Gitlab 介绍

Gitlab介绍

Gitlab是一个开源分布式版本控制系统，由Ruby开发，有管理项目源代码、版本控制、代码复用与查找等功能。

• gitlab与github的区别：

github是分布式在线代码托管仓库，个人版本可直接在线免费使用，企业版本收费且需要服务器安装。

gitlab是分布式在线代码仓库托管软件，分社区免费版本与企业收费版本，都需要服务器安装。

• gitlab的优势：

1. 开源免费，社区免费版本适合中小型公司；

2. 差异化的版本管理，离线同步以及强大分支管理功能；

3. 便捷的GUI操作界面以及强大账户权限管理功能；

4. 集成度很高，能够集成绝大多数的开发工具；

5. 支持内置HA，保证在高并发下仍旧实现高可用性。

• gitlab主要服务构成：

Nginx 静态Web服务器

Gitlab-workhorse 轻量级的反向代理服务器

Gitlab-shell 用于处理Git命令和修改authorized keys列表

Logrotate 日志文件管理工具

Postgresql 数据库 Redis 缓存服务器

• gitlab的工作流程：

1. 创建并克隆项目

2. 创建项目某Feature分支

3. 编写代码并提交至该分支

4. 推送该项目分支至远程Gitlab服务器

5. 进行代码检查并提交Master主分支合并申请

6. 项目领导审查代码并确认合并申请

环境准备

gitlab 192.168.10.30  centos7.5 　　4核8G

开始部署：

• 关闭防火墙和selinux：

[root@localhost ~]# systemctl stop firewalld && systemctl disable firewalld
[root@localhost ~]# setenforce 0 && sed -i 's/=enforcing/=disabled/g' /etc/selinux/config

• 添加本地hosts：

[root@localhost ~]# echo "192.168.10.30   gitlab.testdemo.com" >> /etc/hosts

Gitlab安装配置管理

• 安装gitlab-ce：

#安装gitlab组件
[root@localhost ~]# yum install -y curl policycoreutils openssh-server openssh-clients postfix

#配置yum仓库
[root@localhost ~]# curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash

#启动postfix邮件服务
[root@localhost ~]# systemctl start postfix && systemctl enable postfix 
#安装gitlab-ce
[root@localhost ~]# yum install -y gitlab-ce

• 证书创建与配置加载：

#创建证书目录及生成证书
[root@localhost ~]# mkdir -p /etc/gitlab/ssl
[root@localhost ~]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.testdemo.com.key" 2048
Generating RSA private key, 2048 bit long modulus
.......................+++
....................+++
e is 65537 (0x10001)
[root@localhost ~]# 

[root@localhost ~]# openssl req -new -key "/etc/gitlab/ssl/gitlab.testdemo.com.key" -out "/etc/gitlab/ssl/gitlab.testdemo.com.csr"
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:bj
Locality Name (eg, city) [Default City]:bj
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:gitlab.testdemo.com
Email Address []:admin@testdemo.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []:
[root@localhost ~]# 

[root@localhost ~]# openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.testdemo.com.csr" -signkey "/etc/gitlab/ssl/gitlab.testdemo.com.key" -out "/etc/gitlab/ssl/gitlab.testdemo.com.crt"
Signature ok
subject=/C=cn/ST=bj/L=bj/O=Default Company Ltd/CN=gitlab.testdemo.com/emailAddress=admin@testdemo.com

[root@localhost ~]# openssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048

[root@localhost ~]# chmod 600 /etc/gitlab/ssl/*
[root@localhost ~]# ll /etc/gitlab/ssl
total 16
-rw-------. 1 root root  424 Nov 10 13:37 dhparams.pem
-rw-------. 1 root root 1289 Nov 10 13:35 gitlab.testdemo.com.crt
-rw-------. 1 root root 1078 Nov 10 11:53 gitlab.testdemo.com.csr
-rw-------. 1 root root 1675 Nov 10 11:51 gitlab.testdemo.com.key
[root@localhost ~]# 

• nginx SSL代理服务配置：

[root@localhost~]# vim /etc/gitlab/gitlab.rb

external_url 'https://gitlab.testdemo.com'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.testdemo.com.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.testdemo.com.key"
nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem"  # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem

• 初始化gitlab相关服务并完成安装：

• [root@localhost ~]# gitlab-ctl reconfigure
  
  [root@localhost ~]#vim /var/opt/gitlab/nginx/conf/gitlab-http.conf 
  
  ## Redirects all HTTP traffic to the HTTPS host
  server {
    listen *:80;
    
    server_name gitlab.testdemo.com;
    server_tokens off; ## Don't show the nginx version number, a security best practice
    rewrite ^(.*)$ https://$host$1 permanent;  #添加该行内容
  
  # gitlab-ctl restart                #重启gitlab

打开网页，访问 https://gitlab.testdemo.com/

 第一次访问提示设置密码，设置密码后登录，默认用户名是root。

 点击右上方+ → New porject，Project name输入test-repo，Visibility Level选择默认的Private即可，最后点击Create project创建项目。

• gitlab工作流程：

任选一台其它机器

[root@prometheus ~]# yum install -y git

[root@prometheus ~]# echo '192.168.10.30  gitlab.testdemo.com' >> /etc/hosts

[root@prometheus ~]# mkdir /home/repo && cd /home/repo

[root@prometheus repo]# git config --global user.name "admin"
[root@prometheus repo]# git config --global user.email "admin@testdemo.com"

[root@prometheus repo]# git -c http.sslVerify=false clone https://gitlab.testdemo.com/root/test-repo.git
Cloning into 'test-repo'...
Username for 'https://gitlab.testdemo.com': root
Password for 'https://root@gitlab.testdemo.com': 
warning: You appear to have cloned an empty repository.
[root@prometheus repo]# 

[root@prometheus repo]# ll
total 0
drwxr-xr-x 3 root root 18 Nov 10 22:21 test-repo
[root@prometheus repo]# cd test-repo/
[root@prometheus test-repo]# echo "print "This is a test code"" >> test.py
[root@prometheus test-repo]# git add .
[root@prometheus test-repo]# git commit -m "First commit"
[master (root-commit) 48b30bc] First commit
 1 file changed, 1 insertion(+)
 create mode 100644 test.py
[root@prometheus test-repo]# git -c http.sslVerify=false push origin master
Username for 'https://gitlab.testdemo.com': root
Password for 'https://root@gitlab.testdemo.com': 
Counting objects: 3, done.
Writing objects: 100% (3/3), 227 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To https://gitlab.testdemo.com/root/test-repo.git
 * [new branch]      master -> master
[root@prometheus test-repo]# 

刷新浏览器，即可看到刚推送到gitlab服务端的代码。

参考文档：https://blog.csdn.net/miss1181248983/article/details/102485715