GitLab搭建
- 虚拟机没有网路
vi /etc/sysconfig/network-scripts/ifcfg-ens33
ONBOOT=yes
service network restart
1.GitLab安装配置
-
环境
centos 7.6.* -
关闭防火墙
# 关闭防火墙 systemctl stop firewalld # 关闭开机自启动 systemctl disable firewalld -
关闭SELINUX并重启服务器
vi /etc/sysconfig/selinux SELINUX=disabled -
安装Omnibus Gitlab-ce package
- 一键安装更加方便,源代码安装过于繁琐
- 安装gitlab依赖包
yum -y install curl policycoreutils openssh-server openssh-clients postfix- 配置gitlab仓库源
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh|sudo bash -
启动邮箱服务
systemctl start postfix systemctl enable postfix # 如报错:send-mail: fatal: parameter inet_interfaces: no local interface found for ::1 vi /etc/postfix/main.cf inet_interfaces = localhost inet_protocols = all 改成: inet_interfaces = all inet_protocols = all -
配置yum源
vim /etc/yum.repos.d/gitlab-ce.repo [gitlab-ce] name=Gitlab CE Repository baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/ gpgcheck=0 enabled=1 -
安装gitlab-ce安装包
yum install -y gitlab-ce -
证书创建与配置加载
mkdir -p /etc/gitlab/ssl #生成一个本地私有密钥 openssl genrsa -out /etc/gitlab/ssl/gitlab.example.com.key 2048 # 创建csr证书 openssl req -new -key "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.csr" State or Province Name (full name) []:beijing #省 Locality Name (eg, city) [Default City]:beijing #市 Organization Name (eg, company) [Default Company Ltd]: #公司 Organizational Unit Name (eg, section) []: #单位 Common Name (eg, your name or your server's hostname) []:gitlab.example.com #网址 Email Address []:xujunkaipy@163.com #邮箱 Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:123456#证书密码 An optional company name []: -
csr证书 + 密钥创建签署证书
openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.example.com.csr" -signkey "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.crt" -
创建pem证书(构架需要点时间)
openssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048 -
修改所有证书权限
cd /etc/gitlab/ssl chmod 600 * -
更改gitlab配置文件,将所有生成证书配置到gitlab配置文件中
vi /etc/gitlab/gitlab.rb 将 external_url 'http://gitlab.example.com 改成external_url 'https://gitlab.example.com' # nginx['redirect_http_to_https'] = false 改为 true 并打开注释 # crt和key更改路径 # nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt" 符号# 不删除 # nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key" 符号# 不删除 # pem路径 # nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem" 符号# 不删除 -
初始化gitlab配置
gitlab-ctl reconfigure -
更改nginx 的http配置
vi /var/opt/gitlab/nginx/conf/gitlab-http.conf server_name 下添加 rewrite ^(.*)$ https://$host$1 permanent; # 生效配置 gitlab-ctl restart # 如遇到启动问题: 1.时间同步问题 timeout: run: xxxxx: (pid 6847) 29718s, got TERM yum install ntpdate ntpdate time.windows.com 2.端口占用 vim /etc/gitlab/gitlab.rb 更改端口 unicorn['port'] = 8999 gitlab_workhorse['auth_backend'] = "http://localhost:8999" gitlab-ctl reconfigure 3. 综合排查 gitlab-ctl status """ run: alertmanager: (pid 14230) 202s; run: log: (pid 2882) 1214s run: gitaly: (pid 14243) 200s; run: log: (pid 2874) 1214s run: gitlab-exporter: (pid 14257) 199s; run: log: (pid 2880) 1214s run: gitlab-workhorse: (pid 14269) 199s; run: log: (pid 2894) 1214s run: grafana: (pid 14276) 199s; run: log: (pid 12119) 778s run: logrotate: (pid 14297) 198s; run: log: (pid 2876) 1214s run: nginx: (pid 14303) 198s; run: log: (pid 2871) 1214s run: node-exporter: (pid 14309) 197s; run: log: (pid 2877) 1214s run: postgres-exporter: (pid 14314) 197s; run: log: (pid 2884) 1214s run: postgresql: (pid 14323) 196s; run: log: (pid 2875) 1214s run: prometheus: (pid 14332) 196s; run: log: (pid 2893) 1214s run: puma: (pid 14423) 195s; run: log: (pid 2895) 1214s run: redis: (pid 14428) 195s; run: log: (pid 2873) 1215s run: redis-exporter: (pid 14434) 195s; run: log: (pid 2892) 1215s run: sidekiq: (pid 14442) 192s; run: log: (pid 2891) 1215s """ gitlab-ctl tail [运行程序名称 exp: gitlab-workhorse,gitaly...] -
更改本地host
C:WindowsSystem32driversetchost 192.168.48.129 gitlab.example.com -
访问网址
-
更改管理员密码
12345678 -
输入默认管理员默认账号root,和上面输入密码12345678
-
进入仓库,点击
+创建新的仓库
-
输入
project name,点击创建
-
复制git的https地址
-
本地安装git
yum install -y git -
本地创建文件夹 git bash 拉取项目
git -c http.sslVerify=false clone https://gitlab.example.com/root/app-moive-project.git此时会提示输入账号密码,这里输入root的账号密码
-
cd到项目目录,新增一个helloworld.py
-
添加本地仓库
git add . -
提交本地仓库
git commit -m "hello world" -
提示会设置全局邮箱和用户名
git config --global user.email "你的邮箱" git config --global user.name "你的名字" -
提交远程仓库
git -c http.sslVerify=false push origin master -
提示输入账号密码,输入root账号密码。这样提交远程仓库成功
2.检查gitlab运行状态
-
点击面包屑上扳手图标
-
查看主机状态
可以查看CPU,硬盘,内存等信息。
-
查看gitlab状态
3.账号创建
- 创建开发人员与管理账号,并给相应人员分配权限
- 创建账号,输入如下信息,并进行创建
- 点击
projects,进入相应仓库
- 进入项目,点击
Manage access
-
分配开发者角色
-
添加管理员
-
更改用户初始密码
4.开发人员提交代码流程
-
开发人员拉取代码
git -c http.sslVerify=false clone https://gitlab.example.com/root/app-moive-project.git -
输入开发者用户账号:
dev01 -
开发人员创建一个的代码分支,
dev01-1.0git checkout -b dev01-1.0 -
修改原有的helloworld.py文件
-
提交仓库
git add . git commit -m "dev01-1.0" # 提交到dev01-1.0分支中 git -c http.sslVerify=false push origin dev01-1.0 -
web页面输入用户名密码进入dev01用户,点击
create merge request,将dev01-1.0分支合并master分支中。
-
进入 lead 的用户账号进行merge
- git设置全局https为false
git config --global http.sslVerify false
5.ssh添加公钥
-
服务器创建公钥私钥ssh-keygen -t rsa
ssh-keygen -t rsa -C “你的email“ # 此时在 ~/.ssh/下生成 id_rsa id_rsa.pub cat id_rsa.pub 查看公钥 -
搜索
SSH Keys
-
添加公钥
-
断电重启后,gitlab 500问题解决
gitlab-rake db:migrate:status# 查看数据库状态
gitlab-rake db:migrate # 升级数据库关系
gitlab-ctl reconfigure # 加载gitlab
- 彻底删除服务器gitlab: https://www.cnblogs.com/zuikeol/p/11525807.html