安装GitLab教程

1. 首先需要一台Linux的服务器,并进行系统预配置工作

1.1 进行服务器防火墙的关闭操作

# 关闭防火墙
systemctl stop firewalld  

# 禁止开机启动
systemctl disable firewalld 

1.2 关闭SELINUX并重启系统

sudo vi /etc/sysconfig/selinux
# 该配置调整为 disabled
SELINUX=disabled
# 根据 getenforce 命令查看是否关闭
[vagrant@gitlab ~]$ sudo getenforce
Disabled

2. 安装Omnibus Gitlab-ce package (必要的插件的集合版本)

2.1 安装gitlab依赖的组件

sudo yum -y install curl policycoreutils openssh-server openssh-clients postfix

2.2 配置YUM仓库

curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash

2.3 添加启动 postfix邮件服务

systemctl start postfix && systemctl enable postfix

2.4 安装Gitlab-ce 社区版本

yum install -y gitlab-ce

3. 在安装完毕GitLab-CE 后，进行后续的配置工作

3.1 创建gitlab 证书 （openssl 详细使用介绍）

# 创建目录
sudo mkdir -p /etc/gitlab/ssl
# 创建秘钥
sudo openssl genrsa -out "/etc/gitlab/ssl/gitlab.examle.com.cn.key"   2048

sudo openssl req -new -key "/etc/gitlab/ssl/gitlab.examle.com.cn.key" -out 
"/etc/gitlab/ssl/gitlab.examle.com.cn.csr"

# 根据指示填写秘钥生成内容
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:biejing
Locality Name (eg, city) [Default City]:beijing
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:gitlab.******.com
Email Address []:*********@qq.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456789
An optional company name []:admin

sudo openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.examle.com.cn.csr"
- signkey "/etc/gitlab/ssl/gitlab.examle.com.cn.key" -out "/etc/gitlab/ssl/gitlab.examle.com.cn.crt"
Signature ok
subject=/C=cn/ST=biejing/L=beijing/O=Default Company Ltd/CN=gitlab.example.com.cn/emailAddress=********@qq.com
Getting Private key

sudo openssl dhparam -out /etc/gitlab/ssl/dhparams.pem

3.2 把创建的证书 配置到gitlab 

sudo vi /etc/gitlab/gitlab.rb

## GitLab URL
##! URL on which GitLab will be reachable.
##! For more details on configuring external_url see:
##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
##!
##! Note: During installation/upgrades, the value of the environment variable
##! EXTERNAL_URL will be used to populate/replace this value.
##! On AWS EC2 instances, we also attempt to fetch the public hostname/IP
##! address from AWS. For more details, see:
##! https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
# 调整前  external_url 'http://gitlab.example.com'
external_url 'https://gitlab.example.com'


# 然后搜索包含 /redirect_http_to_https 内容的配置

# nginx['enable'] = true
# nginx['client_max_body_size'] = '250m'
# nginx['redirect_http_to_https'] = false # 放开该行注释并调整属性
nginx['redirect_http_to_https'] = true
# nginx['redirect_http_to_https_port'] = 80

# 继续更改 key 的地址（也就是前面生成的key）

# nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.examle.com.cn.crt"
# nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.examle.com.cn.key"

# nginx['ssl_dhparam'] = nil # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem
# 调整为之前生成的key
# nginx['ssl_dhparam'] = /etc/gitlab/ssl/dhparams.pem # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem
# nginx['listen_addresses'] = ['*', '[::]']

# 修改调整完进行保存退出

3.3 初始化gitlab的相关配置

# 进行 gitlab 相关的应用进行初始化
sudo gitlab-ctl reconfigure

# 修改gitlab使用的nginx 的http 相关配置
vi /var/opt/gitlab/nginx/conf/gitlab-http.com.conf


#在 server_name gitlab.example.com; 下新增下行配置

rewrite ^(.*)$ https://$host$1 permanent;


# 使配置生效
gitlab-ctl restart

4. web页面的访问

4.1 在所使用的系统中添加 host DNS 配置
4.2 在浏览器访问你所配置的域名 会出现下列页面，