一、GitLab概述
是一个利用 Ruby on Rails 开发的开源应用程序,实现一个自托管的Git项目仓库,可通过 Web 界面进行访问公开的戒者私人项目。Ruby on Rails 是一个可以使你开发、部署、维护 web 应用程序变得简单的框架 GitLab拥有与Github类似的功能,能够浏览源代码,管理缺陷和注释。可以管理团队对仓库的访问, 它非常易于浏览提交过的版本并提供一个文件历史库。它还提供一个代码片段收集功能可以轻松实现代码复用,便于日后有需要的时候进行查找
官方网站 :https://about.gitlab.com/
二、GitHub和GitLab的区别
相同点 :
二者都是基于web的Git仓库,在很大程度上GitLab是仿照GitHub来做的,它们都提供了分享开源项目的平台,为开发团队提供了存储、分享、发布和合作开发项目的中心化云存储的场所
不同点 :
1、GitHub如果要使用私有仓库,是需要付费的 GitLab可以在上面创建私人的克费仓库
2、GitLab让开发团队对他们的代码仓库拥有更多的控制,相比于GitHub,它有不少的特色 :
允许克费设置仓库权限;
允许用户选择分享一个project的部分代码
允许用户设置project的获取权限,进一步的提升安全性
可以设置获取到团队整体的改进进度;通过 innersourcing让不在权限范围内的人访问不到该资源
总结 :从代码私有性方面来看,有时公司并不希望员工获取到全部的代码,这个时候GitLab无疑是更好的选择但对于开源项目而言,GitHub依然是代码托管的首选
git相关概念 :
git 是一种版本控制系统,是一个命令,是一种工具
gitlib 是用于实现git功能的开发库
github 是一个基于git实现的在线代码托管仓库,包含一个网站界面,向互联网开放
gitlab 是一个基于git实现的在线代码仓库托管软件,一般用于在企业内部网络搭建git私服
gitlab-ce 社区版(免费)
gitlab-ee是企业版(收费)
三、搭建gitlab
1、gitlab服务器准备
[root@localhost ~]# cat /etc/centos-release CentOS Linux release 7.2.1511 (Core) [root@localhost ~]# free -m total used free shared buff/cache available Mem: 3776 621 2688 173 465 2775 Swap: 2047 0 2047
2、安装gitlab依赖包
[root@localhost ~]# yum -y install curl policycoreutils openssh-server openssh-clients postfix [root@localhost ~]# systemctl enable postfix [root@localhost ~]# systemctl start postfix [root@localhost ~]# iptables -F [root@localhost ~]# systemctl stop firewalld [root@localhost ~]# systemctl disable firewalld 如果启动postfix报“fatal: parameter inet_interfaces: no local interface found for ::1”错误,那么修改/etc/postfix/main.cf文件,将inet_interfaces = localhost改成inet_interfaces = all
3、安装Gitlab-ce版
下载 gitlab-ce版yum源,并yum安装gitlab-ce。 [root@localhost ~]# curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh |bash [root@localhost ~]# yum -y install gitlab-ce
4、配置gitlab域名
[root@localhost ~]# vim /etc/gitlab/gitlab.rb # 13行 external_url 'http://gitlab.example.com' 改为 http://IP
5、加载配置文件并启动gitlab(加载配置文件需要点时间)
[root@localhost ~]# gitlab-ctl reconfigure [root@localhost ~]# gitlab-ctl status [root@localhost ~]# netstat -luntp | grep :80 tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 6269/unicorn master tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6304/nginx: master tcp 0 0 127.0.0.1:8082 0.0.0.0:* LISTEN 6279/sidekiq 5.2.3 tcp 0 0 0.0.0.0:8060 0.0.0.0:* LISTEN 6304/nginx: master [root@localhost ~]# free -m total used free shared buff/cache available Mem: 3776 3089 143 240 543 187 Swap: 2047 186 1861
6、访问gitlab登陆页面:
http://IP (1)首次打开登陆页面会提示修改密码 (2)使用修改后的密码登陆,用户为root
备注:
gitlab主配置文件:/etc/gitlab/gitlab.rb # 可以自定义一些邮件服务等
日志目录:/var/log/gitlab/ # 对应各服务
服务目录:/var/opt/gitlab/ # 对应各服务的主目录
仓库目录:/var/opt/gitlab/git-data # 记录项目仓库等提交信息
重启服务:gitlab-ctl stop/start/restart # 启动命令
7、关闭注册功能
如图取消勾选,然后点击下方的保存按钮。
8、汉化参考(不建议汉化,建议用英文版本。本例不汉化)
[root@localhost ~]# cat /opt/gitlab/embedded/service/gitlab-rails/VERSION [root@localhost ~]# wget https://gitlab.com/xhang/gitlab/-/archive/v11.6.3-zh/gitlab-v11.6.3-zh.zip [root@localhost ~]# unzip gitlab-v11.6.3-zh.zip [root@localhost ~]# gitlab-ctl stop [root@localhost ~]# \cp -rvf /root/gitlab-v11.6.3-zh/* /opt/gitlab/embedded/service/gitlab-rails/ [root@localhost ~]# gitlab-ctl restart
9、新建项目所在组
Admin Area---Groups处设置。
10、添加项目
Admin Area---Projects处设置。 备注: Private(私有的,只有你自己戒者组内的成员能访问) Internal(所有登录 gitlab平台的用户都可能访问) Public(公开的,所有人都可以访问)三种选项。即不登录gitlab也可以访问
11、添加用户,并将用户添加到组中,设置成主程序员
Admin Area---Users处设置。
12、点击Projects菜单查看项目
13、git客户端生产密钥,将密钥添加到gitlab账号下,如下图(图忘记截了,将密钥粘贴到Setting---SSH Keys里面):
[root@localhost ~]# ssh-keygen -t rsa -C "[email protected]" Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 64:78:e9:5d:72:d0:d5:0c:51:f9:dc:25:ff:b5:5b:d9 [email protected] The key's randomart image is: +--[ RSA 2048]----+ | .. .+*o|| . . .. ..+|| . = . o ++|| = . + *|| S . *|| oE|| o|| . || | +-----------------+ [root@localhost .ssh]# cat ~/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvj1BPVBfVNmQ8o/dfdsfdsfdsfsdferewrsfsdfsdfsdf/DrIAdR27Tj+9Z2uxoWVyAC3vi1VrLvh1tsfsfsdfsdfsdfYe+6NOU9tV4tDhZe4354344u+Wvmt6+CAa9dzu86pWqJW6/i9ORqOs+3MpEzJPZ/oSLYeSqh66MuH+AkKyei0tlvoqdLT+rt4L4MgqQNQfgazpUClRc3BmhbVKv7Wxgagg6nFQKYR [email protected] 测试,如果有如下输出表示正常。 [root@localhost .ssh]# ssh -T git@IP Welcome to GitLab, @gxm!
14、开发人员A先将网站代码整体同步到gitlab上
[root@localhost .ssh]# yum -y install git [root@localhost .ssh]# git config --global user.name "gxm" [root@localhost .ssh]# git config --global user.email "[email protected]" [root@localhost .ssh]# git config --global core.excludesfile ~/.gitignore [root@localhost .ssh]# cd 网站目录 [root@localhost 网站目录]# git init [root@localhost 网站目录]# cat .gitignore sites/x/y sites/x/z.php [root@localhost 网站目录]# git remote add origin git@IP:项目所在组/项目名.git [root@localhost 网站目录]# git add . [root@localhost 网站目录]# git commit -m "Initial commit" [root@localhost 网站目录]# git push -u origin master
15、开发人员B从gitlab上clone网站代码
[root@localhost .ssh]# yum -y install git [root@localhost .ssh]# git config --global user.name "gxm" [root@localhost .ssh]# git config --global user.email "[email protected]" [root@localhost .ssh]# git clone git@IP:项目所在组/项目名.git [root@localhost .ssh]# cd 项目名 [root@localhost .ssh]# touch README.md [root@localhost .ssh]# git add README.md [root@localhost .ssh]# git commit -m "add README" [root@localhost .ssh]# git push -u origin master
--------------------------------------------------------------------------------
#附1:更改web端口 [root@localhost www]# vi /var/opt/gitlab/nginx/conf/gitlab-http.conf 将里面端口80端口改成其它端口。 [root@localhost www]# gitlab-ctl stop [root@localhost www]# gitlab-ctl start web访问地址: http://IP:其它端口 备注:vim /opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml这个里面也可以更改端口。 #附2:web设置https访问,且http会自动跳转到https (1)Create server key [root@localhost www]# openssl genrsa -des3 -out 192.168.146.128.key 1024 (2)Create server certificate signing request [root@localhost www]# openssl req -new -key 192.168.146.128.key -out 192.168.146.128.csr Enter pass phrase for 192.168.146.128.key: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:GuangDong Locality Name (eg, city) [Default City]:ShenZhen Organization Name (eg, company) [Default Company Ltd]:XYZ Organizational Unit Name (eg, section) []:192.168.146.128 Common Name (eg, your name or your server's hostname) []:192.168.146.128 Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: (3)Remove password [root@localhost www]# mv 192.168.146.128.key 192.168.146.128.origin.key [root@localhost www]# openssl rsa -in 192.168.146.128.origin.key -out 192.168.146.128.key (4)Sign SSL certificate [root@localhost www]# openssl x509 -req -days 3650 -in 192.168.146.128.csr -signkey 192.168.146.128.key -out 192.168.146.128.crt (5)证书放在gitlab指定目录,并设置权限 [root@localhost www]# mkdir -p /etc/gitlab/ssl [root@localhost www]# chmod 700 /etc/gitlab/ssl/ -R [root@localhost www]# cp 192.168.146.128.crt /etc/gitlab/ssl/server.crt [root@localhost www]# cp 192.168.146.128.key /etc/gitlab/ssl/server.key (6)修改gitlab配置文件 [root@localhost www]# vim /etc/gitlab/gitlab.rb external_url 'https://ip' nginx['redirect_http_to_https'] =true nginx['ssl_certificate'] = "/etc/gitlab/ssl/server.crt" nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/server.key" #附3:服务器只能通过堡垒机ssh远程,其它任何机器都不允许远程。所以改用https方式上传下载代码 备注:如果设置了免密钥登陆,git@IP方式其实是用的ssh端口。 [root@localhost .ssh]# yum -y install git [root@localhost .ssh]# git config --global user.name "gxm" [root@localhost .ssh]# git config --global user.email "[email protected]" [root@localhost home]# git config --global http.sslVerify false [root@localhost home]# git clone https://192.168.146.128/项目所在组/项目名.git [root@localhost .ssh]# cd 项目名 [root@localhost .ssh]# touch README.md [root@localhost .ssh]# git add README.md [root@localhost .ssh]# git commit -m "add README" [root@localhost .ssh]# git push -u origin master #附4:默认使用postfix发送,很容易进收件人垃圾箱。所以设置SMTP发送。 [root@localhost home]# vim /etc/gitlab/gitlab.rb gitlab_rails['gitlab_email_enabled'] = true gitlab_rails['gitlab_email_from'] = '[email protected]' gitlab_rails['gitlab_email_display_name'] = 'Gitlab服务器管理员' gitlab_rails['gitlab_email_reply_to'] = '[email protected]' gitlab_rails['smtp_enable'] = true gitlab_rails['smtp_address'] = "smtp.office365.com" gitlab_rails['smtp_port'] = 587 gitlab_rails['smtp_user_name'] = "[email protected]" gitlab_rails['smtp_password'] = "123456" gitlab_rails['smtp_domain'] = "test" gitlab_rails['smtp_authentication'] = "login" gitlab_rails['smtp_enable_starttls_auto'] = true gitlab_rails['smtp_openssl_verify_mode'] = 'peer' 这个重新配置会造成nginx配置文件还原 [root@localhost home]# gitlab-ctl reconfigure 发送邮件测试 [root@localhost home]# gitlab-rails console ------------------------------------------------------------------------------------- GitLab: 11.6.5 (237bddc) GitLab Shell: 8.4.3 postgresql: 9.6.11 ------------------------------------------------------------------------------------- Loading production environment (Rails 5.0.7) irb(main):001:0> Notify.test_email('[email protected]','Testmail','test').deliver_now