wxin/CI-CD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

更新 Gitlab-私有仓库.md

Browse Source
This commit is contained in:
wxin 2025-04-23 13:10:20 +08:00
parent eeb661f1d4
commit e8fbbb372f
1 changed files with 356 additions and 356 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

712
Gitlab-私有仓库.md
View File

@ -1,356 +1,356 @@
<h2><center>Gitlab 私有仓库</center></h2>
------
## 一Gitlab 部署
### 1. 资源环境
| 主机名 | IP地址 | 服务 |
| :----: | :-------------: | :------: |
| gitlab | 192.168.159.136 | gitab-ce |
### 2. 环境部署
修改主机名:
```bash
[root@git ~]# hostnamectl set-hostname gitlab
```
关闭防火墙和`selinux`
```bash
[root@gitlab ~]# systemctl stop firewalld
[root@gitlab ~]# systemctl disable firewalld
[root@gitlab ~]# setenforce 0
setenforce: SELinux is disabled
```
开启邮件服务:
```bash
[root@gitlab ~]# systemctl start postfix
[root@gitlab ~]# systemctl enable postfix
```
添加本地解析:
```bash
[root@gitlab ~]# echo "192.168.159.136 gitlab" >> /etc/hosts
```
### 3. 安装`gitlab`依赖包
```bash
[root@gitlab ~]# yum install -y curl openssh-server openssh-clients postfix cronie policycoreutils-python
```
### 4. 添加`gitlab`安装源
```bash
# 阿里源
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=gitlab-ce
baseurl=http://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7
Repo_gpgcheck=0
Enabled=1
gpgcheck=0
# 清华源
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ee.repo
[gitlab-ee]
name=Gitlab EE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ee/yum/el$releasever/
gpgcheck=0
enabled=1
# 官方源
[root@gitlab ~]# vim /etc/yum.repos.d/runner_gitlab-ci-multi-runner.repo
[runner_gitlab-ci-multi-runner]
name=runner_gitlab-ci-multi-runner
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
[runner_gitlab-ci-multi-runner-source]
name=runner_gitlab-ci-multi-runner-source
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/SRPMS
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
```
### 5. 安装`gitlab`
```bash
[root@gitlab ~]# yum -y install gitlab-ce
```
### 6. 查看`gitlab`版本
```bash
[root@gitlab ~]# head -1 /opt/gitlab/version-manifest.txt
gitlab-ce 17.1.1
```
### 7. `gitlab`配置登录链接
```bash
# 设置登录链接
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb
## GitLab URL
##! URL on which GitLab will be reachable.
##! For more details on configuring external_url see:
##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
##!
##! Note: During installation/upgrades, the value of the environment variable
##! EXTERNAL_URL will be used to populate/replace this value.
##! On AWS EC2 instances, we also attempt to fetch the public hostname/IP
##! address from AWS. For more details, see:
##! https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
external_url 'http://192.168.159.136'
[root@gitlab ~]# grep "^external_url" /etc/gitlab/gitlab.rb
external_url 'http://192.168.159.136'
```
### 8. 初始化`gitlab`
```bash
[root@gitlab ~]# gitlab-ctl reconfigure
```
### 9. 启动`gitlab`服务
```bash
[root@gitlab ~]# gitlab-ctl start
```
## 二Gitlab 使用
### 1. `gitlab`服务管理
```bash
# 启动所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl start
# 停止所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl stop
# 重启所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl restart
# 查看服务状态
[root@cicd-gitlab ~]# gitlab-ctl status
# 初始化服务
[root@cicd-gitlab ~]# gitlab-ctl reconfigure
# 修改默认的配置文件
[root@cicd-gitlab ~]# vim /etc/gitlab/gitlab.rb
# 查看日志
[root@cicd-gitlab ~]# gitlab-ctl tail
```
### 2. 登录`Gitlab`
在浏览器中输入 http://192.16.159.136,然后 change password: 并使用root用户登录 即可 (后续动作根据提示操作)
```bash
# 查看密码
# grep 'Password:' /etc/gitlab/initial_root_password
```
设置中文:
![](accents\image-202504220028.png)
### 3. Gitlab 部署 https 方式
创建私有密钥:
```bash
[root@gitlab ~]# mkdir -p /etc/gitlab/ssl
