4.安装gitlab
步骤
零. 前置操作
- 关闭防火墙并禁用开机启动
systemctl stop firewalld && systemctl disable firewalld
- 关闭selinux
vi /etc/sysconfig/selinux
找到SELINUX=XXXXXX,将XXXXXX修改为disabled。保存退出
3. 重启
reboot
- 测试selinux修改效果,为Disabled即可
getenforce
一. 安装
- 安装依赖包
sudo yum install -y curl policycoreutils-python openssh-server openssh-clients perl postfix
- 配置yum仓库
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
- 安装Omnibus Gitlab-ce package
3.1 启动postfix邮件服务
systemctl start postfix && systemctl enable postfix
- 安装Gitlab-ce社区版本
yum -y install gitlab-ce
如果安装速度非常慢,可以更换为清华镜像源,更换方式如下链接
更换清华镜像源
二. 配置管理
- 证书创建与配置加载
mkdir -p /etc/gitlab/ssl
# 创建私有秘钥
openssl genrsa -out "/etc/gitlab/ssl/gitlab.example.com.key" 2048
# 根据上面的私有秘钥创建ssl证书
openssl req -new -key "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.csr"
# 创建签署证书
openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.example.com.csr" -signkey "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.crt"
#生成pem
openssl dhparam -out /etc/gitlab/ssl/shparams.pem 2048
#修改证书权限
chmod 600 *
#编辑gitlab配置文件
vim /etc/gitlab/gitlab.rb
# 几处修改
# 1. external_url 'http://gitlab.example.com' 改为 external_url 'https://gitlab.example.com'
# 2. # nginx['redirect_http_to_https'] = false 改为 nginx['redirect_http_to_https'] = true
# 3. nginx['ssl_certificate'] = "xxxxxxxxxx" 改为 nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt"
# 4. nginx['ssl_certificate_key'] = "xxxxxx" 改为 nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key"
# 5. nginx['ssl_dhparam'] = "xxxxxxx" 改为 nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem"
#初始化gitlab信息
gitlab-ctl reconfigure
- Nginx ssl代理服务配置
#进入nginx配置
vim /var/opt/gitlab/nginx/conf/gitlab-http.conf
修改nginx配置
#重启gitlab
gitlab-ctl restart
访问服务器的ip地址:
账号:root
密码:xxxxxxxxxx (使用 cat 查看/etc/gitlab/initial_root_password)
- 初始化Gitlab相关服务并完成安装
完成!
