Gitlab Server 部署
1、环境准备
1.系统版本:CentOS7.4
2.Gitlab版本:gitlab-ee 11.0.1
3.初始化系统环境
4.关闭防火墙
[root@localhost ~]# systemctl stop iptables firewalld
[root@localhost ~]# systemctl disable iptables firewalld
5.开启邮件服务
[root@vm1 ~]# systemctl start postfix
[root@vm1 ~]# systemctl enable postfix
6.关闭SELinux
[root@localhost ~]# sed -ri '/SELINUX=/cSELINUX=disabled' /etc/selinux/config
[root@localhost ~]# setenforce 0 # 临时关闭SELinux
[root@localhost ~]# reboot
2、部署Gitlab
1.安装Gitlab社区版/企业版
2.安装gitlab依赖包
[root@localhost ~]# yum install -y curl openssh-server openssh-clients postfix cronie policycoreutils-python
# gitlab-ce 10.x.x以后的版本需要依赖policycoreutils-python
3.开启postfix,并设置开机自启
[root@localhost ~]# systemctl start postfix;systemctl enable postfix
4.选择添加yum源安装gitlab(根据需求配置源)
(1)添加阿里源
# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=gitlab-ce
baseurl=http://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7
Repo_gpgcheck=0
Enabled=1
Gpgkey=https://packages.gitlab.com/gpg.key
(2) 添加清华源
# vim gitlab-ce.repo
[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1
# vim gitlab-ee.repo
[gitlab-ee]
name=Gitlab EE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ee/yum/el$releasever/
gpgcheck=0
enabled=1
# vim runner_gitlab-ci-multi-runner.repo
[runner_gitlab-ci-multi-runner]
name=runner_gitlab-ci-multi-runner
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
[runner_gitlab-ci-multi-runner-source]
name=runner_gitlab-ci-multi-runner-source
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/SRPMS
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
(3) 添加官方源
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
5.安装包下载
https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/
https://mirrors.tuna.tsinghua.edu.cn/gitlab-ee/yum/el7/
6.根据需要选择ce/ee
[root@localhost ~]# yum -y install gitlab-ce # 自动安装最新版
[root@localhost ~]# yum -y install gitlab-ce-x.x.x # 安装指定版本Gitlab
[root@localhost ~]# yum -y install gitlab-ce
warning: gitlab-ce-10.7.2-ce.0.el7.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID f27eab47: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:gitlab-ce-10.7.2-ce.0.el7 ################################# [100%]
It looks like GitLab has not been configured yet; skipping the upgrade script.
*. *.
*** ***
***** *****
.****** *******
******** ********
,,,,,,,,,***********,,,,,,,,,
,,,,,,,,,,,*********,,,,,,,,,,,
.,,,,,,,,,,,*******,,,,,,,,,,,,
,,,,,,,,,*****,,,,,,,,,.
,,,,,,,****,,,,,,
.,,,***,,,,
,*,.
_______ __ __ __
/ ____(_) /_/ / ____ _/ /_
/ / __/ / __/ / / __ `/ __ \
/ /_/ / / /_/ /___/ /_/ / /_/ /
\____/_/\__/_____/\__,_/_.___/
Thank you for installing GitLab!
GitLab was unable to detect a valid hostname for your instance.
Please configure a URL for your GitLab instance by setting `external_url`
configuration in /etc/gitlab/gitlab.rb file.
Then, you can start your GitLab instance by running the following command:
sudo gitlab-ctl reconfigure
For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md###3、配置 Gitlab
1、查看Gitlab版本
[root@localhost ~]# head -1 /opt/gitlab/version-manifest.txt
gitlab-ce 10.1.12、Gitlab 配置文登录链接
#设置登录链接
[root@localhost ~]# vim /etc/gitlab/gitlab.rb
***
## GitLab URL
##! URL on which GitLab will be reachable.
