9.6 KiB
9.6 KiB
Gitlab 私有仓库
一:Gitlab 部署
1. 资源环境
| 主机名 | IP地址 | 服务 |
|---|---|---|
| gitlab | 192.168.159.136 | gitab-ce |
2. 环境部署
修改主机名:
[root@git ~]# hostnamectl set-hostname gitlab
关闭防火墙和selinux
[root@gitlab ~]# systemctl stop firewalld
[root@gitlab ~]# systemctl disable firewalld
[root@gitlab ~]# setenforce 0
setenforce: SELinux is disabled
开启邮件服务:
[root@gitlab ~]# systemctl start postfix
[root@gitlab ~]# systemctl enable postfix
添加本地解析:
[root@gitlab ~]# echo "192.168.159.136 gitlab" >> /etc/hosts
3. 安装gitlab依赖包
[root@gitlab ~]# yum install -y curl openssh-server openssh-clients postfix cronie policycoreutils-python
4. 添加gitlab安装源
# 阿里源
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=gitlab-ce
baseurl=http://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7
Repo_gpgcheck=0
Enabled=1
gpgcheck=0
# 清华源
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1
[root@gitlab ~]# vim /etc/yum.repos.d/gitlab-ee.repo
[gitlab-ee]
name=Gitlab EE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ee/yum/el$releasever/
gpgcheck=0
enabled=1
# 官方源
[root@gitlab ~]# vim /etc/yum.repos.d/runner_gitlab-ci-multi-runner.repo
[runner_gitlab-ci-multi-runner]
name=runner_gitlab-ci-multi-runner
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
[runner_gitlab-ci-multi-runner-source]
name=runner_gitlab-ci-multi-runner-source
baseurl=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/el/7/SRPMS
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packages.gitlab.com/runner/gitlab-ci-multi-runner/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
5. 安装gitlab
[root@gitlab ~]# yum -y install gitlab-ce
6. 查看gitlab版本
[root@gitlab ~]# head -1 /opt/gitlab/version-manifest.txt
gitlab-ce 17.1.1
7. gitlab配置登录链接
# 设置登录链接
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb
## GitLab URL
##! URL on which GitLab will be reachable.
##! For more details on configuring external_url see:
##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
##!
##! Note: During installation/upgrades, the value of the environment variable
##! EXTERNAL_URL will be used to populate/replace this value.
##! On AWS EC2 instances, we also attempt to fetch the public hostname/IP
##! address from AWS. For more details, see:
##! https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
external_url 'http://192.168.159.136'
[root@gitlab ~]# grep "^external_url" /etc/gitlab/gitlab.rb
external_url 'http://192.168.159.136'
8. 初始化gitlab
[root@gitlab ~]# gitlab-ctl reconfigure
9. 启动gitlab服务
[root@gitlab ~]# gitlab-ctl start
二:Gitlab 使用
1. gitlab服务管理
# 启动所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl start
# 停止所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl stop
# 重启所有 gitlab 组件
[root@cicd-gitlab ~]# gitlab-ctl restart
# 查看服务状态
[root@cicd-gitlab ~]# gitlab-ctl status
# 初始化服务
[root@cicd-gitlab ~]# gitlab-ctl reconfigure
# 修改默认的配置文件
[root@cicd-gitlab ~]# vim /etc/gitlab/gitlab.rb
# 查看日志
[root@cicd-gitlab ~]# gitlab-ctl tail
2. 登录Gitlab
在浏览器中输入 http://192.16.159.136,然后 change password: ,并使用root用户登录 即可 (后续动作根据提示操作)
# 查看密码
# grep 'Password:' /etc/gitlab/initial_root_password
设置中文:
3. Gitlab 部署 https 方式
创建私有密钥:
[root@gitlab ~]# mkdir -p /etc/gitlab/ssl
[root@gitlab ~]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.key" 2048
Generating RSA private key, 2048 bit long modulus
..........+++
....................................................+++
e is 65537 (0x10001)
创建私有证书:
[root@gitlab ~]# openssl req -new -key "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.csr"
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:sh
Locality Name (eg, city) [Default City]:sh
Organization Name (eg, company) [Default Company Ltd]: # 输入空格,然后回车
Organizational Unit Name (eg, section) []: # 输入空格,然后回车
Common Name (eg, your name or your server's hostname) []:gitlab
Email Address []:1497427046@qq.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []: # 直接回车
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 8
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
创建CRT签署证书:
[root@gitlab ~]# openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.csr" -signkey "/etc/gitlab/ssl/gitlab.key" -out "/etc/gitlab/ssl/gitlab.crt"
Signature ok
subject=/C=cn/ST=sh/L=sh/O=Default Company Ltd/CN=gitlab/emailAddress=1497427046@qq.com
Getting Private key
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 12
-rw-r--r-- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
创建pem证书: 利用openssl命令输出pem证书
[root@gitlab ~]# openssl dhparam -out /etc/gitlab/ssl/dhparam.pem 2048
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
...............................+........................................................................................+..++*++*
查看生成的证书:
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 16
-rw-r--r-- 1 root root 424 4月 23 10:23 dhparam.pem
-rw-r--r-- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw-r--r-- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw-r--r-- 1 root root 1679 4月 23 10:19 gitlab.key
更改文件权限:
[root@gitlab ~]# chmod 600 /etc/gitlab/ssl/*
[root@gitlab ~]# ll /etc/gitlab/ssl/
总用量 16
-rw------- 1 root root 424 4月 23 10:23 dhparam.pem
-rw------- 1 root root 1249 4月 23 10:23 gitlab.crt
-rw------- 1 root root 1058 4月 23 10:21 gitlab.csr
-rw------- 1 root root 1679 4月 23 10:19 gitlab.key
配置 gitlab:
[root@gitlab ~]# cp /etc/gitlab/gitlab.rb{,.bak}
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb
external_url 'https://192.168.159.136'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.key"
ginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparam.pem" # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem
初始化gitlab相关服务配置:
[root@gitlab ~]# gitlab-ctl reconfigure
重启 gitlab:
[root@gitlab ~]# gitlab-ctl restart
4. 浏览器登录 gitlab
5. Gitlab 添加 SMTP 邮件功能
配置邮件功能:
[root@gitlab ~]# grep -P "^[^#].*smtp_|user_email|gitlab_email" /etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "15253413025@qq.com"
gitlab_rails['smtp_password'] = "abcdefghijklmnop" # 替换为你的授权码
gitlab_rails['smtp_domain'] = "qq.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = true
gitlab_rails['gitlab_email_from'] = "15253413025@qq.com"
停止gitlab服务:
[root@gitlab ~]# gitlab-ctl stop
修改配置后需要初始化配置:
[root@gitlab ~]# gitlab-ctl reconfigure
启动服务:
[root@gitlab ~]# gitlab-ctl start
Gitlab 发送邮件测试:
[root@gitlab ~]# gitlab-rails console
--------------------------------------------------------------------------------
Ruby: ruby 3.1.5p253 (2024-04-023 revision 1945f8dc0e) [x86_64-linux]
GitLab: 17.1.1 (a1c9a43d543) FOSS
GitLab Shell: 14.36.0
PostgreSQL: 14.11
------------------------------------------------------------[ booted in 25.61s ]
Loading production environment (Rails 7.0.8.4)
irb(main):001:0> Notify.test_email('15253413025@163.com', 'Message Subject', 'Message Body').deliver_now
Delivered mail 6808744ba0535_2a952f0896851@gitlab.mail (1308.6ms)
邮箱客户端查看邮件:
