0x0 GitLab介紹
gitlab 不用說灰追,大家都知道是做什么的脐嫂,gitlab 分為 Gitlab Community Edition(gitlab社區(qū)版又稱gitlab-ce)丧慈、Gitlab Enterprise Edition(gitlab企業(yè)版又稱gitlab-ee)娇豫;ce和ee的區(qū)別在于ce的功能在ee里面都有颈嚼,而EE里有的功能CE不一定支持怜械。如果要用高級功能辉浦,就花錢向gitlab團隊采購吧EА!
注意:官方推薦最低物理配置是2核宪郊,4G掂恕,推薦4C 8G
主機規(guī)劃
| 名稱 | 主機規(guī)劃 | 配置 | 安裝軟件 | 系統(tǒng) |
|---|---|---|---|---|
| gitlab01 | 10.0.0.158 | 4C 8G | yum install -y gitlab-ce | Centos7.6 1810 |
0x1 GitLab架構(gòu)
image
gitlab使用ruby on rails框架編寫的一個web界面的代碼倉庫管理系統(tǒng),在運行中使用了數(shù)據(jù)庫(postgresql[可以使用其他數(shù)據(jù)庫代替如mysql])弛槐、redis懊亡、nginx、gitlab-shell等組件來保證gitlab的正常運行乎串。
Gitlab的服務(wù)構(gòu)成
| 名稱 | 作用 | 備注 |
|---|---|---|
| Nginx服務(wù) | 靜態(tài)web服務(wù)器 | 比較重要 |
| gitlab-shell | 用于處理Git命令和修改authorized keys列表 | Ruby |
| workhorse | 輕量級的反向代理服務(wù)器 | go語言 |
| logrotate | 日志文件管理工具 | 無 |
| postgresql | 數(shù)據(jù)庫 | 無 |
| redis | 緩存數(shù)據(jù)庫 | 無 |
| sidekiq | 用于在后臺執(zhí)行隊列任務(wù)(異步執(zhí)行) | Ruby |
| unicorn | An HTTP server for Rack applications店枣,GitLab Rails應(yīng)用是托管在這個服務(wù)器上面的。 | Ruby Web Server,主要使用Ruby編寫 |
0x2 安裝GitLab
Centos7中可以直接通過配置yum源然后使用yum進行一鍵安裝
Step 1 配置yum源
國內(nèi)可以使用的清華大學的鏡像源安裝GitLab,相關(guān)配置及安裝參照:https://mirror.tuna.tsinghua.edu.cn/help/gitlab-ce/
以下內(nèi)容寫入yum源配置文件:/etc/yum.repos.d/gitlab-ce.repo
[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1
Step2 安裝
gitlab-ce一鍵安裝后可以利用rpm -ql gitlab-ce查詢其文件安裝路徑及相關(guān)文件路徑鸯两,其默認安裝路徑為/opt/gitlab/闷旧、程序數(shù)據(jù)及配置文件保存路徑為/var/opt/gitlab下。
相關(guān)默認位置
代碼倉庫保存位置:/var/opt/gitlab/git-data/repositories/
代碼倉庫備份位置:/var/opt/gitlab/backups/
postgresql數(shù)據(jù)及配置目錄:/var/opt/gitlab/postgresql/data/
redis默認配置目錄:/var/opt/gitlab/redis
gitlab主要配置文件:/etc/gitlab/gitlab.rb
yum makecache
yum install -y gitlab-ce
執(zhí)行過程如下
[root@gitlab ~]# cd /etc/yum.repos.d/
[root@gitlab yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo
[root@gitlab yum.repos.d]# vim gitlab-ce.repo
[root@gitlab yum.repos.d]# yum makecache
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: mirrors.neusoft.edu.cn
* extras: mirrors.neusoft.edu.cn
* updates: mirrors.tuna.tsinghua.edu.cn
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
gitlab-ce | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/10): extras/7/x86_64/other_db | 100 kB 00:00:00
(2/10): gitlab-ce/7/primary_db | 3.4 MB 00:00:01
(3/10): gitlab-ce/7/other_db | 32 kB 00:00:00
(4/10): extras/7/x86_64/filelists_db | 207 kB 00:00:01
(5/10): base/7/x86_64/other_db | 2.6 MB 00:00:09
(6/10): updates/7/x86_64/filelists_db | 3.5 MB 00:00:08
(7/10): updates/7/x86_64/other_db | 387 kB 00:00:00
(8/10): base/7/x86_64/filelists_db | 7.3 MB 00:00:11
(9/10): updates/7/x86_64/primary_db | 5.9 MB 00:00:14
(10/10): gitlab-ce/7/filelists_db | 278 MB 00:00:27
Metadata Cache Created
[root@gitlab yum.repos.d]# yum install -y gitlab-ce
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.neusoft.edu.cn
* extras: mirrors.neusoft.edu.cn
* updates: mirrors.tuna.tsinghua.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package gitlab-ce.x86_64 0:12.6.4-ce.0.el7 will be installed
--> Processing Dependency: policycoreutils-python for package: gitlab-ce-12.6.4-ce.0.el7.x86_64
--> Running transaction check
---> Package policycoreutils-python.x86_64 0:2.5-33.el7 will be installed
