docker-compose部署gitlab

参考官方安装方法:Install GitLab using Docker Compose

安装

安装docker-compose

docker及docker-compose安装

docker-compose安装Gitlab

  • 编排文件
vim docker-compose.yml
version: '3.6'
services:
  web:
    image: 'gitlab/gitlab-ce:latest'   # 默认最新镜像,亦可指定版本
    container_name: gitlab
    restart: unless-stopped
    privileged: true
    hostname: 'gitlab.l2c.com'
    environment:
      TZ: 'Asia/Shanghai'
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://gitlab.l2c.com'  #项目clone地址,需与hostname一致,默认80端口
        gitlab_rails['time_zone'] = 'Asia/Shanghai'
        gitlab_rails['gitlab_shell_ssh_port'] = 2222
    ports:
      - '80:80'      #默认80 自定义主机端口时需同步修改external_url
      - '443:443'
      - '2222:22'    
    volumes:
      - '/data/gitlab/config:/etc/gitlab'
      - '/data/gitlab/data:/var/opt/gitlab'
      - '/data/gitlab/logs:/var/log/gitlab'
  • 部署,启动需约2~4分钟
# 部署
docker-compose up -d

# 查看状态
docker ps -a |grep gitlab

# 停止
docker-compose down
  • 登录:
    • 通过IP访问
    • 配置hosts后通过域名访问
  • 获取root初始密码,24小时后失效,需及时修改密码
docker exec -it gitlab grep 'Password:' /etc/gitlab/initial_root_password

更多配置

IP地址登录

version: '3.6'
services:
  web:
    image: 'gitlab/gitlab-ce:latest'   # 默认最新镜像,亦可指定版本
    container_name: gitlab
    restart: unless-stopped
    privileged: true
    hostname: 'gitlab'
    environment:
      TZ: 'Asia/Shanghai'
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://192.168.17.200'  #项 本机IP地址
        gitlab_rails['time_zone'] = 'Asia/Shanghai'
        gitlab_rails['gitlab_shell_ssh_port'] = 2222
    ports:
      - '80:80'      #默认80 自定义主机端口时需不同修改external_url
      - '443:443'
      - '2222:22'    
    volumes:
      - '/data/gitlab/config:/etc/gitlab'
      - '/data/gitlab/data:/var/opt/gitlab'
      - '/data/gitlab/logs:/var/log/gitlab'

自定义端口

version: '3.6'
services:
  web:
    image: 'gitlab/gitlab-ce:latest'   # 默认最新镜像,亦可指定版本
    container_name: gitlab
    restart: unless-stopped
    privileged: true
    hostname: 'gitlab.l2c.com'
    environment:
      TZ: 'Asia/Shanghai'
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://gitlab.l2c.com:8888'  #项目clone地址,需与hostname一致,默认80端口
        gitlab_rails['time_zone'] = 'Asia/Shanghai'
        gitlab_rails['gitlab_shell_ssh_port'] = 2222
    ports:
      - '8888:8888'      #自定义端口
      - '443:443'
      - '2222:22'    
    volumes:
      - '/data/gitlab/config:/etc/gitlab'
      - '/data/gitlab/data:/var/opt/gitlab'
      - '/data/gitlab/logs:/var/log/gitlab'

配置邮箱+logging

参考自:gitlab配置邮件服务(QQ邮箱)图解教程

启用邮箱后需手动修改管理员默认邮箱

在docker-compose编排文件中配置
version: '3.6'
services:
  web:
    image: 'gitlab/gitlab-ce:latest'   # 默认最新镜像,亦可指定版本
    container_name: gitlab
    restart: unless-stopped
    privileged: true
    hostname: 'gitlab.l2c.com'
    environment:
      TZ: 'Asia/Shanghai'
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://gitlab.l2c.com'  #项目clone地址,需与hostname一致,默认80端口
        gitlab_rails['time_zone'] = 'Asia/Shanghai'
        gitlab_rails['gitlab_shell_ssh_port'] = 2222
        gitlab_rails['smtp_enable'] = true
        gitlab_rails['smtp_address'] = "smtp.qq.com"
        gitlab_rails['smtp_port'] = 465
        gitlab_rails['smtp_user_name'] = "[email protected]"  # 用自己的邮箱
        gitlab_rails['smtp_password'] = "xxxxxxxx"   # 开启smtp后生成的授权码
        gitlab_rails['smtp_domain'] = "smtp.qq.com"
        gitlab_rails['smtp_authentication'] = "login"
        gitlab_rails['smtp_enable_starttls_auto'] = true
        gitlab_rails['smtp_tls'] = true
        gitlab_rails['gitlab_email_from'] = '[email protected]'
        alertmanager['admin_email'] = '[email protected]'   # 设置管理员邮箱
    ports:
      - '80:80'      #默认80 自定义主机端口时需不同修改external_url
      - '443:443'
      - '2222:22'
    volumes:
      - '/data/gitlab/config:/etc/gitlab'
      - '/data/gitlab/data:/var/opt/gitlab'
      - '/data/gitlab/logs:/var/log/gitlab'
    logging:
      driver: "json-file"
      options:
        max-size: "200m"
        max-file: "10"
docker-compose up -d
在持久化文件中配置
vim /data/gitlab/config/gitlab.rb
# 编辑邮箱配置
  • 进入容器,重载配置
# 进入gitlab容器
docker exec -it gitlab /bin/bash

