一、安装
服务器配置要求:建议2C4G以上,本人虚拟机设置的2C2G,起初非常卡,页面访问经常5xx
- yum安装
wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-14.3.5-ce.0.el7.x86_64.rpm
yum -y install gitlab-ce-14.3.5-ce.0.el7.x86_64.rpm
# 启动gitlab涉及的所有服务,重新加载配置
gitlab-ctl reconfigure
# 查看各服务启动状态
gitlab-ctl status
- docker安装
mkdir /opt/gitlab
GITLAB_HOME=/opt/gitlab # 数据持久化目录
/etc/gitlab:配置文件目录
/var/log/gitlab:日志文件目录
/var/opt/gitlab:数据文件目录
docker run --detach \
--hostname gitlab.ctnrs.com \
--publish 4433:443 --publish 8880:80 --publish 2222:22 \
--name gitlab \
--restart always \
--volume $GITLAB_HOME/config:/etc/gitlab \
--volume $GITLAB_HOME/logs:/var/log/gitlab \
--volume $GITLAB_HOME/data:/var/opt/gitlab \
gitlab/gitlab-ce:latest
- 访问登录
- 直接访问服务器地址,默认端口80
- 访问报502
gitlab-ctl restart alertmanager
gitlab-ctl status
常用命令
gitlab-ctl status/start/restart/stop/reconfigure <serice name>
# 列出所有启动的服务
gitlab-ctl service-list
# 平滑停止一个服务
gitlab-ctl graceful-kill
# 清除gitlab数据,初始化
gitlab-ctl ckeanse
# 开启调试终端
gitlab-rails console
# 连接redis
gitlab-redis-cli
# 连接pgsql
gitlab-psql
# 备份与恢复
gitlab-rake
- 14版本,初始账户为root,密码在文件“/etc/gitlab/initial_root_password”中
- 这个文件将在首次执行reconfigure后24小时自动删除
- 初次登录需要重设密码
- 中文设置
- 修改密码
- 全局设置
- 是否允许用户注册账户,自用建议关闭
邮件配置
vi /etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true
# 邮件服务器域名
gitlab_rails['smtp_address'] = "smtp.163.com"
# 服务器端口
gitlab_rails['smtp_port'] = 25
# 用户
gitlab_rails['smtp_user_name'] = "xyhlinux@163.com"
# SMTP密码
gitlab_rails['smtp_password'] = "YTPQOGPPIWMLFIWQ"
# 短域名
gitlab_rails['smtp_domain'] = "163.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = false
----
gitlab_rails['gitlab_email_from'] = 'xyhlinux@163.com'
---
gitlab_rails['time_zone'] = 'Asia/Shanghai'
# 重新加载配置
gitlab-ctl reconfigure
# 进入控制台调试邮箱配置
# Notify.test_email('邮箱地址', '标题', '内容').deliver_now
gitlab-rails console
irb(main):001:0> Notify.test_email('xyh403@126.com','test_mail','this is test email').deliver_now
配置HTTPS访问
- 自签证书
- 上传证书到/etc/gitlab/ssl
- 修改配置文件指定证书
1、自签证书请参考:https://blog.csdn.net/weixin_47677347/article/details/121894358
2、上传数字证书和私钥
mkdir /etc/gitlab/ssl
ll /etc/gitlab/ssl
-rw------- 1 root root 1675 12月 12 21:56 gitlab.ctnrs.com-key.pem
-rw-r--r-- 1 root root 1310 12月 12 21:56 gitlab.ctnrs.com.pem
3、修改配置
vi /etc/gitlab/gitlab.rb
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.ctnrs.com.pem"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.ctnrs.com-key.pem"
external_url 'https://gitlab.ctnrs.com'
nginx['enable'] = true
# http自动跳转到https
nginx['redirect_http_to_https'] = true
# 重载配置
gitlab-ctl reconfigure
本地测试需要绑定本地hosts
用户与群组创建
1、用户创建
- 默认创建后会发送一个重设密码的链接给邮箱,通过此链接设置密码
- 也可以在创建后进行用户编辑,设置密码
2、群组创建 - 可以设置是否允许该群组人员创建项目
Private | 只有组成员才能访问,企业内部一般都用这个。 |
Internal | 只要登录的用户就能看到。一般用于对IT部门公开的项目 |
Public | 不用登录也能看到。一般用于开源项目 |
-
勾选了“允许自述文件初始化项目”的项目库
-
未勾选——会有提示命令指导如何初始化项目仓库
guest | 可以创建issue、发表评论,不能读写版本库 |
---|---|
reporter | 可以克隆代码,不能提交,QA、PM可以赋予这个权限 |
developer | 可以克隆代码、开发、提交、push,RD开发者可以赋予这个权限 |
Maintainer | 可以创建项目、添加tag、保护分支、添加项目成员、编辑项目,核心RD负责人可以赋予这个权限 |
Owner | 可以设置项目访问权限 - 删除项目、迁移项目、管理组成员,开发组leader可以赋予这个权限 |
客户端免密通过ssh获取仓库代码
1、生成客户端的公钥
ssh-keygen -t rsa -N "" -f /root/.ssh/id_rsa
cat .ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDItQckq2g2++zknHGm10fCley37pkKk+Fxyv6V8wtCFw9EEwhK6DF1qQ3aBQc+CsAHzuB5J6Cc3Q91fX34WLDcTPVlVn6KkqqxwZIyqC1ct7b7PafJP3HfUaMbc85+Jai70FIvDfmmoyK2ot3YfUUzzNPxOE0GzrwumbpOeYplMXjbqyvUrq51De1kFvd+MxHbEE//CBI1bxmed13TooILKZf01W8kdmqDfjSGz+zfA3xaMDg2hO5VHRqLqZ/LncFl/MxY8wggfA8hh0qWq7O9ux54TnF6ngryqUdDZXm0AfspzC4PVJPV3L/gyMIwEIheVDRA4ClZZBlCjLUZCUXF root@k8s-master1
将公钥文件放至gitlab服务端
免密获取
[root@k8s-master1 git_pa]# ll
总用量 0
[root@k8s-master1 git_pa]# git clone git@gitlab.ctnrs.com:dev-pre/java.git
正克隆到 'java'...
[root@k8s-master1 git_pa]# ll
drwxr-xr-x 3 root root 18 12月 15 20:25 java
[root@k8s-master1 java]# ll
总用量 0
#
[root@k8s-master1 java]# cat .git/config
[core]
repositoryformatversion = 0
filemode = true
bare = false
logallrefupdates = true
[remote "origin"]
url = git@gitlab.ctnrs.com:dev-pre/java.git
fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
remote = origin
merge = refs/heads/master
gitlab的备份与恢复
1、备份
- 备份数据:gitlab-rake gitlab:backup:create
- 备份配置文件:gitlab-ctl backup-etc
1、手动传一个文件上去
[root@k8s-node1 git_pac]# git clone git@gitlab.example.com:dev-pre/potal.git
正克隆到 'potal'...
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
接收对象中: 100% (3/3), done.
[root@k8s-node1 git_pac]# ll
总用量 0
drwxr-xr-x 3 root root 35 12月 16 21:53 potal
[root@k8s-node1 git_pac]# cd potal/
[root@k8s-node1 potal]# ll
总用量 4
-rw-r--r-- 1 root root 9 12月 16 21:53 README.md
[root@k8s-node1 potal]# echo "<h1>hello</h1>" > index.html
[root@k8s-node1 potal]# cat index.html
<h1>hello</h1>
[root@k8s-node1 potal]# git add index.html
[root@k8s-node1 potal]# git commit -m "前端"
*** Please tell me who you are.
Run
git config --global user.email "you@example.com"
git config --global user.name "Your Name"
[root@k8s-node1 potal]# git config --global user.email "xyhlinux@163.com"
[root@k8s-node1 potal]# git config --global user.name "xyh"
[root@k8s-node1 potal]# git commit -m "前端"
[root@k8s-node1 potal]# git push
[root@k8s-node1 potal]# gitlab-rake gitlab:backup:create
.....
