1.9.1 安装配置gitlab
安装
# 安装依赖,并启动ssh、防火墙开启相应端口、postfix
[root@gitlab ~]# yum install -y curl policycoreutils-python openssh-server perl# 安装完成后会直接启动
[root@gitlab ~]# yum install gitlab-jh-16.0.3-jh.0.el7.x86_64.rpm初始化
# 以下两种方法都可以配置访问地址,第一种需要在yum安装前配置
[root@gitlab ~]# export EXTERNAL_URL='http://192.168.249.156'或
[root@gitlab ~]# vim /etc/gitlab/gitlab.rb
external_url 'http://192.168.249.156'
[root@gitlab ~]# gitlab-ctl reconfigure状态
[root@gitlab ~]# gitlab-ctl status
run: gitaly: (pid 4491) 48s; run: log: (pid 4087) 279s
run: gitlab-monitor: (pid 4539) 44s; run: log: (pid 4251) 207s
run: gitlab-workhorse: (pid 4501) 47s; run: log: (pid 4099) 273s
run: logrotate: (pid 4125) 265s; run: log: (pid 4124) 265s
run: nginx: (pid 4112) 271s; run: log: (pid 4111) 271s
run: node-exporter: (pid 4175) 243s; run: log: (pid 4174) 243s
run: postgres-exporter: (pid 4528) 45s; run: log: (pid 4223) 219s
run: postgresql: (pid 3933) 343s; run: log: (pid 3932) 343s
run: prometheus: (pid 4514) 46s; run: log: (pid 4156) 259s
run: redis: (pid 3876) 355s; run: log: (pid 3875) 355s
run: redis-exporter: (pid 4186) 237s; run: log: (pid 4185) 237s
run: sidekiq: (pid 4078) 281s; run: log: (pid 4077) 281s
run: unicorn: (pid 4047) 287s; run: log: (pid 4046) 287s检查端口
[root@gitlab ~]# netstat -lntup|grep 80
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 4073/unicorn master
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4112/nginx: master
tcp 0 0 0.0.0.0:8060 0.0.0.0:* LISTEN 4112/nginx: master 1.9.2 使用浏览器访问,进行web界面操作
登陆 Gitlab
如果需要手工修改nginx的port ,可以在gitlab.rb中设置 nginx['listen_port'] = 8000 ,然后再次 gitlab-ctl reconfigure即可
登录 gitlab 如下所示(首次登陆设置 root 密码):
密码存放在 /etc/gitlab/initial_root_password 文件中,该文件会在24小时后删除
创建项目组 group ,组名为plat-sp ,如下所示:
去掉用户的自动注册功能(安全): admin are -> settings -> Sign-up Restrictions 去掉钩钩,然后拉到最下面保存,重新登录
在服务器上创建ssh密钥 使用ssh-ketgen 命令
[root@gitlab ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:n/V2kCiwwm2UfBsnQLm17eXUCBiBByyPbefmz5oQvfU root@gitlab
The key's randomart image is:
+---[RSA 2048]----+
| o++o+ |
| ..+o+ . |
| ==++o.. o |
| ..o==o=..+..|
| o.So+.++o |
| o oo*.o.. |
| .o+ E .|
| ..o . . |
| ooo |
+----[SHA256]-----+
[root@gitlab .ssh]# cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSVdBypha/ALMmvIiZGXxYGz7FJ5TC+hYWo7QGBJ+J6JVinp9yH851fwxln5TWGBrtEousoVHXTTJfFRy8LV+Ho7OfaksYt+5TPxEjf5XX53Z3ZX70PYH3DQFmgzl0QpWw1PYIjrD7kBeLhUg+R/ZePS+HzPvbRCb6gOlkdx46vX4Olr7YbAO5lzAarhaZcE2Q702kPXGeuZbR7KcwVhtoiueyHwyj94bccMfKq7qSskXGbpWuCwcaKQ6uqGap1rP5Viqqv0xeO7Vq0dIZ/YnPL2vPDUvNa36nHosiZGkn4thpPh63KjXaFIfKOuPemLzvDZY0A+88P8gwmAYiPoxp root@gitlab将密钥添加到web界面的用户中
1.9.3 gitlab 命令行修改密码
gitlab-rails console production
irb(main):001:0> user = User.where(id: 1).first # id为1的是超级管理员
irb(main):002:0>user.password = 'yourpassword' # 密码必须至少8个字符
irb(main):003:0>user.save! # 如没有问题 返回true
exit # 退出1.9.4 gitlab服务管理
