GitLab

Self-hosted DevOps, honestly reviewed. What it costs, what it weighs, and who actually needs it.

TL;DR

• What it is: An open-core DevOps platform that bundles Git hosting, CI/CD, issue tracking, container registry, security scanning, and now AI code review into a single application — self-hostable or available as SaaS [3][5].
• Who it’s for: Engineering teams and technical founders who want GitHub+CircleCI+Jira replaced by one self-hosted platform, especially teams with compliance requirements or air-gapped environments [3][5].
• License reality: Three-tier open-core. The Community Edition (CE) is MIT-licensed and genuinely free. The Enterprise Edition (EE) adds paid features that are source-available but not open source. “NOASSERTION” in package metadata reflects this split [README].
• Cost savings vs SaaS: GitLab Premium runs $29/user/month. A 10-person team pays $290/month ($3,480/year). Self-hosted CE on a €20/month Contabo VPS costs roughly $240/year total — a $3,200+ annual gap [3][5].
• Key strength: Every developer tool you need in one data plane — no context switching between five SaaS products. CI/CD pipelines are first-class, not an afterthought [3][5].
• Key weakness: The server is heavy. GitLab needs significantly more RAM than GitHub or Gitea. Expect to run it on at least 8GB RAM for small teams, and 48GB for serious production workloads [3]. The open-core model means the features you actually want for a growing team are often in EE.

---

What is GitLab

GitLab is a Ruby on Rails application that packs an entire DevOps stack into one installable unit: Git repository management, merge requests, CI/CD pipelines, container and package registries, vulnerability scanning (SAST, DAST, dependency and secret detection), issue boards, wikis, and — as of their current push — an AI agent platform called GitLab Duo [README][5].

The comparison people reach for is “GitHub plus CircleCI plus Jira in one box.” That’s roughly right. Where GitHub treats CI/CD as a bolted-on marketplace product (GitHub Actions) and separates issue tracking from code hosting, GitLab built everything on one schema from the start. Projects, issues, pipelines, releases, and code live in a single data plane. That matters when you have agents or automation that needs to cross those boundaries [5][4].

GitLab claims 50+ million users and 100,000+ organizations running it [website]. The CE mirror on GitHub shows 24,264 stars, but that number understates the project — canonical development happens on GitLab.com itself, not the GitHub mirror [README]. GitLab the company is publicly traded (GTLB on Nasdaq), which means the self-hosted project has a funded organization behind it but also a revenue model that’s actively trying to move features from CE to EE.

---

Why people choose it

The r/gitlab thread on self-managed experience [2] and the third-party hosting and review sources surface a consistent picture: people choose GitLab self-hosted for one of three reasons.

All-in-one simplicity. SoftwareAdvice reviews [5] rate GitLab 4.6/5 across 1,215 responses. The most praised aspect is “comprehensive code management tools” — not any single feature, but the elimination of tool sprawl. Teams running GitHub + a separate CI service + a separate security scanner + Jira pay three to five monthly bills and deal with webhook chains that break. GitLab collapses that to one system [5][3].

CI/CD as a first-class citizen. GitLab CI was a genuine innovation when it launched. Pipelines are defined in .gitlab-ci.yml at the repo root, runners are self-hostable and free, and the integration with merge requests is native — test results, artifact storage, environment tracking, and deployment approval gates all live inside the same MR view [3][README]. Contabo’s GitLab hosting page [3] specifically calls out CI/CD automation as the primary workload: “automate builds and tests, deploy to production, and manage release workflows with integrated pipelines.”

Data control and air-gapped deployments. This is where GitLab beats GitHub outright. GitLab supports fully air-gapped installations — no outbound connections required — which is why it shows up in public sector, defense, automotive (ISO 26262), and financial services contexts where code cannot leave the perimeter [5][website]. GitHub’s on-premises product (GitHub Enterprise Server) exists but costs significantly more and lacks the same depth of CI/CD integration.

