centos7.5 源码安装gitlab使用mysql数据库

1, 安装依赖

yum -y install libicu-devel patch gcc-c++ readline-devel zlib-devel libffi-devel openssl-devel make autoconf automake libtool bison libxml2-devel libxslt-devel libyaml-devel zlib-devel openssl-devel cpio expat-devel gettext-devel curl-devel perl-ExtUtils-CBuilder perl-ExtUtils-MakeMaker make cmake pcre-devel wget bzip2 systemd-devel

2. 安装GraphicsMagick

yum -y install libpng libjpeg libpng-devel libjpeg-devel ghostscript libtiff libtiff-devel freetype freetype-devel
cd /root/src
wget https://sourceforge.net/projects/graphicsmagick/files/graphicsmagick/1.3.31/GraphicsMagick-1.3.31.tar.xz/download -O GraphicsMagick-1.3.31.tar.xz
tar xf GraphicsMagick-1.3.31.tar.xz
cd GraphicsMagick-1.3.31
./configure --prefix=/App/GraphicsMagick
make && make install
echo 'PATH=/App/GraphicsMagick/bin:$PATH' >> /etc/profile
source /etc/profile
ln -s /App/GraphicsMagick/bin/gm /bin/

3. 安装 Git

查看当前git版本:

git --version

如果git版本小于2.18.0, 则先卸载:

rpm -e --nodeps git

编译安装:

cd /root/src
wget https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.21.0.tar.xz
tar xf git-2.21.0.tar.xz
cd git-2.21.0
./configure --prefix=/App/git
make && make install
echo 'export PATH=/App/git/bin:$PATH' >> /etc/profile
source /etc/profile
ln -s /App/git/bin/git /bin/
ln -s /App/git/bin/git-receive-pack /bin/
ln -s /App/git/bin/git-upload-pack /bin/

4. 安装Ruby

版本需求:

　　- Ruby 2.5.X

　　- 1.5.2 <= Bundler < 2.x

cd /root/src/
wget https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.3.tar.gz
tar xf ruby-2.5.3.tar.gz
cd ruby-2.5.3
./configure --prefix=/App/ruby --disable-install-rdoc
make && make install
ln -s /App/ruby/bin/ruby /bin/
echo 'export PATH=/App/ruby/bin:$PATH' >> /etc/profile
source /etc/profile
gem install bundler --no-document --version '< 2'

5. 安装 Go

cd /root/src/
wget https://dl.google.com/go/go1.12.linux-amd64.tar.gz
tar xf go1.12.linux-amd64.tar.gz
mv go /App/
echo 'export GOROOT=/App/go' >> /etc/profile
echo 'export GOPATH=/root/code/go' >> /etc/profile
echo 'export PATH=$GOROOT/bin:$GOPATH/bin:$PATH' >> /etc/profile
source /etc/profile

6. 安装 Node.js

版本需求:

　　- node >= v8.10.0

　　- yarn >= v1.10.0

cd /root/src/
wget https://nodejs.org/dist/v10.15.2/node-v10.15.2-linux-x64.tar.xz
tar xf node-v10.15.2-linux-x64.tar.xz
mv node-v10.15.2-linux-x64 /App/node
echo 'export PATH=/App/node/bin:$PATH' >> /etc/profile
source /etc/profile
npm install --global yarn

7. 创建系统git用户

useradd -r -s /bin/bash --comment 'GitLab' -m -d /home/git git

8. 安装mysql 安装步骤略,可以看我前面的文章

创建数据库账号:

CREATE USER 'git'@'localhost' IDENTIFIED BY '$password';
SET storage_engine=INNODB # 如果不行  SET default_storage_engine=INNODB
SET GLOBAL innodb_file_per_table=1, innodb_file_format=Barracuda, innodb_large_prefix=1;
SET GLOBAL log_bin_trust_function_creators = 1;
CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_general_ci`; 
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, CREATE TEMPORARY TABLES, DROP, INDEX, ALTER, LOCK TABLES, REFERENCES, TRIGGER ON `gitlabhq_production`.* TO 'git'@'localhost';

测试能否登录:

sudo -u git -H mysql -u git -p -D gitlabhq_production

9. 安装Redis

版本需求: 至少 2.8: 

使用root用户

cd /root/src/
wget http://download.redis.io/releases/redis-5.0.3.tar.gz
tar xf redis-5.0.3.tar.gz
cd redis-5.0.3
make PREFIX=/App/redis install
echo 'export PATH=/App/redis/bin:$PATH' >> /etc/profile
source /etc/profile

