GitLab

 

 

CentOS-7

  1. 解决依赖
    # 安装依赖
    yum install -y curl policycoreutils-python openssh-server
    
    # 启动服务
    # sshd 
    
    # 防火墙放行
    firewall-cmd --permanent --add-service=http
    firewall-cmd --permanent --add-service=https
    systemctl reload firewalld
    View Code


    安装一个邮件发送服务

    # postfix
    yum install postfix
    systemctl enable postfix
    systemctl start postfix
    View Code

     

  2. 安装软件包
    script.rpm.sh
    #!/bin/bash
    
    unknown_os ()
    {
      echo "Unfortunately, your operating system distribution and version are not supported by this script."
      echo
      echo "You can override the OS detection by setting os= and dist= prior to running this script."
      echo "You can find a list of supported OSes and distributions on our website: https://packages.gitlab.com/docs#os_distro_version"
      echo
      echo "For example, to force CentOS 6: os=el dist=6 ./script.sh"
      echo
      echo "Please email [email protected] and let us know if you run into any issues."
      exit 1
    }
    
    curl_check ()
    {
      echo "Checking for curl..."
      if command -v curl > /dev/null; then
        echo "Detected curl..."
      else
        echo "Installing curl..."
        yum install -d0 -e0 -y curl
      fi
    }
    
    
    detect_os ()
    {
      if [[ ( -z "${os}" ) && ( -z "${dist}" ) ]]; then
        if [ -e /etc/os-release ]; then
          . /etc/os-release
          os=${ID}
          if [ "${os}" = "poky" ]; then
            dist=`echo ${VERSION_ID}`
          elif [ "${os}" = "sles" ]; then
            dist=`echo ${VERSION_ID}`
          elif [ "${os}" = "opensuse" ]; then
            dist=`echo ${VERSION_ID}`
          elif [ "${os}" = "opensuse-leap" ]; then
            os=opensuse
            dist=`echo ${VERSION_ID}`
          else
            dist=`echo ${VERSION_ID} | awk -F '.' '{ print $1 }'`
          fi
    
        elif [ `which lsb_release 2>/dev/null` ]; then
          # get major version (e.g. '5' or '6')
          dist=`lsb_release -r | cut -f2 | awk -F '.' '{ print $1 }'`
    
          # get os (e.g. 'centos', 'redhatenterpriseserver', etc)
          os=`lsb_release -i | cut -f2 | awk '{ print tolower($1) }'`
    
        elif [ -e /etc/oracle-release ]; then
          dist=`cut -f5 --delimiter=' ' /etc/oracle-release | awk -F '.' '{ print $1 }'`
          os='ol'
    
        elif [ -e /etc/fedora-release ]; then
          dist=`cut -f3 --delimiter=' ' /etc/fedora-release`
          os='fedora'
    
        elif [ -e /etc/redhat-release ]; then
          os_hint=`cat /etc/redhat-release  | awk '{ print tolower($1) }'`
          if [ "${os_hint}" = "centos" ]; then
            dist=`cat /etc/redhat-release | awk '{ print $3 }' | awk -F '.' '{ print $1 }'`
            os='centos'
          elif [ "${os_hint}" = "scientific" ]; then
            dist=`cat /etc/redhat-release | awk '{ print $4 }' | awk -F '.' '{ print $1 }'`
            os='scientific'
          else
            dist=`cat /etc/redhat-release  | awk '{ print tolower($7) }' | cut -f1 --delimiter='.'`
            os='redhatenterpriseserver'
          fi
    
        else
          aws=`grep -q Amazon /etc/issue`
          if [ "$?" = "0" ]; then
            dist='6'
            os='aws'
          else
            unknown_os
          fi
        fi
      fi
    
      if [[ ( -z "${os}" ) || ( -z "${dist}" ) ]]; then
        unknown_os
      fi
    
      # remove whitespace from OS and dist name
      os="${os// /}"
      dist="${dist// /}"
    
      echo "Detected operating system as ${os}/${dist}."
    
      if [ "${dist}" = "8" ]; then
        _skip_pygpgme=1
      else
        _skip_pygpgme=0
      fi
    }
    
    finalize_yum_repo ()
    {
      if [ "$_skip_pygpgme" = 0 ]; then
        echo "Installing pygpgme to verify GPG signatures..."
        yum install -y pygpgme --disablerepo='gitlab_gitlab-ee'
        pypgpme_check=`rpm -qa | grep -qw pygpgme`
        if [ "$?" != "0" ]; then
          echo
          echo "WARNING: "
          echo "The pygpgme package could not be installed. This means GPG verification is not possible for any RPM installed on your system. "
          echo "To fix this, add a repository with pygpgme. Usualy, the EPEL repository for your system will have this. "
          echo "More information: https://fedoraproject.org/wiki/EPEL#How_can_I_use_these_extra_packages.3F"
          echo
    
          # set the repo_gpgcheck option to 0
          sed -i'' 's/repo_gpgcheck=1/repo_gpgcheck=0/' /etc/yum.repos.d/gitlab_gitlab-ee.repo
        fi
      fi
    
      echo "Installing yum-utils..."
      yum install -y yum-utils --disablerepo='gitlab_gitlab-ee'
      yum_utils_check=`rpm -qa | grep -qw yum-utils`
      if [ "$?" != "0" ]; then
        echo
        echo "WARNING: "
        echo "The yum-utils package could not be installed. This means you may not be able to install source RPMs or use other yum features."
        echo
      fi
    
      echo "Generating yum cache for gitlab_gitlab-ee..."
      yum -q makecache -y --disablerepo='*' --enablerepo='gitlab_gitlab-ee'
    
      echo "Generating yum cache for gitlab_gitlab-ee-source..."
      yum -q makecache -y --disablerepo='*' --enablerepo='gitlab_gitlab-ee-source'
    }
    
    finalize_zypper_repo ()
    {
      zypper --gpg-auto-import-keys refresh gitlab_gitlab-ee
      zypper --gpg-auto-import-keys refresh gitlab_gitlab-ee-source
    }
    
    main ()
    {
      detect_os
      curl_check
    
    
      yum_repo_config_url="https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/config_file.repo?os=${os}&dist=${dist}&source=script"
    
      if [ "${os}" = "sles" ] || [ "${os}" = "opensuse" ]; then
        yum_repo_path=/etc/zypp/repos.d/gitlab_gitlab-ee.repo
      else
        yum_repo_path=/etc/yum.repos.d/gitlab_gitlab-ee.repo
      fi
    
      echo "Downloading repository file: ${yum_repo_config_url}"
    
      curl -sSf "${yum_repo_config_url}" > $yum_repo_path
      curl_exit_code=$?
    
      if [ "$curl_exit_code" = "22" ]; then
        echo
        echo
        echo -n "Unable to download repo config from: "
        echo "${yum_repo_config_url}"
        echo
        echo "This usually happens if your operating system is not supported by "
        echo "packagecloud.io, or this script's OS detection failed."
        echo
        echo "You can override the OS detection by setting os= and dist= prior to running this script."
        echo "You can find a list of supported OSes and distributions on our website: https://packages.gitlab.com/docs#os_distro_version"
        echo
        echo "For example, to force CentOS 6: os=el dist=6 ./script.sh"
        echo
        echo "If you are running a supported OS, please email [email protected] and report this."
        [ -e $yum_repo_path ] && rm $yum_repo_path
        exit 1
      elif [ "$curl_exit_code" = "35" -o "$curl_exit_code" = "60" ]; then
        echo
        echo "curl is unable to connect to packagecloud.io over TLS when running: "
        echo "    curl ${yum_repo_config_url}"
        echo
        echo "This is usually due to one of two things:"
        echo
        echo " 1.) Missing CA root certificates (make sure the ca-certificates package is installed)"
        echo " 2.) An old version of libssl. Try upgrading libssl on your system to a more recent version"
        echo
        echo "Contact [email protected] with information about your system for help."
        [ -e $yum_repo_path ] && rm $yum_repo_path
        exit 1
      elif [ "$curl_exit_code" -gt "0" ]; then
        echo
        echo "Unable to run: "
        echo "    curl ${yum_repo_config_url}"
        echo
        echo "Double check your curl installation and try again."
        [ -e $yum_repo_path ] && rm $yum_repo_path
        exit 1
      else
        echo "done."
      fi
    
      if [ "${os}" = "sles" ] || [ "${os}" = "opensuse" ]; then
        finalize_zypper_repo
      else
        finalize_yum_repo
      fi
    
      echo
      echo "The repository is setup! You can now install packages."
    }
    
    main
    Install Gitlab

    配置 yum 仓库

    curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
    # cat script.rpm.sh | bash
    View Code

    安装

    yum install -y gitlab-ee
    View Code

    配置 GitLab

    vi /etc/gitlab/gitlab.rb
    
    # 配置 Gitlab
    #######################
    # 【配置 GitLab URL】
    # GitLab URL:可以访问 GitLab 的 URL
    # 默认不支持 HTTPS
    external_url 'http://gitlab.example.com'
    
    # 【使用 HTTPS】
    # 配置步骤:
    # 1.指定 GitLab URL
    # external_url "https://gitlab.example.com"
    #
    # 2.创建目录,保存“密钥”和“证书”
    #   mkdir -p /etc/gitlab/ssl
    #   chmod 755 /etc/gitlab/ssl
    #   cp gitlab.example.com.key gitlab.example.com.crt /etc/gitlab/ssl/
    #
    #   注意:
    #     1.是因为主机名是“gitlab.example.com”,所以私钥是“gitlab.example.com.key”,公共证书是“gitlab.example.com.crt”。
    #     2.确保使用完整的证书链,以防止客户端连接时出现SSL错误。 完整的证书链顺序应首先包含服务器证书,然后是所有中间证书,最后是根CA。
    #     3.私钥要是包含密码,将会导致直接报错(去除密码:openssl rsa -in certificate_before.key -out certificate_after.key)
    #
    # 3.
    #   bash# gitlab-ctl reconfigure
    #   命令执行成功后,通过地址访问: https://gitlab.example.com
    #
    # 4.端口放行
    # UFW example (Debian, Ubuntu)
    sudo ufw allow https
    # lokkit example (RedHat, CentOS 6)
    sudo lokkit -s https
    # firewall-cmd (RedHat, Centos 7)
    sudo firewall-cmd --permanent --add-service=https
    sudo systemctl reload firewalld
    # 
    # 【使用 HTTPS 配置步骤结束】
    
    # 【重定向 HTTP】
    # 默认情况下,指定了 external_url 使用“https”,nginx 就不再监听 http。
    # external_url "https://gitlab.example.com"
    # nginx['redirect_http_to_https'] = true
    
    # 【自定义 SSL 端口和证书】
    # external_url "https://gitlab.example.com:2443"
    # nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt"
    # nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key"
    
    # 【非绑定 web-server】
    # 使用非绑定 web-server(不适用绑定好的 nginx),步骤:
    # 1.开关
    #   nginx['enable'] = false
    #
    # 2.指定例程用户
    #   web_server['external_users'] = ['www-data']
    #   web_server['external_users'] = ['nginx']
    #
    # 3.指定代理
    # 这个设置是非绑定(绑定使用 real_ip )
    #   gitlab_rails['trusted_proxies'] = [ '192.168.1.0/24', '192.168.2.1', '2001:0db8::/32' ]
    #
    # 4.Apache(选项)
    # Apache 无法连接到 UNIX 套接字,需要借助 tcp 端口。
    #   gitlab_workhorse['listen_network'] = "tcp"
    #   gitlab_workhorse['listen_addr'] = "127.0.0.1:8181"
    # 
    
    # 【设置监听地址】
    # 默认监听所有的本地 ipv4 地址,允许设置一个监听的地址列表
    #   nginx['listen_addresses'] = ["0.0.0.0", "[::]"]
    #   nginx['listen_addresses'] = ['*', '[::]']
    
    # 【设置监听端口】
    # 1.自定义监听端口
    # 默认情况下 gitlab 会启用一个 nginx 监听在 external_url 属性定义的端口;
    #   nginx['listen_port'] = 8081
    # 
    # 2.在代理后使用 ssl
    # 代理处(负载均衡、方向代理等)终止 SSL
    #   nginx['listen_port'] = 80
    #   nginx['listen_https'] = false
    
    # 【拒绝传输压缩】
    # 默认 Gitlab 允许压缩传输的文本数据
    # nginx['gzip_enabled'] = false
    View Code

    编译配置文件

    gitlab-ctl reconfigure
    执行时间较长

    启动

    gitlab-ctl start
    View Code

     

  3. 登录

    登录地址:http://gitlab.example.com
    首次登录,需要设置 root 密码。

     

 

 

 

管理 GitLab

  1. 创建组
  2. 创建项目
  3. 创建用户

 

 

GitLab Runner 

  1. 添加 yum 库
    # For Debian/Ubuntu/Mint
    curl -L https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.deb.sh | sudo bash
    
    # For RHEL/CentOS/Fedora
    curl -L https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.rpm.sh | sudo bash
    View Code

     

  2. 安装
    安装最新版

    # For Debian/Ubuntu/Mint
    sudo apt-get install gitlab-runner
    
    # For RHEL/CentOS/Fedora
    sudo yum install gitlab-runner
    View Code

    安装指定版本

    # for DEB based systems
    apt-cache madison gitlab-runner
    sudo apt-get install gitlab-runner=10.0.0
    
    # for RPM based systems
    yum list gitlab-runner --showduplicates | sort -r
    sudo yum install gitlab-runner-10.0.0-1
    View Code

     

     

 

 

 

 

GitLab

你可能感兴趣的:(GitLab)