gitlab-ctl start # 启动所有 gitlab 组件; gitlab-ctl stop # 停止所有 gitlab 组件; gitlab-ctl restart # 重启所有 gitlab 组件; gitlab-ctl status # 查看服务状态; gitlab-ctl reconfigure # 启动服务; vim /etc/gitlab/gitlab.rb # 修改默认的配置文件; gitlab-ctl tail # 查看日志;
1.9.5 公司的开发代码提交处理流程
PM(项目主管/项目经理)在gitlab创建任务,分配给开发人员 开发人员领取任务后,在本地使用git clone拉取代码库 开发人员创建开发分支(git checkout -b dev),并进行开发 开发人员完成之后,提交到本地仓库(git commit ) 开发人员在gitlab界面上申请分支合并请求(Merge request) PM在gitlab上查看提交和代码修改情况,确认无误后,确认将开发人员的分支合并到主分支(master) 开发人员在gitlab上Mark done确认开发完成,并关闭issue。这一步在提交合并请求时可以通过描述中填写"close #1"等字样,可以直接关闭issue
创建项目管理用户Tompson如下所示:
同样的方法,再创建Eric 、Hellen 用户。用户添加完毕后,gitlab会给用户发一封修改密码的邮件,各用户需要登录自己的邮箱,并点击相关的链接,设置新密码。
将用户添加到组中,指定Tompson为本组的owner:
同样的方法将用户Eric、Hellen也添加到组中,并指定他们为Developer:
使用 Tompson 用户的身份与密码登录到 gitlab 界面中,并创建项目 Project ,如下所示:
指定项目的存储路径和项目名称,如下所示
为项目创建Dev分支,如下所示:
在 client 上添加Tompson的用户:
[root@vm2 ~]# useradd Tompson
[root@vm2 ~]# useradd Eric
[root@vm2 ~]# useradd Hellen
[root@vm2 ~]# su - Tompson
[Tompson@vm2 ~]$ ssh-keygen -C Tompson@domain.cn
Generating public/private rsa key pair.
Enter file in which to save the key (/home/Tompson/.ssh/id_rsa):
Created directory '/home/Tompson/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/Tompson/.ssh/id_rsa.
Your public key has been saved in /home/Tompson/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:SAoAH2zSxqEJqVgKKrxM5XMi6tKe61JMRdwMhwBNIrE Tompson@domain.cn
The key's randomart image is:
+---[RSA 2048]----+
|XX==o=. |
|*BOo+.o |
|E*=. . |
|*+.= + . |
|=oo = . S |
|.oo |
|.o |
|o... |
|.+=. |
+----[SHA256]-----+
[Tompson@vm2 ~]$ cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDZ8cRGHej+sZzlmK36W5MUXMLOGdTwFI9Jj44mGuabZCrlYW4GDpL6ppezN+Sur0wHtnKonYJzm8ntqS0S0UHyaPPQPl9Mrs/6Z4VrXZ/4RlqHdWeSrmOwCBQld0l8HvrmP4TyGHrOreO8uZqimd/Z+OiMqnYRZzENX11Pti/Px5g1MtJcoCi9uLtF42QYrt1X/fzAyPU9C5/5ZUq4Jln3EF20bzcA52oAzZIl0jrhI0TeTeW6zYq+KxdHGshL+qG7+Ne+akPOe4Ma5BQjcMZ2dQ2kbGuozXmLT8RDcj9YRKceQsUdTI71lJpwrWKGn8Vhra0EaK3hgoTuvMYaGfOF Tompson@domain.cn将Tompson的公钥复制到gitlab中: 使用Tompson用户的身份与密码登录到gitlab界面中,然后在ssh-key中添加 相关的key ,如下所示:
为Tompson用户配置git ,如下所示:
[Tompson@vm2 ~]$ git config --global user.email "Tompson@domain.cn"
[Tompson@vm2 ~]$ git config --global user.name "Tompson"
[Tompson@vm2 ~]$ git clone git@192.168.60.119:plat-sp/chathall.git
Cloning into 'chathall'...
The authenticity of host '192.168.60.119 (192.168.60.119)' can't be established.
ECDSA key fingerprint is SHA256:CDxAQmj6gUkIxB6XUofbZ853GuPM5LS2QO4a5dD7jRo.
ECDSA key fingerprint is MD5:4e:20:72:a7:46:c6:d7:5d:bb:9d:ce:c3:f3:da:43:f9.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.60.119' (ECDSA) to the list of known hosts.
remote: Counting objects: 3, done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (3/3), done.
[Tompson@vm2 ~]$
[Tompson@vm2 ~]$ cd chathall/
[Tompson@vm2 chathall]$ ls
Readme.txt
[Tompson@vm2 chathall]$创建一下新文件,添加内容,并提交到master分支:
[Tompson@vm2 chathall]$ vim test.sh
[Tompson@vm2 chathall]$ cat test.sh
#!/bin/bash
echo "gitlab test"
[Tompson@vm2 chathall]$ git add .