.....
Creating backup archive: 1639663633_2021_12_16_14.3.5_gitlab_backup.tar ... done
Uploading backup archive to remote storage ... skipped
Deleting tmp directories ... done
done
done
done
done
done
done
done
Deleting old backups ... skipping
# 提示你还需要备份配置文件
Warning: Your gitlab.rb and gitlab-secrets.json files contain sensitive data
and are not included in this backup. You will need these files to restore a backup.
Please back them up manually.
Backup task is done.
# 默认保存路径
[root@k8s-node1 potal]# ls /var/opt/gitlab/backups/
# 时间戳_日期_版本_名称
1639663633_2021_12_16_14.3.5_gitlab_backup.tar
# 修改备份保存目录
[root@k8s-node1 potal]# vi /etc/gitlab/gitlab.rb
# 开启备份目录管理
gitlab_rails['manage_backup_path'] = true
gitlab_rails['backup_path'] = "/var/opt/gitlab/backups"
# 备份数据保存时间(单位s)
gitlab_rails['backup_keep_time'] = 604800
# 备份文件
[root@k8s-node1 potal]# gitlab-ctl backup-etc
Could not find '/etc/gitlab/config_backup' directory. Creating.
Running configuration backup
Creating configuration backup archive: gitlab_config_1639664022_2021_12_16.tar
/etc/gitlab/
/etc/gitlab/gitlab.rb
/etc/gitlab/gitlab-secrets.json
/etc/gitlab/initial_root_password
/etc/gitlab/trusted-certs/
Configuration backup archive complete: /etc/gitlab/config_backup/gitlab_config_1639664022_2021_12_16.tar
Keeping all older configuration backups
# 保存路径
[root@k8s-node1 potal]# ls /etc/gitlab/config_backup/
gitlab_config_1639664022_2021_12_16.tar
2、恢复
# 删除代码
[root@k8s-node1 potal]# ll
总用量 8
-rw-r--r-- 1 root root 15 12月 16 21:54 index.html
-rw-r--r-- 1 root root 9 12月 16 21:53 README.md
[root@k8s-node1 potal]# rm -rf ./*
[root@k8s-node1 potal]# git add --all .
[root@k8s-node1 potal]# git commit -m "delete"
[root@k8s-node1 potal]# git push
# 删除配置文件
[root@k8s-node1 potal]# rm -f /etc/gitlab/gitlab.rb
# 恢复
# 重新启动一台gitlab,将备份数据和配置文件传至对应备份目录
[root@k8s-node1 backups]# scp /var/opt/gitlab/backups/1639663633_2021_12_16_14.3.5_gitlab_backup.tar 192.168.112.54:/var/opt/gitlab/backups/
[root@k8s-node1 config_backup]# scp /etc/gitlab/config_backup/gitlab_config_1639664022_2021_12_16.tar 192.168.112.54:/etc/gitlab/config_backup/gitlab_config_1639664022_2021_12_16.tar
# 新机器操作
[root@k8s-node2 ~]# cd /var/opt/gitlab/backups/
[root@k8s-node2 backups]# ll
总用量 320
-rw------- 1 root root 327680 12月 16 23:22 1639663633_2021_12_16_14.3.5_gitlab_backup.tar
# 注意:一定要修改权限
[root@k8s-node2 backups]# chown git:git 1639663633_2021_12_16_14.3.5_gitlab_backup.tar
# 恢复数据,中间会输入两遍yes
[root@k8s-node2 backups]# gitlab-rake gitlab:backup:restore BACKUP=1639663633_2021_12_16_14.3.5
# 恢复备份文件,将解压的配置文件放置对应配置目录
[root@k8s-node2 backups]# cd /etc/gitlab/
[root@k8s-node2 gitlab]# tar -xf gitlab_config_1639664022_2021_12_16.tar
注:由于干这个实验,干废我两个k8s集群,所以后面没图啦