在centos7上搭建gitlab

导语:我们需要搭建一个gitlab的服务器,搭建gitlab服务器相对来说比较简单,但由于gitlab对服务器的硬件配置要求比较高,因此我们准备了4核12G的服务器来搭建。

安装前准备工作

新建一个清华大学的安装源

vi /etc/yum.repos.d/tsinghua.repo

[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1

安装依赖

查看一下相关的依赖是否已经安装,curl policycoreutils-python openssh-server。

rpm -qa |grep ssh

openssh-server-7.4p1-11.el7.x86_64
openssh-7.4p1-11.el7.x86_64
libssh2-1.4.3-10.el7_2.1.x86_64
openssh-clients-7.4p1-11.el7.x86_64
rpm -qa |grep curl

libcurl-7.29.0-42.el7.x86_64
libcurl-devel-7.29.0-42.el7.x86_64
curl-7.29.0-42.el7.x86_64
python-pycurl-7.19.0-19.el7.x86_64
rpm -qa |grep policycoreutils

policycoreutils-python-2.5-17.1.el7.x86_64
policycoreutils-2.5-17.1.el7.x86_64

上面如果没有查找到,就使用下面的命令安装相关依赖。

yum install curl policycoreutils-python openssh-server 

或者分开安装

yum install curl
yum install policycoreutils-python
yum install openssh-server

如果是新安装的ssh,那么安装完成后需要启用。

systemctl enable sshd
systemctl start sshd

在防火墙开放8080端口

firewall-cmd --permanent --zone=public --add-port=8080/tcp

或者直接修改

vi /etc/firewalld/zones/public.xml

重启防火墙

firewall-cmd --reload

安装gitlab-ce

yum install gitlab-ce

Loaded plugins: fastestmirror, langpacks
base                                                                                                                                                                          | 3.6 kB  00:00:00
extras                                                                                                                                                                        | 3.4 kB  00:00:00
gitlab-ce                                                                                                                                                                     | 2.9 kB  00:00:00
updates                                                                                                                                                                       | 3.4 kB  00:00:00
(1/5): base/7/x86_64/group_gz                                                                                                                                                 | 166 kB  00:00:00
(2/5): extras/7/x86_64/primary_db                                                                                                                                             | 215 kB  00:00:00
(3/5): updates/7/x86_64/primary_db                                                                                                                                            | 7.4 MB  00:00:00
(4/5): base/7/x86_64/primary_db                                                                                                                                               | 6.0 MB  00:00:00
(5/5): gitlab-ce/7/primary_db                                                                                                                                                 | 3.1 MB  00:00:02
Determining fastest mirrors
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
========================================================================================= N/S matched: ssh ==========================================================================================
fence-agents-ilo-ssh.x86_64 : Fence agent for HP iLO devices via SSH
ksshaskpass.x86_64 : A KDE version of ssh-askpass with KWallet support
libssh.x86_64 : A library implementing the SSH protocol
libssh-devel.x86_64 : Development files for libssh
libssh2.x86_64 : A library implementing the SSH2 protocol
libssh2.i686 : A library implementing the SSH2 protocol
libssh2-devel.i686 : Development files for libssh2
libssh2-devel.x86_64 : Development files for libssh2
libssh2-docs.noarch : Documentation for libssh2
openssh.x86_64 : An open source implementation of SSH protocol versions 1 and 2
openssh-askpass.x86_64 : A passphrase dialog for OpenSSH and X
openssh-clients.x86_64 : An open source SSH client applications
openssh-keycat.x86_64 : A mls keycat backend for openssh
openssh-ldap.x86_64 : A LDAP support for open source SSH server daemon
openssh-server.x86_64 : An open source SSH server daemon
openssh-server-sysvinit.x86_64 : The SysV initscript to manage the OpenSSH server.
pam_ssh_agent_auth.i686 : PAM module for authentication with ssh-agent
pam_ssh_agent_auth.x86_64 : PAM module for authentication with ssh-agent
sshpass.x86_64 : Non-interactive SSH authentication utility
ansible.noarch : SSH-based configuration management, deployment, and task execution system
jsch.noarch : Pure Java implementation of SSH2
openssh-cavs.x86_64 : CAVS tests for FIPS validation
python-paramiko.noarch : SSH2 protocol library for python
python-paramiko-doc.noarch : Docs and demo for SSH2 protocol library for python