添加redis配置:/App/redis/redis.conf

bind 127.0.0.1
protected-mode yes
port 6379
tcp-backlog 511
timeout 0
tcp-keepalive 300
daemonize yes
supervised no
pidfile /data/redis/redis.pid
loglevel warning
logfile "/data/redis/redis.log"
syslog-enabled no
databases 16
always-show-logo yes
save ""
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /data/redis
lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
replica-lazy-flush no
appendonly no
lua-time-limit 5000
slowlog-log-slower-than 10000
slowlog-max-len 128
latency-monitor-threshold 0
notify-keyspace-events ""
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
list-max-ziplist-size -2
list-compress-depth 0
set-max-intset-entries 512
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
hll-sparse-max-bytes 3000
stream-node-max-bytes 4096
stream-node-max-entries 100
activerehashing yes
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit replica 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
dynamic-hz yes
aof-rewrite-incremental-fsync yes
rdb-save-incremental-fsync yes

启动redis:

mkdir -p /data/redis
useradd -s /sbin/nologin redis
chown redis. /data/redis
sudo -u redis /App/redis/bin/redis-server /App/redis/redis.conf

10. 安装 Google RE2   # 需要梯子

cd /root/src
git clone https://code.googlesource.com/re2
cd re2
make && make install

11. 安装GitLab

修改git家目录权限, 否则访问gitlab.socket报权限错误:

chmod 755 /home/git

切换至git用户clone代码:

su - git
git clone https://gitlab.com/xhang/gitlab.git -b 11-8-stable-zh gitlab

拷贝gitlab配置:

cd gitlab/
cp config/gitlab.yml.example config/gitlab.yml

修改 gitlab.yml 配置, 将 host: localhost 修改为本机IP地址或者域名,如为域名,确保域名已做解析

拷贝示例配置, 修改权限:

cp config/secrets.yml.example config/secrets.yml
chmod 0600 config/secrets.yml
chmod -R u+rwX,go-w log/
chmod -R u+rwX tmp/
chmod -R u+rwX tmp/pids/
chmod -R u+rwX tmp/sockets/
mkdir public/uploads/
chmod 0700 public/uploads
chmod -R u+rwX builds/
chmod -R u+rwX shared/artifacts/
chmod -R ug+rwX shared/pages/
cp config/unicorn.rb.example config/unicorn.rb
cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb
git config --global core.autocrlf input
git config --global gc.auto 0
git config --global repack.writeBitmaps true
git config --global receive.advertisePushOptions true
cp config/resque.yml.example config/resque.yml

修改redis相关配置 config/resque.yml 段 production 内容:

　　- url: unix:/var/run/redis/redis.sock  为 url: redis://127.0.0.1:6379

拷贝数据库相关配置:

cp config/database.yml.mysql config/database.yml
chmod o-rwx config/database.yml

修改 config/database.yml 段 production 内容:

　　- password: "secure password"  为 password: "数据库连接密码"

安装 Gems:

bundle install --deployment --without development test postgres aws kerberos

安装 gitlab shell:

bundle exec rake gitlab:shell:install REDIS_URL=redis://127.0.0.1:6379 RAILS_ENV=production SKIP_STORAGE_VALIDATION=true

安装 gitlab-workhorse:

bundle exec rake "gitlab:workhorse:install[/home/git/gitlab-workhorse]" RAILS_ENV=production

安装 gitlab pages:

cd /home/git
git clone https://gitlab.com/gitlab-org/gitlab-pages.git
cd gitlab-pages
make

安装 gitaly:

cd /home/git/gitlab
bundle exec rake "gitlab:gitaly:install[/home/git/gitaly,/home/git/repositories]" RAILS_ENV=production
chmod 0700 /home/git/gitlab/tmp/sockets/private

检查修改  /home/git/gitaly/config.toml  若无目录 /home/git/gitaly/bin   则:

　　- bin_dir = "/home/git/gitaly/bin"  修改为 bin_dir = "/home/git/gitaly"

修改  /home/git/gitlab/lib/tasks/gitlab/setup.rake:

　　- check_gitaly_connection 行首添加  # 注释用以跳过检查, 否则可能报错: Failed to connect to gitaly

初始化数据库并激活高级功能:

cd /home/git/gitlab
bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=root密码

GITLAB_ROOT_PASSWORD 值为gitlab管理员root密码!!!

切换为root拷贝服务管理脚本:

cp /home/git/gitlab/lib/support/init.d/gitlab /etc/init.d/

配置logrotate:

cp /home/git/gitlab/lib/support/logrotate/gitlab /etc/logrotate.d/

检查应用状态:

su - git
cd gitlab/
bundle exec rake gitlab:env:info RAILS_ENV=production

编译gettext po 文件:

bundle exec rake gettext:compile RAILS_ENV=production

编译静态文件:

yarn install --production --pure-lockfile
bundle exec rake gitlab:assets:compile RAILS_ENV=production NODE_ENV=production

