c4rt1y

gitlab 安装与使用

2017-11-05 Linux, gitlab, devops

0x01 gitlab介绍

GitLab:是一个基于Git实现的在线代码仓库托管软件,你可以用gitlab自己搭建一个类似于Github一样的系统,一般用于在企业、学校等内部网络搭建git私服。它是一个提供代码托管、提交审核和问题跟踪的代码管理平台。对于软件工程质量管理非常重要。

0x02 环境介绍

#一共1台服务器
git.010sec.com 10.10.10.10


#关闭防火墙
systemctl stop firewalld.service
systemctl disable firewalld.service


#下载第三方依赖环境包
yum -y install epel-release


#关闭selinux,需要重启
sed -i 's:SELINUX=enforcing:SELINUX=disabled:g' /etc/selinux/config

#临时关闭seLinux
setenforce 0

#重启
reboot

0x03 环境安装

# 安装基础软件
sudo yum install -y curl policycoreutils-python openssh-server openssh-clients postfix
# 设置启动项以及启动项目
sudo systemctl enable sshd postfix
sudo systemctl start sshd postfix


# rpm安装
wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-8.17.2-ce.0.el7.x86_64.rpm
yum install gitlab-ce-8.17.2-ce.0.el7.x86_64.rpm -y

# 修改简单配置文件
vim /etc/gitlab/gitlab.rb
external_url 'http://git.010sec.cn'
unicorn['listen'] = '127.0.0.1'
unicorn['port'] = 3000

# gitlab配置生效
gitlab-ctl reconfigure 

# 进行修改密码,账号为admin

change-password-gitlab

0x04 细节研究

# 4.1 基础命令
gitlab-rake gitlab:check  # 检测配置是否正常
gitlab-ctl reconfigure	# 重新编译gitlab的配置;
gitlab-ctl start	# 启动所有 gitlab 组件;
gitlab-ctl stop 	# 停止所有 gitlab 组件;
gitlab-ctl restart	# 重启所有 gitlab 组件;
gitlab-ctl status	# 查看服务状态;
gitlab-rake gitlab:check SANITIZE=true --trace 	# 检查gitlab;
gitlab-ctl tail  	 # 查看日志;
gitlab-ctl tail nginx/gitlab_access.log

# 4.2 常用目录
/var/log/gitlab/   	# 日志地址: 对应各服务的打印日志 
/var/opt/gitlab/   	# 服务地址: 对应各服务的主目录 
/var/opt/gitlab/backups  	# 备份文件地址: 对应备份文件目录
cat /opt/gitlab/embedded/service/gitlab-rails/VERSION 		# 查看gitlab版本
ls /var/opt/gitlab/git-data/repositories  		# 仓库地址

# 4.3 密码修改(基于默认数据库postgre)
gitlab-rails console production
user = User.where(id:1).first
user.password='123456'
user.save!

# 4.4 邮件发送

# 增加配置文件
vim /etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.mxhichina.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "c4rt1y@010sec.com"
gitlab_rails['smtp_password'] = "fchxnkgnnmnrjdfb"
gitlab_rails['smtp_domain'] = "010sec.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = false
gitlab_rails['gitlab_email_from'] = 'c4rt1y@010sec.com'
user['git_user_email'] = "c4rt1y@010sec.com"
gitlab_rails['smtp_tls'] = true