--> Processing Dependency: policycoreutils = 2.5-33.el7 for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: setools-libs >= 3.3.8-4 for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libsemanage-python >= 2.5-14 for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: audit-libs-python >= 2.1.3-4 for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: python-IPy for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.4)(64bit) for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libcgroup for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: checkpolicy for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libqpol.so.1()(64bit) for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libapol.so.4()(64bit) for package: policycoreutils-python-2.5-33.el7.x86_64
--> Running transaction check
---> Package audit-libs-python.x86_64 0:2.8.5-4.el7 will be installed
--> Processing Dependency: audit-libs(x86-64) = 2.8.5-4.el7 for package: audit-libs-python-2.8.5-4.el7.x86_64
---> Package checkpolicy.x86_64 0:2.5-8.el7 will be installed
---> Package libcgroup.x86_64 0:0.41-21.el7 will be installed
---> Package libsemanage-python.x86_64 0:2.5-14.el7 will be installed
---> Package policycoreutils.x86_64 0:2.5-29.el7 will be updated
---> Package policycoreutils.x86_64 0:2.5-33.el7 will be an update
---> Package python-IPy.noarch 0:0.75-6.el7 will be installed
---> Package setools-libs.x86_64 0:3.3.8-4.el7 will be installed
--> Running transaction check
---> Package audit-libs.x86_64 0:2.8.4-4.el7 will be updated
--> Processing Dependency: audit-libs(x86-64) = 2.8.4-4.el7 for package: audit-2.8.4-4.el7.x86_64
---> Package audit-libs.x86_64 0:2.8.5-4.el7 will be an update
--> Running transaction check
---> Package audit.x86_64 0:2.8.4-4.el7 will be updated
---> Package audit.x86_64 0:2.8.5-4.el7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
==========================================================================================================================
Package Arch Version Repository Size
==========================================================================================================================
Installing:
gitlab-ce x86_64 12.6.4-ce.0.el7 gitlab-ce 697 M
Installing for dependencies:
audit-libs-python x86_64 2.8.5-4.el7 base 76 k
checkpolicy x86_64 2.5-8.el7 base 295 k
libcgroup x86_64 0.41-21.el7 base 66 k
libsemanage-python x86_64 2.5-14.el7 base 113 k
policycoreutils-python x86_64 2.5-33.el7 base 457 k
python-IPy noarch 0.75-6.el7 base 32 k
setools-libs x86_64 3.3.8-4.el7 base 620 k
Updating for dependencies:
audit x86_64 2.8.5-4.el7 base 256 k
audit-libs x86_64 2.8.5-4.el7 base 102 k
policycoreutils x86_64 2.5-33.el7 base 916 k
Transaction Summary
==========================================================================================================================
Install 1 Package (+7 Dependent packages)
Upgrade ( 3 Dependent packages)
Total download size: 699 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/11): audit-libs-2.8.5-4.el7.x86_64.rpm | 102 kB 00:00:00
(2/11): audit-libs-python-2.8.5-4.el7.x86_64.rpm | 76 kB 00:00:00
(3/11): libcgroup-0.41-21.el7.x86_64.rpm | 66 kB 00:00:00
(4/11): checkpolicy-2.5-8.el7.x86_64.rpm | 295 kB 00:00:00
(5/11): libsemanage-python-2.5-14.el7.x86_64.rpm | 113 kB 00:00:00
(6/11): policycoreutils-2.5-33.el7.x86_64.rpm | 916 kB 00:00:00
(7/11): audit-2.8.5-4.el7.x86_64.rpm | 256 kB 00:00:00
(8/11): policycoreutils-python-2.5-33.el7.x86_64.rpm | 457 kB 00:00:00
(9/11): setools-libs-3.3.8-4.el7.x86_64.rpm | 620 kB 00:00:00
(10/11): python-IPy-0.75-6.el7.noarch.rpm | 32 kB 00:00:01
(11/11): gitlab-ce-12.6.4-ce.0.el7.x86_64.rpm | 697 MB 00:01:05
--------------------------------------------------------------------------------------------------------------------------
Total 11 MB/s | 699 MB 00:01:05
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : audit-libs-2.8.5-4.el7.x86_64 1/14
Updating : policycoreutils-2.5-33.el7.x86_64 2/14
Installing : audit-libs-python-2.8.5-4.el7.x86_64 3/14
Installing : setools-libs-3.3.8-4.el7.x86_64 4/14
Installing : libcgroup-0.41-21.el7.x86_64 5/14
Installing : checkpolicy-2.5-8.el7.x86_64 6/14
Installing : python-IPy-0.75-6.el7.noarch 7/14
Installing : libsemanage-python-2.5-14.el7.x86_64 8/14
Installing : policycoreutils-python-2.5-33.el7.x86_64 9/14
Installing : gitlab-ce-12.6.4-ce.0.el7.x86_64 10/14
Updating : audit-2.8.5-4.el7.x86_64 11/14
Cleanup : policycoreutils-2.5-29.el7.x86_64 12/14
Cleanup : audit-2.8.4-4.el7.x86_64 13/14
Cleanup : audit-libs-2.8.4-4.el7.x86_64 14/14
It looks like GitLab has not been configured yet; skipping the upgrade script.
*. *.
*** ***
***** *****
.****** *******
******** ********
,,,,,,,,,***********,,,,,,,,,
,,,,,,,,,,,*********,,,,,,,,,,,
.,,,,,,,,,,,*******,,,,,,,,,,,,
,,,,,,,,,*****,,,,,,,,,.
,,,,,,,****,,,,,,
.,,,***,,,,
,*,.
_______ __ __ __
/ ____(_) /_/ / ____ _/ /_
/ / __/ / __/ / / __ `/ __ \
/ /_/ / / /_/ /___/ /_/ / /_/ /
\____/_/\__/_____/\__,_/_.___/
Thank you for installing GitLab!
GitLab was unable to detect a valid hostname for your instance.
Please configure a URL for your GitLab instance by setting `external_url`
configuration in /etc/gitlab/gitlab.rb file.
Then, you can start your GitLab instance by running the following command:
sudo gitlab-ctl reconfigure
For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md
Verifying : audit-libs-2.8.5-4.el7.x86_64 1/14
Verifying : policycoreutils-python-2.5-33.el7.x86_64 2/14
Verifying : gitlab-ce-12.6.4-ce.0.el7.x86_64 3/14
Verifying : audit-2.8.5-4.el7.x86_64 4/14
Verifying : libsemanage-python-2.5-14.el7.x86_64 5/14
Verifying : python-IPy-0.75-6.el7.noarch 6/14
Verifying : checkpolicy-2.5-8.el7.x86_64 7/14
Verifying : policycoreutils-2.5-33.el7.x86_64 8/14
Verifying : libcgroup-0.41-21.el7.x86_64 9/14
Verifying : audit-libs-python-2.8.5-4.el7.x86_64 10/14
Verifying : setools-libs-3.3.8-4.el7.x86_64 11/14
Verifying : policycoreutils-2.5-29.el7.x86_64 12/14
Verifying : audit-libs-2.8.4-4.el7.x86_64 13/14
Verifying : audit-2.8.4-4.el7.x86_64 14/14
Installed:
gitlab-ce.x86_64 0:12.6.4-ce.0.el7
Dependency Installed:
audit-libs-python.x86_64 0:2.8.5-4.el7 checkpolicy.x86_64 0:2.5-8.el7 libcgroup.x86_64 0:0.41-21.el7
libsemanage-python.x86_64 0:2.5-14.el7 policycoreutils-python.x86_64 0:2.5-33.el7 python-IPy.noarch 0:0.75-6.el7
setools-libs.x86_64 0:3.3.8-4.el7
Dependency Updated:
audit.x86_64 0:2.8.5-4.el7 audit-libs.x86_64 0:2.8.5-4.el7 policycoreutils.x86_64 0:2.5-33.el7
Complete!
0x4 gitlab配置修改
編輯vim /etc/gitlab/gitlab.rb
修改gitlab運行外部URL默認的訪問地址
# 未修gitlab.rb配置文件中nginx配置時這個配置默認配置gitlab自帶的nginx端口
external_url 'http://10.0.0.158:8081'
#編輯完畢退出 執(zhí)行以下命令使配置生效
gitlab-ctl reconfigure
#重新啟動GitLab
gitlab-ctl restart
【注意】需要注意的是我們安裝gitlab的時候注意端口號占用的問題钧唐。
0x5 設(shè)置開機自啟動和防火墻規(guī)則
#設(shè)置開機自動啟動
systemctl enable gitlab-runsvdir.service
#設(shè)置禁用開機自動啟動
systemctl disable gitlab-runsvdir.service
#添加對應(yīng)端口
[root@gitlab yum.repos.d]# sudo firewall-cmd --permanent --add-service=http
success
[root@gitlab yum.repos.d]# sudo systemctl reload firewalld
[root@gitlab yum.repos.d]# firewall-cmd --zone=public --add-port=8081/tcp --permanent
success
[root@gitlab yum.repos.d]# firewall-cmd --reload
success
[root@gitlab yum.repos.d]# firewall-cmd --zone=public --list-ports
8081/tcp 80/tcp
0x6 瀏覽器中打開地址
Step1 http://10.0.0.158:8081 登陸成功會提示修改管理密碼
Step2 用管理員root 和自己修改的密碼登陸系統(tǒng)
【注意】如果瀏覽器輸入地址出現(xiàn)502忙灼,檢查你的端口號是否已經(jīng)被占用了,修改端口重新編譯使配置生效即可,記得添加防火墻規(guī)則逾柿。
[root@gitlab ~]# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:9100 0.0.0.0:* LISTEN 12432/node_exporter
tcp 0 0 127.0.0.1:9229 0.0.0.0:* LISTEN 12319/gitlab-workho
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 15579/unicorn maste
tcp 0 0 127.0.0.1:9168 0.0.0.0:* LISTEN 12302/puma 4.3.1.gi
tcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN 15598/nginx: master
tcp 0 0 127.0.0.1:8082 0.0.0.0:* LISTEN 15539/sidekiq 5.2.7
tcp 0 0 127.0.0.1:9236 0.0.0.0:* LISTEN 12290/gitaly
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 9479/sshd
tcp 0 0 127.0.0.1:3000 0.0.0.0:* LISTEN 15607/grafana-serve
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 9630/master
tcp 0 0 0.0.0.0:8060 0.0.0.0:* LISTEN 15598/nginx: master
tcp 0 0 127.0.0.1:9121 0.0.0.0:* LISTEN 12480/redis_exporte
tcp 0 0 127.0.0.1:9090 0.0.0.0:* LISTEN 12463/prometheus
tcp 0 0 127.0.0.1:9187 0.0.0.0:* LISTEN 12438/postgres_expo
tcp 0 0 127.0.0.1:9093 0.0.0.0:* LISTEN 12269/alertmanager
tcp6 0 0 ::1:9168 :::* LISTEN 12302/puma 4.3.1.gi
tcp6 0 0 :::22 :::* LISTEN 9479/sshd
tcp6 0 0 ::1:25 :::* LISTEN 9630/master
tcp6 0 0 :::9094 :::* LISTEN 12269/alertmanager
0x7 配置完畢使用GitLab創(chuàng)建項目
主頁面上有個4個功能 創(chuàng)建一個項目缀棍、創(chuàng)建一個組、添加人員机错、配置
選擇第一個 創(chuàng)建一個新的項目
設(shè)置完畢以后爬范,這樣就創(chuàng)建了好了項目,并把該項目托管到了我們的GitLab服務(wù)器上弱匪。
選擇右上角藍色Clone按鈕生成git和http方式訪問項目的路徑
客戶端Centos7或Windows中可以通過git clone命令把項目克隆下來青瀑。
這里需要注意的是通過git@10.0.0.158:8081/root/helloworld.git 這種方式克隆方式需要配置SSH KEY
[root@gitlab home]# git clone http://10.0.0.158:8081/root/helloworld.git
Cloning into 'helloworld'...
Username for 'http://10.0.0.158:8081': root
Password for 'http://root@10.0.0.158:8081':
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Unpacking objects: 100% (3/3), done.
[root@gitlab home]# ls
azkaban helloworld
