服务器搭建（01）Gerrit服务器搭建 & 内网访问

说明：本次服务器的搭建主要是在window上VMWare虚拟机上 搭建一个gerrit服务器 作为测试，了解gerrit服务器搭建的整个流程，最后确保 gerrit 可以在本机的ubuntu虚拟机上可以正常运行。

---

1 基本环境搭建与配置（针对ubuntu18.04）：

Linux基本软件的安装：

$sudo apt-get install vim tree net-tools ssh curl

jdk相关的安装（这里是直接安装jdk8）：

$sudo apt-get install openjdk-8-jdk openjdk-8-jre

git 和repo 相关工具的安装：

$sudo apt-get install git gitk git-svn repo

apache 服务器的安装：

$sudo apt-get install apache2*

---

2 gerrit 服务器 安装与配置（ gerrit-3.0.0.war版本）

下载安装包 gerrit-3.0.0.war

官方网站链接：https://www.gerritcodereview.com/

下载3.0.0版本的直接 网站链接：https://www.gerritcodereview.com/3.0.html

从官网下载 gerrit 包 gerrit-3.0.0.war后执行下面一组命令：

$cd /home/wangdaosheng
$mkdir gerrit
$cd gerrit
$java -jar gerrit-3.0.0.war init -d review_site

执行后界面显示如下：

wangdaosheng@ubuntu:~/gerrit$ java -jar gerrit-3.0.0.war init -d review_site
Using secure store: com.google.gerrit.server.securestore.DefaultSecureStore
[2020-05-18 03:55:14,036] [main] INFO  com.google.gerrit.server.config.GerritServerConfigProvider : No /home/wangdaosheng/gerrit/review_site/etc/gerrit.config; assuming defaults

*** Gerrit Code Review 3.0.0
*** 

Create '/home/wangdaosheng/gerrit/review_site' [Y/n]? y

*** Git Repositories
*** 

Location of Git repositories   [git]: /home/wangdaosheng/gerrit/source/

*** Index
*** 

Type                           [lucene/?]: 

*** User Authentication
*** 

Authentication method          [openid/?]: HTTP
Get username from custom HTTP header [y/N]? n
SSO logout URL                 : 
Enable signed push support     [y/N]? y

*** Review Labels
*** 

Install Verified label         [y/N]? y

*** Email Delivery
*** 

SMTP server hostname           [localhost]: smtp.qq.com
SMTP server port               [(default)]: 465
SMTP encryption                [none/?]: SSL
SMTP username                  [wangdaosheng]: *********@qq.com             
[email protected]'s password    : 
              confirm password : 
error: Passwords did not match; try again
[email protected]'s password    : 
              confirm password : 

*** Container Process
*** 

Run as                         [wangdaosheng]: 
Java runtime                   [/usr/lib/jvm/java-8-openjdk-amd64/jre]: 
Copy gerrit-3.0.0.war to review_site/bin/gerrit.war [Y/n]? y
Copying gerrit-3.0.0.war to review_site/bin/gerrit.war

*** SSH Daemon
*** 

Listen on address              [*]: 127.0.0.1
Listen on port                 [29418]: 
Generating SSH host key ... rsa... ed25519... ecdsa 256... ecdsa 384... ecdsa 521... done

*** HTTP Daemon
*** 

Behind reverse proxy           [y/N]? y
Proxy uses SSL (https://)      [y/N]? n
Subdirectory on proxy server   [/]: 
Listen on address              [*]: 127.0.0.1
Listen on port                 [8081]: 
Canonical URL                  [http://127.0.0.1/]: 

*** Cache
*** 


*** Plugins
*** 

Installing plugins.
Install plugin codemirror-editor version v3.0.0 [y/N]? y
Installed codemirror-editor v3.0.0
Install plugin commit-message-length-validator version v3.0.0 [y/N]? y
Installed commit-message-length-validator v3.0.0
Install plugin delete-project version v3.0.0 [y/N]? y
Installed delete-project v3.0.0
Install plugin download-commands version v3.0.0 [y/N]? y
Installed download-commands v3.0.0
Install plugin gitiles version v3.0.0 [y/N]? y
Installed gitiles v3.0.0
Install plugin hooks version v3.0.0 [y/N]? y
Installed hooks v3.0.0
Install plugin plugin-manager version v3.0.0 [y/N]? y
Installed plugin-manager v3.0.0
Install plugin replication version v3.0.0 [y/N]? y
Installed replication v3.0.0
Install plugin reviewnotes version v3.0.0 [y/N]? y
Installed reviewnotes v3.0.0
Install plugin singleusergroup version v3.0.0 [y/N]? y
Installed singleusergroup v3.0.0
Install plugin webhooks version v3.0.0 [y/N]? y
Installed webhooks v3.0.0
Initializing plugins.

Initialized /home/wangdaosheng/gerrit/review_site
Reindexing projects:    100% (2/2) with: reindex --site-path review_site --threads 1 --index projects
Reindexed 2 documents in projects index in 0.2s (9.9/s)
Warning: InterruptedException
java.lang.InterruptedException
	at java.lang.Object.wait(Native Method)
	at java.lang.Thread.join(Thread.java:1260)
	at org.h2.util.MathUtils.getSecureRandom(MathUtils.java:105)
	at org.h2.util.MathUtils.secureRandomBytes(MathUtils.java:307)
	at org.h2.store.FileLock.setUniqueId(FileLock.java:315)
	at org.h2.store.FileLock.lockFile(FileLock.java:345)
	at org.h2.store.FileLock.lock(FileLock.java:136)
	at org.h2.engine.Database.open(Database.java:622)
	at org.h2.engine.Database.openDatabase(Database.java:260)
	at org.h2.engine.Database.(Database.java:254)
	at org.h2.engine.Engine.openSession(Engine.java:57)
	at org.h2.engine.Engine.openSession(Engine.java:164)
	at org.h2.engine.Engine.createSessionAndValidate(Engine.java:142)
	at org.h2.engine.Engine.createSession(Engine.java:125)
	at org.h2.engine.Engine.createSession(Engine.java:27)
	at org.h2.engine.SessionRemote.connectEmbeddedOrServer(SessionRemote.java:331)
	at org.h2.jdbc.JdbcConnection.(JdbcConnection.java:107)
	at org.h2.jdbc.JdbcConnection.(JdbcConnection.java:91)
	at org.h2.Driver.connect(Driver.java:74)
	at com.google.gerrit.server.cache.h2.H2CacheImpl$SqlHandle.(H2CacheImpl.java:634)
	at com.google.gerrit.server.cache.h2.H2CacheImpl$SqlStore.acquire(H2CacheImpl.java:602)
	at com.google.gerrit.server.cache.h2.H2CacheImpl$SqlStore.buildBloomFilter(H2CacheImpl.java:328)
	at com.google.gerrit.server.cache.h2.H2CacheImpl$SqlStore.open(H2CacheImpl.java:300)
	at com.google.gerrit.server.cache.h2.H2CacheImpl.start(H2CacheImpl.java:188)
	at com.google.gerrit.server.logging.LoggingContextAwareRunnable.run(LoggingContextAwareRunnable.java:83)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)
Executing /home/wangdaosheng/gerrit/review_site/bin/gerrit.sh start
Starting Gerrit Code Review: WARNING: Could not adjust Gerrit's process for the kernel's out-of-memory killer.
         This may be caused by /home/wangdaosheng/gerrit/review_site/bin/gerrit.sh not being run as root.
         Consider changing the OOM score adjustment manually for Gerrit's PID= with e.g.:
         echo '-1000' | sudo tee /proc//oom_score_adj
OK
Waiting for server on 127.0.0.1:80 ... OK
Opening http://127.0.0.1/#/admin/projects/ ...OK

配置完成后，重新编辑对应的配置文件/home/wangdaosheng/gerrit/review_site/etc/gerrit.config，编辑后如下所示：

[gerrit]
	basePath = /home/wangdaosheng/gerrit/source/
	canonicalWebUrl = http://127.0.0.1:8082/
	serverId = 28adb296-dfbf-41a2-af1e-816263a4fb20
[container]
	javaOptions = "-Dflogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance"
	javaOptions = "-Dflogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance"
	user = wangdaosheng
	javaHome = /usr/lib/jvm/java-8-openjdk-amd64/jre
[index]
	type = LUCENE
[auth]
	type = HTTP
[receive]
	enableSignedPush = true
[sendemail]
	smtpServer = smtp.qq.com
	smtpServerPort = 465
	smtpEncryption = SSL
	smtpUser = *********@qq.com
[sshd]
	listenAddress = 127.0.0.1:29418
[httpd]
	listenUrl = proxy-http://127.0.0.1:8081/
[cache]
	directory = cache

确保以下命令是可以执行成功的。命令操作集如下所示：

$cd /home/wangdaosheng/gerrit/review_site/bin
$sudo ./gerrit.sh start
Starting Gerrit Code Review: OK

$cd /home/wangdaosheng/gerrit/review_site/bin
$sudo ./gerrit.sh stop
Stopping Gerrit Code Review: OK

接下来开始配置 添加gerrit登录用户，命令集操作如下所示：

$htpasswd -cb /home/wangdaosheng/gerrit/pwd admin admin
$htpasswd -b /home/wangdaosheng/gerrit/pwd user1 123456
$cat /home/wangdaosheng/gerrit/pwd
admin:$apr1$z5TbBtlP$MrJw5n7qz5RF0UvS6uFT/1
user1:$apr1$pcvyS9ZK$Yu7EG40b3Dq2X5qzQ1xPC.

创建Apache的config文件httpd.conf，在/etc/apache2目录下 创建一个配置文件httpd.conf，编写文件如下：

	ServerName localhost
	ProxyRequests Off
	ProxyVia Off
	ProxyPreserveHost On
	
		Order deny,allow
		Allow from all
	
	
		AuthType Basic
		AuthName "Gerrit Code Review"
		Require valid-user
		AuthBasicProvider file
		AuthUserFile /home/wangdaosheng/gerrit/pwd
	
	AllowEncodedSlashes On
	ProxyPass / http://127.0.0.1:8081/ nocanon

同时修改对应的port.conf文件，修改后如下所示：

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf

NameVirtualHost *:80 #新添加
NameVirtualHost *:8082 #新添加
Listen 80
Listen 8082 #新添加


	Listen 443



	Listen 443


# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

接下来在apache的配置文件 /etc/apache2/apache2.conf 中加入httpd.conf，这样才能使得httpd.conf生效，否则怎么调试都无意义，/etc/apache2/apache2.conf 文件 如下所示：

# This is the main Apache server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.4/ for detailed information about
# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
# hints.
#
#
# Summary of how the Apache 2 configuration works in Debian:
# The Apache 2 web server configuration in Debian is quite different to
# upstream's suggested way to configure the web server. This is because Debian's
# default Apache2 installation attempts to make adding and removing modules,
# virtual hosts, and extra configuration directives as flexible as possible, in
# order to make automating the changes and administering the server as easy as
# possible.

# It is split into several files forming the configuration hierarchy outlined
# below, all located in the /etc/apache2/ directory:
#
#	/etc/apache2/
#	|-- apache2.conf
#	|	`--  ports.conf
#	|-- mods-enabled
#	|	|-- *.load
#	|	`-- *.conf
#	|-- conf-enabled
#	|	`-- *.conf
# 	`-- sites-enabled
#	 	`-- *.conf
#
# ...
...
Include httpd.conf

接下来 执行以下命令后 重新启动apache服务器，命令集如下所示：

$sudo a2enmod proxy
$sudo a2enmod rewrite
$sudo a2enmod ssl
$sudo a2enmod proxy_balancer
$sudo a2enmod proxy_http
$systemctl restart apache2

到这里见证奇迹的时刻到了，打开浏览器，输入：127.0.0.1:8081，回车后显示如下：

接下来为了方便启动，我们把这些零散的命令封装成脚本 start.sh，如下所示：

#!/bin/bash
#开始配置 并重启apache服务器
sudo a2enmod proxy
sudo a2enmod rewrite
sudo a2enmod ssl
sudo a2enmod proxy_balancer
sudo a2enmod proxy_http
systemctl restart apache2
#确保gerrit.sh 没有启动之后再进行start操作
sudo $HOME/gerrit/review_site/bin/gerrit.sh stop
sudo $HOME/gerrit/review_site/bin/gerrit.sh start

