Install GitLab on Amazon Linux 2023 under ALB
Introduction
I had an opportunity to prepare a verification environment for the self-hosted version of GitLab, so I've documented the setup procedure in this article.
There are also similar procedure articles in the past, please refer to them as well.
Also, regarding email configuration, I referenced the following article.
Prerequisites
I'm using the following environment.
- GitLab Self-Managed: Installing Enterprise Edition
- EC2 instance
- OS: Amazon Linux 2023
- Instance type: t3.large
- Network
- Built in a private subnet
- ALB is set up in front, with SSL offloading where HTTPS requests terminate at the ALB and communication with the GitLab instance is done via HTTP
- Certificate already obtained with ACM
- Resources such as ALB already created
- Verification DNS host zone already created in Route53
Various reference information is as follows.
Supported platforms
Requirements
Installation procedure for Amazon Linux 2023
https://docs.gitlab.com/install/package/amazonlinux_2023/## Installation
After creating an EC2 instance, I connected to the server and executed the following.
#Package update check and update
sudo dnf upgrade --releasever=latest
sudo dnf check-upgrade --releasever=latest
To install GitLab, we need to register the repository that will be the source of the packages in the system.
curl "https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh" | sudo bash
After registering the repository, we install GitLab itself.
sudo dnf install -y gitlab-ee
If it looks like the following, there is no problem.
$ sudo dnf install -y gitlab-ee
Last metadata expiration check: 0:03:03 ago on Wed Aug 27 11:49:42 2025.
Dependencies resolved.
=============================================================================================================================================================
Package Architecture Version Repository Size
=============================================================================================================================================================
Installing:
gitlab-ee x86_64 18.3.0-ee.0.amazon2023 gitlab_gitlab-ee 1.5 G
Transaction Summary
=============================================================================================================================================================
Install 1 Package
Total download size: 1.5 G
Installed size: 3.7 G
Downloading Packages:
gitlab-ee-18.3.0-ee.0.amazon2023.x86_64.rpm 117 MB/s | 1.5 GB 00:12
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 117 MB/s | 1.5 GB 00:12
gitlab_gitlab-ee 27 kB/s | 3.1 kB 00:00
Importing GPG key 0x51312F3F:
Userid : "GitLab B.V. (package repository signing key) <packages@gitlab.com>"
Fingerprint: F640 3F65 44A3 8863 DAA0 B6E0 3F01 618A 5131 2F3F
From : https://packages.gitlab.com/gitlab/gitlab-ee/gpgkey
Key imported successfully
gitlab_gitlab-ee 60 kB/s | 7.0 kB 00:00
Importing GPG key 0xF27EAB47:
Userid : "GitLab, Inc. <support@gitlab.com>"
Fingerprint: DBEF 8977 4DDB 9EB3 7D9F C3A0 3CFC F9BA F27E AB47
From : https://packages.gitlab.com/gitlab/gitlab-ee/gpgkey/gitlab-gitlab-ee-3D645A26AB9FBD22.pub.gpg
Key imported successfully
gitlab_gitlab-ee 43 kB/s | 3.8 kB 00:00
Importing GPG key 0x82DD593D:
Userid : "GitLab, Inc. <support@gitlab.com>"
Fingerprint: 98BF DB87 FCF1 0076 416C 1E0B AD99 7ACC 82DD 593D
From : https://packages.gitlab.com/gitlab/gitlab-ee/gpgkey/gitlab-gitlab-ee-CB947AD886C8E8FD.pub.gpg
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: gitlab-ee-18.3.0-ee.0.amazon2023.x86_64 1/1
Installing : gitlab-ee-18.3.0-ee.0.amazon2023.x86_64 1/1
Running scriptlet: gitlab-ee-18.3.0-ee.0.amazon2023.x86_64 1/1
It looks like GitLab has not been configured yet; skipping the upgrade script.
. ..
:c: ,cc'
:ccc: 'cccc.
