wxin/CI-CD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
CI-CD/Gitlab-私有仓库.md

356 lines
9.4 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<h2><center>Gitlab 私有仓库</center></h2>
------
## 一Gitlab 部署
### 1. 资源环境
| 主机名 | IP地址 | 服务 |
| :----: | :-------------: | :------: |
| gitlab | 192.168.159.136 | gitab-ce |
### 2. 环境部署
修改主机名:
```bash
[root@git ~]# hostnamectl set-hostname gitlab
```
关闭防火墙和`selinux`
```bash
[root@gitlab ~]# systemctl stop firewalld
[root@gitlab ~]# systemctl disable firewalld
[root@gitlab ~]# setenforce 0
setenforce: SELinux is disabled
```
开启邮件服务:
```bash
[root@gitlab ~]# systemctl start postfix
[root@gitlab ~]# systemctl enable postfix
```
添加本地解析:
```bash
[root@gitlab ~]# echo "192.168.159.136 gitlab" >> /etc/hosts
```
### 3. 安装`gitlab`依赖包
```bash
[root@gitlab ~]# yum install -y curl openssh-server openssh-clients postfix cronie policycoreutils-python
```
### 4. 添加`gitlab`安装源
```bash
# 阿里源
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=gitlab-ce
baseurl=http://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7
Repo_gpgcheck=0
Enabled=1
gpgcheck=0
# 清华源
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ee.repo
[gitlab-ee]
name=Gitlab EE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ee/yum/el$releasever/
gpgcheck=0
enabled=1
# 官方源
[root@gitlab ~]# vim /etc/yum.repos.d/runner_gitlab-ci-multi-runner.repo
[runner_gitlab-ci-multi-runner]
name=runner_gitlab-ci-multi-runner
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
[runner_gitlab-ci-multi-runner-source]
name=runner_gitlab-ci-multi-runner-source
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/SRPMS
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
```
### 5. 安装`gitlab`
```bash
[root@gitlab ~]# yum -y install gitlab-ce
```
### 6. 查看`gitlab`版本
```bash
[root@gitlab ~]# head -1 /opt/gitlab/version-manifest.txt
gitlab-ce 17.1.1
```
### 7. `gitlab`配置登录链接
```bash
# 设置登录链接
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb
## GitLab URL
##! URL on which GitLab will be reachable.
##! For more details on configuring external_url see:
##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
##!
##! Note: During installation/upgrades, the value of the environment variable
##! EXTERNAL_URL will be used to populate/replace this value.
##! On AWS EC2 instances, we also attempt to fetch the public hostname/IP
##! address from AWS. For more details, see:
##! https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
external_url 'http://192.168.159.136'
[root@gitlab ~]# grep "^external_url" /etc/gitlab/gitlab.rb
external_url 'http://192.168.159.136'
```
### 8. 初始化`gitlab`
```bash
[root@gitlab ~]# gitlab-ctl reconfigure
```
### 9. 启动`gitlab`服务
```bash
[root@gitlab ~]# gitlab-ctl start
```
## 二Gitlab 使用
### 1. `gitlab`服务管理
```bash
# 启动所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl start
# 停止所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl stop
# 重启所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl restart
# 查看服务状态
[root@cicd-gitlab ~]# gitlab-ctl status
# 初始化服务
[root@cicd-gitlab ~]# gitlab-ctl reconfigure
# 修改默认的配置文件
[root@cicd-gitlab ~]# vim /etc/gitlab/gitlab.rb
# 查看日志
[root@cicd-gitlab ~]# gitlab-ctl tail
```
### 2. 登录`Gitlab`
在浏览器中输入 http://192.16.159.136,然后 change password: 并使用root用户登录 即可 (后续动作根据提示操作)
```bash
# 查看密码
# grep 'Password:' /etc/gitlab/initial_root_password
```
设置中文:
![](http://182.92.143.66:40072/directlink/img/CI-CD/image-202504220028.png)
### 3. Gitlab 部署 https 方式
创建私有密钥:
```bash
[root@gitlab ~]# mkdir -p /etc/gitlab/ssl
[root@gitlab ~]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.key" 2048
Generating RSA private key, 2048 bit long modulus
..........+++
....................................................+++
e is 65537 (0x10001)
