Git是一个开源的分布式版本控制系统,用于敏捷高效地处理任何或小或大项目。Git是Linus Torvalds为帮助管理Linux内核开发而开发的一个开放源码的版本控制软件。Git与常用的版本控制工具CVS、Subversion等不同,它采用分布式版本库的方式,不必服务器端软件支持。

0x0 GitLab介绍

gitlab 不用说,大家都知道是做什么的,gitlab 分为 Gitlab Community Edition(gitlab社区版又称gitlab-ce)、Gitlab Enterprise Edition(gitlab企业版又称gitlab-ee);ce和ee的区别在于ce的功能在ee里面都有,而EE里有的功能CE不一定支持。如果要用高级功能,就花钱向gitlab团队采购吧!!

注意:官方推荐最低物理配置是2核,4G,推荐4C 8G

主机规划

名称 主机规划 配置 安装软件 系统
gitlab01 10.0.0.158 4C 8G yum install -y gitlab-ce Centos7.6 1810

0x1 GitLab架构

image

gitlab使用ruby on rails框架编写的一个web界面的代码仓库管理系统,在运行中使用了数据库(postgresql[可以使用其他数据库代替如mysql])、redis、nginx、gitlab-shell等组件来保证gitlab的正常运行。

Gitlab的服务构成

名称 作用 备注
Nginx服务 静态web服务器 比较重要
gitlab-shell 用于处理Git命令和修改authorized keys列表 Ruby
workhorse 轻量级的反向代理服务器 go语言
logrotate 日志文件管理工具
postgresql 数据库
redis 缓存数据库
sidekiq 用于在后台执行队列任务(异步执行) Ruby
unicorn An HTTP server for Rack applications,GitLab Rails应用是托管在这个服务器上面的。 Ruby Web Server,主要使用Ruby编写

0x2 安装GitLab

Centos7中可以直接通过配置yum源然后使用yum进行一键安装

Step 1 配置yum源

国内可以使用的清华大学的镜像源安装GitLab,相关配置及安装参照:https://mirror.tuna.tsinghua.edu.cn/help/gitlab-ce/
以下内容写入yum源配置文件:/etc/yum.repos.d/gitlab-ce.repo

1
2
3
4
5
[gitlab-ce]
name=Gitlab CE Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/
gpgcheck=0
enabled=1

Step2 安装

gitlab-ce一键安装后可以利用rpm -ql gitlab-ce查询其文件安装路径及相关文件路径,其默认安装路径为/opt/gitlab/、程序数据及配置文件保存路径为/var/opt/gitlab下。

相关默认位置

代码仓库保存位置:/var/opt/gitlab/git-data/repositories/
代码仓库备份位置:/var/opt/gitlab/backups/
postgresql数据及配置目录:/var/opt/gitlab/postgresql/data/
redis默认配置目录:/var/opt/gitlab/redis
gitlab主要配置文件:/etc/gitlab/gitlab.rb

1
2
yum makecache
yum install -y gitlab-ce

执行过程如下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
[root@gitlab ~]# cd /etc/yum.repos.d/
[root@gitlab yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo
[root@gitlab yum.repos.d]# vim gitlab-ce.repo
[root@gitlab yum.repos.d]# yum makecache
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: mirrors.neusoft.edu.cn
* extras: mirrors.neusoft.edu.cn
* updates: mirrors.tuna.tsinghua.edu.cn
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
gitlab-ce | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/10): extras/7/x86_64/other_db | 100 kB 00:00:00
(2/10): gitlab-ce/7/primary_db | 3.4 MB 00:00:01
(3/10): gitlab-ce/7/other_db | 32 kB 00:00:00
(4/10): extras/7/x86_64/filelists_db | 207 kB 00:00:01
(5/10): base/7/x86_64/other_db | 2.6 MB 00:00:09
(6/10): updates/7/x86_64/filelists_db | 3.5 MB 00:00:08
(7/10): updates/7/x86_64/other_db | 387 kB 00:00:00
(8/10): base/7/x86_64/filelists_db | 7.3 MB 00:00:11
(9/10): updates/7/x86_64/primary_db | 5.9 MB 00:00:14
(10/10): gitlab-ce/7/filelists_db | 278 MB 00:00:27
Metadata Cache Created
[root@gitlab yum.repos.d]# yum install -y gitlab-ce
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.neusoft.edu.cn
* extras: mirrors.neusoft.edu.cn
* updates: mirrors.tuna.tsinghua.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package gitlab-ce.x86_64 0:12.6.4-ce.0.el7 will be installed
--> Processing Dependency: policycoreutils-python for package: gitlab-ce-12.6.4-ce.0.el7.x86_64
--> Running transaction check
---> Package policycoreutils-python.x86_64 0:2.5-33.el7 will be installed
--> Processing Dependency: policycoreutils = 2.5-33.el7 for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: setools-libs >= 3.3.8-4 for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libsemanage-python >= 2.5-14 for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: audit-libs-python >= 2.1.3-4 for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: python-IPy for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.4)(64bit) for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libcgroup for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: checkpolicy for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libqpol.so.1()(64bit) for package: policycoreutils-python-2.5-33.el7.x86_64
--> Processing Dependency: libapol.so.4()(64bit) for package: policycoreutils-python-2.5-33.el7.x86_64
--> Running transaction check
---> Package audit-libs-python.x86_64 0:2.8.5-4.el7 will be installed
--> Processing Dependency: audit-libs(x86-64) = 2.8.5-4.el7 for package: audit-libs-python-2.8.5-4.el7.x86_64
---> Package checkpolicy.x86_64 0:2.5-8.el7 will be installed
---> Package libcgroup.x86_64 0:0.41-21.el7 will be installed
---> Package libsemanage-python.x86_64 0:2.5-14.el7 will be installed
---> Package policycoreutils.x86_64 0:2.5-29.el7 will be updated
---> Package policycoreutils.x86_64 0:2.5-33.el7 will be an update
---> Package python-IPy.noarch 0:0.75-6.el7 will be installed
---> Package setools-libs.x86_64 0:3.3.8-4.el7 will be installed
--> Running transaction check
---> Package audit-libs.x86_64 0:2.8.4-4.el7 will be updated
--> Processing Dependency: audit-libs(x86-64) = 2.8.4-4.el7 for package: audit-2.8.4-4.el7.x86_64
---> Package audit-libs.x86_64 0:2.8.5-4.el7 will be an update
--> Running transaction check
---> Package audit.x86_64 0:2.8.4-4.el7 will be updated
---> Package audit.x86_64 0:2.8.5-4.el7 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

==========================================================================================================================
Package Arch Version Repository Size
==========================================================================================================================
Installing:
gitlab-ce x86_64 12.6.4-ce.0.el7 gitlab-ce 697 M
Installing for dependencies:
audit-libs-python x86_64 2.8.5-4.el7 base 76 k
checkpolicy x86_64 2.5-8.el7 base 295 k
libcgroup x86_64 0.41-21.el7 base 66 k
libsemanage-python x86_64 2.5-14.el7 base 113 k
policycoreutils-python x86_64 2.5-33.el7 base 457 k
python-IPy noarch 0.75-6.el7 base 32 k
setools-libs x86_64 3.3.8-4.el7 base 620 k
Updating for dependencies:
audit x86_64 2.8.5-4.el7 base 256 k
audit-libs x86_64 2.8.5-4.el7 base 102 k
policycoreutils x86_64 2.5-33.el7 base 916 k

Transaction Summary
==========================================================================================================================
Install 1 Package (+7 Dependent packages)
Upgrade ( 3 Dependent packages)

Total download size: 699 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/11): audit-libs-2.8.5-4.el7.x86_64.rpm | 102 kB 00:00:00
(2/11): audit-libs-python-2.8.5-4.el7.x86_64.rpm | 76 kB 00:00:00
(3/11): libcgroup-0.41-21.el7.x86_64.rpm | 66 kB 00:00:00
(4/11): checkpolicy-2.5-8.el7.x86_64.rpm | 295 kB 00:00:00
(5/11): libsemanage-python-2.5-14.el7.x86_64.rpm | 113 kB 00:00:00
(6/11): policycoreutils-2.5-33.el7.x86_64.rpm | 916 kB 00:00:00
(7/11): audit-2.8.5-4.el7.x86_64.rpm | 256 kB 00:00:00
(8/11): policycoreutils-python-2.5-33.el7.x86_64.rpm | 457 kB 00:00:00
(9/11): setools-libs-3.3.8-4.el7.x86_64.rpm | 620 kB 00:00:00
(10/11): python-IPy-0.75-6.el7.noarch.rpm | 32 kB 00:00:01
(11/11): gitlab-ce-12.6.4-ce.0.el7.x86_64.rpm | 697 MB 00:01:05
--------------------------------------------------------------------------------------------------------------------------
Total 11 MB/s | 699 MB 00:01:05
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : audit-libs-2.8.5-4.el7.x86_64 1/14
Updating : policycoreutils-2.5-33.el7.x86_64 2/14
Installing : audit-libs-python-2.8.5-4.el7.x86_64 3/14
Installing : setools-libs-3.3.8-4.el7.x86_64 4/14
Installing : libcgroup-0.41-21.el7.x86_64 5/14
Installing : checkpolicy-2.5-8.el7.x86_64 6/14
Installing : python-IPy-0.75-6.el7.noarch 7/14
Installing : libsemanage-python-2.5-14.el7.x86_64 8/14
Installing : policycoreutils-python-2.5-33.el7.x86_64 9/14
Installing : gitlab-ce-12.6.4-ce.0.el7.x86_64 10/14
Updating : audit-2.8.5-4.el7.x86_64 11/14
Cleanup : policycoreutils-2.5-29.el7.x86_64 12/14
Cleanup : audit-2.8.4-4.el7.x86_64 13/14
Cleanup : audit-libs-2.8.4-4.el7.x86_64 14/14
It looks like GitLab has not been configured yet; skipping the upgrade script.

*. *.
*** ***
***** *****
.****** *******
******** ********
,,,,,,,,,***********,,,,,,,,,
,,,,,,,,,,,*********,,,,,,,,,,,
.,,,,,,,,,,,*******,,,,,,,,,,,,
,,,,,,,,,*****,,,,,,,,,.
,,,,,,,****,,,,,,
.,,,***,,,,
,*,.



_______ __ __ __
/ ____(_) /_/ / ____ _/ /_
/ / __/ / __/ / / __ `/ __ \
/ /_/ / / /_/ /___/ /_/ / /_/ /
\____/_/\__/_____/\__,_/_.___/


Thank you for installing GitLab!
GitLab was unable to detect a valid hostname for your instance.
Please configure a URL for your GitLab instance by setting `external_url`
configuration in /etc/gitlab/gitlab.rb file.
Then, you can start your GitLab instance by running the following command:
sudo gitlab-ctl reconfigure

For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md

Verifying : audit-libs-2.8.5-4.el7.x86_64 1/14
Verifying : policycoreutils-python-2.5-33.el7.x86_64 2/14
Verifying : gitlab-ce-12.6.4-ce.0.el7.x86_64 3/14
Verifying : audit-2.8.5-4.el7.x86_64 4/14
Verifying : libsemanage-python-2.5-14.el7.x86_64 5/14
Verifying : python-IPy-0.75-6.el7.noarch 6/14
Verifying : checkpolicy-2.5-8.el7.x86_64 7/14
Verifying : policycoreutils-2.5-33.el7.x86_64 8/14
Verifying : libcgroup-0.41-21.el7.x86_64 9/14
Verifying : audit-libs-python-2.8.5-4.el7.x86_64 10/14
Verifying : setools-libs-3.3.8-4.el7.x86_64 11/14
Verifying : policycoreutils-2.5-29.el7.x86_64 12/14
Verifying : audit-libs-2.8.4-4.el7.x86_64 13/14
Verifying : audit-2.8.4-4.el7.x86_64 14/14

Installed:
gitlab-ce.x86_64 0:12.6.4-ce.0.el7

Dependency Installed:
audit-libs-python.x86_64 0:2.8.5-4.el7 checkpolicy.x86_64 0:2.5-8.el7 libcgroup.x86_64 0:0.41-21.el7
libsemanage-python.x86_64 0:2.5-14.el7 policycoreutils-python.x86_64 0:2.5-33.el7 python-IPy.noarch 0:0.75-6.el7
setools-libs.x86_64 0:3.3.8-4.el7

Dependency Updated:
audit.x86_64 0:2.8.5-4.el7 audit-libs.x86_64 0:2.8.5-4.el7 policycoreutils.x86_64 0:2.5-33.el7

Complete!

0x4 gitlab配置修改

编辑vim /etc/gitlab/gitlab.rb

修改gitlab运行外部URL默认的访问地址
1
2
3
4
5
6
# 未修gitlab.rb配置文件中nginx配置时这个配置默认配置gitlab自带的nginx端口
external_url 'http://10.0.0.158:8081'
#编辑完毕退出 执行以下命令使配置生效
gitlab-ctl reconfigure
#重新启动GitLab
gitlab-ctl restart

【注意】需要注意的是我们安装gitlab的时候注意端口号占用的问题。

0x5 设置开机自启动和防火墙规则

1
2
3
4
5
6
7
8
9
10
11
12
13
14
#设置开机自动启动
systemctl enable gitlab-runsvdir.service
#设置禁用开机自动启动
systemctl disable gitlab-runsvdir.service
#添加对应端口
[root@gitlab yum.repos.d]# sudo firewall-cmd --permanent --add-service=http
success
[root@gitlab yum.repos.d]# sudo systemctl reload firewalld
[root@gitlab yum.repos.d]# firewall-cmd --zone=public --add-port=8081/tcp --permanent
success
[root@gitlab yum.repos.d]# firewall-cmd --reload
success
[root@gitlab yum.repos.d]# firewall-cmd --zone=public --list-ports
8081/tcp 80/tcp

0x6 浏览器中打开地址

Step1 http://10.0.0.158:8081 登陆成功会提示修改管理密码

Step2 用管理员root 和自己修改的密码登陆系统

【注意】如果浏览器输入地址出现502,检查你的端口号是否已经被占用了,修改端口重新编译使配置生效即可,记得添加防火墙规则。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
[root@gitlab ~]# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:9100 0.0.0.0:* LISTEN 12432/node_exporter
tcp 0 0 127.0.0.1:9229 0.0.0.0:* LISTEN 12319/gitlab-workho
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 15579/unicorn maste
tcp 0 0 127.0.0.1:9168 0.0.0.0:* LISTEN 12302/puma 4.3.1.gi
tcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN 15598/nginx: master
tcp 0 0 127.0.0.1:8082 0.0.0.0:* LISTEN 15539/sidekiq 5.2.7
tcp 0 0 127.0.0.1:9236 0.0.0.0:* LISTEN 12290/gitaly
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 9479/sshd
tcp 0 0 127.0.0.1:3000 0.0.0.0:* LISTEN 15607/grafana-serve
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 9630/master
tcp 0 0 0.0.0.0:8060 0.0.0.0:* LISTEN 15598/nginx: master
tcp 0 0 127.0.0.1:9121 0.0.0.0:* LISTEN 12480/redis_exporte
tcp 0 0 127.0.0.1:9090 0.0.0.0:* LISTEN 12463/prometheus
tcp 0 0 127.0.0.1:9187 0.0.0.0:* LISTEN 12438/postgres_expo
tcp 0 0 127.0.0.1:9093 0.0.0.0:* LISTEN 12269/alertmanager
tcp6 0 0 ::1:9168 :::* LISTEN 12302/puma 4.3.1.gi
tcp6 0 0 :::22 :::* LISTEN 9479/sshd
tcp6 0 0 ::1:25 :::* LISTEN 9630/master
tcp6 0 0 :::9094 :::* LISTEN 12269/alertmanager

0x7 配置完毕使用GitLab创建项目

主页面上有个4个功能 创建一个项目、创建一个组、添加人员、配置

选择第一个 创建一个新的项目

设置完毕以后,这样就创建了好了项目,并把该项目托管到了我们的GitLab服务器上。

选择右上角蓝色Clone按钮生成git和http方式访问项目的路径
客户端Centos7或Windows中可以通过git clone命令把项目克隆下来。

这里需要注意的是通过git@10.0.0.158:8081/root/helloworld.git 这种方式克隆方式需要配置SSH KEY

1
2
3
4
5
6
7
8
9
10
[root@gitlab home]# git clone http://10.0.0.158:8081/root/helloworld.git
Cloning into 'helloworld'...
Username for 'http://10.0.0.158:8081': root
Password for 'http://root@10.0.0.158:8081':
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Total 3 (delta 0), reused 0 (delta 0)
Unpacking objects: 100% (3/3), done.
[root@gitlab home]# ls
azkaban helloworld

禁止转载,如需转载请通过简信或评论联系作者。

评论