安装NGINX:

exit
cd /root/src/
wget http://nginx.org/download/nginx-1.14.2.tar.gz
tar xf nginx-1.14.2.tar.gz
cd nginx-1.14.2
./configure --prefix=/App/nginx --with-http_stub_status_module --with-http_gzip_static_module --with-http_ssl_module --with-http_realip_module
make && make install
useradd -s /sbin/nologin nginx

修改NGINX配置 /App/nginx/conf/nginx.conf:

user  nginx nginx;
worker_processes  auto;

pid        logs/nginx.pid;
worker_rlimit_nofile    65536;

events
{
    use epoll;
    accept_mutex off;
    worker_connections  65536;
}

http
{
    include       mime.types;
    default_type  text/html;

    charset    UTF-8;
    server_names_hash_bucket_size    128;
    client_header_buffer_size        4k;
    large_client_header_buffers     4    32k;
    client_max_body_size            20m;

    open_file_cache max=65536  inactive=60s;
    open_file_cache_valid      80s;
    open_file_cache_min_uses   1;

    sendfile    on;
    server_tokens off;

    keepalive_timeout  60;

    gzip  on;
    gzip_min_length    1k;
    gzip_buffers  4    64k;
    gzip_http_version    1.1;
    gzip_comp_level    2;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

    upstream gitlab-workhorse
    {
      server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
    }
   
    map $http_upgrade $connection_upgrade_gitlab
    {
        default upgrade;
        ''      close;
    }
   
    log_format gitlab_access $remote_addr - $remote_user [$time_local] "$request_method $gitlab_filtered_request_uri $server_protocol" $status $body_bytes_sent "$gitlab_filtered_http_referer" "$http_user_agent";
   
    map $request_uri $gitlab_temp_request_uri_1
    {
      default $request_uri;
      ~(?i)^(?<start>.*)(?<temp>[?&]private[-_]token)=[^&]*(?<rest>.*)$ "$start$temp=[FILTERED]$rest";
    }
   
    map $gitlab_temp_request_uri_1 $gitlab_temp_request_uri_2
    {
      default $gitlab_temp_request_uri_1;
      ~(?i)^(?<start>.*)(?<temp>[?&]authenticity[-_]token)=[^&]*(?<rest>.*)$ "$start$temp=[FILTERED]$rest";
    }
   
    map $gitlab_temp_request_uri_2 $gitlab_filtered_request_uri
    {
      default $gitlab_temp_request_uri_2;
      ~(?i)^(?<start>.*)(?<temp>[?&]feed[-_]token)=[^&]*(?<rest>.*)$ "$start$temp=[FILTERED]$rest";
    }
   
    map $http_referer $gitlab_filtered_http_referer
    {
      default $http_referer;
      ~^(?<temp>.*)? $temp;
    }
   
    server
    {
      listen 0.0.0.0:80 default_server;
      listen [::]:80 default_server;
      server_name gitlab.songsong.me;
      server_tokens off;
   
      real_ip_header X-Real-IP;
      real_ip_recursive off;
   
      access_log  /data/logs/nginx/access.log gitlab_access;
      error_log   /data/logs/nginx/error.log;
   
      location /
      {
        client_max_body_size 0;
        gzip off;
   
        proxy_read_timeout      300;
        proxy_connect_timeout   300;
        proxy_redirect          off;
   
        proxy_http_version 1.1;
   
        proxy_set_header    Host                $http_host;
        proxy_set_header    X-Real-IP           $remote_addr;
        proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
        proxy_set_header    X-Forwarded-Proto   $scheme;
        proxy_set_header    Upgrade             $http_upgrade;
        proxy_set_header    Connection          $connection_upgrade_gitlab;
   
        proxy_pass http://gitlab-workhorse;
      }
   
      error_page 404 /404.html;
      error_page 422 /422.html;
      error_page 500 /500.html;
      error_page 502 /502.html;
      error_page 503 /503.html;
   
      location ~ ^/(404|422|500|502|503).html$
      {
        root /home/git/gitlab/public;
        internal;
      }
    }
}

启动NGINX:

mkdir -p /data/logs/nginx
chown nginx. /data/logs/nginx
/App/nginx/sbin/nginx

13. SMTP配置

复制smtp示例配置:

su - git
cd gitlab
cp config/initializers/smtp_settings.rb.sample config/initializers/smtp_settings.rb

修改config/initializers/smtp_settings.rb {} 内的设置:

    address: "smtp.exmail.qq.com",
    port: 465,
    user_name: "邮箱账号",
    password: "邮箱密码",
    domain: "exmail.qq.com",
    authentication: :login,
    enable_starttls_auto: true,
    tls: true,
    openssl_verify_mode: 'none'

14. 启动gitlab

exit
/etc/init.d/gitlab start

15. 二次检查应用状态

su - git
cd gitlab
bundle exec rake gitlab:check RAILS_ENV=production

所有项目检查结果显示绿色,表示安装成功.