官网环境要求
参见:https://github.com/gitlabhq/gitlabhq
GitLab is a Ruby on Rails application that runs on the following software:
- Ubuntu/Debian/CentOS/RHEL
- Ruby (MRI) 2.1
- Git 1.7.10+
- Redis 2.0+
- MySQL or PostgreSQL
For more information please see the architecture documentation.
##########################################
关闭防火墙,关闭SELinux
一、安装采用环境
- CentOS 6.5 x86_64
- Ruby 2.1.7
- Git 2.4.8
- Redis 2.4.10
- MySQL 5.6.26
- GitLab 7.12.2
- GitLab Shell 2.6.2
- Nginx 1.8.0
- Gem 2.2.5
- Bundler 1.10.6
二、系统添加EPEL、PUIAS源
1.添加EPEL源
wget -O /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 https://www.fedoraproject.org/static/0608B895.txt --no-check-certificate
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpmrpm -qa gpg*#显示gpg-pubkey-41a40948-4ce19266
2.添加PUIAS源
wget -O /etc/yum.repos.d/PUIAS_6_computational.repo https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/install/centos/PUIAS_6_computational.repo --no-check-certificate wget -O /etc/pki/rpm-gpg/RPM-GPG-KEY-puias http://springdale.math.ias.edu/data/puias/6/x86_64/os/RPM-GPG-KEY-puias rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-puias rpm -qa gpg* #显示gpg-pubkey-41a40948-4ce19266
3.查看源列表,验证
输入如下命令:
yum repolist
结果如下:
repo id repo name status PUIAS_6_computational PUIAS computational Base 6 - x86_64 2,678 base CentOS-6 - Base 6,575 epel Extra Packages for Enterprise Linux 6 - x86_64 11,775 extras CentOS-6 - Extras 3510 updates CentOS-6 - Updates 254 repolist: 21,327
If you can't see them listed, use the folowing command (from yum-utils package) to enable them:
yum-config-manager --enable epel --enable PUIAS_6_computational
三、Install the required tools for GitLab
1.利用yum安装依赖包
yum -y update
yum -y groupinstall 'Development Tools'
yum -y install vim-enhanced readline readline-devel ncurses-devel gdbm-devel glibc-devel tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc sqlite-devel libyaml libyaml-devel libffi libffi-devel libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel system-config-firewall-tui redis sudo wget crontabs python-devel logwatch logrotate perl-Time-HiRes libcom_err-devel.x86_64
2.源码安装Git
参见:http://www.cnblogs.com/jim-hwg/p/4748008.html
3.源码安装Ruby
参见:http://www.cnblogs.com/jim-hwg/p/4746977.html
4.源码安装MySQL
参见:http://www.cnblogs.com/jim-hwg/p/4747165.html
四、创建用户
1.创建一个Gitlab系统用户git:
adduser --system --shell /bin/bash --comment 'GitLab' --create-home --home-dir /home/git/ git
为了方便添加git用户拥有root权限 [sudoers文件默认没有写权限需要强制保存:wq!]
使用root用户执行下述命令
vim /etc/sudoers
最后添加
git ALL=(ALL) NOPASSWORD: ALL
2.创建一个Gitlab数据库用户并赋权
登陆MySQL,输入密码
mysql -u root -p
创建Gitlab数据库用户git:
CREATE USER 'git'@'localhost' IDENTIFIED BY '$password';
#替换$password设定自己的密码 CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci`; GRANT SELECT, LOCK TABLES, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON `gitlabhq_production`.* TO 'git'@'localhost'; quit
五、配置服务
1.配置MySQL
配置MySQL max_allowed_packet的大小,避免POST太大的内容导致出现500错误,例如GitLab 发出MergeRequest的时候返回500错误。
vim /etc/my.cnf
#在mysqld中添加max_allowed_packet,调整值,加大为一个合适的数字即可。
[mysqld]
max_allowed_packet=512M
重启mysql服务
service mysqld restart
2.配置redis
Make sure redis is started on boot:
chkconfig redis on
Configure redis to use sockets:
cp /etc/redis.conf /etc/redis.conf.orig
Disable Redis listening on TCP by setting 'port' to 0:
sed 's/^port .*/port 0/' /etc/redis.conf.orig | sudo tee /etc/redis.conf
Enable Redis socket for default CentOS path:
echo 'unixsocket /var/run/redis/redis.sock' | sudo tee -a /etc/redis.conf echo -e 'unixsocketperm 0775' | sudo tee -a /etc/redis.conf
Activate the changes to redis.conf:
service redis restart
Add git to the redis group:
usermod -aG redis git
六、安装Gitlab
切换到git用户
su - git
设置不验证SSL
vim /home/git/.bash_profile export GIT_SSL_NO_VERIFY=1
1.克隆Gitlab
git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-12-stable gitlab
或克隆中文版Gitlab
git clone https://gitlab.com/larryli/gitlab.git -b 7-12-zh gitlab
2.配置Gitlab
cd gitlab cp config/gitlab.yml.example config/gitlab.yml
配置config/gitlab.yml,配置Gitlab服务的端口,IP
vim config/gitlab.yml host: 10.149.153.81 port: 8049 email_from: gitlab@example.com email_enabled: false default_theme: 1
mkdir /home/git/gitlab-satellites chmod 750 /home/git/gitlab-satellites cp config/unicorn.rb.example config/unicorn.rb
配置config/unicorn.rb,配置Ruby提供的服务端口,IP
# Find number of cores #优化系统参数/etc/security/limits.conf # Enable cluster mode if you expect to have a high load instance # Ex. change amount of workers to 3 for 2GB RAM server # Set the number of workers to at least the number of cores vim config/unicorn.rb worker_processes 3 # Set the number of workers to at least the number of core
listen "127.0.0.1:8081", :tcp_nopush => true #注意端口,避免冲突
cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rbgit config --global user.name "GitLab"
git config --global user.email "gitlab@example.com"
git config --global core.autocrlf inputcp config/resque.yml.example config/resque.yml
