微信公众号搜"智元新知"关注
微信扫一扫可直接关注哦!

Centos6.8安装Gitlab7.6

概述

本帖针对Centos6/REHL6系统
Gitlab的安装过程主要包括以下组件的配置:

#修改/etc/selinux/config文件
将SELINUX=enforcing改为SELINUX=disabled,然后重启电脑
#sestatus-v
查看selinux状态
Currentmode:permissive#说明已关闭selinux
  • 安装软件包及版本要求

  • Ubuntu/Debian/CentOS/RHEL**

  • ruby 2.0+

  • git 1.7.10+

  • redis 2.0+

  • MysqL or Postgresql


1.安装软件包及解决依赖项

添加EPEL源:

wget-O/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6https://mirrors.tuna.tsinghua.edu.cn/epel/RPM-GPG-KEY-EPEL-6
rpm--import/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
#安装`epel-release-latest-6.noarch.rpm`包,启用EPEL
rpm-Uvhhttp://mirrors.ustc.edu.cn/epel/epel-release-latest-6.noarch.rpm
yumgroupinstall"Developmenttools"
yuminstallautoconfautomakebisonbuild-essentialbyacccheckinstallcmakecpiocrontabscurlcurl-develdb4-develexpat-develgcc-c++gdbm-develgettextgettext-develglibc-devellibcurl4-openssl-devlibexpat1-devlibffilibffi-devlibffi-devellibgdbm-devlibiculibicu-devlibicu-devellibkrb5-devlibncurses5-devlibreadline-devlibssl-devlibtoollibxml2libxml2-devlibxml2-devellibxsltlibxslt-devlibxslt-devellibyamllibyaml-devlibyaml-devellibz-devlogrotatelogwatchmakencurses-developenssh-serveropenssl-develpatchpcre-develperl-ExtUtils-CBuilderperl-ExtUtils-MakeMakerperl-Time-HiRespkg-configpostfixpython-develpython-docutilsreadlinereadline-develsqlite-develsudosystem-config-firewall-tuitcl-develvimwgetzlib1g-devzlib-devel

安装git
如果已经用yum安装过git,要先卸载掉旧的版本

yumremovegit

使用源码编译安装git

mkdir/tmp/git&&cd/tmp/git
curl-O--progresshttps://www.kernel.org/pub/software/scm/git/git-2.8.5.tar.gz
tarzxvfgit-2.8.5.tar.gz
cdgit-2.8.5
./configure
makeprefix=/usr/localall
#安装到/usr/local/bin
sudomakeprefix=/usr/localinstall
#验证git版本号
git--version
#创建软连接
ln-s/usr/local/bin/git/usr/bin/git

2.添加系统用户

我们添加一个用来管理运行Gitlab的用户git

adduser--system--shell/bin/bash--comment'GitLab'--create-home--home-dir/home/git/git
#修改git用户的环境变量PATH,以root用户运行
visudo
#找到下面一行
Defaultssecure_path=/sbin:/bin:/usr/sbin:/usr/bin
#修改为
Defaultssecure_path=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin

3.安装ruby环境

在Gitlab生产环境使用Ruby版本管理工具RVM,rbenv或者chruby常常会带来很多疑难杂症.比如Gitlab-shell版本管理器调用OpenSSH的功能以防止越过ssh对仓库进行pull和push操作.而前面提到的三个版本管理器不支持这样的功能,所以我们强烈建议大家按照下面的方式来安装Ruby.

Note: The current supported Ruby (MRI) version is 2.3.x. GitLab 9.0 dropped

support for Ruby 2.1.x.

