版本库:https://packages.gitlab.com/gitlab/gitlab-ce
版本选择: gitlab-ce_15.4.0-ce.0_amd64
curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash
sudo apt-get install gitlab-ce=15.4.0-ce.0
wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/ubuntu/focal/gitlab-ce_15.4.0-ce.0_amd64.deb/download.deb
sudo dpkg -i gitlab-ce_15.4.0-ce.0_amd64.deb
宝塔 -> 软件商店 -> GitLab最新社区版
编辑/etc/gitlab/gitlab.rb
,找到external_url
,更改为域名或者内网IP(指定端口加端口号)。
external_url 'http://172.16.2.166:8099'
指定端口号,默认80。
nginx['listen_port'] = 8099
编辑/etc/gitlab/gitlab.rb
,找到git_data_dirs
,自定义数据存储路径和备用的数据存储路径。
git_data_dirs({
"default" => { "path" => "/home/gitlab/gitlab-data"},
"alternative" => { "path" => "/var/opt/gitlab/git-data/repositories"}
})
1、编辑/etc/gitlab/gitlab.rb
,设定备份路径,备份权限以及备份保留时间。
gitlab_rails['manage_backup_path'] = true // 开启备份
gitlab_rails['backup_path'] = "/home/gitlab/backups" // gitlab备份目录
gitlab_rails['backup_archive_permissions'] = 0644 // 生成的备份文件权限
gitlab_rails['backup_keep_time'] = 7776000 // 备份保留时间,秒计算 7776000 = 3600*24*30*3 = 90天
2、编辑/etc/crontab
,启动定时任务,每天凌晨2点进行备份。
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
0 2 * * * root /opt/gitlab/bin/gitlab-rake gitlab:backup:create
3、Ubuntu 系统启动定时任务,
sudo systemctl restart cron
/etc/gitlab/gitlab.rb
,需要执行sudo gitlab-ctl reconfigure
。sudo gitlab-ctl restart
。常用命令如下:
指令 | 作用 |
---|---|
sudo gitlab-ctl reconfigure | 重新加载配置,每次修改/etc/gitlab/gitlab.rb文件之后执行 |
sudo gitlab-ctl status | 查看 GitLab 状态 |
sudo gitlab-ctl start | 启动 GitLab |
sudo gitlab-ctl stop | 停止 GitLab |
sudo gitlab-ctl restart | 重启 GitLab |
sudo gitlab-ctl tail | 查看所有日志 |
sudo gitlab-ctl tail nginx/gitlab_acces.log | 查看 nginx 访问日志 |
sudo gitlab-ctl tail postgresql | 查看 postgresql 日志 |
备份恢复或者迁移的前提是要恢复的gitlab版本与备份时的gielab版本相同,不清楚备份时的gitlab版本的,可解压备份压缩包进行查看。如:备份(我的路径在gitlab.rb中进行了更改,根据自己设置查看) /home/gitlab/backups/1664992816_2022_10_06_15.4.0_gitlab_backup.tar 内的结构如下。
├── artifacts.tar.gz
├── backup_information.yml
├── builds.tar.gz
├── db
├── lfs.tar.gz
├── packages.tar.gz
├── pages.tar.gz
├── repositories
├── terraform_state.tar.gz
└── uploads.tar.gz
打开backup_information.yml进行查看,可以看到备份的gitlab版本为15.4.0
。
:db_version: '20220916112841'
:backup_created_at: 2022-10-06 02:00:16.473275493 +08:00
:gitlab_version: 15.4.0
:tar_version: tar (GNU tar) 1.30
:installation_type: omnibus-gitlab
:skipped:
:repositories_storages:
:repositories_paths:
如果仅是在原有gitlab进行恢复,则准备恢复的文件。
如果需要进行迁移,准备下面两个文件进行替换。
断开gitlab的相关数据连接服务。
sudo gitlab-ctl stop unicorn
sudo gitlab-ctl stop sidekiq
选择对应备份进行恢复
sudo gitlab-rake gitlab:backup:restore BACKUP=1664992816_2022_10_06_15.4.0
还原结束后会提示
2022-10-09 11:06:13 +0800 -- Restore task is done.
之后重启
sudo gitlab-ctl restart
如忘记了ROOT密码或者已经失效,进入gitlab的控制台进行更改。
下面展示了把ROOT账号密码重置为12345678的操作过程。
daobanmojie:~$ sudo gitlab-rails console -e production
--------------------------------------------------------------------------------
Ruby: ruby 2.7.5p203 (2021-11-24 revision f69aeb8314) [x86_64-linux]
GitLab: 15.4.2 (ef309cf1466) FOSS
GitLab Shell: 14.10.0
PostgreSQL: 13.6
------------------------------------------------------------[ booted in 19.58s ]
Loading production environment (Rails 6.1.6.1)
irb(main):001:0> user = User.where(id: 1).first
=> #
irb(main):003:0> user.password='12345678'
=> "12345678"
irb(main):005:0> user.password_confirmation='12345678'
=> "12345678"
irb(main):006:0> user.save!
