt/gitlab

Service Issues

Services failing to start indicate resource constraints or configuration errors. Check individual service logs:

sudo gitlab-ctl tail postgresql
sudo gitlab-ctl tail puma

Puma worker crashes suggest insufficient memory. Increase RAM or reduce worker count:

puma['worker_processes'] = 2

PostgreSQL connection errors require database service verification:

sudo gitlab-ctl status postgresql

Restart PostgreSQL if necessary:

sudo gitlab-ctl restart postgresql

Web Interface Problems

502 Bad Gateway errors indicate Puma isn’t running or hasn’t fully started. Wait 2-3 minutes after reconfiguration. Check Puma status:

sudo gitlab-ctl status puma

Restart Puma:

sudo gitlab-ctl restart puma

Slow page loading results from insufficient resources. Monitor system resources:

top

Login failures after password changes require cache clearing:

sudo gitlab-rake cache:clear

Log File Locations

GitLab maintains separate logs for each service in /var/log/gitlab/. Important log files include:

• /var/log/gitlab/nginx/gitlab_access.log: Web server access
• /var/log/gitlab/puma/puma_stdout.log: Application logs
• /var/log/gitlab/postgresql/current: Database logs
• /var/log/gitlab/redis/current: Cache logs
• /var/log/gitlab/sidekiq/current: Background job logs

View all logs simultaneously:

sudo gitlab-ctl tail

Security Best Practices

Implement robust security measures to protect your GitLab instance.

User Security

Enforce strong password policies. Navigate to “Admin Area” → “Settings” → “General” → “Sign-in restrictions”. Enable:

• Minimum password length (12+ characters)
• Password complexity requirements
• Two-factor authentication requirement

Encourage SSH key usage over HTTPS authentication. Users generate SSH keys:

ssh-keygen -t ed25519 -C "email@example.com"

Personal access tokens provide secure API authentication.

System Security

Apply security updates promptly:

sudo dnf update -y

Keep GitLab current with the latest version:

sudo dnf update gitlab-ce

Maintain SELinux in enforcing mode:

sudo setenforce 1

Configure SSH hardening in /etc/ssh/sshd_config:

• Disable root login
• Use key-based authentication
• Change default SSH port

GitLab-Specific Security

Enable rate limiting to prevent brute force attacks. Edit configuration:

gitlab_rails['rate_limit_requests_per_period'] = 10
gitlab_rails['rate_limit_period'] = 60

Configure IP restrictions for admin area access:

gitlab_rails['admin_ip_whitelist'] = ['192.168.1.0/24']

Disable new user registration for private instances:

gitlab_rails['gitlab_signup_enabled'] = false

Enable audit logging:

gitlab_rails['audit_events_enabled'] = true

Reconfigure after security changes:

sudo gitlab-ctl reconfigure

Updating and Upgrading GitLab

Regular updates ensure security, stability, and access to new features.

Update Process

Check current GitLab version:

sudo gitlab-rake gitlab:env:info

Read release notes before updating. Visit GitLab’s blog for version announcements.

Create a backup before upgrading:

sudo gitlab-backup create

Update GitLab package:

sudo dnf update gitlab-ce

Reconfigure after update:

sudo gitlab-ctl reconfigure

Verify services start correctly:

sudo gitlab-ctl status

Version Upgrade Considerations

Major version upgrades require careful planning. Follow upgrade paths specified in documentation. Never skip major versions during upgrades.

Database migrations run automatically during reconfiguration. Large databases require extended migration time.

Plan for downtime during major upgrades. Notify users in advance.

Rollback Procedures

Rollback becomes necessary when upgrades cause critical issues. Stop GitLab:

sudo gitlab-ctl stop

Restore previous backup:

sudo gitlab-backup restore BACKUP=backup_timestamp

Downgrade package if needed:

sudo dnf downgrade gitlab-ce-version

Reconfigure and restart:

sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart

Congratulations! You have successfully installed GitLab. Thanks for using this tutorial for installing GitLab on Fedora 43 Linux system. For additional help or useful information, we recommend you check the official GitLab website.