debian 系统 安装 极狐gitlab 服务
推荐进入极狐官网进行最新安装步骤查看, 以及相关服务及配置内容.
1安装和配置必须的依赖项
sudo apt-get update
sudo apt-get install -y curl openssh-server ca-certificates perl
sudo apt-get install -y postfix
在安装 Postfix 的过程中可能会出现一个配置界面,在该界面中选择“Internet Site”并按下回车。把“mail name”设置为您服务器的外部 DNS 域名并按下回车。如果还有其它配置界面出现,继续按下回车以接受默认配置。
2.下载/安装极狐GitLab
curl -fsSL https://packages.gitlab.cn/repository/raw/scripts/setup.sh | /bin/bash
进行访问路由配置 将下方的 “gitlab.example.com” 替换成自己的域名
sudo EXTERNAL_URL="https://gitlab.example.com" apt-get install gitlab-jh
3. 安装完成 进行nginx配置
修改 gitlab配置文件
vim /etc/gitlab/gitlab.rb
修改以下内容
# 禁用gitlab自带的nginx服务器
nginx['enable'] = false
# www为当前服务器运行nginx的用户
web_server['external_users'] = ['www']
gitlab_rails['trusted_proxies'] = [ '127.0.0.1' ]
gitlab_workhorse['listen_network'] = "tcp"
# 修改端口成8181,如果端口已被占用,使用其他端口
gitlab_workhorse['listen_addr'] = "127.0.0.1:8181"
# gitlab 访问地址, 也就是安装时 指定的地址
external_url 'http://zkwl-sy.com:6848'
刷新gitlab配置
gitlab-ctl reconfigure
启动 gitlab
gitlab-ctl start
进行nginx配置
新建nginx配置文件 gitlab.conf
在nginx主配置文件中引入 gitlab.conf
如 include /www/server/nginx/conf/vhost/*.conf;
upstream gitlab {
server 127.0.0.1:8181; # gitlab中配置gitlab_workhorse['listen_addr']
}
server {
listen 6848; # gitlab访问域名端口
server_name zkwl-sy.com; # gitlab访问的域名
server_tokens off; # don't show the version number, a security best practice
root /opt/gitlab/embedded/service/gitlab-rails/public;
# Increase this if you want to upload large attachments
# Or if you want to accept large git objects over http
client_max_body_size 250m;
# individual nginx logs for this gitlab vhost
access_log /var/log/gitlab/gitlab_access.log;
error_log /var/log/gitlab/gitlab_error.log;
location / {
# serve static files from defined root folder;.
# @gitlab is a named location for the upstream fallback, see below
try_files $uri $uri/index.html $uri.html @gitlab;
}
# if a file, which is not found in the root folder is requested,
# then the proxy pass the request to the upsteam (gitlab unicorn)
location @gitlab {
# If you use https make sure you disable gzip compression
# to be safe against BREACH attack
proxy_read_timeout 300; # Some requests take more than 30 seconds.
proxy_connect_timeout 300; # Some requests take more than 30 seconds.
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://gitlab;
}
# Enable gzip compression as per rails guide: http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression
# WARNING: If you are using relative urls do remove the block below
# See config/application.rb under "Relative url support" for the list of
# other files that need to be changed for relative url support
location ~ ^/(assets)/ {
root /opt/gitlab/embedded/service/gitlab-rails/public;
# gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
}
error_page 502 /502.html;
}
4 刷新nginx
nginx -s reload