  1. 如果系统上存在旧的Ruby1.8,先删除掉:

yumremoveruby
  1. 下载Ruby源码,编译安装:

mkdir/tmp/ruby&&cd/tmp/ruby
#这里替换官方文档的下载地址为mirrors.ustc.edu.cn提供的镜像地址
curl-O--progresshttps://cache.ruby-lang.org/pub/ruby/2.1/ruby-2.1.5.tar.gz
tarzxvfruby-2.1.5.tar.gz
cdruby-2.1.5
./configure--disable-install-rdoc
make
sudomakeinstall
安装完成后,重新登录终端确保$PATH生效,检测ruby的安装成功与否:
ruby-v
ln-s/usr/local/bin/ruby/usr/bin/ruby


  1. 国内使用Ruby的Gem和Bundler必须要做的事情:

#修改git用户gem安装源为淘宝
gemsources--addhttps://ruby.taobao.org/--removehttps://rubygems.org/
#确保git用户当前gems源为淘宝
gemsources-l
***CURRENTSOURCES***

备:gems源中科大:https://gems.ruby-china.org/
  1. 安装bundle包(root用户)

sudogeminstallbundler--no-ri--no-rdoc


4-1.安装数据库-MysqL

安装MysqL数据库,设置数据库管理员密码

#下载yum仓库文件:
wgethttp://dev.MysqL.com/get/MysqL-community-release-el6-5.noarch.rpm
#下载完成后将Yum库导入到你的本地:
sudoyumlocalinstallMysqL-community-release-el6-*.noarch.rpm
#安装MysqLServer:
yuminstallMysqL-serverMysqL-develMysqL-clientlibMysqLclient-dev
#启动MysqL服务
/etc/init.d/MysqLdstart
#MysqL安全配置向导
MysqL_secure_installation
---------------------------------------------------------------------------------
Entercurrentpasswordforroot(enterfornone):<�C初次运行直接回车
Setrootpassword?[Y/n]<�C是否设置root用户密码,输入y并回车或直接回车
Removeanonymoususers?[Y/n]<�C是否删除匿名用户,生产环境建议删除,所以直接回车
disallowrootloginremotely?[Y/n]<�C是否禁止root远程登录,根据自己的需求选择Y/n并回车,建议禁止
Removetestdatabaseandaccesstoit?[Y/n]<�C是否删除test数据库,直接回车
ReloadprivilegetablesNow?[Y/n]<�C是否重新加载权限表,直接回车

创建新用户数据库给gitlab使用

#登录数据库
$MysqL-uroot-p
#输入root密码
#为gitlab创建使用用户
MysqL>createuser'gitlab'@'localhost'IDENTIFIEDBY'gitlab账号的密码';
#创建gitlaba使用的数据库
MysqL>CREATEDATABASEIFNOTEXISTS`gitlabhq_production`DEFAULTCHaraCTERSET`utf8`COLLATE`utf8_unicode_ci`;
#给予gitlab用户权限
MysqL>GRANTSELECT,LOCKTABLES,INSERT,UPDATE,DELETE,CREATE,DROP,INDEX,ALTERON`gitlabhq_production`.*TO'git'@'localhost'IDENTIFIEDBY'gitpasswd';
#刷新权限
MysqL>flushprivileges;
#查看创建的用户
MysqL>selectuser,host,passwordfromMysqL.user;
#测试新建的用户能否登陆MysqL
MysqL-ugit-p-hlocalhost
MysqL>showdatabases;
+---------------------+
|Database|
+---------------------+
|information_schema|
|gitlabhq_production|
+---------------------+
2rowsinset(0.00sec)

4-2.安装数据库-Postgresql

配置postgresql安装源:
https://wiki.postgresql.org/wiki/YUM_Installation#Configure_your_YUM_repository

#修改/etc/yum.repos.d/CentOS-Base.repo,在[base]和[update]段落添加下面的配置
exclude=postgresql*
#安装postgresql源
yumlocalinstallhttp://mirrors.ustc.edu.cn/postgresql/repos/yum/9.5/redhat/rhel-6-x86_64/pgdg-centos95-9.5-3.noarch.rpm
#yumlocalinstallhttp://mirrors.ustc.edu.cn/postgresql/repos/yum/9.2/redhat/rhel-6-x86_64/pgdg-redhat92-9.2-8.noarch.rpm
#安装postgresql
yuminstallpostgresql95-serverpostgresql95-develpostgresql95-contrib
#认情况下,postgresql数据库文件存放在
/var/lib/pgsql/9.5/data

#初始化
mv/etc/init.d/{postgresql-9.5,postgresql}
servicepostgresqlinitdb
#启动postgresql
servicepostgresqlstart
#配置postgresql自启动
chkconfigpostgresqlon

