1.docker-compose部署gitlab
docker-compose文件编辑
mkdir /data/gitlab
vim docker-compose.yaml
version: '3.6'
services:
gitlab:
image: registry.cn-shenzhen.aliyuncs.com/jxqwe/base:gitlab-ce
restart: always
container_name: gitlab
environment:
GITLAB_ROOT_PASSWORD: a3jzdWeb
ports:
- '80:80'
- '443:443'
volumes:
- /data/gitlab/config:/etc/gitlab
- /data/gitlab/logs:/var/log/gitlab
- /data/gitlab/data:/var/opt/gitlab
启动命令
docker-compose up -d
docker-compose ps
gitlab 优化
postgresql['shared_buffers'] = "64MB"
postgresql['max_worker_processes'] = 1
sidekiq['concurrency'] = 1
unicorn['worker_processes'] = 1
nginx['worker_processes'] = 2
unicorn['worker_timeout'] = 20
unicorn['worker_memory_limit_min'] = "100 * 1 << 20"
unicorn['worker_memory_limit_max'] = "220 * 1 << 20"
prometheus_monitoring['enable'] = false
# 以上情况 用docker 部署 才会出现的
# 需要修改配置
# /data/gitlab/config/gitlab.rb 加入以下配置
# external_url 'http://本机ip'
# 重新启动 gitlab 服务
2.给gitlab 配置 https
生成ssl证书
yum install openssl openssl-devel -y
mkdir /data/gitlab/config/ssl
cd /data/gitlab/config/ssl
openssl req -new -newkey rsa:2048 -sha256 -nodes -out gitlab.csp.cn.csr -keyout gitlab.csp.cn.key -subj "/C=CN/ST=Beijing/L=Beijing/O=Super Inc./OU=Web Security/CN=gitlab.csp.cn"
openssl x509 -req -days 365 -in gitlab.csp.cn.csr -signkey gitlab.csp.cn.key -out gitlab.csp.cn.csr
为Gitlab配置https
external_url 'https://gitlab.csp.cn'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.csp.cn.csr"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.csp.cn.key"
nginx['proxy_set_headers'] = {
"X-Forwarded-Proto" => "https",
"X-Forwarded-Ssl" => "on"
}
重启容器
cd /data/gitlab
docker-compose restart
访问gitlab
3.修改clone bug
# clone 会出现 这个 随机字符 这个 docker 部署 的主机名 需要改一下实际ip和端口
4.https gitlab报错
jenkins 连接gitlab https服务
git config http.sslVerify false