Skip to content

Instantly share code, notes, and snippets.

@jeroenvdgulik

jeroenvdgulik/mirror_gitlab.md

Last active November 2, 2017 10:53
Show Gist options
  • Save jeroenvdgulik/7fa179726fff56445073334563fb3d02 to your computer and use it in GitHub Desktop.
Save jeroenvdgulik/7fa179726fff56445073334563fb3d02 to your computer and use it in GitHub Desktop.
Download ZIP
Mirroring your Gitlab (Omnibus) to an external Gitlab
Raw
mirror_gitlab.md

Mirroring your Gitlab (Omnibus) to an external Gitlab

To make the example clearer we will use gitlab.local as our local server and gitlab.external as our gitlab where we want to push/mirror to

Step 1.

We need to create an ssh key so we can connect to the external Gitlab

ssh-keygen -t

Warning: Make sure you give the keypair a name instead of the standard id_rsa/id_rsa.pub lets your overwrite your personal ssh key pair which is bad.

Step 2.

We need add our public key to an user within the remote Gitlab

Either create a specific user or use your own user, and add the id_rsa.pub key to the profile/keys in remote Gitlab.

You can verify if you can connect using where <id_rsa> is how you named your ssh key pair:

ssh -i <id_rsa> user@gitlab.external

You should see the following

Welcome to gitlab

Step 3.

We need our gitlab.local server to know about this ssh key. So we need to find the "home" of the user gitlab runs under. In Omnibus the user is "git" and the corresponding "home" directory is /var/opt/gitlab

The easiest way to find the "home" is to just change to the gitlab user and "Go Home"

(sudo) su git
cd ~

There should be a .ssh directory here.

copy the id_rsa to this directory and make sure it has the correct permissions (should be owned by git and 600)

Within this directory there might be a config file. If not you should create one. Now we tell the server that whenever it wants to connect to the gitlab.external, it uses this specific key

Host gitlab.external  
IdentityFile /home/git/.ssh/reponame_key  
HostName gitlab.external
User git

You can test if this works:

ssh gitlab.external

Now gitlab.local is allowed to connect to gitlab.external but it doens't "know" about gitlab.external yet.

Step 4.

We need to tell the repository we want to mirror, about the existence of the external gitlab.

Go to the repository you want and add gitlab.external as a remote

The location of the repositories in Omnibus is /var/opt/gitlab/git-data

cd /var/opt/gitlab/git-data/my_repository.git
git remote add --mirror mirror gitlab.external:/mirror-repository-name

We can test if this works by pushing a branch.

git push mirror master:master

Step 5.

Now we need to tell gitlab.local that whenever something gets pushed to the repository, we want to push it to the mirror. We can use a simple hook for this. However in Omnibus, the normal hooks are symlinked to 1 hooks directory. Luckily we can add custom_hooks at the directory of the repository and it will also execute those hooks.

cd /var/opt/gitlab/git-data/my_repository.git
mkdir custom_hooks
echo "exec git push --quiet mirror &" >> ./custom_hooks/post-receive

chmod 755 ./custom_hooks/post-receive

Step 6.

Now everything is in place, but because gitlab keeps it's own "special" branches in place, you might get these kinds of errors:

 ! [remote rejected] refs/keep-around/09c68d4f76f68041438040e3bb4316d5ca1d5135 -> refs/keep-around/09c68d4f76f68041438040e3bb4316d5ca1d5135 (deny updating a hidden ref)

We need to filter those out of the branches we do want to mirror. In order to do that we edit the config file again.

We should replace fetch = +refs/*:refs/* which basically says, everything, and just select tags, branches and head

[remote "mirror"]
    url = git@gitlab.external:reponame.git
    push = +refs/heads/*:refs/heads/*
    push = +refs/tags/*:refs/tags/*
    mirror = true

reference1 reference2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment