部署gitlab

最新推荐文章于 2023-03-07 15:39:48 发布

净夜凡尘

最新推荐文章于 2023-03-07 15:39:48 发布

阅读量123

点赞数

分类专栏： linux

本文链接：https://blog.csdn.net/weixin_45444133/article/details/114484558

版权

linux 专栏收录该内容

37 篇文章 4 订阅

订阅专栏

文章目录

centos8 部署

sudo dnf install -y curl policycoreutils openssh-server perl
#可以去清华开源镜像站： https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/ (选择 yum ｜ apt)
wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el8/gitlab-ce-13.8.4-ce.0.el8.x86_64.rpm
rpm -i gitlab-ce-13.8.4-ce.0.el8.x86_64.rpm
#加载配置文件
gitlab-ctl reconfigure
#操作命令
gitlab-ctl restart ｜ start | stop | status

ubuntu18.04|20.04 部署

sudo apt-get update
sudo apt-get install -y curl openssh-server ca-certificates
1.dpkg 安装
    wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/apt/packages.gitlab.com/gitlab/gitlab-ce/ubuntu/pool/focal/main/g/gitlab-ce/gitlab-ce_13.6.7-ce.0_amd64.deb
    dokg -i gitlab-ce/gitlab-ce_13.6.7-ce.0_amd64.deb
2.apt 安装
    curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash
    #更换未清华源
    cat > /etc/apt/sources.list.d/gitlab_gitlab-ce.list <<EOF
    deb https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/ubuntu bionic main
    deb-src https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/ubuntu bionic main
    EOF
    #更新源
    sudo apt-get update
    #安装
    apt-get install gitlab-ce
    #这个是配置访问地址并启动gitlab
    sudo EXTERNAL_URL="http://localhost" apt-get install gitlab-ce

    #加载配置文件
    gitlab-ctl reconfigure
    #操作命令
    gitlab-ctl restart ｜ start | stop | status

修改配置文件gitlab.rb

vim /etc/gitlab/gitlab.rb
#external_url 'http://gitlab.example.com'
external_url '域名:端口号'        # 修改这个地方，没有域名用公网ip

1.改用自己的nginx

vim /etc/gitlab/gitlab.rb
external_url '域名:端口号'
905   unicorn['port'] = 8080 #默认的，但是没开启
注: url的端口号和unicorn 的端口号  要不一致。
# 禁用内置nginx
1282  nginx['enable'] = false

# 配置nginx.conf文件
cat >/etc/nginx/conf.d/gitlab.conf <<EOF
# gitlab socket 文件地址
upstream gitlab {
    # 7.x 版本在此位置
    # server unix:/var/opt/gitlab/gitlab-rails/tmp/sockets/gitlab.socket;
    # 8.0 位置
    server unix://var/opt/gitlab/gitlab-rails/sockets/gitlab.socket;
    }
server {
    listen   80;  #修改端口号（nginx需要访问的端口号和gitlab.rb中 external_url 端口号保持一致  ）
    server_name localhost;  
    server_tokens off;    #不显示版本号，这是安全性最佳做法
    root /opt/gitlab/embedded/service/gitlab-rails/public;
    client_max_body_size 250m;
    location / {
        try_files $uri $uri/index.html $uri.html @gitlab;
    }
    location @gitlab {
        proxy_read_timeout 300; # Some requests take more than 30 seconds.
        proxy_connect_timeout 300; # Some requests take more than 30 seconds.
        proxy_redirect    off;
        proxy_set_header  X-Forwarded-Proto $scheme;
        proxy_set_header  Host              $http_host;
        proxy_set_header  X-Real-IP        $remote_addr;
        proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_set_header  X-Frame-Options  SAMEORIGIN;
        proxy_pass   http://127.0.0.1:端口号; #和gitlab.rb中unicorn['port']  端口号保持一致
    }
    location ~ ^/(assets)/  {
        root /opt/gitlab/embedded/service/gitlab-rails/public;
        expires max;
        add_header Cache-Control public;
    }
    error_page 502 /502.html;
}
EOF

2.改用自己的redis

vim /etc/gitlab/gitlab.rb
redis['enable'] = false	# 禁用内置redis
#### Redis TCP connection
1179 gitlab_rails['redis_host'] = "127.0.0.1"
688  gitlab_rails['redis_port'] = 6379
gitlab_rails['redis_password'] = "1"
gitlab_rails['redis_database'] = 10