  Name and summary matches only, use "search all" for everything.
[root@localhost zones]# rpm -qa |grep ssh
openssh-server-7.4p1-11.el7.x86_64
openssh-7.4p1-11.el7.x86_64
libssh2-1.4.3-10.el7_2.1.x86_64
openssh-clients-7.4p1-11.el7.x86_64
[root@localhost zones]# rpm -qa |grep curl
libcurl-7.29.0-42.el7.x86_64
libcurl-devel-7.29.0-42.el7.x86_64
curl-7.29.0-42.el7.x86_64
python-pycurl-7.19.0-19.el7.x86_64
[root@localhost zones]# rpm -qa |grep policycoreutils
policycoreutils-python-2.5-17.1.el7.x86_64
policycoreutils-2.5-17.1.el7.x86_64
[root@localhost zones]# yum install gitlab-ce
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package gitlab-ce.x86_64 0:12.2.4-ce.0.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=====================================================================================================================================================================================================
 Package                                       Arch                                       Version                                                Repository                                     Size
=====================================================================================================================================================================================================
Installing:
 gitlab-ce                                     x86_64                                     12.2.4-ce.0.el7                                        gitlab-ce                                     630 M

Transaction Summary
=====================================================================================================================================================================================================
Install  1 Package

Total download size: 630 M
Installed size: 630 M
Is this ok [y/d/N]: y
Downloading packages:
gitlab-ce-12.2.4-ce.0.el7.x86_ FAILED                                               78% [==========================================================                ]  455 B/s | 497 MB  85:19:04 ETA
https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-12.2.4-ce.0.el7.x86_64.rpm: [Errno 12] Timeout on https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-12.2.4-ce.0.el7.x86_64.rpm: (28, 'Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds')
Trying other mirror.
gitlab-ce-12.2.4-ce.0.el7.x86_64.rpm                                                                                                                                          | 630 MB  00:00:31
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : gitlab-ce-12.2.4-ce.0.el7.x86_64                                                                                                                                                  1/1
It looks like GitLab has not been configured yet; skipping the upgrade script.

       *.                  *.
      ***                 ***
     *****               *****
    .******             *******
    ********            ********
   ,,,,,,,,,***********,,,,,,,,,
  ,,,,,,,,,,,*********,,,,,,,,,,,
  .,,,,,,,,,,,*******,,,,,,,,,,,,
      ,,,,,,,,,*****,,,,,,,,,.
         ,,,,,,,****,,,,,,
            .,,,***,,,,
                ,*,.



     _______ __  __          __
    / ____(_) /_/ /   ____ _/ /_
   / / __/ / __/ /   / __ `/ __ \
  / /_/ / / /_/ /___/ /_/ / /_/ /
  \____/_/\__/_____/\__,_/_.___/


Thank you for installing GitLab!
GitLab was unable to detect a valid hostname for your instance.
Please configure a URL for your GitLab instance by setting `external_url`
configuration in /etc/gitlab/gitlab.rb file.
Then, you can start your GitLab instance by running the following command:
  sudo gitlab-ctl reconfigure

For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md

  Verifying  : gitlab-ce-12.2.4-ce.0.el7.x86_64                                                                                                                                                  1/1

Installed:
  gitlab-ce.x86_64 0:12.2.4-ce.0.el7

Complete!

