环境
-
ubuntu
uname -a Linux kysq-KVM 6.8.0-40-generic #40~22.04.3-Ubuntu SMP PREEMPT_DYNAMIC Tue Jul 30 17:30:19 UTC 2 x86_64 x86_64 x86_64 GNU/Linux -
gitlab
13.7
官方文档
-
archives版本 https://docs.gitlab.com/archives/
docker run -it --rm -p 4000:4000 registry.gitlab.com/gitlab-org/gitlab-docs:13.7
注意事项
-
ping gitlab.com 超时
git config --global https.proxy http://*.*.*.*:8899 -
go 代理
export GOPROXY=https://goproxy.cn -
cookies set失败
# 1. https 证书不安全 不支持 secur
安装
1. Packages and dependencies(ROOT)
sudo
apt-get update -y
apt-get upgrade -y
apt-get install sudo -yBuild dependencies
apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libre2-dev \
libreadline-dev libncurses5-dev libffi-dev curl openssh-server checkinstall libxml2-dev \
libxslt-dev libcurl4-openssl-dev libicu-dev logrotate rsync python-docutils pkg-config cmake \
runit根据报错信息调整 依赖
apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libre2-dev \
libreadline-dev libncurses5-dev libffi-dev curl openssh-server checkinstall libxml2-dev \
libxslt1-dev libcurl4-openssl-dev libicu-dev logrotate rsync python3-docutils pkg-config cmake \
runit
apt-get install libkrb5-devGit
# Install dependencies
apt-get install -y libcurl4-openssl-dev libexpat1-dev gettext libz-dev libssl-dev libpcre2-dev build-essential
# Clone the Gitaly repository
# git clone https://gitlab.com/gitlab-org/gitaly.git -b <X-Y-stable> /tmp/gitaly
git clone https://gitlab.com/gitlab-org/gitaly.git -b v13.7.3 /tmp/gitaly
# Compile and install Git
cd /tmp/gitaly
make git GIT_PREFIX=/usr/localGraphicsMagick
apt-get install -y graphicsmagickMail server
apt-get install -y postfixExiftool
apt-get install -y libimage-exiftool-perl2. Ruby(ROOT)
标准安装
# apt-get remove ruby1.8
mkdir /tmp/ruby && cd /tmp/ruby
curl --remote-name --progress "https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.2.tar.gz"
echo 'cb9731a17487e0ad84037490a6baf8bfa31a09e8 ruby-2.7.2.tar.gz' | shasum -c - && tar xzf ruby-2.7.2.tar.gz
cd ruby-2.7.2
./configure --disable-install-rdoc
make
sudo make installmake 报错openssl版本问题 ossl_pkey_rsa.c:877:58: error: 'RSA_SSLV23_PADDING' undeclared (first use in this function); did you mean 'RSA_NO_PADDING'? 改为 rbenv 安装https://www.cnblogs.com/livelab/p/12960670.html
# curl -fsSL https://github.com/rbenv/rbenv-installer/raw/master/bin/rbenv-installer | bash
# git clone https://github.com/rbenv/rbenv.git ~/.rbenv
# echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
# echo 'eval "$(rbenv init -)"' >> ~/.bashrc
# git clone https://github.com/rbenv/ruby-build.git ~/.rbenv/plugins/ruby-build
# echo 'export PATH="$HOME/.rbenv/plugins/ruby-build/bin:$PATH"' >> ~/.bashrc
# source ~/.bashrc
rbenv install 2.7.23. Go(ROOT)
install
# Remove former Go installation folder
# rm -rf /usr/local/go
curl --remote-name --progress "https://dl.google.com/go/go1.13.5.linux-amd64.tar.gz"
echo '512103d7ad296467814a6e3f635631bd35574cab3369a97a323c9a585ccaa569 go1.13.5.linux-amd64.tar.gz' | shasum -a256 -c - && \
tar -C /usr/local -xzf go1.13.5.linux-amd64.tar.gz
ln -sf /usr/local/go/bin/{go,godoc,gofmt} /usr/local/bin/
rm go1.13.5.linux-amd64.tar.gz4. Node(ROOT)
install
# install node v12.x
curl --location "https://deb.nodesource.com/setup_12.x" | sudo bash -
sudo apt-get install -y nodejs
curl --silent --show-error "https://dl.yarnpkg.com/debian/pubkey.gpg" | sudo apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update
sudo apt-get install yarn源码安装https://nodejs.org/zh-cn/download/package-manager
wget https://nodejs.org/download/release/v12.18.3/node-v12.18.3-linux-x64.tar.gz
tar zxvf node-v12.18.3-linux-x64.tar.gz
cd node-v12.18.3-linux-x64/
ln -s /opt/node-v12.18.3-linux-x64 /usr/local/node
vim /etc/profile
export PATH=/usr/local/node/bin:$PATH
source /etc/profile
node -v源码安装yarn
tar -xzvf yarn-v1.22.5.tar.gz
cd yarn-v1.22.5/
mv yarn-v1.22.5 /opt/yarn
vim ~/.bashrc
export PATH="/opt/yarn/bin:$PATH
source ~/.bashrc
yarn --version5. System users(ROOT)
create git user
# sudo adduser --disabled-login --gecos 'GitLab' git
sudo adduser git
vim /etc/sudoers
git ALL=(ALL) ALL6. Database(ROOT)创建 gitlab 账号 host: 127.0.0.1 passport: 123456
Install the database packages
sudo apt-get install -y postgresql postgresql-client libpq-dev postgresql-contrib
psql --version
sudo service postgresql start
sudo service postgresql statuscreate user
su - postgres
psql
# Create a database user for GitLab``
# CREATE USER gitlab CREATEDB;
# ALTER USER gitlab WITH PASSWORD '123456';
CREATE USER gitlab WITH PASSWORD '123456';
# Create the `pg_trgm` extension
CREATE EXTENSION IF NOT EXISTS pg_trgm;
# Create the btree_gist extension (required for GitLab 13.1+)
CREATE EXTENSION IF NOT EXISTS btree_gist;
CREATE DATABASE gitlabhq_production OWNER gitlab;
GRANT ALL PRIVILEGES ON DATABASE gitlabhq_production TO gitlab;
ALTER USER gitlab WITH CREATEDB;
ALTER DATABASE gitlabhq_production OWNER TO gitlab;
# ip可访问 root用户
sudo su -
vim /etc/postgresql/14/main/postgresql.conf
listen_addresses = '*'
# 重启postgresql
sudo service postgresql restart
# 测试
psql -h 127.0.0.1 -U gitlab -d gitlabhq_production
1234567. Redis(ROOT)
install
sudo apt-get install redis-serverconfigure
# Configure redis to use sockets
sudo cp /etc/redis/redis.conf /etc/redis/redis.conf.orig
# Disable Redis listening on TCP by setting 'port' to 0
sudo sed 's/^port .*/port 0/' /etc/redis/redis.conf.orig | sudo tee /etc/redis/redis.conf
# Enable Redis socket for default Debian / Ubuntu path
echo 'unixsocket /var/run/redis/redis.sock' | sudo tee -a /etc/redis/redis.conf
# Grant permission to the socket to all members of the redis group
echo 'unixsocketperm 770' | sudo tee -a /etc/redis/redis.conf
# Create the directory which contains the socket
sudo mkdir -p /var/run/redis
sudo chown redis:redis /var/run/redis
sudo chmod 755 /var/run/redis
# Persist the directory which contains the socket, if applicable
if [ -d /etc/tmpfiles.d ]; then
echo 'd /var/run/redis 0755 redis redis 10d -' | sudo tee -a /etc/tmpfiles.d/redis.conf
fi
# Activate the changes to redis.conf
sudo service redis-server restart
# Add git to the redis group
sudo usermod -aG redis git8. GitLab(git)
clone
su - git
cd /home/git
# git clone https://gitlab.com/gitlab-org/gitlab-foss.git -b <X-Y-stable> gitlab
git clone https://gitlab.com/gitlab-org/gitlab-foss.git -b v13.7.3 gitlabconfigure
# Go to GitLab installation folder
cd /home/git/gitlab
# Copy the example GitLab config
cp config/gitlab.yml.example config/gitlab.yml
# Update GitLab config file, follow the directions at top of the file
vim config/gitlab.yml
# Copy the example secrets file
cp config/secrets.yml.example config/secrets.yml
sudo chmod 0600 config/secrets.yml
# Make sure GitLab can write to the log/ and tmp/ directories
sudo chown -R git log/
sudo chown -R git tmp/
sudo chmod -R u+rwX,go-w log/
sudo chmod -R u+rwX tmp/
# Make sure GitLab can write to the tmp/pids/ and tmp/sockets/ directories
sudo chmod -R u+rwX tmp/pids/
sudo chmod -R u+rwX tmp/sockets/
# Create the public/uploads/ directory
mkdir -p public/uploads/
# Make sure only the GitLab user has access to the public/uploads/ directory
# now that files in public/uploads are served by gitlab-workhorse
sudo chmod 0700 public/uploads
# Change the permissions of the directory where CI job logs are stored
sudo chmod -R u+rwX builds/
# Change the permissions of the directory where CI artifacts are stored
sudo chmod -R u+rwX shared/artifacts/
# Change the permissions of the directory where GitLab Pages are stored
sudo chmod -R ug+rwX shared/pages/
# Copy the example Puma config
cp config/puma.rb.example config/puma.rb
# Refer to https://github.com/puma/puma#configuration for more information.
# You should scale Puma workers and threads based on the number of CPU
# cores you have available. You can get that number via the `nproc` command.
vim config/puma.rb
# Configure Git global settings for git user
# 'autocrlf' is needed for the web editor
sudo git config --global core.autocrlf input
# Disable 'git gc --auto' because GitLab already runs 'git gc' when needed
sudo git config --global gc.auto 0
# Enable packfile bitmaps
sudo git config --global repack.writeBitmaps true
# Enable push options
sudo git config --global receive.advertisePushOptions true
# Enable fsyncObjectFiles to reduce risk of repository corruption if the server crashes
sudo git config --global core.fsyncObjectFiles true
# Configure Redis connection settings
cp config/resque.yml.example config/resque.yml
# Change the Redis socket path if you are not using the default Debian / Ubuntu configuration
vim config/resque.ymlConfigure GitLab DB Settings
cp config/database.yml.postgresql config/database.yml
vim config/database.yml
sudo chmod o-rwx config/database.ymlInstall Gems
bundle install --deployment --without development test mysql aws kerberosgem 'mimemagic', '~> 0.3.2' 已废弃
vim Gemfile
gem 'mimemagic', '= 0.3.10'
bundle install --without development test mysql aws kerberos
## 其中的问题
bundle config build.gpgme --use-system-libraries
gem install gpgme -v '2.0.20' --source 'https://rubygems.org/' -- --use-system-librariesInstall GitLab Shell
# Run the installation task for gitlab-shell:
bundle exec rake gitlab:shell:install RAILS_ENV=production
# By default, the gitlab-shell config is generated from your main GitLab config.
# You can review (and modify) the gitlab-shell config as follows:
vim /home/git/gitlab-shell/config.ymlInstall GitLab Workhorse
bundle exec rake "gitlab:workhorse:install[/home/git/gitlab-workhorse]" RAILS_ENV=production
# bundle exec rake "gitlab:workhorse:install[/home/git/gitlab-workhorse,https://example.com/gitlab-workhorse.git]" RAILS_ENV=productionInstall GitLab-Elasticsearch-indexer on Enterprise Edition(skip)
bundle exec rake "gitlab:indexer:install[/home/git/gitlab-elasticsearch-indexer]" RAILS_ENV=production
# bundle exec rake "gitlab:indexer:install[/home/git/gitlab-elasticsearch-indexer,https://example.com/gitlab-elasticsearch-indexer.git]" RAILS_ENV=productionInstall GitLab Pages(skip)
cd /home/git
git clone https://gitlab.com/gitlab-org/gitlab-pages.git
cd gitlab-pages
git checkout v$(</home/git/gitlab/GITLAB_PAGES_VERSION)
makeInstall Gitaly
# Fetch Gitaly source with Git and compile with Go
cd /home/git/gitlab
bundle exec rake "gitlab:gitaly:install[/home/git/gitaly,/home/git/repositories]" RAILS_ENV=production
# bundle exec rake "gitlab:gitaly:install[/home/git/gitaly,/home/git/repositories,https://example.com/gitaly.git]" RAILS_ENV=production
# Restrict Gitaly socket access
sudo chmod 0700 /home/git/gitlab/tmp/sockets/private
sudo chown git /home/git/gitlab/tmp/sockets/private
# If you are using non-default settings, you need to update config.toml
cd /home/git/gitaly
vim config.tomlStart Gitaly
gitlab_path=/home/git/gitlab
gitaly_path=/home/git/gitaly
sh -c "$gitlab_path/bin/daemon_with_pidfile $gitlab_path/tmp/pids/gitaly.pid \
$gitaly_path/gitaly $gitaly_path/config.toml >> $gitlab_path/log/gitaly.log 2>&1 &"Initialize Database and Activate Advanced Features
cd /home/git/gitlab
bundle exec rake gitlab:setup RAILS_ENV=production
# Type 'yes' to create the database tables.
# or you can skip the question by adding force=yes
# sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production force=yes
# When done, you see 'Administrator account created:'
# bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=yourpassword GITLAB_ROOT_EMAIL=youremail GITLAB_LICENSE_FILE="/path/to/license"Install Init Script
cd /home/git/gitlab
cp lib/support/init.d/gitlab /etc/init.d/gitlab
cp lib/support/init.d/gitlab.default.example /etc/default/gitlab
# Make GitLab start on boot:
sudo update-rc.d gitlab defaults 21Set up Logrotate
cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlabCheck Application Status
bundle exec rake gitlab:env:info RAILS_ENV=productionCompile GetText PO files
bundle exec rake gettext:compile RAILS_ENV=productionCompile Assets
yarn install --production --pure-lockfile
bundle exec rake gitlab:assets:compile RAILS_ENV=production NODE_ENV=production
# bundle exec rake gitlab:assets:compile RAILS_ENV=production NODE_ENV=production NODE_OPTIONS="--max_old_space_size=4096"Start Your GitLab Instance
sudo service gitlab start
# or
sudo /etc/init.d/gitlab restartRails console
RAILS_ENV=production bundle exec rails c9. Nginx(root)
install
sudo apt-get install -y nginxSite Configuration
cp /home/git/gitlab/lib/support/nginx/gitlab /etc/nginx/sites-available/gitlab
sudo ln -s /etc/nginx/sites-available/gitlab /etc/nginx/sites-enabled/gitlab
vim /etc/nginx/sites-available/gitlab
# 80 已被占用
vim /etc/nginx/sites-available/default
listen [::]:82 default_server;
sudo service nginx restartUsing https
- In gitlab.yml:
- Set the port option in section 1 to 443.
- Set the https option in section 1 to true.
- In the config.yml of GitLab Shell:
- Set gitlab_url option to the HTTPS endpoint of GitLab (e.g. https://git.example.com).
- Set the certificates using either the ca_file or ca_path option.
- Use the gitlab-ssl NGINX example configuration instead of the gitlab configuration.
- Update YOUR_SERVER_FQDN.
- Update ssl_certificate and ssl_certificate_key.
- Review the configuration file and consider applying other security and performance enhancing features.
Custom SSH Connection
# Add to /home/git/.ssh/config
host localhost # Give your setup a name (here: override localhost)
user git # Your remote git user
port 2222 # Your port number
hostname 127.0.0.1; # Your server name or IP更换域名
- gitlab/config/gitlab.yml
- gitlab-shell/config.yml
- gitaly/config.toml
- /etc/nginx/sites-available/gitlab
- 重启gitaly、gitlab、nginx
...