wxin/CI-CD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

更新 Gitlab-私有仓库.md

Browse Source
This commit is contained in:
wxin 2025-04-23 13:10:20 +08:00
parent eeb661f1d4
commit e8fbbb372f
1 changed files with 356 additions and 356 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

712
Gitlab-私有仓库.md
View File

@ -1,356 +1,356 @@
<h2><center>Gitlab 私有仓库</center></h2> <h2><center>Gitlab 私有仓库</center></h2>
------ ------
## 一Gitlab 部署 ## 一Gitlab 部署
### 1. 资源环境 ### 1. 资源环境
| 主机名 | IP地址 | 服务 | | 主机名 | IP地址 | 服务 |
| :----: | :-------------: | :------: | | :----: | :-------------: | :------: |
| gitlab | 192.168.159.136 | gitab-ce | | gitlab | 192.168.159.136 | gitab-ce |
### 2. 环境部署 ### 2. 环境部署
修改主机名: 修改主机名:
```bash ```bash
[root@git ~]# hostnamectl set-hostname gitlab [root@git ~]# hostnamectl set-hostname gitlab
``` ```
关闭防火墙和`selinux` 关闭防火墙和`selinux`
```bash ```bash
[root@gitlab ~]# systemctl stop firewalld [root@gitlab ~]# systemctl stop firewalld
[root@gitlab ~]# systemctl disable firewalld [root@gitlab ~]# systemctl disable firewalld
[root@gitlab ~]# setenforce 0 [root@gitlab ~]# setenforce 0
setenforce: SELinux is disabled setenforce: SELinux is disabled
``` ```
开启邮件服务: 开启邮件服务:
```bash ```bash
[root@gitlab ~]# systemctl start postfix [root@gitlab ~]# systemctl start postfix
[root@gitlab ~]# systemctl enable postfix [root@gitlab ~]# systemctl enable postfix
``` ```
添加本地解析: 添加本地解析:
```bash ```bash
[root@gitlab ~]# echo "192.168.159.136 gitlab" >> /etc/hosts [root@gitlab ~]# echo "192.168.159.136 gitlab" >> /etc/hosts
``` ```
### 3. 安装`gitlab`依赖包 ### 3. 安装`gitlab`依赖包
```bash ```bash
[root@gitlab ~]# yum install -y curl openssh-server openssh-clients postfix cronie policycoreutils-python [root@gitlab ~]# yum install -y curl openssh-server openssh-clients postfix cronie policycoreutils-python
``` ```
### 4. 添加`gitlab`安装源 ### 4. 添加`gitlab`安装源
```bash ```bash
# 阿里源 # 阿里源
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo [root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce] [gitlab-ce]
name=gitlab-ce name=gitlab-ce
baseurl=http://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7 baseurl=http://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7
Repo_gpgcheck=0 Repo_gpgcheck=0
Enabled=1 Enabled=1
gpgcheck=0 gpgcheck=0
# 清华源 # 清华源
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo [root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce] [gitlab-ce]
name=Gitlab CE Repository name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/ baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0 gpgcheck=0
enabled=1 enabled=1
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ee.repo [root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ee.repo
[gitlab-ee] [gitlab-ee]
name=Gitlab EE Repository name=Gitlab EE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ee/yum/el$releasever/ baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ee/yum/el$releasever/
gpgcheck=0 gpgcheck=0
enabled=1 enabled=1
# 官方源 # 官方源
[root@gitlab ~]# vim /etc/yum.repos.d/runner_gitlab-ci-multi-runner.repo [root@gitlab ~]# vim /etc/yum.repos.d/runner_gitlab-ci-multi-runner.repo
[runner_gitlab-ci-multi-runner] [runner_gitlab-ci-multi-runner]
name=runner_gitlab-ci-multi-runner name=runner_gitlab-ci-multi-runner
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/$basearch baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/$basearch
repo_gpgcheck=1 repo_gpgcheck=1
gpgcheck=0 gpgcheck=0
enabled=1 enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1 sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300 metadata_expire=300
[runner_gitlab-ci-multi-runner-source] [runner_gitlab-ci-multi-runner-source]
name=runner_gitlab-ci-multi-runner-source name=runner_gitlab-ci-multi-runner-source
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/SRPMS baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/SRPMS
repo_gpgcheck=1 repo_gpgcheck=1
gpgcheck=0 gpgcheck=0
enabled=1 enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1 sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300 metadata_expire=300
``` ```
### 5. 安装`gitlab` ### 5. 安装`gitlab`
```bash ```bash
[root@gitlab ~]# yum -y install gitlab-ce [root@gitlab ~]# yum -y install gitlab-ce
``` ```
### 6. 查看`gitlab`版本 ### 6. 查看`gitlab`版本
```bash ```bash
[root@gitlab ~]# head -1 /opt/gitlab/version-manifest.txt [root@gitlab ~]# head -1 /opt/gitlab/version-manifest.txt
gitlab-ce 17.1.1 gitlab-ce 17.1.1
``` ```
### 7. `gitlab`配置登录链接 ### 7. `gitlab`配置登录链接
```bash ```bash
# 设置登录链接 # 设置登录链接
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb [root@gitlab ~]# vim /etc/gitlab/gitlab.rb
## GitLab URL ## GitLab URL
##! URL on which GitLab will be reachable. ##! URL on which GitLab will be reachable.
##! For more details on configuring external_url see: ##! For more details on configuring external_url see:
##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab ##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
##! ##!
##! Note: During installation/upgrades, the value of the environment variable ##! Note: During installation/upgrades, the value of the environment variable
##! EXTERNAL_URL will be used to populate/replace this value. ##! EXTERNAL_URL will be used to populate/replace this value.
##! On AWS EC2 instances, we also attempt to fetch the public hostname/IP ##! On AWS EC2 instances, we also attempt to fetch the public hostname/IP
##! address from AWS. For more details, see: ##! address from AWS. For more details, see:
##! https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html ##! https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
external_url 'http://192.168.159.136' external_url 'http://192.168.159.136'
[root@gitlab ~]# grep "^external_url" /etc/gitlab/gitlab.rb [root@gitlab ~]# grep "^external_url" /etc/gitlab/gitlab.rb
external_url 'http://192.168.159.136' external_url 'http://192.168.159.136'
``` ```
### 8. 初始化`gitlab` ### 8. 初始化`gitlab`
```bash ```bash
[root@gitlab ~]# gitlab-ctl reconfigure [root@gitlab ~]# gitlab-ctl reconfigure
``` ```
### 9. 启动`gitlab`服务 ### 9. 启动`gitlab`服务
```bash ```bash
[root@gitlab ~]# gitlab-ctl start [root@gitlab ~]# gitlab-ctl start
``` ```
## 二Gitlab 使用 ## 二Gitlab 使用
### 1. `gitlab`服务管理 ### 1. `gitlab`服务管理
```bash ```bash
# 启动所有 gitlab 组件 # 启动所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl start [root@cicd-gitlab ~]# gitlab-ctl start
# 停止所有 gitlab 组件 # 停止所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl stop [root@cicd-gitlab ~]# gitlab-ctl stop
# 重启所有 gitlab 组件 # 重启所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl restart [root@cicd-gitlab ~]# gitlab-ctl restart
# 查看服务状态 # 查看服务状态
[root@cicd-gitlab ~]# gitlab-ctl status [root@cicd-gitlab ~]# gitlab-ctl status
# 初始化服务 # 初始化服务
[root@cicd-gitlab ~]# gitlab-ctl reconfigure [root@cicd-gitlab ~]# gitlab-ctl reconfigure
# 修改默认的配置文件 # 修改默认的配置文件
[root@cicd-gitlab ~]# vim /etc/gitlab/gitlab.rb [root@cicd-gitlab ~]# vim /etc/gitlab/gitlab.rb
# 查看日志 # 查看日志
[root@cicd-gitlab ~]# gitlab-ctl tail [root@cicd-gitlab ~]# gitlab-ctl tail
``` ```
### 2. 登录`Gitlab` ### 2. 登录`Gitlab`
在浏览器中输入 http://192.16.159.136,然后 change password: 并使用root用户登录 即可 (后续动作根据提示操作) 在浏览器中输入 http://192.16.159.136,然后 change password: 并使用root用户登录 即可 (后续动作根据提示操作)
```bash ```bash
# 查看密码 # 查看密码
# grep 'Password:' /etc/gitlab/initial_root_password # grep 'Password:' /etc/gitlab/initial_root_password
``` ```
设置中文: 设置中文:
![](accents\image-202504220028.png) ![](http://182.92.143.66:40072/directlink/img/CI-CD/image-202504220028.png)
### 3. Gitlab 部署 https 方式 ### 3. Gitlab 部署 https 方式
创建私有密钥: 创建私有密钥:
```bash ```bash
[root@gitlab ~]# mkdir -p /etc/gitlab/ssl [root@gitlab ~]# mkdir -p /etc/gitlab/ssl
[root@gitlab ~]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.key" 2048 [root@gitlab ~]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.key" 2048
Generating RSA private key, 2048 bit long modulus Generating RSA private key, 2048 bit long modulus
..........+++ ..........+++
....................................................+++ ....................................................+++
e is 65537 (0x10001) e is 65537 (0x10001)
``` ```
创建私有证书: 创建私有证书:
```bash ```bash
[root@gitlab ~]# openssl req -new -key "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.csr" [root@gitlab ~]# openssl req -new -key "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.csr"
You are about to be asked to enter information that will be incorporated You are about to be asked to enter information that will be incorporated
into your certificate request. into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN. What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank There are quite a few fields but you can leave some blank
For some fields there will be a default value, For some fields there will be a default value,
If you enter '.', the field will be left blank. If you enter '.', the field will be left blank.
