how to install a git lab instance on custom ssh and ssl ports

This post explains how to install a git lab instance on custom SSH and SSL ports.

For our example, we will install Git Lab Enterprise Edition onto a CentOS 7.

The Git Lab creators have provided detailed instructions on their website; please follow it if you have not already.  Git Lab installation methods

Login to your CentOS 7 instance via SSH.  Edit /etc/ssh/sshd_config using your favorite text file editor. I like both vi and nano and change line Port 22  to match your custom port. E.g., Port 3004. Save and run systemctl restart sshd or service sshd restart. Exit.

Re login to CentOS7 instance with new port again ( which looks like ssh user@centos7 -p NEW_PORT_NUMBER, ) to check if the changes have taken effect. If you don’t see any error and you login successfully, you have successfully changed SSH port for your instance.

Now edit /etc/gitlab/gitlab.rb to tell git lab what port to use to connect via secure port on a browser and a custom port via SSH.

Edit line that starts with external_url= and change it to something like external_url=https://ns79.a1z.us:3002

Add the following line gitlab_rails['gitlab_shell_ssh_port'] = 3004 to the file and save.  Make sure you change both port numbers above to ones of your choice or need.

Run gitlab-ctl reconfigure for changes to take effect.

Now go back to your Git Lab instance and check if the port number for secure URL looks like this https://ns79.a1z.us:3002/user10/get-file-hash.git  and port number for SSH URL matches the one you put in. It should look similar to ssh://git@ns79.a1z.us:3004/user10/get-file-hash.git.

If so, you are done with changes on the server side!

The following is an example showing how to add a custom ssh repository URL and publish to it from a windows power shell command line.

(By the way, this is a real and usable code for your Internet Information Services server instance.  Here is the URL: Get File Hash )

PS C:\inetpub\wwwroot\get-file-hash> git remote add ns79_ssh ssh://git@ns79.a1z.us:3004/user10/get-file-hash.git 
PS C:\inetpub\wwwroot\get-file-hash> git remote show ns79_ssh 
The authenticity of host '[ns79.a1z.us]:3004 ([162.198.33.37]:3004)' can't be established. 
ECDSA key fingerprint is SHA256:0H9phyOIOag7cWP5MeZtYMhi5sOi6UhrmXQVjC129oI. 
Are you sure you want to continue connecting (yes/no)? yes 
Warning: Permanently added '[ns79.a1z.us]:3004,[162.198.33.37]:3004' (ECDSA) to the list of known hosts. 
* remote ns79_ssh 
  Fetch URL: ssh://git@ns79.a1z.us:3004/user10/get-file-hash.git 
  Push URL: ssh://git@ns79.a1z.us:3004/user10/get-file-hash.git 
  HEAD branch: (unknown) 
PS C:\inetpub\wwwroot\get-file-hash> git push -u ns79_ssh master Counting objects: 7, done. 
Delta compression using up to 2 threads. 
Compressing objects: 100% (6/6), done. 
Writing objects: 100% (7/7), 2.83 KiB | 414.00 KiB/s, done. 
Total 7 (delta 0), reused 0 (delta 0) 
To ssh://ns79.a1z.us:3004/user10/get-file-hash.git 
 * [new branch] master -> master Branch 'master' set up to track remote branch 'master' from 'ns79_ssh'. 
PS C:\inetpub\wwwroot\get-file-hash>

Congratulate yourself for successfully installing a git lab instance on custom SSH and SSL ports!

 

PC Access – Convert your windows computer into a document/image server

How to access your personal computer from anywhere outside your home with an internet connection

This blog explains how to access your personal computer from anywhere outside your home with an internet connection

PCAccessFree screenshot

How much space is occupied by AccessYourPC software?

  • Internet Information Services and Web Platform Installer: Unknown.
  • Strawberry Perl: 600 MB.
  • AccessYourPC Software: 40.0 KB (40,960 bytes)

What does it do? This software helps you access your personal computer from anywhere outside your home with an internet connection.