```
创建私有证书:
```bash
[root@gitlab ~]# openssl req -new -key "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.csr"
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:sh
Locality Name (eg, city) [Default City]:sh
Organization Name (eg, company) [Default Company Ltd]: # 输入空格,然后回车
Organizational Unit Name (eg, section) []: # 输入空格,然后回车
Common Name (eg, your name or your server's hostname) []:gitlab
Email Address []:1497427046@qq.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []: # 直接回车
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 8
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
```
创建CRT签署证书
```bash
[root@gitlab ~]# openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.csr" -signkey "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.crt"
Signature ok
subject=/C=cn/ST=sh/L=sh/O=Default Company Ltd/CN=gitlab/emailAddress=1497427046@qq.com
Getting Private key
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 12
-rw-r--r-- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
```
创建pem证书 利用openssl命令输出pem证书
```bash
[root@gitlab ~]# openssl dhparam -out /etc/gitlab/ssl/dhparam.pem 2048
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
...............................+........................................................................................+..++*++*
```
查看生成的证书:
```bash
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 16
-rw-r--r-- 1 root root 424 4月 23 10:23 dhparam.pem
-rw-r--r-- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
```
更改文件权限:
```bash
[root@gitlab ~]# chmod 600 /etc/gitlab/ssl/*
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 16
-rw------- 1 root root 424 4月 23 10:23 dhparam.pem
-rw------- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw------- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw------- 1 root root 1679 4月 23 10:19 gitlab.key
```
配置 gitlab
```bash
[root@gitlab ~]# cp /etc/gitlab/gitlab.rb{,.bak}
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb
external_url 'https://192.168.159.136'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.key"
ginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparam.pem" # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem
```
初始化gitlab相关服务配置
```bash
[root@gitlab ~]# gitlab-ctl reconfigure
```
重启 gitlab
```bash
[root@gitlab ~]# gitlab-ctl restart
```
### 4. 浏览器登录 gitlab
![](http://182.92.143.66:40072/directlink/img/CI-CD/image-202504220029.png)
### 5. Gitlab 添加 SMTP 邮件功能
配置邮件功能:
```bash
[root@gitlab ~]# grep -P "^[^#].*smtp_|user_email|gitlab_email" /etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "15253413025@qq.com"
gitlab_rails['smtp_password'] = "abcdefghijklmnop" # 替换为你的授权码
gitlab_rails['smtp_domain'] = "qq.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = true
gitlab_rails['gitlab_email_from'] = "15253413025@qq.com"
```
停止gitlab服务
```bash
[root@gitlab ~]# gitlab-ctl stop
```
修改配置后需要初始化配置:
```bash
[root@gitlab ~]# gitlab-ctl reconfigure
```
启动服务:
```bash
[root@gitlab ~]# gitlab-ctl start
```
Gitlab 发送邮件测试:
```bash
[root@gitlab ~]# gitlab-rails console
--------------------------------------------------------------------------------
Ruby: ruby 3.1.5p253 (2024-04-023 revision 1945f8dc0e) [x86_64-linux]
GitLab: 17.1.1 (a1c9a43d543) FOSS
GitLab Shell: 14.36.0
PostgreSQL: 14.11
------------------------------------------------------------[ booted in 25.61s ]
Loading production environment (Rails 7.0.8.4)
irb(main):001:0> Notify.test_email('15253413025@163.com', 'Message Subject', 'Message Body').deliver_now
Delivered mail 6808744ba0535_2a952f0896851@gitlab.mail (1308.6ms)
```
邮箱客户端查看邮件:
![](http://182.92.143.66:40072/directlink/img/CI-CD/image-202504220030.png)
Reference in New Issue View Git Blame Copy Permalink