[root@gitlab ~]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.key" 2048
Generating RSA private key, 2048 bit long modulus
..........+++
....................................................+++
e is 65537 (0x10001)
```
创建私有证书:
```bash
[root@gitlab ~]# openssl req -new -key "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.csr"
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:sh
Locality Name (eg, city) [Default City]:sh
Organization Name (eg, company) [Default Company Ltd]: # 输入空格,然后回车
Organizational Unit Name (eg, section) []: # 输入空格,然后回车
Common Name (eg, your name or your server's hostname) []:gitlab
Email Address []:1497427046@qq.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []: # 直接回车
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 8
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
```
创建CRT签署证书
```bash
[root@gitlab ~]# openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.csr" -signkey "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.crt"
Signature ok
subject=/C=cn/ST=sh/L=sh/O=Default Company Ltd/CN=gitlab/emailAddress=1497427046@qq.com
Getting Private key
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 12
-rw-r--r-- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
```
创建pem证书 利用openssl命令输出pem证书
```bash
[root@gitlab ~]# openssl dhparam -out /etc/gitlab/ssl/dhparam.pem 2048
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
...............................+........................................................................................+..++*++*
```
查看生成的证书:
```bash
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 16
-rw-r--r-- 1 root root 424 4月 23 10:23 dhparam.pem
-rw-r--r-- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
```
更改文件权限:
```bash
[root@gitlab ~]# chmod 600 /etc/gitlab/ssl/*
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 16
-rw------- 1 root root 424 4月 23 10:23 dhparam.pem
-rw------- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw------- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw------- 1 root root 1679 4月 23 10:19 gitlab.key
```
配置 gitlab
```bash
[root@gitlab ~]# cp /etc/gitlab/gitlab.rb{,.bak}
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb
external_url 'https://192.168.159.136'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.key"
ginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparam.pem" # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem
```
初始化gitlab相关服务配置
```bash
[root@gitlab ~]# gitlab-ctl reconfigure
```
重启 gitlab
```bash
[root@gitlab ~]# gitlab-ctl restart
```
### 4. 浏览器登录 gitlab
![](accents\image-202504220029.png)
### 5. Gitlab 添加 SMTP 邮件功能
配置邮件功能:
```bash
[root@gitlab ~]# grep -P "^[^#].*smtp_|user_email|gitlab_email" /etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "15253413025@qq.com"
gitlab_rails['smtp_password'] = "abcdefghijklmnop" # 替换为你的授权码
gitlab_rails['smtp_domain'] = "qq.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = true
gitlab_rails['gitlab_email_from'] = "15253413025@qq.com"
```
停止gitlab服务
```bash
[root@gitlab ~]# gitlab-ctl stop
```
修改配置后需要初始化配置:
```bash
[root@gitlab ~]# gitlab-ctl reconfigure
```
启动服务:
```bash
[root@gitlab ~]# gitlab-ctl start
```
Gitlab 发送邮件测试:
```bash
[root@gitlab ~]# gitlab-rails console
--------------------------------------------------------------------------------
Ruby: ruby 3.1.5p253 (2024-04-023 revision 1945f8dc0e) [x86_64-linux]
GitLab: 17.1.1 (a1c9a43d543) FOSS
GitLab Shell: 14.36.0
PostgreSQL: 14.11
------------------------------------------------------------[ booted in 25.61s ]
Loading production environment (Rails 7.0.8.4)
irb(main):001:0> Notify.test_email('15253413025@163.com', 'Message Subject', 'Message Body').deliver_now