配置config/resque.yml#如果不使用默认的端口,则需要配置
3. Configure GitLab DB settings
cp config/database.yml.mysql config/database.yml
# MySQL and remote PostgreSQL only:
# Update username/password in config/database.yml.
# You only need to adapt the production settings (first part).
# If you followed the database guide then please do as follows:
# Change 'secure password' with the value you have given to $password
# You can keep the double quotes around the password
vim config/database.yml
修改为正确的用户名和密码
分别修改git用户和root用户
chmod o-rwx config/database.yml
4.Install Gems
Note: As of bundler 1.5.2, you can invoke bundle install -jN
(where N the number of your processor cores) and enjoy the parallel gems installation with measurable
difference in completion time (~60% faster). Check the number of your cores with nproc.
For more information check this post.
First make sure you have bundler >= 1.5.2 (run bundle -v) as it addresses some issues
that were fixed in 1.5.2.
cd /home/git/gitlab # Or for MySQL (note, the option says "without ... postgres") 修改为淘宝的ruby源 vim Gemfile 修改为 source 'https://ruby.taobao.org/' bundle install --deployment --without development test postgres aws 这一步的时间会等很久
5.Install GitLab shell
GitLab Shell is an SSH access and repository management software developed specially for GitLab.
cd /home/git/gitlab
bundle exec rake gitlab:shell:install[v2.6.2] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production
报错:ExecJS::RuntimeUnavailable: Could not find a JavaScript runtime. See https://github.com/sstephenson/execjs for a list of available runtimes.
处理:切换到root用户
yum -y install nodejs
配置/home/git/gitlab/Gemfile
vim /home/git/gitlab/Gemfile #末尾添加 gem 'execjs' gem 'therubyracer'
cd /home/git/gitlab
bundle install --no-deployment
验证:
bundle show execjs
bundle show therubyracer
切回git用户,再次执行
cd /home/git/gitlab
bundle exec rake gitlab:shell:install[v2.6.2] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production
配置/home/git/gitlab-shell/config.yml,配置gitlab-shell要调用的API接口
# By default, the gitlab-shell config is generated from your main GitLab config. # You can review (and modify) the gitlab-shell config as follows: vim /home/git/gitlab-shell/config.yml # Ensure the correct SELinux contexts are set # Read http://wiki.centos.org/HowTos/Network/SecuringSSH restorecon -Rv /home/git/.ssh
6.Initialize Database and Activate Advanced Features
cd /home/git/gitlab/
bundle exec rake gitlab:setup RAILS_ENV=production
Type yes to create the database.
When done you see Administrator account created:.
Note: You can set the Administrator password by supplying it in environmental variable GITLAB_ROOT_PASSWORD, eg.:
如果要修改gitlab管理员的密码,则执行这一句,否则执行上一句
bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=newpassword
7.Install Init Script
Download the init script (will be /etc/init.d/gitlab):
切换到root用户
wget -O /etc/init.d/gitlab https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/sysvinit/centos/gitlab-unicorn --no-check-certificate chmod +x /etc/init.d/gitlab chkconfig --add gitlab chkconfig gitlab on
8.Set up logrotate
切换到root用户
cd /home/git/gitlab cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab
9.Check Application Status
Check if GitLab and its environment are configured correctly:
切回git用户
cd /home/git/gitlab bundle exec rake gitlab:env:info RAILS_ENV=production #Compile assets bundle exec rake assets:precompile RAILS_ENV=production
切回root,执行
service gitlab start
七、Configure the web server
Use either Nginx or Apache, not both. Official installation guide recommends nginx.
Nginx
You will need a new version of nginx otherwise you might encounter an issue like this.