#为Gitlab创建一个用户用户名为git
cd/home
sudo-upostgrespsql-dtemplate1-c"createusergitCREATEDB;"
#创建pg_trgm扩展(requiredforGitLab8.6+):
sudo-upostgrespsql-dtemplate1-c"CREATEEXTENSIONIFNOTEXISTSpg_trgm;"
#创建Gitlab生产环境数据库并赋予git用户属主权限
sudo-upostgrespsql-dtemplate1-c"CREATEDATABASEgitlabhq_productioNowNERgit;"
#用git用户测试下是否能登录刚才创建的数据库
sudo-ugit-Hpsql-dgitlabhq_production
#检查是否启用pg_trgm扩展:
SELECTtrueASenabled
FROMpg_available_extensions
WHEREname='pg_trgm'
ANDinstalled_versionISNOTNULL;
如果启用了扩展,这将产生以下输出:
enabled
---------
t
(1row)
#退出数据库会话
gitlabhq_production>\q

#创建pg_config的软连接
ln-s/usr/pgsql-9.5/bin/pg_config/usr/bin/pg_config

5.配置Redis

#此处redis是yum安装,为了省事。
yuminstall-yredis

#disableRedislisteningonTCPbysetting'port'to0
sed's/^port.*/port0/'/etc/redis/redis.conf.orig|sudotee/etc/redis/redis.conf

#添加redis.sock文件信息
echo'unixsocket/var/run/redis/redis.sock'|tee-a/etc/redis.conf
echo-e'unixsocketperm0770'|tee-a/etc/redis.conf

#创建文件并赋予权限
mkdir-p/var/run/redis
sudochownredis:redis/var/run/redis
sudochmod755/var/run/redis

#Persistthedirectorywhichcontainsthesocket,ifapplicable
if[-d/etc/tmpfiles.d];then
echo'd/var/run/redis0755redisredis10d-'|sudotee-a/etc/tmpfiles.d/redis.conf
fi

#将redis用户添加到git组
sudousermod-aGredisgit

#配置redis使其在开机时启动:
sudochkconfigredison
sudoserviceredisstart

6.安装GitLab

#将GitLab安装在git的家目录下:
cd/home/git/
sudo-ugit-Hgitclonehttps://gitlab.com/gitlab-org/gitlab-ce.git-b7-6-stablegitlab
cd/home/git/gitlab

#复制gitlab.yml(Gitlab的主配置文件)
sudo-ugit-Hcpconfig/gitlab.yml.exampleconfig/gitlab.yml

#修改gitlab.yml
sudo-ugit-Hvimconfig/gitlab.yml
host:localhost为####修改第32行你的域名或者ip
port:80
https:false

#修改log/和tmp/文件夹权限
sudochown-Rgitlog/
sudochown-Rgittmp/
sudochmod-Ru+rwX,go-wlog/
sudochmod-Ru+rwXtmp/

#创建文件夹gitlab-satellites
sudo-ugit-Hmkdir/home/git/gitlab-satellites
sudochmodu+rwx,g=rx,o-rwx/home/git/gitlab-satellites

#修改tmp/pids/和tmp/sockets/文件夹权限
sudochmod-Ru+rwXtmp/pids/
sudochmod-Ru+rwXtmp/sockets/

#创建public/uploads/文件夹
sudo-ugit-Hmkdirpublic/uploads/

#修改public/uploads/文件夹权限,只有git用户有访问权限
sudochmod-Ru+rwXpublic/uploads

#复制Unicorn配置文件
sudo-ugit-Hcpconfig/unicorn.rb.exampleconfig/unicorn.rb

#查询cpu核心数
nproc

#如果你想搭建一个负载的Gitlab实例,可启用集群模式.
#修改'worker_processes'参数,至少要跟cpu核心数一样.
#修改监听地址和端口,要和下文gitlab-shell/config.yml中配置一致
sudo-ugit-Hvimconfig/unicorn.rb
worker_processes3
listen"your_IP:8080",:tcp_nopush=>true

#复制Rackattack配置文件
sudo-ugit-Hcpconfig/initializers/rack_attack.rb.exampleconfig/initializers/rack_attack.rb