Delivered mail 6808744ba0535_2a952f0896851@gitlab.mail (1308.6ms)
```
邮箱客户端查看邮件:
![](accents\image-202504220030.png)
<h2><center>Gitlab 私有仓库</center></h2>
------
## 一Gitlab 部署
### 1. 资源环境
| 主机名 | IP地址 | 服务 |
| :----: | :-------------: | :------: |
| gitlab | 192.168.159.136 | gitab-ce |
### 2. 环境部署
修改主机名:
```bash
[root@git ~]# hostnamectl set-hostname gitlab
```
关闭防火墙和`selinux`
```bash
[root@gitlab ~]# systemctl stop firewalld
[root@gitlab ~]# systemctl disable firewalld
[root@gitlab ~]# setenforce 0
setenforce: SELinux is disabled
```
开启邮件服务:
```bash
[root@gitlab ~]# systemctl start postfix
[root@gitlab ~]# systemctl enable postfix
```
添加本地解析:
```bash
[root@gitlab ~]# echo "192.168.159.136 gitlab" >> /etc/hosts
```
### 3. 安装`gitlab`依赖包
```bash
[root@gitlab ~]# yum install -y curl openssh-server openssh-clients postfix cronie policycoreutils-python
```
### 4. 添加`gitlab`安装源
```bash
# 阿里源
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=gitlab-ce
baseurl=http://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7
Repo_gpgcheck=0
Enabled=1
gpgcheck=0
# 清华源
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ee.repo
[gitlab-ee]
name=Gitlab EE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ee/yum/el$releasever/
gpgcheck=0
enabled=1
# 官方源
[root@gitlab ~]# vim /etc/yum.repos.d/runner_gitlab-ci-multi-runner.repo
[runner_gitlab-ci-multi-runner]
name=runner_gitlab-ci-multi-runner
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
[runner_gitlab-ci-multi-runner-source]
name=runner_gitlab-ci-multi-runner-source
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/SRPMS
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
```
### 5. 安装`gitlab`
```bash
[root@gitlab ~]# yum -y install gitlab-ce
```
### 6. 查看`gitlab`版本
```bash
[root@gitlab ~]# head -1 /opt/gitlab/version-manifest.txt
gitlab-ce 17.1.1
```
### 7. `gitlab`配置登录链接
```bash
# 设置登录链接
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb
## GitLab URL
##! URL on which GitLab will be reachable.
##! For more details on configuring external_url see:
##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
##!
##! Note: During installation/upgrades, the value of the environment variable
##! EXTERNAL_URL will be used to populate/replace this value.
##! On AWS EC2 instances, we also attempt to fetch the public hostname/IP
##! address from AWS. For more details, see:
##! https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
external_url 'http://192.168.159.136'
[root@gitlab ~]# grep "^external_url" /etc/gitlab/gitlab.rb
external_url 'http://192.168.159.136'
```
### 8. 初始化`gitlab`
```bash
[root@gitlab ~]# gitlab-ctl reconfigure
```
### 9. 启动`gitlab`服务
```bash
[root@gitlab ~]# gitlab-ctl start
```
## 二Gitlab 使用
### 1. `gitlab`服务管理
```bash
# 启动所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl start
# 停止所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl stop
# 重启所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl restart
# 查看服务状态
[root@cicd-gitlab ~]# gitlab-ctl status
# 初始化服务
[root@cicd-gitlab ~]# gitlab-ctl reconfigure
# 修改默认的配置文件
[root@cicd-gitlab ~]# vim /etc/gitlab/gitlab.rb
# 查看日志
[root@cicd-gitlab ~]# gitlab-ctl tail
```
### 2. 登录`Gitlab`
在浏览器中输入 http://192.16.159.136,然后 change password: 并使用root用户登录 即可 (后续动作根据提示操作)
```bash
# 查看密码
# grep 'Password:' /etc/gitlab/initial_root_password
```
设置中文:
![](http://182.92.143.66:40072/directlink/img/CI-CD/image-202504220028.png)
### 3. Gitlab 部署 https 方式
创建私有密钥:
```bash
[root@gitlab ~]# mkdir -p /etc/gitlab/ssl
[root@gitlab ~]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.key" 2048
Generating RSA private key, 2048 bit long modulus
..........+++
....................................................+++
e is 65537 (0x10001)
```
创建私有证书:
```bash
[root@gitlab ~]# openssl req -new -key "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.csr"
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:sh
Locality Name (eg, city) [Default City]:sh
Organization Name (eg, company) [Default Company Ltd]: # 输入空格,然后回车
Organizational Unit Name (eg, section) []: # 输入空格,然后回车
Common Name (eg, your name or your server's hostname) []:gitlab
Email Address []:1497427046@qq.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []: # 直接回车
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 8
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
```
创建CRT签署证书
```bash
[root@gitlab ~]# openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.csr" -signkey "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.crt"
Signature ok
subject=/C=cn/ST=sh/L=sh/O=Default Company Ltd/CN=gitlab/emailAddress=1497427046@qq.com
Getting Private key
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 12
-rw-r--r-- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
```
创建pem证书 利用openssl命令输出pem证书
```bash
[root@gitlab ~]# openssl dhparam -out /etc/gitlab/ssl/dhparam.pem 2048
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
...............................+........................................................................................+..++*++*
```
查看生成的证书:
```bash
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 16
-rw-r--r-- 1 root root 424 4月 23 10:23 dhparam.pem
-rw-r--r-- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
```
更改文件权限:
```bash
[root@gitlab ~]# chmod 600 /etc/gitlab/ssl/*
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 16
-rw------- 1 root root 424 4月 23 10:23 dhparam.pem
-rw------- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw------- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw------- 1 root root 1679 4月 23 10:19 gitlab.key
```
配置 gitlab
```bash
[root@gitlab ~]# cp /etc/gitlab/gitlab.rb{,.bak}
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb
external_url 'https://192.168.159.136'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.key"
ginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparam.pem" # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem
```
初始化gitlab相关服务配置
```bash
[root@gitlab ~]# gitlab-ctl reconfigure
```
重启 gitlab
```bash
[root@gitlab ~]# gitlab-ctl restart
```
### 4. 浏览器登录 gitlab
![](http://182.92.143.66:40072/directlink/img/CI-CD/image-202504220029.png)
### 5. Gitlab 添加 SMTP 邮件功能
配置邮件功能:
```bash
[root@gitlab ~]# grep -P "^[^#].*smtp_|user_email|gitlab_email" /etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "15253413025@qq.com"
gitlab_rails['smtp_password'] = "abcdefghijklmnop" # 替换为你的授权码
gitlab_rails['smtp_domain'] = "qq.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = true
gitlab_rails['gitlab_email_from'] = "15253413025@qq.com"
```
停止gitlab服务
```bash
[root@gitlab ~]# gitlab-ctl stop
```
修改配置后需要初始化配置:
```bash
[root@gitlab ~]# gitlab-ctl reconfigure
```
启动服务:
```bash
[root@gitlab ~]# gitlab-ctl start
```
Gitlab 发送邮件测试:
```bash
[root@gitlab ~]# gitlab-rails console
--------------------------------------------------------------------------------
Ruby: ruby 3.1.5p253 (2024-04-023 revision 1945f8dc0e) [x86_64-linux]
GitLab: 17.1.1 (a1c9a43d543) FOSS
GitLab Shell: 14.36.0
PostgreSQL: 14.11
------------------------------------------------------------[ booted in 25.61s ]
Loading production environment (Rails 7.0.8.4)
irb(main):001:0> Notify.test_email('15253413025@163.com', 'Message Subject', 'Message Body').deliver_now
Delivered mail 6808744ba0535_2a952f0896851@gitlab.mail (1308.6ms)
```
邮箱客户端查看邮件:
![](http://182.92.143.66:40072/directlink/img/CI-CD/image-202504220030.png)