##! For more details on configuring external_url see:
##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
# 没有域名,可以设置为本机IP地址
external_url 'http://172.17.0.61'
***
[root@localhost ~]# grep "^external_url" /etc/gitlab/gitlab.rb
external_url 'http://172.17.0.61' #绑定监听的域名或IP3、初始化 Gitlab (第一次使用配置时间较长)
[root@localhost ~]# gitlab-ctl reconfigure
.....4、启动 Gitlab 服务
[root@vm1 ~]# gitlab-ctl start
ok: run: gitaly: (pid 22896) 2922s
ok: run: gitlab-monitor: (pid 22914) 2921s
ok: run: gitlab-workhorse: (pid 22882) 2922s
ok: run: logrotate: (pid 22517) 2987s
ok: run: nginx: (pid 22500) 2993s
ok: run: node-exporter: (pid 22584) 2974s
ok: run: postgres-exporter: (pid 22946) 2919s
ok: run: postgresql: (pid 22250) 3047s
ok: run: prometheus: (pid 22931) 2920s
ok: run: redis: (pid 22190) 3053s
ok: run: redis-exporter: (pid 22732) 2962s
ok: run: sidekiq: (pid 22472) 3005s
ok: run: unicorn: (pid 22433) 3011s
[root@vm1 ~]#
[root@vm1 ~]# lsof -i:80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
nginx 22500 root 7u IPv4 50923 0t0 TCP *:http (LISTEN)
nginx 22501 gitlab-www 7u IPv4 50923 0t0 TCP *:http (LISTEN)
[root@vm1 ~]# 5、Gitlab 设置 HTTPS 方式
如果想要以上的 https 方式正常生效使用,则需要把 letsencrypt 自动生成证书的配置打开,这样在执行重
新让配置生效命令 (gitlab-ctl reconfigure) 的时候会自动给域名生成免费的证书并自动在 gitlab 自带的
nginx 中加上相关的跳转配置,都是全自动的,非常方便。
letsencrypt['enable'] = true
letsencrypt['contact_emails'] = ['caryyu@qq.com'] # 这应该是一组要添加为联系人的电子邮件地址6、Gitlab 添加smtp邮件功能
[root@vm1 ~]# vim /etc/gitlab/gitlab.rb
postfix 并非必须的;根据具体情况配置,以 SMTP 的为例配置邮件服务器来实现通知;参考配置如下:
### Email Settings
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = 'system.notice@qq.com'
gitlab_rails['gitlab_email_display_name'] = 'gitlab.notice'
gitlab_rails['gitlab_email_reply_to'] = 'system.notice@qq.com'
gitlab_rails['gitlab_email_subject_suffix'] = 'gitlab'
### GitLab email server settings
###! Docs: https://docs.gitlab.com/omnibus/settings/smtp.html
###! **Use smtp instead of sendmail/postfix.**
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "system.notice@qq.com"
gitlab_rails['smtp_password'] = "xxxxx"
gitlab_rails['smtp_domain'] = "qq.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = true
[root@vm1 ~]# grep -P "^[^#].*smtp_|user_email|gitlab_email" /etc/gitlab/gitlab.rb
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = 'username@domain.cn'
gitlab_rails['gitlab_email_display_name'] = 'Admin'
gitlab_rails['gitlab_email_reply_to'] = 'usernamei@domain.cn'
gitlab_rails['gitlab_email_subject_suffix'] = '[gitlab]'
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.exmail.qq.com"
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "username@domain.cn"
gitlab_rails['smtp_password'] = "password"
gitlab_rails['smtp_domain'] = "domain.cn"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = false
user['git_user_email'] = "username@domain.cn"
[root@vm1 ~]# gitlab-ctl reconfigure #修改配置后需要初始化配置
......