目录结构

/opt/gitlab 主目录
/etc/gitlab 配置文件目录
/var/log/gitlab 日志目录

修改配置文件

/etc/gitlab/gitlab.rb

该文件中添加

external_url 'http://ip:8080'
nginx['listen_port'] = 8080

默认nginx 监听的是8080 端口,如果nginx 修改端口,external_url 里面也必须带端口。如果你的80端口是可用的,那么无需修改。

启动gitlab 命令

gitlab-ctl reconfigure && gitlab-ctl start

启动完成后,会出现gitlab 包含的服务

gitlab Reconfigured!
ok: run: alertmanager: (pid 3119) 3s
ok: run: gitaly: (pid 3050) 6s
ok: run: gitlab-monitor: (pid 3049) 6s
ok: run: gitlab-workhorse: (pid 3030) 7s
ok: run: grafana: (pid 3144) 2s
ok: run: logrotate: (pid 2382) 126s
ok: run: nginx: (pid 2354) 132s
ok: run: node-exporter: (pid 3042) 6s
ok: run: postgres-exporter: (pid 3134) 2s
ok: run: postgresql: (pid 2015) 217s
ok: run: prometheus: (pid 3085) 5s
ok: run: redis: (pid 1808) 234s
ok: run: redis-exporter: (pid 3073) 5s
ok: run: sidekiq: (pid 2269) 144s
ok: run: unicorn: (pid 2230) 150s

可以查看主件的状态

gitlab-ctl status

修改root密码

登录网址http://ip:8080 ,第一次登陆的时候,会要求修改root 的密码,gitlab 默认管理用户是root。

gitlab 相关操作命令

命令前缀gitlab-ctl。

start 启动所有服务 这个重启也会继续开启 相当systemctl enable
stop 关闭所有服务
restart 重启所有服务
status 查看所有服务状态
tail 查看日志信息
service-list 列举所有启动服务
graceful-kill 平稳停止一个服务
help 帮助
reconfigure 修改配置文件之后,需要重新加载下
show-config 查看所有服务配置文件信息
uninstall 卸载这个软件
cleanse 删除gitlab数据,重新白手起家

如果修改了需要使用外部的postgresql ,redis 和nginx需要修改该文件相关参数。
gitlab 启动之后会根据配置文件 定义创建一系列用户 和 他们的家目录默认gitlab 依赖的主件安装在/var/opt/gitlab/目录下。

gitlab 的组件有nginx,postgresql,redis,unicorn,sidekiq,logrotate。

  • nginx : web入口
  • database(postgresql,mysql) (gitlab repository issue,merge request等,用户(权限))
  • redis 缓存,负责分发任务
  • sideiq:后台任务,主要负责发送电子邮件,任务需要来自redis
  • unicorn: 包含gitlab 主进程
  • gitlab-shell 用于ssh交互
  • gitlab-workhorse:反向代理服务器,可以处理与unicorn 无关的请求,处理git pull/push请求,处理到unicorn 的连接
  • gitaly 后台服务,用于处理GitLab发出的所有git调用

设置smtp邮件信息

修改配置文件的信息

vi /etc/gitlab/gitlab.rb

将下面的参数#号去掉,然后填上自己的smtp信息。

 gitlab_rails['smtp_enable'] = true
 gitlab_rails['smtp_address'] = "smtp.server"
 gitlab_rails['smtp_port'] = 465
 gitlab_rails['smtp_user_name'] = "smtp user"
 gitlab_rails['smtp_password'] = "smtp password"
 gitlab_rails['smtp_domain'] = "example.com"
 gitlab_rails['smtp_authentication'] = "login"
 gitlab_rails['smtp_enable_starttls_auto'] = true
 gitlab_rails['smtp_tls'] = true

重新配置gitlab

gitlab-ctl reconfigure

发送测试邮件

进入控制台

gitlab-rails console

输入命令

Notify.test_email('xxxxx@xxxx.cn', 'Message Subject', 'Message Body').deliver_now

如果报错Net::SMTPFatalError (553 Mail from must equal authorized user App0022),修改/etc/gitlab/gitlab.rb的配置

gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = xxxx@xxxxx.cn'
gitlab_rails['gitlab_email_display_name'] = ''
gitlab_rails['gitlab_email_reply_to'] = 'xxxx@xxxx.cn'
gitlab_rails['gitlab_email_subject_suffix'] = ''

结束

安装gitlab需要注意的要点,一是依赖检查,二是服务器硬件要好一点。

发表评论

电子邮件地址不会被公开。 必填项已用*标注