To do so, follow the instructions provided by the nginx wiki and then install nginx with:
rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
yum update yum -y install nginx chkconfig nginx on 使用SSl wget -O /etc/nginx/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-ce/raw/master/lib/support/nginx/gitlab-ssl --no-check-certificate 不使用SSL wget -O /etc/nginx/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-ce/raw/master/lib/support/nginx/gitlab --no-check-certificate
最后加上--no-check-certificate不检查证书,这里不使用SSL
Edit /etc/nginx/conf.d/gitlab.conf and replace git.example.com with your FQDN. Make sure to read the comments in order to properly set up SSL.
vim /etc/nginx/conf.d/gitlab.conf 去掉listen后面的default_server,修改为正确的端口号 去掉 listen [::]: 修改server_name 为本机的IP地址 修改client_max_body_size 256m; 否则当推送较多数据到 gitlab 上时,会由于数据过大,而出现错误 fatal: The remote end hung up unexpectedly fatal: The remote end hung up unexpectedly error: RPC failed; result=22, HTTP code = 413
Add nginx user to git group:
usermod -a -G git nginx
Finally start nginx with:
service nginx start
Test Configuration
Validate your gitlab or gitlab-ssl Nginx config file with the following command:
nginx -t
八、Double-check Application Status
To make sure you didn't miss anything run a more thorough check with:
su - git cd /home/git/gitlab bundle exec rake gitlab:check RAILS_ENV=production
九、Initial Login
Visit YOUR_SERVER in your web browser for your first GitLab login.
The setup has created an admin account for you. You can use it to log in:
root
5iveL!fe
#####################以上即完成了Gitlab的搭建################################
十、后期维护
1.Upgrade GitLab Shell
GitLab Shell might be outdated, running the commands below ensures you're using a compatible version:
su - git cd /home/git/gitlab-shell git fetch git checkout v`cat /home/git/gitlab/GITLAB_SHELL_VERSION`
2.Upgrade GitLab
One line upgrade command
You've read through the entire guide and probably already did all the steps one by one.
Here is a one line command with step 1 to 5 for the next time you upgrade:
切换到git用户
cd /home/git/gitlab; sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production; sudo service gitlab stop; if [ -f bin/upgrade.rb ]; then sudo -u git -H ruby bin/upgrade.rb -y; else sudo -u git -H ruby script/upgrade.rb -y; fi; cd /home/git/gitlab-shell; sudo -u git -H git fetch; sudo -u git -H git checkout v`cat /home/git/gitlab/GITLAB_SHELL_VERSION`; cd /home/git/gitlab; exit; sudo service gitlab start; sudo service nginx restart; sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
3.Upgrade /etc/init.d/gitlab
wget https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/sysvinit/centos/gitlab-unicorn mv gitlab-unicorn gitlab cp -f gitlab /etc/init.d/gitlab rm gitlab
复制完后,要删除/etc/init.d/gitlab.swap文件
4.Gitlab源代码更新
cd /home/git/gitlab/ git fetch origin git merge origin/7-5-zh #重启 gitlab service gitlab restart
十一、Gitlab 备份
官网的备份说明
https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/raketasks/backup_restore.md
查看备份设置
vim /home/git/gitlab/config/gitlab.yml
检查Backup Settings设置项
默认情况下,备份文件是存放在/home/git/gitlab/tmp/backups/
执行备份
sudo service gitlab stop # 先停止Gitlab,可以不暂停 cd /home/git/gitlab/ sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
执行完成后,会在/home/git/gitlab/tmp/backups/目录下创建一个备份俄文件,以时间戳_gitlab_backup命名如 1417040627_gitlab_backup.tar
重新启动
sudo service gitlab start sudo service nginx restart
还原
需要给其他用户配置读写执行的权限
chmod o+wrx /home/git/.ssh/authorized_keys.lock
否则会出现如下错误,是由于没有权限
/home/git/gitlab-shell/lib/gitlab_keys.rb:101:in
`initialize': Permission denied @ rb_sysopen -
/home/git/.ssh/authorized_keys.lock (Errno::EACCES)
需要使用 git 用户来执行,否则会没有权限操作 git 目录下的文件,timestamp_of_backup为时间戳如 1417040627
sudo service gitlab stop cd /home/git/gitlab/ sudo -u git -H bundle exec rake gitlab:backup:restore BACKUP=timestamp_of_backup RAILS_ENV=production sudo service gitlab start sudo service nginx restart sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
设置自动备份
sudo service gitlab stop; cd /home/git/gitlab; sudo -u git -H editor config/gitlab.yml; # Enable keep_time in the backup section to automatically delete old backups
keep_time参数默认是604800(单位是秒),因此会保留最近7天内的备份
sudo -u git crontab -e # Edit the crontab for the git user
将如下内容添加到文件末尾
# Create a full backup of the GitLab repositories and SQL database every day at 2am 0 2 * * * cd /home/git/gitlab && PATH=/usr/local/bin:/usr/bin:/bin bundle exec rake gitlab:backup:create RAILS_ENV=production CRON=1
每天凌晨2点自动备份
The CRON=1 environment setting tells the backup script to suppress all progress output if there are no errors. This is recommended to reduce cron spam.
重新启动
sudo service gitlab start; sudo service nginx restart; sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production;