Server Configuration


  • PostLab Local requires GitLab EE 14 (all minors) or GitLab EE 15 up to 15.8.3. No other version is supported.

GitLab CE and EE are identical, but GitLab only offers (paid) support for EE. An unlicensed EE instance is the same as CE. However, migrating from CE to EE isn't easy so GitLab recommends installing EE anyway. If for some reason you'd require GitLab support, this way the option is at least on the table. In practice, no support or a license is needed to use GitLab with PostLab.

  • Make sure your server accepts incoming connections on port 8443.


GitLab has two ways to manage settings, and those ways partially overlap. Hence, you'll configure some settings in the gitlab.rbfile, and others through the management console ("website").


File Location: /etc/gitlab/gitlab.rb

Some server settings are only available to configure in gitlab.rb. Required settings for PostLab Local are listed below.



This should be an https address. Use a valid certificate on this server, and use port 8443.

⚠️ The external_url must contain a subdomain, a second level domain, and a top level domain.

external url ''

myvalid - subdomain • domain - second-level domain

• name - top-level domain


Please consider a good backup strategy that allows you to restore your server if needed. More direction is available in GitLab's documentation.


Disable emailing in GitLab:

gitlab_rails['gitlab_email_enabled'] = false

Default project feature settings

This setting will enable/disable certain project features. Disable these settings, as they're unnecessary for PostLab use:

gitlab_rails['gitlab_default_projects_features_issues'] = true gitlab_rails['gitlab_default_projects_features_merge_requests'] = false gitlab_rails['gitlab_default_projects_features_wiki'] = false gitlab_rails['gitlab_default_projects_features_snippets'] = false gitlab_rails['gitlab_default_projects_features_builds'] = false gitlab_rails['gitlab_default_projects_features_container_registry'] = false

Default User Settings

In PostLab, a Team is a GitLab root-level group. Typically, users should not be able to create Teams.

  • In GitLab 15.4 and earlier, set this configuration in gitlab.rb: gitlab_rails['gitlab_default_can_create_group'] = false

  • In version 15.5 and later, this needs to be configured in the gui, so that's documented further down in this document.


It's a best practice to ensure your repositories/projects live on a different volume than your OS. More direction is available in GitLab's documentation.


You MUST enable LFS. Direction on enabling LFS is available in GitLab's documentation.

If you want to keep LFS storage locally, typically the syntax would look like this:

gitlab_rails['lfs_enabled'] = true gitlab_rails['lfs_storage_path'] = "/var/opt/gitlab/gitlab-rails/shared/lfs-objects”

After modifying /etc/gitlab/gitlab.rb, you must issue a gitlab-ctl reconfigure command for the new configuration to take effect.

Website settings

These settings are available inside the Admin Area of your GitLab server.


Visibility and access controls

Default project creation protection

Developers + Maintainers

Default project visibility


Default snippet visibility


Default group visibility


Restricted visibility levels

Private: disabled Internal: enabled Public: enabled

Import sources

All disabled

Enabled Git access protocols

Only HTTP(S)

Account and limit

New users set to external


Prompt users to upload SSH keys


In GitLab 15.5 and up: Allow new users to create top-level groups


restrictions

Allow password authentication for the web interface


Enforce two-factor authentication



Default branch

Initial default branch name


Initial default branch protection

Partially protected

Repository maintenance

Enable repository checks


Enable automatic repository housekeeping


Incremental repack period


Full repack period


Git GC period



Continuous Integration and Deployment

Default to Auto DevOps pipeline for all projects


Enable shared runners for new projects


Access Token

PostLab Local requires a license key (or activation number), and your license key is linked to a GitLab server. Before we can create a license key, you'll need to create an access token from your GitLab server, which you'll send to us.

  1. Create a GitLab user expressly for creating the access token. This user does not have to be an admin.

  2. Log in as that user.

You must log into GitLab’s web interface with this user at least once.

  1. Go to User Settings > Personal Access Tokens.

  1. Add a token, and give it a name in Token name.

  2. Leave the Expiration date blank. Do not add an expiration date, as this token should never expire.

  3. Enable the read_api permission and nothing more.

Before you click Create personal access token, have your password manager ready or have something available to record your access token. Clicking Create personal access token displays the access token only once.

  1. Click Create personal access token then record the access token displayed in a safe place, like a password manager.

  2. Send us your access token:

Once we receive your access token, we'll process it, then send you your activation number, which is your license key for the PostLab Local client.

Users & Groups

Next, you can start creating users and groups.

PostLab Local only supports local GitLab users. Some GitLab features like LDAP or OmniAuth are currently unsupported in PostLab Local.


Root-level groups in GitLab are displayed as Teams in PostLab. Also, users can belong to multiple Teams/groups.

PostLab Local does not support GitLab subgroup or project user permissions, and using these will break PostLab.


A user can either be a Maintainer, Owner, or Guest.

Maintainers can create Folders, Productions and add FCP Libraries and Premiere Pro Projects, but aren't allowed to delete Productions.

A Maintainer in GitLab is called an Editor in PostLab.

Owners can delete Folders, Productions, FCP Libraries, and Premiere Pro Projects. You can also grant Owners permission to create and remove Folders within a Team. You can set this up in Settings > General of a group.

A Guest has read-only access.

Setting a user's Max role in GitLab to anything other than Maintainer or Owner will result in a Team Member being assigned a Guest role in PostLab.

Once you create a user, you (or the new user) must take these steps before using the PostLab Local Client:

  1. Log into the GitLab server via a Web browser as that user.

  2. Reset the password for that user.

Next, create the self-signed certificate.

Last updated