Installation | Maintenance | Beyond Lino

How to set up a self-managed GitLab group runner

  1. Install docker

    $ sudo apt install docker
  2. Add gitlab runner repository in the package manager’s repositories:

    $ # You can probably skip this if you are on ubuntu, check
    $ # if this `apt list gitlab-runner` command fetches any result
    $ curl -L "" | sudo bash
  3. Install gitlab runner:

    $ sudo apt install gitlab-runner
  4. The options a) and b) below are mutually exclusive. Do only one of them but never both.

    1. Do this section if you are installing gitlab-runner on a personal computer:

    • Get openvpn configuration file to connect your computer with our private network from Sharif.

    • Install openvpn on your computer:

      $ sudo apt-get install openvpn
    • Put the openvpn cofiguration file into the /etc/openvpn directory.

      For example, if your configuration filename is myvpn.conf and it is corrently in $HOME/Downloads directory, then, do:

      $ sudo mv ~/Downloads/myvpn.conf /etc/openvpn/
    • Enable the configuration file to run as a systemd service:

      $ sudo systemctl enable openvpn@myvpn.service
    • Start the openvpn service:

      $ sudo service openvpn@myvpn start
    • Check if the service is running:

      $ ip addr show dev tun0
    • Edit the /etc/default/openvpn file and put myvpn as a value of the AUTOSTART option.

      This is required to run the myvpn service on restart automatically.

    • Create the following directory:

      $ sudo mkdir /etc/systemd/system/gitlab-runner.service.d
    • Put the proxy environment variables as given below:

      $ printf '[Service]\nEnvironment="HTTP_PROXY="\nEnvironment="HTTPS_PROXY="\n' | sudo tee /etc/systemd/system/gitlab-runner.service.d/http-proxy.conf &> /dev/null
    • Reload systemd daemon:

      $ sudo systemctl daemon-reload
    • Restart gitlab-runner service:

      $ sudo service gitlab-runner restart
    • Register gitlab runner:

      $ sudo HTTP_PROXY= HTTPS_PROXY= gitlab-runner register

    P.S > The above example assumes that the user does not have any other vpn service running. When the assumption is not true, some example commands may vary to some degree. In which case, the user should run the commands as deems appropriate.

    1. Register gitlab runner on a computer with a public IP address:

      $ sudo gitlab-runner register

The last command from either option a) or b) will prompt for some inputs. Give the values described below to the associated inputs:

> url:
> registration-token: (the token from
> executor: docker
> docker-image: debian:latest
> description: (give any description to your liking)
> tag-list: lino,linorunner

To get the registration-token from, use:

$ ssh
$ sudo cat /var/gitlab_runner_group_registration_token

Leave (just press ENTER/RETRUN on) the other input prompts.