[Tompson@vm2 chathall]$ git commit -m '201805101649'
[master 80edf6b] 201805101649
1 file changed, 2 insertions(+)
create mode 100644 test.sh
[Tompson@vm2 chathall]$
[Tompson@vm2 chathall]$ git push -u origin master
Counting objects: 4, done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 305 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To git@192.168.60.119:plat-sp/chathall.git
4611654..80edf6b master -> master
Branch master set up to track remote branch master from origin.
[Tompson@vm2 chathall]$ 使用Eric用户登录,并clone 项目,如下所示:
[root@vm2 ~]# su - Eric
[Eric@vm2 ~]$ ssh-keygen -C Eric@domain.cn
Generating public/private rsa key pair.
Enter file in which to save the key (/home/Eric/.ssh/id_rsa):
Created directory '/home/Eric/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/Eric/.ssh/id_rsa.
Your public key has been saved in /home/Eric/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:VZaJvjA5SJZEB+yuRpDBNHCECCZ5R8X0DYcNE0f1B6E Eric@domain.cn
The key's randomart image is:
+---[RSA 2048]----+
|*O=..B*o**+o+oo. |
|*.+.. *o.*oooo . |
| . + + ..oo E . .|
| o o =.. . |
| . . S+ . |
| . . . |
| . . |
| o |
| . |
+----[SHA256]-----+
[Eric@vm2 ~]$ cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDxQcn4UjRW/5PT5witeV9+S2w8WK5ouawHxEF7s9wuWsT4pqhcu5BN74NG3CPaq1jJZnkV+aQsTw+60BAd1gOK0FBbKWxmohmE61n9vfpUT5igJ72t2jpXjfKwLIHw+Iq5yM4yUhkwSsoBuZkxYSEltnj8OvXaOlCDYnXuGBa9+xO8f5yVIcOtiwRvv+Y1PRRzSIcazPVZax9FLK26t1R4NPiY4xWkIJyK2OrKMeiaBBzyMfWzHdmsCWa51oSrYSmz3PDBXpzIBs3OdKxcaJs9Lc5u87YCV5RMUjLrPcA7nPK6crOabLXhz3d5GSYggMTOByQkyKOo7WlYpARCHOt/ Eric@domain.cn
[Eric@vm2 ~]$ 同样需要使用Eric用户登录gitlab web 界面,并添加相应的ssh-key。然后设置git ,并clone项目:
[Eric@vm2 ~]$ git config --global user.email "Eric@domain.cn"
[Eric@vm2 ~]$ git config --global user.name "Eric"
[Eric@vm2 ~]$ git clone git@192.168.60.119:plat-sp/chathall.git
Cloning into 'chathall'...
The authenticity of host '192.168.60.119 (192.168.60.119)' can't be established.
ECDSA key fingerprint is SHA256:CDxAQmj6gUkIxB6XUofbZ853GuPM5LS2QO4a5dD7jRo.
ECDSA key fingerprint is MD5:4e:20:72:a7:46:c6:d7:5d:bb:9d:ce:c3:f3:da:43:f9.
Are you sure you want to continue connecting (yes/no)? yes
remote: Counting objects: 6, done.
remote: Compressing objects: 100% (3/3), done.
remote: Total 6 (delta 0), reused 0 (delta 0)
Receiving objects: 100% (6/6), done.
[Eric@vm2 ~]$ 切换到dev分支,修改文件内容,并将新code提交到dev分支(Developer角色默认并没有提交master的权限):
[Eric@vm2 chathall]$ git checkout dev
Branch dev set up to track remote branch dev from origin.
Switched to a new branch 'dev'
[Eric@vm2 chathall]$ ls
Readme.txt test.sh
[Eric@vm2 chathall]$ vim test.sh
[Eric@vm2 chathall]$ cat test.sh
#!/bin/bash
echo "gitlab test"
echo "brahch test"
[Eric@vm2 chathall]$ git add .
[Eric@vm2 chathall]$ git commit -m '201805101658'
[dev 6687039] 201805101658
1 file changed, 1 insertion(+)
[Eric@vm2 chathall]$ git push -u origin dev
Counting objects: 5, done.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 306 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
remote:
remote: To create a merge request for dev, visit:
remote: http://192.168.60.119/plat-sp/chathall/merge_requests/new?merge_request%5Bsource_branch%5D=dev
remote:
To git@192.168.60.119:plat-sp/chathall.git
80edf6b..6687039 dev -> dev
Branch dev set up to track remote branch dev from origin.
