<h2><center>Gitlab 私有仓库</center></h2>

------

## 一：Gitlab 部署

### 1. 资源环境

| 主机名 |     IP地址      |   服务   |
| :----: | :-------------: | :------: |
| gitlab | 192.168.159.136 | gitab-ce |

### 2. 环境部署

修改主机名：

```bash
[root@git ~]# hostnamectl set-hostname gitlab
```

关闭防火墙和`selinux`

```bash
[root@gitlab ~]# systemctl stop firewalld
[root@gitlab ~]# systemctl disable firewalld
[root@gitlab ~]# setenforce 0
setenforce: SELinux is disabled
```

开启邮件服务：

```bash
[root@gitlab ~]# systemctl start postfix
[root@gitlab ~]# systemctl enable postfix
```

添加本地解析：

```bash
[root@gitlab ~]# echo "192.168.159.136 gitlab" >> /etc/hosts
```

### 3. 安装`gitlab`依赖包

```bash
[root@gitlab ~]# yum install -y curl openssh-server openssh-clients postfix cronie policycoreutils-python
```

### 4. 添加`gitlab`安装源

```bash
# 阿里源
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=gitlab-ce
baseurl=http://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7
Repo_gpgcheck=0
Enabled=1
gpgcheck=0

# 清华源
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1

[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ee.repo
[gitlab-ee]
name=Gitlab EE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ee/yum/el$releasever/
gpgcheck=0
enabled=1

# 官方源
[root@gitlab ~]# vim /etc/yum.repos.d/runner_gitlab-ci-multi-runner.repo
[runner_gitlab-ci-multi-runner]
name=runner_gitlab-ci-multi-runner
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

[runner_gitlab-ci-multi-runner-source]
name=runner_gitlab-ci-multi-runner-source
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/SRPMS
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
```

### 5. 安装`gitlab`

```bash
[root@gitlab ~]# yum -y install gitlab-ce
```

### 6. 查看`gitlab`版本

```bash
[root@gitlab ~]# head -1 /opt/gitlab/version-manifest.txt
gitlab-ce 17.1.1
```

### 7. `gitlab`配置登录链接

```bash
# 设置登录链接
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb 
## GitLab URL
##! URL on which GitLab will be reachable.
##! For more details on configuring external_url see:
##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
##!
##! Note: During installation/upgrades, the value of the environment variable
##! EXTERNAL_URL will be used to populate/replace this value.
##! On AWS EC2 instances, we also attempt to fetch the public hostname/IP
##! address from AWS. For more details, see:
##! https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
external_url 'http://192.168.159.136'

[root@gitlab ~]# grep "^external_url" /etc/gitlab/gitlab.rb
external_url 'http://192.168.159.136'
```

### 8. 初始化`gitlab`

```bash
[root@gitlab ~]# gitlab-ctl reconfigure
```

### 9. 启动`gitlab`服务

```bash
[root@gitlab ~]# gitlab-ctl start
```

## 二：Gitlab 使用

### 1. `gitlab`服务管理

```bash
# 启动所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl start

# 停止所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl stop

# 重启所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl restart

# 查看服务状态
[root@cicd-gitlab ~]# gitlab-ctl status

# 初始化服务
[root@cicd-gitlab ~]# gitlab-ctl reconfigure

# 修改默认的配置文件
[root@cicd-gitlab ~]# vim /etc/gitlab/gitlab.rb

# 查看日志
[root@cicd-gitlab ~]# gitlab-ctl tail
```

### 2. 登录`Gitlab`

在浏览器中输入 http://192.16.159.136，然后 change password:  ，并使用root用户登录 即可 (后续动作根据提示操作)

```bash
# 查看密码
# grep 'Password:' /etc/gitlab/initial_root_password
```

设置中文：

![](http://182.92.143.66:40072/directlink/img/CI-CD/image-202504220028.png)

### 3. Gitlab 部署 https 方式

创建私有密钥：

```bash
[root@gitlab ~]# mkdir -p /etc/gitlab/ssl
[root@gitlab ~]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.key" 2048
Generating RSA private key, 2048 bit long modulus
..........+++
....................................................+++
e is 65537 (0x10001)
```

创建私有证书：

```bash
[root@gitlab ~]# openssl req -new -key "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.csr"
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:sh
Locality Name (eg, city) [Default City]:sh
Organization Name (eg, company) [Default Company Ltd]:   # 输入空格，然后回车
Organizational Unit Name (eg, section) []:  # 输入空格，然后回车
Common Name (eg, your name or your server's hostname) []:gitlab     
Email Address []:1497427046@qq.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []:   # 直接回车
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 8
-rw-r--r-- 1 root root 1058 4月  23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月  23 10:19 gitlab.key
```

创建CRT签署证书：

```bash
[root@gitlab ~]# openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.csr" -signkey "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.crt"
Signature ok
subject=/C=cn/ST=sh/L=sh/O=Default Company Ltd/CN=gitlab/emailAddress=1497427046@qq.com
Getting Private key
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 12
-rw-r--r-- 1 root root 1249 4月  23 10:23 gitlab.crt
-rw-r--r-- 1 root root 1058 4月  23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月  23 10:19 gitlab.key
```

创建pem证书： 利用openssl命令输出pem证书

```bash
[root@gitlab ~]# openssl dhparam -out /etc/gitlab/ssl/dhparam.pem 2048
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
...............................+........................................................................................+..++*++*
```

查看生成的证书：

```bash
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 16
-rw-r--r-- 1 root root  424 4月  23 10:23 dhparam.pem
-rw-r--r-- 1 root root 1249 4月  23 10:23 gitlab.crt
-rw-r--r-- 1 root root 1058 4月  23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月  23 10:19 gitlab.key
```

更改文件权限：

```bash
[root@gitlab ~]# chmod 600 /etc/gitlab/ssl/*
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 16
-rw------- 1 root root  424 4月  23 10:23 dhparam.pem
-rw------- 1 root root 1249 4月  23 10:23 gitlab.crt
-rw------- 1 root root 1058 4月  23 10:21 gitlab.csr
-rw------- 1 root root 1679 4月  23 10:19 gitlab.key
```

配置 gitlab：

```bash
[root@gitlab ~]# cp /etc/gitlab/gitlab.rb{,.bak}
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb
external_url 'https://192.168.159.136'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.key"
ginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparam.pem" # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem
```

初始化gitlab相关服务配置：

```bash
[root@gitlab ~]# gitlab-ctl reconfigure
```

重启 gitlab：

```bash
[root@gitlab ~]# gitlab-ctl restart
```

### 4. 浏览器登录 gitlab

![](http://182.92.143.66:40072/directlink/img/CI-CD/image-202504220029.png)

### 5. Gitlab 添加 SMTP 邮件功能

配置邮件功能：

```bash
[root@gitlab ~]# grep -P "^[^#].*smtp_|user_email|gitlab_email" /etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "15253413025@qq.com"
gitlab_rails['smtp_password'] = "abcdefghijklmnop"  # 替换为你的授权码
gitlab_rails['smtp_domain'] = "qq.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = true
gitlab_rails['gitlab_email_from'] = "15253413025@qq.com"
```

停止gitlab服务：

```bash
[root@gitlab ~]# gitlab-ctl stop
```

修改配置后需要初始化配置：

```bash
[root@gitlab ~]# gitlab-ctl reconfigure
```

启动服务：

```bash
[root@gitlab ~]# gitlab-ctl start
```

Gitlab 发送邮件测试：

```bash
[root@gitlab ~]# gitlab-rails console
--------------------------------------------------------------------------------
 Ruby:         ruby 3.1.5p253 (2024-04-023 revision 1945f8dc0e) [x86_64-linux]
 GitLab:       17.1.1 (a1c9a43d543) FOSS
 GitLab Shell: 14.36.0
 PostgreSQL:   14.11
------------------------------------------------------------[ booted in 25.61s ]
Loading production environment (Rails 7.0.8.4)
irb(main):001:0> Notify.test_email('15253413025@163.com', 'Message Subject', 'Message Body').deliver_now
Delivered mail 6808744ba0535_2a952f0896851@gitlab.mail (1308.6ms)
```

邮箱客户端查看邮件：

![](http://182.92.143.66:40072/directlink/img/CI-CD/image-202504220030.png)