Ubuntu部署私有Gitlab

这个东西安装其实挺简单的，但是因为我这边迁移了数据目录和使用自己安装的 nginx 代理还是踩了几个坑，所以大家可以注意下

先看下安装

# 先安装必要组件
sudo apt update
sudo apt install -y curl openssh-server ca-certificates tzdata perl

# 添加gitlab官方仓库
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash

# 3. 安装 GitLab，设置 external_url（这里临时设置，后面再改，当然你也可以直接设置成自己的域名）
sudo EXTERNAL_URL="http://localhost" apt install -y gitlab-ce

正常情况上面其实就安装好了，但是因为我的服务器系统盘内存不大，然后挂载了一个数据盘，所以这里将 GitLab 项目数据目录迁移到挂载的数据盘 /data 目录下

# 先停止服务
sudo gitlab-ctl stop

# 在data下面创建目录并将数据拷贝过去
sudo mkdir -p /data/gitlab
sudo rsync -a /var/opt/gitlab/ /data/gitlab/

# 创建软连接 
sudo mv /var/opt/gitlab /var/opt/gitlab.bak
sudo ln -s /data/gitlab /var/opt/gitlab

# 设置权限
sudo chown -R git:git /data/gitlab
sudo chmod -R 700 /data/gitlab

接着我们再去配置域名，我们打开下面的文件

sudo vi /etc/gitlab/gitlab.rb

找到 external_url 配置，就在三十行左右，换成自己的域名

改好了保存，然后执行下面的命令

sudo gitlab-ctl reconfigure

我这里因为自己也安装了 nginx，然后 gitlab 本身自带的也有 nginx ，一开始我害怕两个会冲突所以改了很多地方的配置，导致访问不了，或者能访问但是页面看不到样式等问题，其实不用改其它配置，自带的 nginx 是不会和你安装的 nginx 冲突的，完全就是我想太多了

所以我们自己的nginx按下面的常规配置就可以了

# HTTP 访问（80端口）配置
server {
    listen 80;
    server_name git.sakura.com;

    # 如果你希望 http 自动跳转到 https，可以开启这个：
    return 301 https://$host$request_uri;
}

# HTTPS 访问（443端口）配置
server {
    listen 443 ssl;
    server_name git.sakura.com;

    ssl_certificate /usr/local/nginx/conf/ssl/sakura.com.pem;
    ssl_certificate_key /usr/local/nginx/conf/ssl/sakura.com.key;

    # 这里 proxy_set_header X-Forwarded-Proto 建议用 https，代表原始请求是 HTTPS
    location / {
        proxy_pass https://git.sakura.com;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
    }

    access_log /usr/local/nginx/logs/git.access.log;
    error_log  /usr/local/nginx/logs/git.error.log;
}

然后我们启用配置

# 创建一个链接重启的时候自动重启
sudo ln -s /etc/nginx/sites-available/gitlab /etc/nginx/sites-enabled/
# 检查语法
sudo nginx -t
# 重启
sudo systemctl reload nginx

然后我们重启一下 gitlab 服务

# 重启服务
sudo gitlab-ctl restart
#查看服务状态
sudo gitlab-ctl status

root@ecm-74de:/etc/gitlab# sudo gitlab-ctl restart
ok: run: alertmanager: (pid 452866) 0s
ok: run: gitaly: (pid 452879) 1s
ok: run: gitlab-exporter: (pid 452910) 0s
timeout: down: gitlab-kas: 1s, normally up, want up
ok: run: gitlab-workhorse: (pid 454333) 0s
ok: run: logrotate: (pid 454356) 1s
ok: run: node-exporter: (pid 454390) 0s
ok: run: postgres-exporter: (pid 454416) 0s
timeout: down: postgresql: 1s, normally up, want up
timeout: down: prometheus: 0s, normally up, want up
ok: run: puma: (pid 457559) 0s
ok: run: redis: (pid 457903) 0s
ok: run: redis-exporter: (pid 457906) 1s
ok: run: sidekiq: (pid 457932) 0s
root@ecm-74de:/etc/gitlab# curl http://127.0.0.1:4141
curl: (7) Failed to connect to 127.0.0.1 port 4141 after 0 ms: Couldn't connect to server

我这里不知道是不是因为迁移数据目录导致的异常，一个是 gitlab 自带的 postgresql 启动异常了，

还有 prometheus 也没有启动

一步步来解决问题

sudo cat /var/log/gitlab/postgresql/current

从日志可以看出 could not open file "/var/opt/gitlab/postgresql/data/PG_VERSION": Permission denied 权限不足

2025-05-20_11:57:44.39033 FATAL:  could not open file "/var/opt/gitlab/postgresql/data/PG_VERSION": Permission denied
2025-05-20_11:57:45.39713 2025-05-20 11:57:45.397 GMT [459619] LOG:  skipping missing configuration file "/var/opt/gitlab/postgresql/data/postgresql.auto.conf"
2025-05-20_11:57:45.39730 FATAL:  could not open file "/var/opt/gitlab/postgresql/data/PG_VERSION": Permission denied
2025-05-20_11:57:46.40336 2025-05-20 11:57:46.403 GMT [459690] LOG:  skipping missing configuration file "/var/opt/gitlab/postgresql/data/postgresql.auto.conf"
2025-05-20_11:57:46.40353 FATAL:  could not open file "/var/opt/gitlab/postgresql/data/PG_VERSION": Permission denied
2025-05-20_11:57:47.40971 2025-05-20 11:57:47.409 GMT [459747] LOG:  skipping missing configuration file "/var/opt/gitlab/postgresql/data/postgresql.auto.conf"
2025-05-20_11:57:47.40984 FATAL:  could not open file "/var/opt/gitlab/postgresql/data/PG_VERSION": Permission denied
2025-05-20_11:57:48.41600 2025-05-20 11:57:48.415 GMT [459807] LOG:  skipping missing configuration file "/var/opt/gitlab/postgresql/data/postgresql.auto.conf"
2025-05-20_11:57:48.41603 FATAL:  could not open file "/var/opt/gitlab/postgresql/data/PG_VERSION": Permission denied
2025-05-20_11:57:49.42262 2025-05-20 11:57:49.421 GMT [459880] LOG:  skipping missing configuration file "/var/opt/gitlab/postgresql/data/postgresql.auto.conf"
2025-05-20_11:57:49.42265 FATAL:  could not open file "/var/opt/gitlab/postgresql/data/PG_VERSION": Permission denied
2025-05-20_11:57:50.42894 2025-05-20 11:57:50.428 GMT [459951] LOG:  skipping missing configuration file "/var/opt/gitlab/postgresql/data/postgresql.auto.conf"
2025-05-20_11:57:50.42896 FATAL:  could not open file "/var/opt/gitlab/postgresql/data/PG_VERSION": Permission denied
2025-05-20_11:57:51.43590 2025-05-20 11:57:51.435 GMT [460011] LOG:  skipping missing configuration file "/var/opt/gitlab/postgresql/data/postgresql.auto.conf"
2025-05-20_11:57:51.43593 FATAL:  could not open file "/var/opt/gitlab/postgresql/data/PG_VERSION": Permission denied
2025-05-20_11:57:52.44199 2025-05-20 11:57:52.441 GMT [460081] LOG:  skipping missing configuration file "/var/opt/gitlab/postgresql/data/postgresql.auto.conf"
2025-05-20_11:57:52.44202 FATAL:  could not open file "/var/opt/gitlab/postgresql/data/PG_VERSION": Permission denied

检查权限

ls -ld /var/opt/gitlab/postgresql
ls -ld /var/opt/gitlab/postgresql/data
ls -l /var/opt/gitlab/postgresql/data/PG_VERSION

/var/opt/gitlab/postgresql/data 目录权限是 drwx------，属主是 gitlab-psql:git

PG_VERSION 文件权限是 -rwx------，属主是 git:git

root@ecm-74de:/etc/gitlab# ls -ld /var/opt/gitlab/postgresql
drwxrwsr-x 3 gitlab-psql gitlab-psql 4096 May 20 11:55 /var/opt/gitlab/postgresql
root@ecm-74de:/etc/gitlab# ls -ld /var/opt/gitlab/postgresql/data
drwx------ 19 gitlab-psql git 4096 May 20 11:55 /var/opt/gitlab/postgresql/data
root@ecm-74de:/etc/gitlab# ls -l /var/opt/gitlab/postgresql/data/PG_VERSION
-rwx------ 1 git git 3 May 20 11:21 /var/opt/gitlab/postgresql/data/PG_VERSION

修改权限

sudo chown -R gitlab-psql:gitlab-psql /var/opt/gitlab/postgresql/data

重启这个服务

sudo gitlab-ctl restart postgresql

然后继续执行，发现还有问题，主要是 redis 没有运行，这会导致 GitLab 的缓存、队列等功能异常，GitLab 很可能不能正常工作

sudo gitlab-ctl status

root@ecm-74de:/etc/gitlab# sudo gitlab-ctl status
down: alertmanager: 1s, normally up, want up; run: log: (pid 395505) 2191s
run: gitaly: (pid 452879) 242s; run: log: (pid 392538) 2300s
run: gitlab-exporter: (pid 452910) 241s; run: log: (pid 394981) 2209s
down: gitlab-kas: 1s, normally up, want up; run: log: (pid 392908) 2288s
run: gitlab-workhorse: (pid 454333) 210s; run: log: (pid 394541) 2225s
run: logrotate: (pid 454356) 210s; run: log: (pid 392332) 2312s
run: node-exporter: (pid 454390) 209s; run: log: (pid 394827) 2215s
run: postgres-exporter: (pid 454416) 209s; run: log: (pid 395665) 2185s
run: postgresql: (pid 465371) 23s; run: log: (pid 392664) 2294s
down: prometheus: 1s, normally up, want up; run: log: (pid 395337) 2197s
run: puma: (pid 465390) 23s; run: log: (pid 394193) 2237s
down: redis: 1s, normally up, want up; run: log: (pid 392436) 2306s
run: redis-exporter: (pid 457906) 142s; run: log: (pid 395152) 2203s
run: sidekiq: (pid 465806) 16s; run: log: (pid 394350) 2231s

一样的检查 Redis 问题

sudo gitlab-ctl start redis
sudo gitlab-ctl status redis
sudo gitlab-ctl tail redis

可以发现一样的问题 Fatal error: can't open the RDB file dump.rdb for reading: Permission denied 权限不足

2025-05-20_12:02:15.00338 476331:M 20 May 2025 12:02:15.003 * Server initialized
2025-05-20_12:02:15.00339 476331:M 20 May 2025 12:02:15.003 # Fatal error: can't open the RDB file dump.rdb for reading: Permission denied
2025-05-20_12:02:15.00339 476331:M 20 May 2025 12:02:15.003 # Fatal error loading the DB, check server logs. Exiting.

查看 dump.rdb 文件权限

ls -l /var/opt/gitlab/redis/dump.rdb

确保文件所属用户和组为 gitlab-redis

chown gitlab-redis:gitlab-redis /var/opt/gitlab/redis/dump.rdb

确保整个 Redis 目录权限正确：

chown -R gitlab-redis:gitlab-redis /var/opt/gitlab/redis
chmod 700 /var/opt/gitlab/redis

重新启动 Redis

sudo gitlab-ctl restart redis

Redis 启动后我们再看下还有没有问题，这里 alertmanager、gitlab-kas、prometheus 还是有问题，但是因为不是主要组件就先不管了

sudo gitlab-ctl status

所有问题都解决后就可以通过域名访问了，默认用户是 root ，第一访问会看到 Set new password 提示你给 root 配置密码，当然没看到或者忘记密码也没关系，我们用下面的方式重置密码

进入控制台

sudo gitlab-rails console

在里面一步步输入下面命令

user = User.find_by(username: 'root')
user.password = '你的新密码'
user.password_confirmation = '你的新密码'
user.save!
# 退出
exit

用刚才的密码登录，注意没有中文选项，但是进去后可以设置中文的

我这里已经调整了中文，大家自己根据英文对照着看

修改这里就可以了