----- -----
Country Name (2 letter code) [XX]:cn Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:sh State or Province Name (full name) []:sh
Locality Name (eg, city) [Default City]:sh Locality Name (eg, city) [Default City]:sh
Organization Name (eg, company) [Default Company Ltd]: # 输入空格,然后回车 Organization Name (eg, company) [Default Company Ltd]: # 输入空格,然后回车
Organizational Unit Name (eg, section) []: # 输入空格,然后回车 Organizational Unit Name (eg, section) []: # 输入空格,然后回车
Common Name (eg, your name or your server's hostname) []:gitlab Common Name (eg, your name or your server's hostname) []:gitlab
Email Address []:1497427046@qq.com Email Address []:1497427046@qq.com
Please enter the following 'extra' attributes Please enter the following 'extra' attributes
to be sent with your certificate request to be sent with your certificate request
A challenge password []:123456 A challenge password []:123456
An optional company name []: # 直接回车 An optional company name []: # 直接回车
[root@gitlab ~]# ll /etc/gitlab/ssl/ [root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 8 总用量 8
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr -rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key -rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
``` ```
创建CRT签署证书 创建CRT签署证书
```bash ```bash
[root@gitlab ~]# openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.csr" -signkey "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.crt" [root@gitlab ~]# openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.csr" -signkey "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.crt"
Signature ok Signature ok
subject=/C=cn/ST=sh/L=sh/O=Default Company Ltd/CN=gitlab/emailAddress=1497427046@qq.com subject=/C=cn/ST=sh/L=sh/O=Default Company Ltd/CN=gitlab/emailAddress=1497427046@qq.com
Getting Private key Getting Private key
[root@gitlab ~]# ll /etc/gitlab/ssl/ [root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 12 总用量 12
-rw-r--r-- 1 root root 1249 4月 23 10:23 gitlab.crt -rw-r--r-- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr -rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key -rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
``` ```
创建pem证书 利用openssl命令输出pem证书 创建pem证书 利用openssl命令输出pem证书
```bash ```bash
[root@gitlab ~]# openssl dhparam -out /etc/gitlab/ssl/dhparam.pem 2048 [root@gitlab ~]# openssl dhparam -out /etc/gitlab/ssl/dhparam.pem 2048
Generating DH parameters, 2048 bit long safe prime, generator 2 Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time This is going to take a long time
...............................+........................................................................................+..++*++* ...............................+........................................................................................+..++*++*
``` ```
查看生成的证书: 查看生成的证书:
```bash ```bash
[root@gitlab ~]# ll /etc/gitlab/ssl/ [root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 16 总用量 16
-rw-r--r-- 1 root root 424 4月 23 10:23 dhparam.pem -rw-r--r-- 1 root root 424 4月 23 10:23 dhparam.pem
-rw-r--r-- 1 root root 1249 4月 23 10:23 gitlab.crt -rw-r--r-- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr -rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key -rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
``` ```
更改文件权限: 更改文件权限:
```bash ```bash
[root@gitlab ~]# chmod 600 /etc/gitlab/ssl/* [root@gitlab ~]# chmod 600 /etc/gitlab/ssl/*
[root@gitlab ~]# ll /etc/gitlab/ssl/ [root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 16 总用量 16
-rw------- 1 root root 424 4月 23 10:23 dhparam.pem -rw------- 1 root root 424 4月 23 10:23 dhparam.pem
-rw------- 1 root root 1249 4月 23 10:23 gitlab.crt -rw------- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw------- 1 root root 1058 4月 23 10:21 gitlab.csr -rw------- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw------- 1 root root 1679 4月 23 10:19 gitlab.key -rw------- 1 root root 1679 4月 23 10:19 gitlab.key