It immediately provides you access to the PC this software is installed on from all PCs on the same network at home on your favorite web browser. This is the suggested use of this software.

In order to access your PC from outside your home, you need to open ports (80/443) on your Modem/Router firewall which in turn makes that PC accessible/vulnerable to the outside world. Here is a link for instructions on how to open your router ports, for example, from a Linksys router.

Disclaimer: This software is given free of charge in the hope that it will be useful. It comes with no warranties or guaranties. Help/Support is available at a1z.us (Letter A number 1 letter Z .us)

Installation instructions

1. Install IIS Web Server

  • A. Install Web Platform Installer with default settings
  • B. Install Internet Information services – Recommended Configuration

2. Enable https: Instructions at Microsoft Support Website .

3. Install Strawberry Perl:

4. Set Handler Mapping to .cgi scripts.

IIS 4, 5, and 6 on Windows XP, Windows Vista or Windows 7:

Click Start, click Programs, click Administrative Tools, and then click Internet Information Services.

Right-click a Web site that you want to enable PERL for, and then click Properties. Click the Home Directory tab. Click Configuration. Click Add.

In the Executable box, type the following: C:\Strawberry\perl\bin\perl5.26.1.exe “%s” %s if you installed Strawberry Perl into C:\Straberry

In the Extension box, type .cgi.

Note: Make sure that the All Verbs option is selected for full functionality. Also, make sure that the Script Engine check box is selected.

Instructions extracted from Microsoft Support Website

Detailed instructions at Microsoft Support Website

Internet Information Services 10 on Windows 10:

  • Open Internet Information Services as Administrator.
  • In the connections pane, select/click a website
  • In the Features View (middle) pane, double click Handler Mappings
  • In the Actions Pane, click Add Script Map
  • Type *.cgi in Request path
  • Type C:\Strawberry\perl\bin\perl5.26.1.exe “%s” %s in Executable
  • Type Perl CGI in Name
  • Click Request Restrictions
  • Select File in Mapping tab
  • Select All Verbs in Verbs tab
  • Select Execute in Access tab
  • Click OK
  • Select yes for Do you want to allow this ISAPI extension?

5. Get/download PC Access Free from ….

6. Copy the downloaded software into

  • C:/inetpub/wwwroot/ or
  • a user’s directory, e.g., C:/Users/username/public with standard privileges. This user should not have administrative privileges.  This is the suggested configuration.

7. Go to https://LOCAL-IP-OR-HOSTNAME/INSTALLATION-DIRECTORY

In most cases, it will be http://192.168.1.* or http://192.168.0.* or http://COMPUTERNAME

8. Set Administrative Username and password

Administrative and other username/password credentials are done/set in a folder/file that is NOT ACCESSIBLE to public via Access PC interface or your IIS server. For example, if your public folder is C:/inetpub/wwwroot/public, the user/pass folder is created in C:/inetpub which is not publicly accessible.

File type

Username/password file is a normal text file, with .t file extension. By default it is username.t saved as a text file in the folder you chose above.

File Format

This username.t file should have/follow a particular format. Each line should consist of at least three items separated by a ‘|’ symbol. E.g., USERNAME1|PASSWORD|USER_HOME_DIR

There is no limit to the number of users you can add to your instance of PC Access.

Set user/pass folder in admin.cgi

Don’t forget to provide/set the path to USER_PASS_FOLDER in admin.cgi which would be, as explained earlier in our example, C:/inetpub if your web root is C:/Inetpub/wwwroot.

Conclusion

The following topics are covered in this article.

  • Installing Internet Information Services,
  • installing Strawberry Perl,
  • adding handler mapping to .cgi files in IIS,
  • downloading PC Access Free software,
  • setting up users to administer/use PC Access, and
  • accessing PC Access Free from a web browser.

Feedback and bugs

Please provide feedback and suggestions in the comments below or at official Git Lab or at our instance of Git Lab or at Git Hub repository.

For those who love/prefer Bug Zilla for reporting bugs, you may also report bugs at Bug Zilla