一 环境预配置
硬件 2核4G 就可以为500人使用
1.1 安装依赖
挂载数据盘。
安装 docker / docker-compose
设置 docker 国内源
1.2 域名证书
使用 certbot 生成证书
certbot certonly --manual --preferred-challenges dns
把生成的证书放到如下目录 /mnt/git/config/ssl
里面
root@gitlab:/mnt/git/config# pwd
/mnt/git/config
root@gitlab:/mnt/git/config# ls ssl
git.xxxx.com.crt git.xxxx.com.key
1.3 编辑docker-compose.yml
根据需要设置数据卷,我本地是把硬盘挂载到 /mnt/git 目录了
官方镜像地址:https://hub.docker.com/r/gitlab/gitlab-ce/tags
# cat docker-compose.yml
version: '3.6'
services:
gitlab:
image: 'gitlab/gitlab-ce:16.9.3-ce.0'
restart: always
container_name: gitlab_web
hostname: 'gitlab.example.com'
environment:
TZ: Asia/Shanghai
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://git.xxxx.com'
gitlab_rails['time_zone'] = 'Asia/Shanghai'
ports:
- '80:80'
- '443:443'
- '2422:22'
volumes:
- '/mnt/git/config:/etc/gitlab'
- '/mnt/git/logs:/var/log/gitlab'
- '/mnt/git/data:/var/opt/gitlab'
1.4 Git部分配置说明
# cd /mnt/git/config # 本文件夹放了git的配置文件
initial_root_password # 初始化密码文件,默认用户root ,密码在该文件内保存
# grep -v -e '^$' gitlab.rb | grep -v '^#'
gitlab_rails['gitlab_ssh_host'] = 'git.xxxx.com'
gitlab_rails['time_zone'] = 'Asia/Shanghai'
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.mxhichina.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "git@xxxx.com"
gitlab_rails['smtp_password'] = "Password"
gitlab_rails['smtp_domain'] = "xxxx.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = true
gitlab_rails['smtp_pool'] = false
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = 'git@xxxx.com'
gitlab_rails['gitlab_email_display_name'] = 'Gitlab'
gitlab_rails['gitlab_email_reply_to'] = 'git@xxxx.com'
gitlab_rails['gitlab_default_projects_features_issues'] = true
gitlab_rails['gitlab_default_projects_features_merge_requests'] = true
gitlab_rails['gitlab_default_projects_features_wiki'] = true
gitlab_rails['gitlab_default_projects_features_snippets'] = true
gitlab_rails['gitlab_default_projects_features_builds'] = true
gitlab_rails['gitlab_default_projects_features_container_registry'] = true
gitlab_rails['gitlab_repository_downloads_path'] = 'tmp/repositories'
gitlab_rails['rack_attack_git_basic_auth'] = {
'enabled' => true,
'ip_whitelist' => ["127.0.0.1","192.168.0.0/24"],
'maxretry' => 10,
'findtime' => 60,
'bantime' => 3600
}
二 部署服务
将上述 docker-compose.yml 文件编辑好之后,执行docker-compose -f docker-compose up -d
即可
查看日志docker logs -f gitlab_web
三 故障排除
3.1 打开web界面不知道用户名密码
默认用户名 root ,默认密码在/mnt/git/config/initial_root_password
文件内。