:ccccc, cccccc
.ccccccc :cccccc:
cccccccc: .cccccccc'
:ccccccccc;..............'cccccccccc'
cccccccccccccccccccccccccccccccccccccc'
:ooolccccccccccccccccccccccccccccccllooo
ooooooollccccccccccccccccccccccclooooooo
;ooooooooollcccccccccccccccccloooooooool
oooooooooooolccccccccccccloooooooooooo.
.ooooooooooooolcccccclloooooooooooo;
cooooooooooooolllooooooooooooo.
loooooooodxkkxddoooooooo.
.ooodxkkkkkkkkxdooo;
.kkkkkkkkkkkk:
;kkkkkkx
:d
Thank you for installing GitLab!
GitLab was unable to detect a valid hostname for your instance.
Please configure a URL for your GitLab instance by setting `external_url`
configuration in /etc/gitlab/gitlab.rb file.
Then, you can start your GitLab instance by running the following command:
sudo gitlab-ctl reconfigure
For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md
Help us improve the installation experience, let us know how we did with a 1 minute survey:
https://gitlab.fra1.qualtrics.com/jfe/form/SV_6kVqZANThUQ1bZb?installation=omnibus&release=18-3
Verifying : gitlab-ee-18.3.0-ee.0.amazon2023.x86_64 1/1
Installed:
gitlab-ee-18.3.0-ee.0.amazon2023.x86_64
Complete!
```GitLab's initial user is created with the name "root". The initial password is recorded in the following file, so make a note of it.
```bash
$ sudo cat etc/gitlab/initial_root_password
# WARNING: This value is valid only in the following conditions
# 1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run).
# 2. Password hasn't been changed manually, either via UI or via command line.
#
# If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.
Password: <password>
# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.
At this point, accessing via HTTPS will show the display as in the figure below.
Configure SSL termination with a reverse proxy or load balancer
In this case, we'll place an ALB in front, where HTTPS requests terminate at the ALB, and communication with the GitLab instance is done via HTTP.
In this case, settings described in the following link are necessary.
After installing GitLab, edit the configuration file (/etc/gitlab/gitlab.rb) to enable specific features.
Here, we edited the relevant items as follows:
registry_external_url 'https://<FQDN-to-GitLab>'
registry_nginx['listen_port'] = 80
registry_nginx['listen_https'] = false
After editing and saving the configuration file, run the following command to apply the changes to GitLab.
sudo gitlab-ctl reconfigure
When accessing again in this state, it looks like the figure below.
Log in with the initial user.
Successfully logged in.
### SMTP Configuration
Configure settings for email notifications such as when adding users.
We can use Amazon SES, so we will use this.
Here, we will use simple email address verification rather than domain verification. In advance, verify the email address on the AWS side and obtain the following SMTP authentication information:
- SMTP username
- SMTP password
On the GitLab side, edit /etc/gitlab/gitlab.rb as before. Referencing the documentation, I edited the following items:
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "email-smtp.us-east-1.amazonaws.com"
gitlab_rails['smtp_port'] = 587
gitlab_rails['smtp_user_name'] = "<SMTP username>"
gitlab_rails['smtp_password'] = "SMTP password"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
Additionally, set the following items to the verified email address:
gitlab_rails['gitlab_email_from'] = 'Email address verified with SES'
gitlab_rails['gitlab_email_reply_to'] = 'Email address verified with SES'
After changing the settings, apply them:
sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart
To verify that the settings have been applied correctly, you can send a test email from the GitLab console:
sudo gitlab-rails console
After entering the console with the above command, execute the following:
Notify.test_email('Any recipient email address', 'Message Subject', 'Message Body').deliver_now
If there are no issues, you will receive an email like the one shown below.
## Adding Users on GitLab
After setting up email, I logged in as the root user and added a user.
When you click "Add People", the display below appears, where you specify a username and email address of your choice.
An account creation email will be sent to the specified email address.
You can reset your password by following the URL included in the email.
After that, I was able to log in with the newly set password.
In Conclusion
I tried installing GitLab under ALB and tested configurations related to SSL termination and email.
I hope this information will be useful as a reference for you.