# 重载配置
gitlab-ctl reconfigure
  • 测试
# 进入控制台(需要一点时间)
gitlab-rails console

# 发送测试邮件
Notify.test_email('[email protected]','gitlab邮箱测试','gitlab邮箱测试').deliver_now

配置SSL

生成HTTPS访问证书
  • 创建证书存放目录
mkdir -p ./ssl 
cd ./ssl 
  • 创建证书
openssl req  -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 3650 -out ca.crt

# 一路回车出现Common Name 输入(因为是CA,可不输入IP或域名):L2C Cert Root CA  
# L2C为自定义名称
  • 生成证书签名请求
openssl req  -newkey rsa:4096 -nodes -sha256 -keyout gitlab.key -out gitlab.csr

# 一路回车出现Common Name 输入IP或域名:l2c.com
  • 新建extfile.cnf
vim extfile.cnf
subjectAltName = @alt_names
extendedKeyUsage = serverAuth

[alt_names]
# 域名,如有多个用DNS.2,DNS.3…来增加
DNS.1 = l2c.com
DNS.2 = *.l2c.com
# IP地址, 服务器的ip
IP.1 = 192.168.17.200
IP.2 = 127.0.0.1
  • 生成证书
openssl x509 -req -days 3650 -in gitlab.csr -CA ca.crt -CAkey ca.key -CAcreateserial -extfile extfile.cnf -out gitlab.crt
  • 分发证书至其它节点
scp ca.crt root@[IP]:/etc/pki/ca-trust/source/anchors/
  • 更新证书配置
update-ca-trust extract
配置HTTPS
  • 将证书拷贝至持久化目录
mkdir -p /data/gitlab/config/trusted-certs
cp gitlab.crt gitlab.key /data/gitlab/config/trusted-certs
  • 配置
version: '3.6'
services:
  web:
    image: 'gitlab/gitlab-ce:latest'   # 默认最新镜像,亦可指定版本
    container_name: gitlab
    restart: unless-stopped
    privileged: true
    hostname: 'gitlab.l2c.com'
    environment:
      TZ: 'Asia/Shanghai'
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'https://gitlab.l2c.com'  #项目clone地址,需与hostname一致,默认80端口
        nginx['redirect_http_to_https']= true   #取消注释改为 true
        nginx['ssl_certificate'] = "/etc/gitlab/trusted-certs/gitlab.crt"    #放置对应的证书密钥
        nginx['ssl_certificate_key'] = "/etc/gitlab/trusted-certs/gitlab.key" #放置对应的证书密钥
        gitlab_rails['time_zone'] = 'Asia/Shanghai'
        gitlab_rails['gitlab_shell_ssh_port'] = 2222
        gitlab_rails['smtp_enable'] = true
        gitlab_rails['smtp_address'] = "smtp.qq.com"
        gitlab_rails['smtp_port'] = 465
        gitlab_rails['smtp_user_name'] = "[email protected]"  # 用自己的邮箱
        gitlab_rails['smtp_password'] = "xxxxxxxx"   # 开启smtp后生成的授权码
        gitlab_rails['smtp_domain'] = "qq.com"
        gitlab_rails['smtp_authentication'] = "login"
        gitlab_rails['smtp_enable_starttls_auto'] = true
        gitlab_rails['smtp_tls'] = true
        gitlab_rails['gitlab_email_from'] = '[email protected]'
    ports:
      - '80:80'      #默认80 自定义主机端口时需不同修改external_url
      - '443:443'
      - '2222:22'
    volumes:
      - '/data/gitlab/config:/etc/gitlab'
      - '/data/gitlab/data:/var/opt/gitlab'
      - '/data/gitlab/logs:/var/log/gitlab'
    logging:
      driver: "json-file"
      options:
        max-size: "200m"
        max-file: "10"

重置root密码

git使用

配置全局用户名和邮箱

# 查看配置
git config --list

git config --global user.name "xxx"
git config --global user.email [email protected]

配置用户名和密码

# 启用store模式,输入密码后,会以明文形式默认保存于~/.git-credentials
git config --global credential.helper store

你可能感兴趣的:(k8s基础,容器,git,docker)