[Eric@vm2 chathall]$
[Eric@vm2 chathall]$ git checkout master
Switched to branch 'master'
[Eric@vm2 chathall]$ git branch
dev
* master
[Eric@vm2 chathall]$使用Eric 用户登录gitlab web,在界面中 创建一个合并请求:
提交合并请求:
然后使用Tompson用户登录 gitlab web ,找到“合并请求” ,然后将dev分支合并到master分支,如下所示:
1.9.6 Gitlab 备份与恢复
1、查看系统版本和软件版本
[root@gitlab gitlab]# cat /etc/redhat-release
CentOS Linux release 7.3.1611 (Core)
[root@gitlab gitlab]# cat /opt/gitlab/embedded/service/gitlab-rails/VERSION
8.15.42、数据备份
打开/etc/gitlab/gitlab.rb配置文件,查看一个和备份相关的配置项:
gitlab_rails['backup_path'] = "/data/gitlab/backups"
该项定义了默认备份出文件的路径,可以通过修改该配置,并执行 gitlab-ctl reconfigure 或者 gitlab-ctl restart 重启服务生效。
执行备份命令进行备份
/opt/gitlab/bin/gitlab-rake gitlab:backup:create
也可以添加到 crontab 中定时执行:
0 2 * * * /opt/gitlab/bin/gitlab-rake gitlab:backup:create
可以到/data/gitlab/backups找到备份包,解压查看,会发现备份的还是比较全面的,数据库、repositories、build、upload等分类还是比较清晰的。
设置备份保留时常,防止每天执行备份,肯定有目录被爆满的风险,打开/etc/gitlab/gitlab.rb配置文件,找到如下配置:
gitlab_rails['backup_keep_time'] = 604800
设置备份保留7天(7360024=604800),秒为单位,如果想增大或减小,可以直接在该处配置,并通过gitlab-ctl restart 重启服务生效。
备份完成,会在备份目录中生成一个当天日期的tar包。
3、测试数据恢复
(1) 安装部署 gitlab server
具体步骤参见上面:gitlab server 搭建过程
(2) 恢复 gitlab
打开/etc/gitlab/gitlab.rb配置文件,查看一个和备份相关的配置项:
gitlab_rails['backup_path'] = "/data/gitlab/backups"
修改该配置,定义了默认备份出文件的路径,并执行 gitlab-ctl reconfigure 或者 gitlab-ctl restart 重启服务生效。
恢复前需要先停掉数据连接服务:
[root@gitlab ]# gitlab-ctl stop unicorn
[root@gitlab ]# gitlab-ctl stop sidekiq如果是台新搭建的主机,不需要操作,理论上不停这两个服务也可以。停这两个服务是为了保证数据一致性。将老服务器/data/gitlab/backups目录下的备份文件拷贝到新服务器上的/data/gitlab/backups
[root@gitlab gitlab]# rsync -avz 1530773117_2019_03_05_gitlab_backup.tar 192.168.95.135:/data/gitlab/backups/ 注意权限:600权限是无权恢复的。 实验环境可改成了777,生产环境建议修改属主属组
[root@gitlab backups]# pwd
/data/gitlab/backups
[root@gitlab backups]# chmod 777 1530773117_2019_03_05_gitlab_backup.tar
[root@gitlab backups]# ll
total 17328900
-rwxrwxrwx 1 git git 17744793600 Jul 5 14:47 1530773117_2018_07_05_gitlab_backup.tar执行下面的命令进行恢复:后面再输入两次yes就完成恢复了。
[root@gitlab backups]# gitlab-rake gitlab:backup:restore BACKUP=1530773117_2018_07_05_gitlab_backup.tar恢复完成后,启动刚刚的两个服务,或者重启所有服务,再打开浏览器进行访问,发现数据和之前的一致:
[root@gitlab backups]# gitlab-ctl start unicorn
[root@gitlab backups]# gitlab-ctl start sidekiq
或
[root@gitlab backups]# gitlab-ctl restart注意:通过备份文件恢复gitlab必须保证两台主机的gitlab版本一致,否则会提示版本不匹配
1.9.7 邮箱配置
[root@gitlab ]# vim /etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.163.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "newrain_wang@163.com"
gitlab_rails['smtp_password'] = "UWYNCPQOBQFCDLIW"
gitlab_rails['smtp_domain'] = "smtp.163.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = true
gitlab_rails['smtp_pool'] = false
gitlab_rails['gitlab_email_from'] = 'newrain_wang@163.com'
[root@gitlab ]# gitlab-ctl reconfigure
759
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