至此，gerrit服务器 本地就可以访问了。调试了接近两天的时间，终于把这个调试通了。下一步，我们再创建一个虚拟机，作为客户端来访问我们新创建的gerrit服务器，而这个时候 我们就需要对配置做一些改变了。

---

3 gerrit 服务器 配置文件变更，可内网访问

首先 我们改变对外的ip相关配置，这里执行ifconfig 获得 对应的ip地址，如下所示：

也就是这里的ip地址是 192.168.44.133。于是开始 变更我们之前的代理相关的配置。

@1 重新编辑对应的配置文件/home/wangdaosheng/gerrit/review_site/etc/gerrit.config。

编辑前信息如下所示：

[gerrit]
	basePath = /home/wangdaosheng/gerrit/source/
	canonicalWebUrl = http://127.0.0.1:8082/
	serverId = 28adb296-dfbf-41a2-af1e-816263a4fb20
[container]
	javaOptions = "-Dflogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance"
	javaOptions = "-Dflogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance"
	user = wangdaosheng
	javaHome = /usr/lib/jvm/java-8-openjdk-amd64/jre
[index]
	type = LUCENE
[auth]
	type = HTTP
[receive]
	enableSignedPush = true
[sendemail]
	smtpServer = smtp.qq.com
	smtpServerPort = 465
	smtpEncryption = SSL
	smtpUser = *********@qq.com
[sshd]
	listenAddress = 127.0.0.1:29418
[httpd]
	listenUrl = proxy-http://127.0.0.1:8081/
[cache]
	directory = cache

编辑后信息如下所示：

[gerrit]
	basePath = /home/wangdaosheng/gerrit/source/
	canonicalWebUrl = http://192.168.44.133:8082/
	serverId = 28adb296-dfbf-41a2-af1e-816263a4fb20
[container]
	javaOptions = "-Dflogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance"
	javaOptions = "-Dflogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance"
	user = wangdaosheng
	javaHome = /usr/lib/jvm/java-8-openjdk-amd64/jre
[index]
	type = LUCENE
[auth]
	type = HTTP
[receive]
	enableSignedPush = true
[sendemail]
	smtpServer = smtp.qq.com
	smtpServerPort = 465
	smtpEncryption = SSL
	smtpUser = *********@qq.com
[sshd]
	listenAddress = 192.168.44.133:29418
[httpd]
	listenUrl = proxy-http://192.168.44.133:8081/
[cache]
	directory = cache

@2 重新编辑Apache的配置文件httpd.conf。

编辑前信息如下所示：

	ServerName localhost
	ProxyRequests Off
	ProxyVia Off
	ProxyPreserveHost On
	
		Order deny,allow
		Allow from all
	
	
		AuthType Basic
		AuthName "Gerrit Code Review"
		Require valid-user
		AuthBasicProvider file
		AuthUserFile /home/wangdaosheng/gerrit/pwd
	
	AllowEncodedSlashes On
	ProxyPass / http://127.0.0.1:8081/ nocanon

编辑后信息如下所示：

	ServerName 192.168.44.133
	ProxyRequests Off
	ProxyVia Off
	ProxyPreserveHost On
	
		Order deny,allow
		Allow from all
	
	
		AuthType Basic
		AuthName "Gerrit Code Review"
		Require valid-user
		AuthBasicProvider file
		AuthUserFile /home/wangdaosheng/gerrit/pwd
	
	AllowEncodedSlashes On
	ProxyPass / http://192.168.44.133:8081/ nocanon

到此就把配置变更完了，接下来我们再重新启动下前面的start.sh，这一次通过新建立的ubuntu虚拟机来访问 我们建立的gerrit服务器，跑通后 效果如下：

至此，我们的gerrit服务器就完成了第一步，彻底走通了。下一步我们要开始 使用gerrit服务器 来做事儿了。建立仓库，上传、下载代码 这个功能是最基本的，接下来我就针对于此，开始进行测试，同时根据实际情况 继续调整。