gitlab部署

系统版本

text 复制代码
[root@localhost ~]# cat /etc/redhat-release 
Red Hat Enterprise Linux release 9.1 (Plow)

gitlab包位置

https://mirrors.tuna.tsinghua.edu.cn/gitlab-ee/yum/el9/gitlab-ee-16.7.2-ee.0.el9.x86_64.rpm

关闭防火墙

text 复制代码
[root@localhost data]# systemctl stop firewalld
[root@localhost data]# systemctl disable firewalld
[root@localhost data]# getenforce 
Enforcing
[root@localhost data]# setenforce 0
[root@localhost data]# getenforce 
Permissive
[root@localhost data]# vim /etc/selinux/config 
[root@localhost data]# cat /etc/selinux/config |grep -v '#'|grep 'SELINUX='
SELINUX=disabled

安装gitlab

text 复制代码
[root@localhost data]# yum -y install gitlab-ee-16.7.2-ee.0.el9.x86_64.rpm 

许可证生成

ruby安装
text 复制代码
[root@localhost data]# yum -y install ruby.x86_64 
查看ruby版本
text 复制代码
ruby -v
安装gitlab-license
text 复制代码
gem install gitlab-license
创建生成ruby证书的源文件 license.rb
ruby 复制代码
require "openssl"
require "gitlab/license"
 
key_pair = OpenSSL::PKey::RSA.generate(2048)
File.open("license_key", "w") { |f| f.write(key_pair.to_pem) }
 
public_key = key_pair.public_key
File.open("license_key.pub", "w") { |f| f.write(public_key.to_pem) }
 
private_key = OpenSSL::PKey::RSA.new File.read("license_key")
Gitlab::License.encryption_key = private_key
 
license = Gitlab::License.new
license.licensee = {
  "Name" => "none",
  "Company" => "none",
  "Email" => "example@test.com",
}
license.starts_at = Date.new(2020, 1, 1) # 开始时间
license.expires_at = Date.new(2050, 1, 1) # 结束时间
license.notify_admins_at = Date.new(2049, 12, 1)
license.notify_users_at = Date.new(2049, 12, 1)
license.block_changes_at = Date.new(2050, 1, 1)
license.restrictions = {
  active_user_count: 10000,
}
 
puts "License:"
puts license
 
data = license.export
puts "Exported license:"
puts data
File.open("GitLabBV.gitlab-license", "w") { |f| f.write(data) }
 
public_key = OpenSSL::PKey::RSA.new File.read("license_key.pub")
Gitlab::License.encryption_key = public_key
 
data = File.read("GitLabBV.gitlab-license")
$license = Gitlab::License.import(data)
 
puts "Imported license:"
puts $license
 
unless $license
  raise "The license is invalid."
end
 
if $license.restricted?(:active_user_count)
  active_user_count = 10000
  if active_user_count > $license.restrictions[:active_user_count]
    raise "The active user count exceeds the allowed amount!"
  end
end
 
if $license.notify_admins?
  puts "The license is due to expire on #{$license.expires_at}."
end
 
if $license.notify_users?
  puts "The license is due to expire on #{$license.expires_at}."
end
 
module Gitlab
  class GitAccess
    def check(cmd, changes = nil)
      if $license.block_changes?
        return build_status_object(false, "License expired")
      end
    end
  end
end
 
puts "This instance of GitLab Enterprise Edition is licensed to:"
$license.licensee.each do |key, value|
  puts "#{key}: #{value}"
end
 
