Gitlab部署
-
gitlab rpm包下载链接:https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/
-
系统环境:Rocky Linux9.1
# 安装依赖包,libcrypt.so.1默认是glibc提供,升级到9后由libxcrypt-compat提供:/opt/gitlab/embedded/bin/ruby: error while loading shared libraries: libcrypt.so.1: cannot open shared object file: No such file or directory
yum -y install libxcrypt-compat
# 语言依赖缺少:WARN: Please install an English UTF-8 locale for Cinc Client to use, falling back to C locale and disabling UTF-8 support.
yum -y install langpacks-en glibc-langpack-en
# 安装gitlab-ce
yum -y localinstall gitlab-ce-15.6.7-ce.0.el8.aarch64.rpm
# 关闭防火墙
systemctl disable firewalld --now
sed -ri "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux
setenforce 0
# 开启相关服务
systemctl enable postfix --now
systemctl enable sshd -now
# 设置访问地址 vim /etc/gitlab/gitlab.rb
external_url 'http://192.168.0.13
# 设置数据目录
git_data_dirs({
"default" => {
"path" => "/data/gitlab"
}
})
# 设置备份目录
gitlab_rails['manage_backup_path'] = true
gitlab_rails['backup_path'] = "/data/gitlab-backup"
# 关闭Prometheus(测试环境不需要这个,减少资源消耗)
prometheus['enable'] = false
alertmanager['enable'] = false
node_exporter['enable'] = false
redis_exporter['enable'] = false
postgres_exporter['enable'] = false
gitlab_exporter['enable'] = false
# 设置HTTPS
mkdir -p /etc/gitlab/ssl && chmod 700 /etc/gitlab/ssl && cd /etc/gitlab/ssl
# 创建服务器私钥,不加密
openssl genrsa -out rsa_private.key 1024
# 生成RSA公钥
openssl rsa -in rsa_private.key -pubout -out rsa_public.key
# 使用RSA私钥生成自签名证书
openssl req -new -x509 -days 3650 -key rsa_private.key -out cert.crt
# gitlab https配置
nginx['enable'] = true
nginx['redirect_http_to_https'] = true
nginx['redirect_http_to_https_port'] = 80
nginx['ssl_certificate'] = "/etc/gitlab/ssl/cert.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/rsa_private.key"
# 生产配置文件
gitlab-ctl reconfigure
# 启动gitlab
gitlab-ctl start
# 查看gitlab密码
cat /etc/gitlab/initial_root_password
# 查看gitlab版本
head -1 /opt/gitlab/version-manifest.txt