#为git用户配置用户邮件

sudo-ugit-Hgitconfig--globaluser.name"GitLab"
sudo-ugit-Hgitconfig--globaluser.email"example@example.com"

#'autocrlf'需要Web编辑器
sudo-ugit-Hgitconfig--globalcore.autocrlfinput

#复制Redis连接配置文件
sudo-ugit-Hcpconfig/resque.yml.exampleconfig/resque.yml

#如修改过redissocket的路径,在这配置文件里面修改,确认redis端口和ip.
sudo-ugit-Hvimconfig/resque.yml
-------------------------------------
development:redis://127.0.0.1:6379
test:redis://127.0.0.1:6379
production:unix:/var/run/redis/redis.sock

7.GitLab数据库配置

#仅限于MysqL:
sudo-ugitcpconfig/database.yml.MysqLconfig/database.yml

#仅限于Postgresql:
sudo-ugitcpconfig/database.yml.postgresqlconfig/database.yml

#以下修改针对MysqL修改username/password.

sudo-ugit-Hvimconfig/database.yml
production:
adapter:MysqL2
encoding:utf8
collation:utf8_general_ci
reconnect:false
database:gitlabhq_production
pool:10
username:git
password:"gitpasswd"
#host:localhost
#socket:/tmp/MysqL.sock
socket:/var/lib/MysqL/MysqL.sock


#以下修改针对Postgresql修改username/password.
#修改'securepassword'为你设置的密码,没单独设置则不改
production:
adapter:postgresql
encoding:unicode
database:gitlabhq_production
pool:10
#username:git
#password:#未设置不用修改
#host:localhost
#port:5432

#修改database.yml的权限,确保git用户可以读取该文件.
sudo-ugit-Hchmodo-rwxconfig/database.yml

8.Gems安装

#进入gitlab目录
cd/home/git/gitlab
--------------------------------------------------------------
gemsources--addhttps://ruby.taobao.org/--removehttps://rubygems.org/
--------------------------------------------------------------
#修改Gemfile和Gemfile.lock
vimGemfile(Gemfile.lock)
更改
sourcehttps://rubygems.org/
为:
source'https://ruby.taobao.org/'
--------------------------------------------------------------
#确保只有https://ruby.taobao.org/
gemsources-l
https://ruby.taobao.org/

ln-s/usr/local/bin/bundle/usr/bin/

####一定要注意选择自己用的数据库的命令
###Postgresql(note,theoptionsays"without...MysqL")
sudo-ugit-Hbundleinstall--deployment--withoutdevelopmenttestMysqLaws

#如果使用MysqL,执行下面的命令(note,theoptionsays"without...postgres")
sudo-ugit-Hbundleinstall--deployment--withoutdevelopmenttestpostgresaws

笔记:如果你想去用Kerberos做用户认证,然后在--without选项中省略Kerbero

9.Gitlab-shell安装

#Runtheinstallationtaskforgitlab-shell(replace`REdis_URL`ifneeded):
sudo-ugit-Hbundleexecrakegitlab:shell:install[v2.4.0]REdis_URL=unix:/var/run/redis/redis.sockRAILS_ENV=production

#认情况下,gitlab-shell的配置是根据Gitlab的配置生产的.
#你可以运行下面的命令查看和修改gitlab-shell的配置,
#监听端口要和/home/git/gitlab/config/unicorn.rb中配置一致
sudo-ugit-Hvim/home/git/gitlab-shell/config.yml
---
user:git
gitlab_url:https://localhost:8080/#使用https
http_settings:
self_signed_cert:false#如果gitlab_url为https,修改成true
repos_path:"/home/git/repositories/"
auth_file:"/home/git/.ssh/authorized_keys"
redis:
bin:"/usr/bin/redis-cli"
namespace:resque:gitlab
socket:"/var/run/redis/redis.sock"
log_level:INFO
audit_usernames:false

10.初始化数据库,激活高级特性

cd/home/git/gitlab

sudo-ugit-Hbundleexecrakegitlab:setupRAILS_ENV=production

#输入'yes'以创建数据库表

#当看到以下内容,表示已经安装完成
Administratoraccountcreated:
login:root
password:your_passwd
==Seedfrom/home/git/gitlab/db/fixtures/production/010_settings.rb

Note:你能通过提供环境变量设置 Administrator/root 密码和邮箱,分别为GITLAB_ROOT_PASSWORD 和 GITLAB_ROOT_EMAIL,如下所示。如果你不能设置密码(它被设置为认的) 请等待曝光gitlab到公共互联网直到安装完成和你已经登录到服务器的第一时间。 在第一次登录时,您将被迫更改认密码。.

sudo-ugit-Hbundleexecrakegitlab:setupRAILS_ENV=productionGITLAB_ROOT_PASSWORD=yourpasswordGITLAB_ROOT_EMAIL=youremail

11.下载服务脚本

wget-O/etc/init.d/gitlabhttps://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/sysvinit/centos/gitlab-unicorn
#配置gitlab的启动级别
chmod+x/etc/init.d/gitlab
chkconfig--addgitlab
chkconfiggitlabon

设置Logrotate
cd/home/git/gitlab
sudocplib/support/logrotate/gitlab/etc/logrotate.d/gitlab

检查GitLab环境配置
sudo-ugit-Hbundleexecrakegitlab:env:infoRAILS_ENV=production
-----
production

Systeminformation
System:		CentOS6.8
CurrentUser:	git
UsingRVM:	no
RubyVersion:	2.1.5p273
GemVersion:	2.2.2
BundlerVersion:1.15.1
RakeVersion:	10.3.2
SidekiqVersion:2.17.8

GitLabinformation
Version:	7.6.2
Revision:	fatal:Notagitrepository(oranyparentuptomountpoint/home)
Stoppingatfilesystemboundary(GIT_disCOVERY_ACROSS_FILESYstemnotset).
Directory:	/home/git/gitlab
DBAdapter:	MysqL2
URL:		http://your_ip
HTTPCloneURL:	http://your_ip/some-project.git
SSHCloneURL:	git@your_ip:some-project.git
UsingLDAP:	no
UsingOmniauth:	no

GitLabShell
Version:	2.1.0
Repositories:	/home/git/repositories/
Hooks:		/home/git/gitlab-shell/hooks/
Git:		/usr/bin/git


#生成GitLab前端资源
sudo-ugit-Hbundleexecrakeassets:precompileRAILS_ENV=production
#启动gitlab服务
servicegitlabstart


12.安装Nginx服务,并下载gitlab的站点配置文件

#使用yum进行安装
yuminstall-yNginx
chkconfigNginxon
wget-O/etc/Nginx/conf.d/gitlab.confhttps://gitlab.com/gitlab-org/gitlab-ce/raw/master/lib/support/Nginx/gitlab-ssl
#将Nginx用户添加到git组
mkdir-p/etc/Nginx/ssl
cd/etc/Nginx/ssl/
opensslreq-new-x509-nodes-days3560-outgitlab.crt-keyoutgitlab.key
#启动Nginx服务
serviceNginxrestart

13.Gitlab配置SMTP邮件

#使用SMTP邮件服务器,可以不安装postfix

cd/home/git/gitlab
sudo-ugit-Hcpconfig/initializers/smtp_settings.rb.sampleconfig/initializers/smtp_settings.rb

#修改如下
sudo-ugit-Hvimconfig/initializers/smtp_settings.rb


这里提供163和腾讯企业邮箱两种配置方式,注意将下面的123456替换成自己的密码
163邮箱:
ifRails.env.production?
Gitlab::Application.config.action_mailer.delivery_method=:smtp
ActionMailer::Base.delivery_method=:smtp#使用smtp方法
ActionMailer::Base.smtp_settings={
address:"smtp.163.com",port:25,user_name:"wpgitlab",password:"123456",domain:"163.com",authentication::plain,enable_starttls_auto:true
}
end

QQ邮箱:
ifRails.env.production?
Gitlab::Application.config.action_mailer.delivery_method=:smtp
ActionMailer::Base.delivery_method=:smtp#使用smtp方法
ActionMailer::Base.smtp_settings={
address:"smtp.exmail.qq.com",user_name:"wangpeng@scnee.com",domain:"smtp.qq.com",enable_starttls_auto:true,}
end

3.修改gitlab.yml
cd/home/git/gitlab
sudo-ugit-Hvimconfig/gitlab.yml

一键安装路径:
cd
/opt/gitlab-8.5.7-0
vim
apps/gitlab/htdocs/config/gitlab.yml

将认邮箱修改为自己的邮箱
163:
##Emailsettings
#Emailaddressusedinthe"From"fieldinmailssentbyGitLab
email_from:wpgit@163.com

腾讯企业邮箱:
##Emailsettings
#Emailaddressusedinthe"From"fieldinmailssentbyGitLab
email_from:wangpeng@scnee.com


#编辑文件
[root@gitgitlab]#sudo-ugit-Hvimconfig/environments/production.rb
config.action_mailer.delivery_method=:smtp#将方法修改成smtp方式

4.修改后。重启gitlab

#监控日志文件
tail-f/home/git/gitlab/log/*.log
tail-f/var/log/maillog


安装完成后gitlab运行异常使用如下命令检测,并解决

sudo-ugit-Hbundleexecrakegitlab:checkRAILS_ENV=production


验证结果,访问地址如下:

wKiom1l1cguCzu5wAASuN-fkXt0395.png-wh_50

用户名和密码如下

login.........root

password......5iveL!fe


备份恢复

Gitlab 创建备份

使用Gitlab一键安装包安装Gitlab非常单,同样的备份恢复与迁移也非常简单,用一条命令即可创建完整的Gitlab备份:

cd/home/git/gitlab
sudo-ugit-Hbundleexecrakegitlab:backup:createraILS_ENV=productionSTRATEGY=copy

注:跳过某些内容sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=productionSKIP=db,uploads

skip为:

db (database)
uploads (attachments)
repositories (Git repositories data)
builds (CI job output logs)
artifacts (CI job artifacts)
lfs (LFS objects)
registry (Container Registry images)
pages (Pages content)


Gitlab 修改备份文件认目录

修改/home/git/gitlab/config/gitlab.yml修改认存放备份文件的目录:

sudo-ugit-Hvim/home/git/gitlab/config/gitlab.yml
----------------------
backup:
path:"/home/git/backups/"#RelativepathsarerelativetoRails.root(default:tmp/backups/)

自动备份

#CreateafullbackupoftheGitLabrepositoriesandsqldatabaseeverydayat4am
04***cd/home/git/gitlab&&PATH=/usr/local/bin:/usr/bin:/binbundleexecrakegitlab:backup:creat
#04***cd/home/git/gitlab&&sudo-ugit-Hbundleexecrakegitlab:backup:createraILS_ENV=production

恢复

首先进入备份 gitlab 的目录,这个目录是配置文件中的path,本文设置为/home/git/backups/。

然后停止 unicorn 和 sidekiq ,保证数据库没有新的连接,不会有写数据情况。

#停止相关数据连接服务
servicegitlabstop

cd/home/git/gitlab
sudo-ugit-Hbundleexecrakegitlab:backup:restoreRAILS_ENV=productioneRAILS_ENV=productionCRON=1

#如果备份目录下面有多个备份文件,则需加参数并指明时间戳
BACKUP=timestamp_of_backup(requiredifmorethanonebackupexists)
force=yes(donotaskiftheauthorized_keysfileshouldgetregenerated)

sudo-ugit-Hbundleexecrakegitlab:backup:restoreRAILS_ENV=productioneRAILS_ENV=productionCRON=1force=yesBACKUP=timestamp_of_backup
#恢复时候BACKUP=timestamp_of_backuptimestamp_of_backup表示是时间前缀认恢复最新一次的备份

#启动Gitlab
sudogitlab-ctlstart
#恢复过程中没有权限
mkdir/home/git/backups/
chowngit/home/git/backups/
chmod700/home/git/backups/

迁移

把备份文件拷贝到gitlab的备份目录下,根据上面gitlab恢复步骤即可。

备份注意事项:

还需要备份文件:/home/git/gitlab/config/secrets.yml(两步验证时用到:用户名密码登录及短信验证)

版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。