if $license.expired?
  puts "The license expired on #{$license.expires_at}"
elsif $license.will_expire?
  puts "The license will expire on #{$license.expires_at}"
else
  puts "The license will never expire."
end
生成证书
text 复制代码
[root@localhost data]# ruby license.rb
License:
#<Gitlab::License:0x00007f8c819aedf8>
Exported license:
eyJkYXRhIjoiT0FKSDd6Mmw1S2k1Z3pWb2FJN0E5YSt1ZlE0bkxmN3JtOVQ1
bm5BVkozc29pVXN0cHNwYzdWUmN4amNyXG54dkR3QURDWkRQLzdpandMWFM0
SEozY0FYRVFHakNLbWNNaUxYQXFtanJtVitzZ0pnOGlQY1FCdlo0OUpcblpS
VjU0NkNTWEdQL1kzc081MkU5dGF3dHY1VS9YanNkbzdBczFWNmd2SittelNm
MVowRWZNaHExd0x4V1xuZEFCdk9aUklaOUM0V0xaZjk0SXRDalNjMnVFTk5H
ZkhVWDljZUxhR05wZnpMMlRLRTE3a3ZIc0xIcVdvXG5WVGEyTk83L04xVGt0
UDljTFcwOFNVRUJBZEJlK25adnBEaXNWV3JadC94UXBUVXZSV1kwcUFDU01z
NHNcbmxBYWZabWVCdFoyZUx6bnNUZW1XVnNkUDJjNDh5RTRjaGVMNUU0U3RF
V1N4cmV5bUZGam91QTlRTkF0N1xuRzBLNlV0U2MwZnRmUDNtMXpua29XQlFk
a29nNnN6dERQRTVodC9MN0lGY2txZzZ2OHc4NStlT0RRY0Y3XG4yZDZyaDZO
T1JMeWhGankwQ1Q5b1R5UDJma3VidUxtZjRjaDMrK2xaekMyT2hDdndvOG9p
SE9iSnhqRHRcbitIdGtjTXNEbTZJaFlydjlvcmliWWhNa3RabFVxNHlQRWF1
Ym5YM2k2SDZENVQ3UGRwWDhOUmNPR0VZM1xuQm04SlpDQk1HTThudUREbXY4
L2l6ZDBtczF0ajRrUm1OMnE1T3BOQzdjTVJybUw2YWU3ek9STmdMOWo1XG40
eDNDSWpzWFVXaDFMVmtvSmZqS2ZKVHlObkZneGl6dzg2RUVnMFo2R3VZR1Bj
eUFLL0YzVDRaMHpocEtcbkNRclE5Sy9FLzFQYW16UWlmcDY1UlorVlJlTTlk
ZlArdmVCRGh4V3JPRVpDXG4iLCJrZXkiOiJxeGxZMXNwWVpEMWtlOEk5ZkxY
RFBXdTRjVTBhVm0zaHhPR3VPVit2aWRrc2liT05kd1JGbFlEN1J4cEVcbmZk
L0pmMjRiVmgwWTV0dW8zVkNXTHlRTVRuSFVIa2h5SVV1aGhHNkNCZGQ5aW1O
YkVFYzFESE5ZN3N1NVxuR3lQeWNUSkxIZGxlVjRSUzIvV3VLQkwxRFcwYnRO
NmxCMGJXME5XNjdDWFRteXlFWnQ1bFdBMWtsQ1krXG5xcmRrUzZObW43cTdV
WjNxK0ZJang5Y3pld281S3lCQ2RFbUxGRG5EL2t2a1pEQlMyTTRJTC9MaTAz
dDVcbjAwMlhsb2dTSXFPM1VubGM1TUV4WkMrdnVHNGFNYVFtT29pdUhXbmhq
UVBRb3BlQlBZdENSTTJZRk9oblxuUTIyVVRMdndIUXpERDVaV08rZ2M2MURP
bTBzWWMwNlYvazcyYTZRMjF3PT1cbiIsIml2IjoiMzdGVWxtT2dkZ09ic0Nr
eVFqMk5Pdz09XG4ifQ==
Imported license:
#<Gitlab::License:0x00007f8c819b3038>
This instance of GitLab Enterprise Edition is licensed to:
Name: none
Company: none
Email: example@test.com
The license will expire on 2050-01-01
生成的三个文件,GitLabBV.gitlab-license为许可证
text 复制代码
GitLabBV.gitlab-license license_key  license_key.pub 
使用许可证
text 复制代码
cp license_key.pub /opt/gitlab/embedded/service/gitlab-rails/.license_encryption_key.pub
重启gitlab加载许可证
text 复制代码
gitlab-ctl restart
修改证书等级
text 复制代码
vi /opt/gitlab/embedded/service/gitlab-rails/ee/app/models/license.rb
# 将
# restricted_attr(:plan).presence || STARTER_PLAN
# 替换成
# restricted_attr(:plan).presence || ULTIMATE_PLAN
重新加载配置
text 复制代码
gitlab-ctl reconfigure

账密及登陆

text 复制代码
初始账密,账户为root
cat /etc/gitlab/initial_root_password

密码更改

命令行密码更改
text 复制代码
<root@gitlab ~># cd /opt/gitlab/bin
<root@gitlab bin># gitlab-rails console
[root@localhost ~]# gitlab-rails console
--------------------------------------------------------------------------------
 Ruby:         ruby 2.7.7p221 (2022-11-24 revision 168ec2b1e5) [x86_64-linux]
 GitLab:       15.7.2 (a72992de385) FOSS
 GitLab Shell: 14.14.0
 PostgreSQL:   13.8
------------------------------------------------------------[ booted in 30.12s ]
Loading production environment (Rails 6.1.6.1)
irb(main):001:0> u=User.where(id:1).first
=> #<User id:1 @root>
irb(main):002:0> User.all
=> #<ActiveRecord::Relation [#<User id:1 @root>]>
irb(main):003:0> u.password='ghx778899'
=> "ghx778899"
irb(main):004:0> u.password_confirmation='ghx778899'
=> "ghx778899"
irb(main):005:0> u.save!
=> true
irb(main):006:0> exit
页面更改密码
text 复制代码
http://192.168.73.150/-/profile/password/edit
填写旧密码,新密码,新密码确认,Save password
登陆gitlab,并上传许可证
text 复制代码
http://192.168.73.30/admin/application_settings/general
Add License ➔ Expand ➔ 选择上面的 GitLabBV.gitlab-license 然后上传(Add license)  ➔ 勾选服务条款 ➔ 点击 添加许可证