``` ```
配置 gitlab 配置 gitlab
```bash ```bash
[root@gitlab ~]# cp /etc/gitlab/gitlab.rb{,.bak} [root@gitlab ~]# cp /etc/gitlab/gitlab.rb{,.bak}
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb [root@gitlab ~]# vim /etc/gitlab/gitlab.rb
external_url 'https://192.168.159.136' external_url 'https://192.168.159.136'
nginx['redirect_http_to_https'] = true nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.crt" nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.key" nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.key"
ginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparam.pem" # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem ginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparam.pem" # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem
``` ```
初始化gitlab相关服务配置 初始化gitlab相关服务配置
```bash ```bash
[root@gitlab ~]# gitlab-ctl reconfigure [root@gitlab ~]# gitlab-ctl reconfigure
``` ```
重启 gitlab 重启 gitlab
```bash ```bash
[root@gitlab ~]# gitlab-ctl restart [root@gitlab ~]# gitlab-ctl restart
``` ```
### 4. 浏览器登录 gitlab ### 4. 浏览器登录 gitlab
![](accents\image-202504220029.png) ![](http://182.92.143.66:40072/directlink/img/CI-CD/image-202504220029.png)
### 5. Gitlab 添加 SMTP 邮件功能 ### 5. Gitlab 添加 SMTP 邮件功能
配置邮件功能: 配置邮件功能:
```bash ```bash
[root@gitlab ~]# grep -P "^[^#].*smtp_|user_email|gitlab_email" /etc/gitlab/gitlab.rb [root@gitlab ~]# grep -P "^[^#].*smtp_|user_email|gitlab_email" /etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com" gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465 gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "15253413025@qq.com" gitlab_rails['smtp_user_name'] = "15253413025@qq.com"
gitlab_rails['smtp_password'] = "abcdefghijklmnop" # 替换为你的授权码 gitlab_rails['smtp_password'] = "abcdefghijklmnop" # 替换为你的授权码
gitlab_rails['smtp_domain'] = "qq.com" gitlab_rails['smtp_domain'] = "qq.com"
gitlab_rails['smtp_authentication'] = "login" gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = true gitlab_rails['smtp_tls'] = true
gitlab_rails['gitlab_email_from'] = "15253413025@qq.com" gitlab_rails['gitlab_email_from'] = "15253413025@qq.com"
``` ```
停止gitlab服务 停止gitlab服务
```bash ```bash
[root@gitlab ~]# gitlab-ctl stop [root@gitlab ~]# gitlab-ctl stop
``` ```
修改配置后需要初始化配置: 修改配置后需要初始化配置:
```bash ```bash
[root@gitlab ~]# gitlab-ctl reconfigure [root@gitlab ~]# gitlab-ctl reconfigure
``` ```
启动服务: 启动服务:
```bash ```bash
[root@gitlab ~]# gitlab-ctl start [root@gitlab ~]# gitlab-ctl start
``` ```
Gitlab 发送邮件测试: Gitlab 发送邮件测试:
```bash ```bash
[root@gitlab ~]# gitlab-rails console [root@gitlab ~]# gitlab-rails console
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
Ruby: ruby 3.1.5p253 (2024-04-023 revision 1945f8dc0e) [x86_64-linux] Ruby: ruby 3.1.5p253 (2024-04-023 revision 1945f8dc0e) [x86_64-linux]
GitLab: 17.1.1 (a1c9a43d543) FOSS GitLab: 17.1.1 (a1c9a43d543) FOSS
GitLab Shell: 14.36.0 GitLab Shell: 14.36.0
PostgreSQL: 14.11 PostgreSQL: 14.11
------------------------------------------------------------[ booted in 25.61s ] ------------------------------------------------------------[ booted in 25.61s ]
Loading production environment (Rails 7.0.8.4) Loading production environment (Rails 7.0.8.4)
irb(main):001:0> Notify.test_email('15253413025@163.com', 'Message Subject', 'Message Body').deliver_now irb(main):001:0> Notify.test_email('15253413025@163.com', 'Message Subject', 'Message Body').deliver_now
Delivered mail 6808744ba0535_2a952f0896851@gitlab.mail (1308.6ms) Delivered mail 6808744ba0535_2a952f0896851@gitlab.mail (1308.6ms)
``` ```
邮箱客户端查看邮件: 邮箱客户端查看邮件:
![](accents\image-202504220030.png) ![](http://182.92.143.66:40072/directlink/img/CI-CD/image-202504220030.png)