AI code review without leaving your infrastructure. Two of the sourced articles demonstrate a pattern emerging in 2025-2026: engineers building custom AI code review agents on top of self-hosted GitLab, connecting them to local or private LLMs. One Medium author [1] wired Ollama to GitLab CI using gitlab-runner and the glab CLI to post automated MR comments from a locally running model — no data sent to OpenAI. Upsun’s engineering team [4] went further, building a full agent in Python using the Claude Agent SDK that processes 1,000 merge requests at ~$0.50 per review, integrates with Linear for issue context, and posts structured feedback back to GitLab comments. Both implementations rely on GitLab’s REST API and webhook system. Neither would be practical on a managed GitHub-only stack without significant vendor cooperation [1][4].

---

Features

Core platform (CE, MIT-licensed):

• Unlimited private repositories, branches, merge requests [README][3]
• Built-in CI/CD with .gitlab-ci.yml, self-hosted runners, parallel jobs [3][README]
• Container registry, package registry (Maven, npm, PyPI, NuGet, Helm) [3]
• Issue boards, milestones, epics, wikis [README]
• Merge request code review with inline comments, approval rules, diff view [README][5]
• Branch protection, access control, audit logging (basic) [3]
• Web IDE [5]
• REST and GraphQL APIs — well-documented, relied upon by external tooling [1][4]

Security scanning (partially CE, partially EE):

• SAST, DAST, dependency scanning, secret detection, container scanning, IaC scanning [5][website]
• Note: the depth of security features and whether they appear in CE vs EE varies by scan type — check the pricing comparison table before assuming these are fully free [5]

GitLab Duo (AI features — commercial add-on):

• Code generation, automated code review, issue-to-merge-request flows [website][5]
• Pipeline failure remediation suggestions [website]
• Vulnerability triage [website]
• GitLab Duo Agent Platform — multiple AI agents working in parallel on the development lifecycle [website]
• This is a paid add-on on top of Premium/Ultimate, not included in CE [5][website]

What’s gated behind EE:

• Advanced CI/CD features, larger CI minute allowances [5]
• Enterprise agile planning [5]
• SAML SSO, SCIM provisioning [5]
• Fine-grained compliance controls [5]
• The exact CE/EE boundary shifts with each release — treat the pricing comparison page as the authoritative source [README]

---

Pricing: SaaS vs self-hosted math

GitLab SaaS (gitlab.com):

• Free: 400 CI/CD minutes/month, 5GB storage, up to 5 users per namespace [5]
• Premium: $29/user/month — 10,000 CI/CD minutes, 10GB transfer, advanced CI/CD, faster code reviews, enterprise agile planning [5]
• Ultimate: pricing not listed in sourced materials — contact sales
• GitLab Duo AI features are paid add-ons on top of tier pricing [website]

GitHub for comparison (from SoftwareAdvice [5]):

• Team: $4/user/month
• Enterprise: more expensive; GitHub Advanced Security adds cost separately

This is a critical gap to flag: GitLab SaaS is significantly more expensive than GitHub for comparable team sizes. A 10-person team on GitLab Premium pays $290/month. The same team on GitHub Team pays $40/month. GitLab’s argument is that you’re replacing GitHub + a CI service + security tooling in one bill. Whether that math works depends entirely on what you’d otherwise be paying for those separately.

Self-hosted CE (free software):

• License cost: $0 (MIT for CE) [README]
• VPS to run it: €3.60–€51.20/month depending on team size and pipeline load [3]
  • Small teams (basic CI/CD): Contabo VPS with 8GB RAM, 75GB NVMe at ~€3.60/month
  • Growing projects (multiple repos, automated testing): 12GB RAM at ~€5.60/month
  • Production workloads (complex pipelines, container registry, concurrent runners): 48GB RAM at ~€20/month
  • Enterprise DevOps (large teams, heavy automation): 48GB RAM dedicated at ~€51.20/month

Concrete savings math:

10-person team, moderate CI/CD usage:

• GitLab SaaS Premium: $290/month = $3,480/year
• Self-hosted CE on €20/month VPS: ≈ $264/year
• Annual savings: ~$3,200 — plus you own the data and the infrastructure [3][5]

The caveat: GitLab CE doesn’t include enterprise agile planning, SSO, or the advanced compliance features that EE/Premium includes. If you need those, self-hosted EE requires purchasing an EE license, which closes some of the gap.

---

Deployment reality check

GitLab is the heaviest self-hosted DevOps option in the category. This is not opinion — it’s reflected directly in the VPS tier recommendations [3]:

Minimum viable setup (small team):

• 4 vCPUs, 8GB RAM, 75GB NVMe SSD
• Docker or Omnibus package installation
• PostgreSQL 16.5+ and Redis 6.0+ (bundled in Omnibus) [README]
• A domain with HTTPS (Caddy or nginx reverse proxy)

What Omnibus vs Docker means: The recommended install path is the Omnibus package — a single .deb or .rpm that bundles PostgreSQL, Redis, nginx, Puma, and Sidekiq. This is genuinely the easier path. Docker Compose works but means managing more services yourself [README].

What can go sideways:

• RAM pressure. 8GB is the floor for a small team. If you run CI jobs on the same machine (no separate runners), add 2–4GB per concurrent job. Running out of RAM kills Sidekiq, which silently breaks background jobs.
• Storage growth. Container registries fill up fast. 75GB is tight if you’re storing Docker images. Either attach object storage (S3-compatible) or plan to prune regularly.
• Upgrades are sequential. GitLab publishes required upgrade paths — you cannot skip major versions. A team running GitLab 15.x cannot jump directly to 17.x without going through 16.x first. This bites teams that neglect updates.
• CI runner architecture. For serious CI workloads, run GitLab Runners on separate machines — not the GitLab server itself. The Upsun team [4] ran their AI review agent as a CI job; doing that at scale on a shared server creates resource contention.

Realistic time to a working instance for a technical user: 1–2 hours following the Omnibus documentation. For a non-technical founder without Linux experience: this is not the right starting point — Gitea or Forgejo is a better self-hosted Git option if you only need repositories.

---

Pros and Cons

Pros

• Genuine all-in-one stack. Planning, code, CI/CD, security, container registry in one application with one authentication layer and one audit log [3][5]. For teams tired of webhook chains and multi-SaaS integration hell, this is the strongest argument.
• CE is MIT-licensed. The core is genuinely open source. You can self-host, inspect, and modify the CE codebase without a commercial agreement [README].
• Air-gapped and compliance-ready. Designed from the start for environments where code cannot leave the network. This is why regulated industries (public sector, automotive, financial services, aerospace) use it [5][website].
• API-first. The REST and GraphQL APIs are well-documented and reliable enough that teams build custom tooling on top — AI review agents [1][4], Linear integrations [4], custom webhooks. This is harder to do with tightly coupled SaaS tools.
• Self-hosted CI runners are free. Unlike GitHub Actions (where private repo minutes cost money), GitLab runner minutes are unlimited on self-hosted instances. You pay for the compute, not the CI time [3][README].
• Rated 4.6/5 across 1,215 real user reviews [5].

Cons

• Heavy resource requirements. 8GB RAM minimum for small teams. This rules out cheap $4/month VPS instances and means your hosting cost is higher than Gitea, Forgejo, or Gogs [3].
• Open-core model means feature creep toward EE. Features that were in CE get moved to EE as the company grows its revenue base. Tracking what’s actually free requires checking the pricing comparison table with each release [README][5].
• GitLab Duo AI is an expensive add-on. The AI features the homepage leads with are not included in CE or base Premium — they’re paid add-ons [website][5]. If AI code review is why you’re looking at GitLab, budget for Duo or build your own (as [1] and [4] demonstrate).
• More expensive than GitHub SaaS for most teams. At $29/user/month, GitLab Premium costs 7x GitHub Team ($4/user/month). The value equation only works if you’re replacing multiple tools [5].
• Upgrade paths are strict. Sequential major-version upgrades are required and disruptive. Teams that don’t stay current find themselves locked into long maintenance windows [README].
• UI complexity at scale. SoftwareAdvice [5] rates ease of use at 4.37/5 — solid, but lower than GitHub’s 4.41. The feature depth that makes GitLab powerful also makes it harder to navigate for new team members.

---

Who should use this / who shouldn’t

Use GitLab (self-hosted CE) if:

• Your team already manages its own infrastructure and wants to consolidate DevOps tooling into one system.
• You work in a regulated industry (public sector, financial services, defense, automotive) that requires air-gapped deployment or data residency controls [5][website].
• You’re paying separately for GitHub + CI service + security scanner and the combined bill is painful.
• Your team wants to build custom AI review agents that call local or private LLMs — the API surface makes this straightforward [1][4].
• You have at least one person who can manage a Linux server and run Omnibus upgrades on a schedule.