#安装redis 
wget http://download.redis.io/releases/redis-6.0.10.tar.gz
tar -xvf redis-6.0.10.tar.gz  -C /usr/local/
cd /usr/local/redis-6.0.10/
make MALLOC=libc
cp /usr/local/redis-6.0.10/src/redis-cli /usr/bin/
cp /usr/local/redis-6.0.10/src/redis-server /usr/bin/
cp /usr/local/redis-6.0.10/src/redis-sentinel /usr/bin/
mkdir -p /etc/redis/{conf,log,pid,redis6379}

#编写配置文件
cat > /etc/redis/conf/redis6379.conf <<EOF
##########################################redis.conf############################################
bind 0.0.0.0
protected-mode no
port 6379
tcp-backlog 511
unixsocket "/tmp/redis6379.sock"
unixsocketperm 700
timeout 0
tcp-keepalive 300
################################# GENERAL #####################################
daemonize yes
supervised no
pidfile "/etc/redis/pid/redis_6379.pid"
loglevel notice
logfile "/etc/redis/log/redis6379.log"
databases 16
always-show-logo yes
################################ SNAPSHOTTING  ################################
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename "dump6379.rdb"
dir "/etc/redis/redis6379"
################################# REPLICATION #################################
# masterauth "1"
replica-serve-stale-data yes
replica-read-only yes
repl-diskless-sync no
repl-diskless-sync-delay 5
repl-disable-tcp-nodelay no
################################## SECURITY ###################################
requirepass "1"
rename-command CONFIG "b840fc02d524045429941cc43f59e41cb7be6c52"
################################### CLIENTS ####################################
maxclients 10000
############################# LAZY FREEING ####################################
lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
replica-lazy-flush no
############################## APPEND ONLY MODE ###############################
appendonly no
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
aof-use-rdb-preamble yes
################################ LUA SCRIPTING  ###############################
lua-time-limit 5000
############################### 慢日志  ################################
slowlog-log-slower-than 10000
slowlog-max-len 128
EOF

#启动服务
redis-server /etc/redis/conf/redis6379.conf

#加载配置文件
gitlab-ctl reconfigure
#操作命令
gitlab-ctl restart ｜ start | stop | status

3.设置ssl

#使用nginx来https
#这里配置个强制跳转https
server {
    listen 80;
    server_name git.mymy.app;
    rewrite ^(.*) https://$server_name$1 permanent;    
}    
#阿里云申请免费的证书，配置到server里面
server {
    listen  443 ssl;
    server_name git.mymy.app;  
    server_tokens off;    #不显示版本号，这是安全性最佳做法
    # ssl证书地址
    ssl_certificate     /etc/gitlab/ssl/5131025_git.mymy.app.pem;  # pem文件的路径
    ssl_certificate_key  /etc/gitlab/ssl/5131025_git.mymy.app.key; # key文件的路径
    # ssl验证相关配置
    ssl_session_timeout  5m;    #缓存有效期
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;    #加密算法
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;    #安全链接可选的加密协议
    ssl_prefer_server_ciphers on;   #使用服务器端的首选算法

ubuntu 安装错误

gitlab 卡在ruby_block[wait for redis service socket] action run

解决方案:
在另外开启一个终端启动如下命令
sudo /opt/gitlab/embedded/bin/runsvdir-start
#或者放后台执行
nohup /opt/gitlab/embedded/bin/runsvdir-start &

设置服务开机自启

1.gitlabe服务
systemctl enable gitlab-runsvdir.service

2.nginx服务
cat >/usr/lib/systemd/system/nginx.service<<EOF
[Unit]
Description=nginx
After=network.target

[Service]
Type=forking
PIDFile=/run/nginx.pid
ExecStart=/etc/nginx/sbin/nginx -c /etc/nginx/nginx.conf
ExecReload=/bin/kill -s HUP \$MAINPID
ExecStop=/bin/kill -s TERM  \$MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target
EOF

3.redis服务
cat >/usr/lib/systemd/system/redis.service<<EOF
[Unit]
Description=redis
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
ExecStart=/usr/bin/redis-server /etc/redis/conf/redis6981.conf
ExecReload=/bin/kill -s HUP \$MAINPID
ExecStop=/usr/bin/redis-cli -p 6379 -a 1 shutdown
PrivateTmp=true

[Install]
WantedBy=multi-user.target
EOF

净夜凡尘

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
部署gitlab

文章目录centos8 部署ubuntu18.04|20.04 部署修改配置文件gitlab.rb1.改用自己的nginx2.改用自己的redis3.设置sslubuntu 安装错误设置服务开机自启centos8 部署sudo dnf install -y curl policycoreutils openssh-server perl#可以去清华开源镜像站： https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/ (选择 yum ｜ apt)wget htt
复制链接

扫一扫

专栏目录