查看激活信息

text 复制代码
http://192.168.73.30/admin/subscription

页面设置为中文

text 复制代码
http://192.168.73.150/-/profile/preferences
Localization ➔ Language ➔ 简体中文 ➔ Save changes

关闭任意注册功能

text 复制代码
http://192.168.73.30/admin/application_settings/general
注册限制 ➔ 已启用注册功能(勾选框去掉) ➔ 保存更改

更改项目中使用git push或者pull 指向的地址

text 复制代码
vi /etc/gitlab/gitlab.rb
将 external_url 'http://gitlab.example.com'
改为 external_url 'http://192.168.73.30'

启用https

配置加密认证文件
text 复制代码
输入的密码为: KDJF*lkskd_234KDKlk55
#  openssl genrsa -des3 -out nginx.key 2048  #实际使用中看服务器性能,如果足够好也可以使用4096位秘钥
Generating RSA private key, 1024 bit long modulus
.......++++++
...++++++
e is 65537 (0x10001)
Enter pass phrase for nginx.key:                 #输入密码,自定义,不少于4个字符
Verifying - Enter pass phrase for nginx.key:     #确认密码

# openssl req -new -key nginx.key -out nginx.csr
Enter pass phrase for nginx.key:                             #输入刚刚创建的密码

# openssl rsa -in nginx.key -out nginx_nopass.key
Enter pass phrase for nginx.key:        #之前RSA秘钥创建时的密码
writing RSA key

# openssl x509 -req -days 3650 -in nginx.csr  -signkey nginx.key -out nginx.crt    
Signature ok
subject=/C=CN/ST=ShangHai/L=ShangHai/O=ACBC/OU=Tech/CN=*.mydomain.com/emailAddress=admin@mydomain.com
Getting Private key
Enter pass phrase for nginx.key:          #RSA创建时的密码

# ls
nginx.crt  nginx.csr  nginx.key  nginx_nopass.key
配置gitlab配置文件
text 复制代码
[root@localhost data]# cp nginx* /etc/gitlab/
[root@localhost data]# ll /etc/gitlab/nginx*
-rw-r--r--. 1 root root 1115  1月 12 19:35 /etc/gitlab/nginx.crt
-rw-r--r--. 1 root root  952  1月 12 19:35 /etc/gitlab/nginx.csr
-rw-------. 1 root root 1854  1月 12 19:35 /etc/gitlab/nginx.key
-rw-------. 1 root root 1704  1月 12 19:35 /etc/gitlab/nginx_nopass.key
[root@localhost data]# chmod 755 /etc/gitlab/nginx*

[root@localhost data]# vim /etc/gitlab/gitlab.rb
external_url 'https://192.168.73.30'
nginx['ssl_certificate'] = "/etc/gitlab/nginx.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/nginx_nopass.key"
重新配置gitlab
text 复制代码
[root@localhost data]#  gitlab-ctl reconfigure
重新访问gitlab
text 复制代码
gitlab新地址:
https://192.168.73.30

gitlab操作

text 复制代码
gitlab状态查看:  gitlab-ctl status
gitlab启动:     gitlab-ctl start
gitlab停止:     gitlab-ctl stop
gitlab重启:     gitlab-ctl restart
gitlab重新加载配置文件: gitlab-ctl reconfigure
相关推荐
A.A呐16 分钟前
【Linux第一章】Linux介绍与指令
linux
Gui林16 分钟前
【GL004】Linux
linux
ö Constancy20 分钟前
Linux 使用gdb调试core文件
linux·c语言·vim
tang_vincent21 分钟前
linux下的spi开发与框架源码分析
linux
xiaozhiwise25 分钟前
Linux ASLR
linux
wellnw25 分钟前
[linux] linux c实现共享内存读写操作
linux·c语言
a_安徒生44 分钟前
linux安装TDengine
linux·数据库·tdengine
追风赶月、1 小时前
【Linux】线程概念与线程控制
linux·运维·服务器
小字节,大梦想1 小时前
【Linux】重定向,dup
linux
CP-DD1 小时前
Docker 容器化开发 应用
运维·docker·容器