Use GitLab SaaS Premium if:

• You want the GitLab workflow without managing the server, and your team is small enough that $29/user/month is acceptable.
• Compliance certifications matter (GitLab.com is SOC 2 compliant) but air-gapping doesn’t.

Skip GitLab (use GitHub) if:

• Your team is under 10 people, not in a regulated industry, and primarily needs code hosting and basic CI/CD. GitHub Team at $4/user is hard to beat [5].
• Developer experience is the top priority — GitHub has a larger ecosystem, more third-party integrations, and a better mobile experience.
• You don’t need the all-in-one DevOps consolidation.

Skip GitLab (use Gitea or Forgejo) if:

• You just want self-hosted Git hosting without the CI/CD and security tooling overhead. Gitea runs fine on a $6 VPS with 1GB RAM — GitLab won’t.

Skip it entirely if:

• You have no one with Linux server experience and no budget to hire someone. GitLab is not a one-click install for non-technical users.

---

Alternatives worth considering

• GitHub — larger developer ecosystem, better UX polish, lower SaaS price, weaker CI/CD depth and no native security scanning without GitHub Advanced Security (additional cost) [5].
• Bitbucket — $3.30/user/month SaaS, integrates natively with Jira and the Atlassian stack [5]. A better choice if your team already uses Confluence and Jira. Self-hosted Bitbucket Data Center is expensive.
• Gitea / Forgejo — lightweight MIT-licensed Git hosting. Runs on 512MB RAM, zero config. No built-in CI/CD (use Woodpecker CI or Drone separately). The right call if you only need repositories.
• Jira + GitHub Actions — the common enterprise combination. More expensive in aggregate, but best-of-breed at each layer. GitLab’s value is consolidation; if you want best-of-breed, don’t consolidate.
• Codeberg — hosted Forgejo, free for open source projects. Not relevant for proprietary team use.

For the target audience of non-technical founders looking to escape SaaS costs: GitLab is probably overkill unless you have a technical co-founder. The simpler self-hosted Git path is Gitea on a cheap VPS. GitLab is the right choice when the team has engineering discipline and wants the DevOps stack to grow with them.

---

Bottom line

GitLab self-hosted CE is the right tool for engineering-led teams that are serious about owning their infrastructure and want to stop paying four different SaaS bills for code hosting, CI/CD, security scanning, and issue tracking. The math is compelling: a small team saves $3,000+ per year versus GitLab’s own SaaS pricing, and more versus a comparable GitHub + tooling stack for regulated workloads. The AI code review integration story is also genuinely strong — not through GitLab Duo (which costs extra), but through the well-documented API that lets teams wire in Ollama, Claude, or any LLM they control without sending code to a third party [1][4]. The honest cost to that upside is real: you need a server with at least 8GB RAM, a technical person to manage upgrades, and the discipline to track which features are migrating from CE to EE with each release. For teams that check those boxes, it’s hard to argue for keeping the SaaS subscription.

---

Sources

1. Lee young-jun, Medium — “Automating MR review on Self-hosted Gitlab using AI(Ollama)” (Apr 23, 2025). https://toyboy2.medium.com/automating-mr-review-on-self-hosted-gitlab-using-ai-ollama-932e1cab30d9

2. r/gitlab, Reddit — “Tell me about your experience with self-managed GitLab”. https://www.reddit.com/r/gitlab/comments/1i7euwj/tell_me_about_your_experience_with_selfmanaged/

3. Contabo — “GitLab Hosting on VPS | Self-Hosted DevOps with CI/CD”. https://contabo.com/en/gitlab-hosting/

4. Upsun Developer Blog — “Building an AI code review agent for our self-hosted GitLab” (2026). https://developer.upsun.com/posts/2026/building-an-ai-code-review-agent-for-gitlab

5. SoftwareAdvice — “GitLab Software Reviews, Demo & Pricing - 2026” (4.6/5, 1,215 reviews). https://www.softwareadvice.com/project-management/gitlab-profile/

Primary sources:

• GitHub CE mirror: https://github.com/gitlabhq/gitlabhq (24,264 stars)
• Official website: https://about.gitlab.com
• Pricing page: https://about.gitlab.com/pricing/
• Installation docs: https://docs.gitlab.com/install/package/