# gitlab配置生效
gitlab-ctl reconfigure

# 重启
gitlab-ctl restart

# 控制台测试
gitlab-rails console

#进入控制台,然后发送邮件
Notify.test_email('c4rt1y@010sec.com', '邮件标题', '邮件正文').deliver_now

0x05 数据备份与数据恢复

# 5.1 数据备份
/usr/bin/gitlab-rake gitlab:backup:create  # 备份

# 4.2 数据恢复

# 进入目录
cd /var/opt/gitlab/backups

# 列表
[root@gitlab-1 /var/opt/gitlab/backups] $ls
1517240669_2018_01_29_gitlab_backup.tar

# 停止unicorn和sidekiq,保证数据库没有新的连接,不会有写数据情况
sudo gitlab-ctl stop unicorn 
sudo gitlab-ctl stop sidekiq 

# 时间戳 1517240669_2018_01_29
gitlab-rake gitlab:backup:restore BACKUP=1517240669_2018_01_29

# 数据恢复注意事项备注
1.数据恢复需要同一版本gitlab版本恢复
2.若使用scp命令传输备份文件,必须保持644权限

0x06 汉化

# 采取安装使用patch模式汉化安装

yum install patch -y

# git中文汉化包地址有两位大神gitlab
# larryli 大神更新只支持到了8系列版本部分
https://gitlab.com/larryli/gitlab
# xhang 大神更新支持全版本,基于larryli之上
https://gitlab.com/xhang/gitlab/


# 下载,为了方便起见,我们采用xhang大神的git
git clone https://gitlab.com/xhang/gitlab.git
# 查看gitlab版本
cat /opt/gitlab/embedded/service/gitlab-rails/VERSION
8.17.2

# 暂停gitlab
gitlab-ctl stop

# 进入gitlab
cd gitlab

# 切换版本
git fetch

# 匹配异同
git diff v8.17.2 v8.17.2-zh > ../8.17.2-zh.diff

# patch
cd ../ && patch -d /opt/gitlab/embedded/service/gitlab-rails -p1 < 8.17.2-zh.diff

# 重启gitlab
gitlab-ctl start

change-password-gitlab

0x07 PG改为mysql数据库

# 安装mysql源
rpm -ivh  http://dev.mysql.com/get/mysql-community-release-el6-5.noarch.rpm
# 安装mysql
yum install mysql-community-server mysql-devel -y
# 启动mysql
service mysqld start

# 数据库操作

# 创建 用户
CREATE USER 'git'@'localhost' IDENTIFIED BY '123456';

# 创建数据库
CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_general_ci`;

# 赋予权限
GRANT SELECT, INSERT, UPDATE, DELETE,CREATE, CREATE TEMPORARY TABLES, DROP, INDEX, ALTER, LOCK TABLES, REFERENCES ON`gitlabhq_production`.* TO 'git'@'localhost';

# 刷新权限
flush privileges;


# gitlab的默认数据库为 gitlabhq_production,所以不需要修改,若想修改,也可以改建其他数据库
vim /etc/gitlab/gitlab.rb
gitlab_rails['db_adapter'] = 'mysql2'
gitlab_rails['db_encoding'] = 'utf8'
gitlab_rails['db_host'] = '127.0.0.1'
gitlab_rails['db_port'] = '3306'
gitlab_rails['db_username'] = 'git'
gitlab_rails['db_password'] = '123456'

# 修改mysql为postgre
cat /opt/gitlab/embedded/service/gitlab-rails/.bundle/config
---
BUNDLE_RETRY: "5"
BUNDLE_JOBS: "9"
BUNDLE_WITHOUT: "development:test:postgre"

# 防止安装gem时 mysql2不能安装,所以安装gcc
yum install gcc –y

# 安装mysql2
/opt/gitlab/embedded/bin/gem install mysql2 -v'0.3.20'

# 重启配置
gitlab-ctl reconfigure

# 查看页面以及数据库,发现ok ![change-password-gitlab](/image/2017-11-05-install-gitlab-rpm-and-using-gitlab-more-detail/mysql.png)

0x08 资料来源

https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/
https://gitlab.com/xhang/gitlab/
https://gitlab.com/larryli/gitlab.git
https://scarletsky.github.io/2016/06/18/issues-when-upgrading-gitlab/
https://www.cnblogs.com/smail-bao/p/9263073.html
https://msd.misuland.com/pd/3223833238703180702
https://blog.csdn.net/ken1583096683/article/details/82317099
GoTop