kind: compose metadata: name: GitLab description: 'A **complete DevOps platform** that provides Git repository management, CI/CD pipelines, issue tracking, and container registry in a single application. ## Prerequisites - ... **Performance Presets**: - `homelab`: Optimized for low-resource environments (limited workers, reduced PostgreSQL buffers) - `default`: Standard server configuration for production use **External URL**: - Set to your public domain (e.g., `https://gitlab.example.com`) for proper clone URLs - Affects SSH clone URLs and web links in emails/notifications **Container Registry**: - Enable if you need private Docker image hosting - Requires separate external URL (e.g., `https://registry.example.com`) ## Resources - **Project**: https://about.gitlab.com/ - **Documentation**: https://docs.gitlab.com/ - **Community**: https://forum.gitlab.com/' icon: provider: selfh id: gitlab version: 18.8.4-ce.0 author: Christian Lempa date: '2026-02-10' tags: - traefik next_steps: "## Post-Installation Steps\n1. **Start GitLab**:\n ```bash\n docker\ \ compose up -d\n ```\n2. **Wait for\\\n \\ initialization** (2-5 minutes):\n\ \ ```bash\n docker compose logs -f gitlab\n ```\n Wait for message:\ \ `gitlab\\\n \\ Reconfigured!`\n 3. **Access the web interface**:\n {% if\ \ traefik_enabled -%}\n - Via Traefik: https://{{ traefik_host\\\n \\ }}\n\ \ {% if not traefik_enabled and network_mode == 'bridge' %}- Direct access:\ \ http://localhost:{{ ports_http }}{%\\\n \\ endif %}\n {%- else -%}\n \ \ - Open {{ external_url }} in your browser\n {% if network_mode == 'bridge'\ \ %}- Or: http://localhost:{{\\\n \\ ports_http }}{% endif %}\n {%- endif\ \ %}\n 4. **Initial login credentials**:\n - **Username**: `root`\n - **Password**:\\\ \n \\ `{{ root_password }}`\n > **Important**: This password only works on\ \ FIRST initialization.\n > Change it immediately\\\n \\ after first login\ \ via GitLab's web interface!\n 5. **Configure SSH** (optional):\n - SSH clone\ \ URLs will use port `{{\\\n \\ ports_ssh }}`\n - Update your Git remote if\ \ needed\n ## Additional Resources\n - Documentation: https://docs.gitlab.com/\n\ \ \\\n - GitLab Runner: https://docs.gitlab.com/runner/" schema: '1.2' spec: general: vars: service_name: type: str description: Docker service name default: gitlab external_url: type: str description: External URL for GitLab default: http://localhost root_email: type: str description: Initial root user email address default: admin@example.com root_password: type: str description: Initial root user password (only used on first initialization) sensitive: true autogenerated: true extra: 'Leave empty to auto-generate. WARNING: Only sets password on FIRST startup!' default_theme: type: int description: Default GitLab UI theme (2 = dark mode) default: 2 extra: 1 = Indigo, 2 = Dark, 3 = Light, 4 = Blue, 5 = Green default_color_mode: type: int description: Default color mode (2 = dark mode) default: 2 extra: 1 = Light, 2 = Dark disable_usage_data: type: bool description: Disable product usage metrics upload to GitLab default: true restart_policy: type: enum options: - unless-stopped - always - on-failure - 'no' default: unless-stopped required: true advanced: title: Advanced Settings description: Performance tuning and advanced configuration options vars: performance_preset: type: enum description: Performance optimization profile options: - homelab - default default: homelab extra: homelab is optimized for low-resource environments, default is for standard servers prometheus_enabled: type: bool description: Enable Prometheus monitoring default: false extra: Disabling saves ~200-400MB RAM. GitLab UI metrics will be unavailable. toggle: prometheus_enabled ports: vars: ports_http: default: 80 ports_ssh: default: 2424 ports_registry: type: int description: Container Registry port default: 5000 registry: description: GitLab Container Registry configuration toggle: registry_enabled vars: registry_enabled: type: bool description: Enable GitLab Container Registry default: false registry_external_url: type: str description: External URL for Container Registry default: http://localhost:5000 traefik: vars: traefik_host: default: gitlab.home.arpa traefik_registry_host: needs: - registry_enabled=true default: registry.home.arpa type: str description: Hostname for Container Registry in Traefik (if enabled) traefik_network: default: traefik type: str required: true traefik_domain: default: home.arpa type: str required: true traefik_enabled: type: bool default: false description: Enable Traefik integration toggle: traefik_enabled title: Traefik description: Configure Traefik reverse proxy integration traefik_tls: vars: traefik_tls_certresolver: type: str default: cloudflare required: true traefik_tls_enabled: type: bool default: false description: Enable Traefik TLS toggle: traefik_tls_enabled title: Traefik TLS description: Configure Traefik TLS/SSL certificates needs: traefik email: toggle: email_enabled vars: email_enabled: type: bool default: false description: Enable email server configuration email_host: type: str default: '' description: SMTP server hostname email_port: type: int default: 587 description: SMTP server port email_username: type: str default: '' description: SMTP username email_password: type: str sensitive: true default: '' description: SMTP password email_from: type: str default: '' description: From email address email_use_tls: type: bool default: true description: Use TLS encryption email_use_ssl: type: bool default: false description: Use SSL encryption authentik: toggle: authentik_enabled vars: authentik_enabled: type: bool default: false description: Enable Authentik SSO integration authentik_url: type: str default: https://auth.home.arpa description: Authentik base URL (e.g., https://auth.example.com) authentik_slug: type: str default: gitlab description: Authentik application slug authentik_client_id: type: str default: '' description: OAuth client ID from Authentik provider authentik_client_secret: type: str sensitive: true default: '' description: OAuth client secret from Authentik provider