=> true
irb(main):007:0> quit
daobanmojie:~$
sudo vi /etc/gitlab/gitlab.rb
设置gitlab_pages[‘enable’]
为true
,设置page页面的地址,不能是IP,如果只有IP则随便写,然后修改本地hosts
即可。
################################################################################
## GitLab Pages
##! Docs: https://docs.gitlab.com/ee/administration/pages/
################################################################################
##! Define to enable GitLab Pages
pages_external_url "http://docs.example.com/"
gitlab_pages['enable'] = true
如果还要打开访问控制,则需要设置
gitlab_pages['access_control'] = true
然后运行下面的指令使其生效。
gitlab-ctl reconfigure
gitlab-ctl restart
管理员登陆GitLab,“菜单”=>“管理员”=>“设置”=>“偏好设置”中展开Pages选项,进行配置并保存。
根据提示运行如下代码安装
# Download the binary for your system
sudo curl -L --output /usr/local/bin/gitlab-runner https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-linux-amd64
# Give it permission to execute
sudo chmod +x /usr/local/bin/gitlab-runner
# Create a GitLab Runner user
sudo useradd --comment 'GitLab Runner' --create-home gitlab-runner --shell /bin/bash
# Install and run as a service
sudo gitlab-runner install --user=gitlab-runner --working-directory=/home/gitlab-runner
sudo gitlab-runner start
然后注册
sudo gitlab-runner register --url http://xx.xx.xx.xxx/ --registration-token xxxxxxxxxxxxxx
卸载runner
# 停止服务
gitlab-runner stop
# 取消随机启动
chkconfig gitlab-runner off
# 卸载服务
gitlab-runner uninstall
# 清理文件
rm -rf /etc/gitlab-runner
rm -rf /usr/local/bin/gitlab-runner
rm -rf /usr/bin/gitlab-runner
rm -rf /etc/sudoers.d/gitlab-runner
项目添加.gitlab-ci.yml
文件,默认的HTML文件的为
# This file is a template, and might need editing before it works on your project.
# To contribute improvements to CI/CD templates, please follow the Development guide at:
# https://docs.gitlab.com/ee/development/cicd/templates.html
# This specific template is located at:
# https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Pages/HTML.gitlab-ci.yml
# Full project: https://gitlab.com/pages/plain-html
pages:
stage: deploy
script:
- mkdir .public
- cp -r ./* .public
- rm -rf public
- mv .public public
artifacts:
paths:
- public
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
保存后切换“CI/CD” 流水线看是否通过。
把Pages部署目录配置到Nginx。
Pages部署目录默认为:/var/opt/gitlab/gitlab-rails/shared/pages
我这里迁移了存储路径:/home/gitlab-runner/builds/22qUWw4P/0/docs/docs
当然也可以设置.gitlab-ci.yml
指定路径,不过注意权限问题。
在宝塔页面创建了一个站点,把网站目录设置到Pages部署,即可用IP访问。
宝塔安装的gtlab,为了防止nginx冲突, 把gitlab的nginx启动文件名改成了gitlab-web,但配置文件里面却没改。手动修改修改启动脚本/opt/gitlab/sv/nginx/run
,修改后重启。
#!/bin/sh
exec 2>&1
cd /var/opt/gitlab/nginx
exec chpst -P /opt/gitlab/embedded/sbin/gitlab-web -p /var/opt/gitlab/nginx
因为 nginx 和GitLab中的 grafana 服务默认都会使用 3000端口
修改配置文件grafana.ini
sudo vi /etc/grafana/grafana.ini
宝塔安装的路径为/var/opt/gitlab/grafana/grafana.ini
sudo vi /var/opt/gitlab/grafana/grafana.ini
更改为需要的端口号,我这里更改为3001
#################################### Server ####################################
[server]
# Protocol (http, https, socket)
protocol = http
# The ip address to bind to, empty will bind to all interfaces
http_addr = localhost
# The http port to use
http_port = 3001
# The public facing domain name used to access grafana from a browser
;domain = localhost
查看
daobanmojie:~$ sudo netstat -ltunp | grep 3001
tcp 0 0 127.0.0.1:3001 0.0.0.0:* LISTEN 18895/grafana-serve
$ groups gitlab-runner
> gitlab-runner : gitlab-runner
$ sudo usermod -a -G root gitlab-runner
$ sudo groups gitlab-runner
> gitlab-runner : gitlab-runner root
错误提示如下:
Running with gitlab-runner 15.4.0 (43b2dc3d)
on yangjiawei qaijDSts
Preparing the "shell" executor
00:00
Using Shell executor...
Preparing environment
00:00
Running on doudian-fwq...
ERROR: Job failed: prepare environment: exit status 1. Check https://docs.gitlab.com/runner/shells/index.html#shell-profile-loading for more information
sudo rm -r /home/gitlab-runner/.bash_logout
我这里是因为未迁移gitlab-secrets.json
文件导致加密不能解析引起的,进入控制台重置。
doudian@doudian-fwq:~$ sudo gitlab-rails dbconsole
psql (13.6)
Type "help" for help.
gitlabhq_production=> UPDATE projects SET runners_token = null, runners_token_encrypted = null;
UPDATE 9
gitlabhq_production=> UPDATE namespaces SET runners_token = null, runners_token_encrypted = null;
UPDATE 26
gitlabhq_production=> UPDATE application_settings SET runners_registration_token_encrypted = null;
UPDATE 1
gitlabhq_production=> UPDATE application_settings SET encrypted_ci_jwt_signing_key = null;
UPDATE 1
gitlabhq_production=> UPDATE ci_runners SET token = null, token_encrypted = null;
UPDATE 1
gitlabhq_production=> exit
除了上述错误,为迁移gitlab-secrets.json还会导致CI/CD错误。
gitlab-secrets.json文件负责为包含必需的敏感信息的列存储加密密钥。 如果密钥丢失,则GitLab无法解密这些列,从而无法访问以下项目:
详细参考 https://docs.gitlab.com/ee/raketasks/backup_restore.html#when-the-secrets-file-is-lost