[root@vm1 ~]# gitlab-ctl stop
ok: down: gitaly: 0s, normally up
ok: down: gitlab-monitor: 1s, normally up
ok: down: gitlab-workhorse: 0s, normally up
ok: down: logrotate: 1s, normally up
ok: down: nginx: 0s, normally up
ok: down: node-exporter: 1s, normally up
ok: down: postgres-exporter: 0s, normally up
ok: down: postgresql: 0s, normally up
ok: down: prometheus: 0s, normally up
ok: down: redis: 0s, normally up
ok: down: redis-exporter: 1s, normally up
ok: down: sidekiq: 0s, normally up
ok: down: unicorn: 1s, normally up
[root@vm1 ~]# gitlab-ctl start
ok: run: gitaly: (pid 37603) 0s
ok: run: gitlab-monitor: (pid 37613) 0s
ok: run: gitlab-workhorse: (pid 37625) 0s
ok: run: logrotate: (pid 37631) 0s
ok: run: nginx: (pid 37639) 1s
ok: run: node-exporter: (pid 37644) 0s
ok: run: postgres-exporter: (pid 37648) 1s
ok: run: postgresql: (pid 37652) 0s
ok: run: prometheus: (pid 37660) 1s
ok: run: redis: (pid 37668) 0s
ok: run: redis-exporter: (pid 37746) 0s
ok: run: sidekiq: (pid 37750) 1s
ok: run: unicorn: (pid 37757) 0s7、Gitlab 发送邮件测试
[root@vm1 ~]# gitlab-rails console
Loading production environment (Rails 4.2.10)
irb(main):001:0> Notify.test_email('user@destination.com', 'Message Subject', 'Message Body').deliver_now
Notify#test_email: processed outbound mail in 2219.5ms
Sent mail to user@destination.com (2469.5ms)
Date: Fri, 04 May 2018 15:50:10 +0800
From: Admin <username@domain.cn>
Reply-To: Admin <username@domain.cn>
To: user@destination.com
Message-ID: <5aec10b24cfaa_93933fee282db10c162d@vm1.mail>
Subject: Message Subject
Mime-Version: 1.0
Content-Type: text/html;
charset=UTF-8
Content-Transfer-Encoding: 7bit
Auto-Submitted: auto-generated
X-Auto-Response-Suppress: All
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html><body><p>Message Body</p></body></html>
=> #<Mail::Message:70291731344240, Multipart: false, Headers: <Date: Fri, 04 May 2018 15:50:10 +0800>, <From: Admin <username@domain.cn>>, <Reply-To: Admin <username@domain.cn>>, <To: user@destination.com>, <Message-ID: <5aec10b24cfaa_93933fee282db10c162d@vm1.mail>>, <Subject: Message Subject>, <Mime-Version: 1.0>, <Content-Type: text/html; charset=UTF-8>, <Content-Transfer-Encoding: 7bit>, <Auto-Submitted: auto-generated>, <X-Auto-Response-Suppress: All>>
irb(main):002:0>quit ###3、gitlab的使用 在浏览器中输入 http://192.168.60.119/ ,然后 change password: ,并使用root用户登录 即可 (后续动作根据提示操作)
1、gitlab 命令行修改密码
gitlab-rails console production
irb(main):001:0> user = User.where(id: 1).first # id为1的是超级管理员
irb(main):002:0>user.password = 'yourpassword' # 密码必须至少8个字符
irb(main):003:0>user.save! # 如没有问题 返回true
exit # 退出2、gitlab服务管理
gitlab-ctl start # 启动所有 gitlab 组件;
gitlab-ctl stop # 停止所有 gitlab 组件;
gitlab-ctl restart # 重启所有 gitlab 组件;
gitlab-ctl status # 查看服务状态;
gitlab-ctl reconfigure # 启动服务;
vim /etc/gitlab/gitlab.rb # 修改默认的配置文件;
gitlab-ctl tail # 查看日志;3、登陆 Gitlab
如果需要手工修改nginx的port ,可以在gitlab.rb中设置 nginx[‘listen_port’] = 8000 ,然后再次 gitlab-ctl reconfigure即可
登录 gitlab 如下所示(首次登陆设置 root 密码):
创建项目组 group ,组名为plat-sp ,如下所示:
去掉用户的自动注册功能(安全): admin are -> settings -> Sign-up Restrictions 去掉钩钩,然后拉到最下面保存,重新登录
