gitlab 快速安装
1、准备虚拟机
2、使用yum安装gitlab-ce 版
~]# yum -y install curl policycoreutils openssh-server openssh-client postfix ~]# curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash 启动postfix ~]# systemctl start postfix && systemctl enable postfix
安装gitlab-ce ~]# yum install -y gitlab-ce 创建存放证书和私钥的目录 ~]# mkdir -p /etc/gitlab/ssl 创建证书的key值 ~]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.example.com.key" 2048 ~]# openssl req -new -key "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.csr" You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:cn State or Province Name (full name) []:bj Locality Name (eg, city) [Default City]:bj Organization Name (eg, company) [Default Company Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, your name or your server's hostname) []:gitlab.example.com Email Address []:admin@example.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:123456 An optional company name []: [root@git_jenkins ssl]# ll 总用量 8 -rw-r--r-- 1 root root 1074 2月 4 16:30 gitlab.example.com.csr -rw-r--r-- 1 root root 1675 2月 4 16:28 gitlab.example.com.key [root@git_jenkins ssl]# openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.example.com.csr" -signkey "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.crt" Signature ok subject=/C=cn/ST=bj/L=bj/O=Default Company Ltd/CN=gitlab.example.com/emailAddress=admin@example.com Getting Private key [root@git_jenkins ssl]# openssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048 Generating DH parameters, 2048 bit long safe prime, generator 2 This is going to take a long time ......................................................................................+.+....+......+....................+........................................................+.....................+..............++*++* [root@git_jenkins ssl]# chmod 600 * [root@git_jenkins ssl]# ll 总用量 16 -rw------- 1 root root 424 2月 4 16:35 dhparams.pem -rw------- 1 root root 1281 2月 4 16:33 gitlab.example.com.crt -rw------- 1 root root 1074 2月 4 16:30 gitlab.example.com.csr -rw------- 1 root root 1675 2月 4 16:28 gitlab.example.com.key 修改gitlab的配置文件 [root@git_jenkins ssl]# diff /etc/gitlab/gitlab.rb /etc/gitlab/gitlab.rb.bak 32c32 < external_url 'https://gitlab.example.com' --- > external_url 'http://gitlab.example.com' 763c763 < registry['autoredirect'] = true --- > # registry['autoredirect'] = false 1296,1297c1296,1297 < # nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt" < # nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key" --- > # nginx['ssl_certificate'] = "/etc/gitlab/ssl/#{node['fqdn']}.crt" > # nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/#{node['fqdn']}.key" 1311c1311 < # nginx['ssl_dhparam'] = /etc/gitlab/ssl/dhparams.pem # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem --- > # nginx['ssl_dhparam'] = nil # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem 初始化 [root@git_jenkins ssl]# gitlab-ctl reconfigure ssl]# vim /var/opt/gitlab/nginx/conf/gitlab-http.conf server_name gitlab.example.com; rewrite ^(.*)$ https://$host$1 permanent; #老版本添加此行 ,新版本默认不支持http访问 ssl]# gitlab-ctl restart ok: run: alertmanager: (pid 7499) 1s ok: run: gitaly: (pid 7509) 0s ok: run: gitlab-exporter: (pid 7529) 0s ok: run: gitlab-workhorse: (pid 7531) 0s ok: run: grafana: (pid 7539) 0s ok: run: logrotate: (pid 7558) 1s ok: run: nginx: (pid 7564) 0s ok: run: node-exporter: (pid 7570) 1s ok: run: postgres-exporter: (pid 7575) 0s ok: run: postgresql: (pid 7584) 0s ok: run: prometheus: (pid 7635) 1s ok: run: puma: (pid 7685) 0s ok: run: redis: (pid 7690) 0s ok: run: redis-exporter: (pid 7695) 1s ok: run: sidekiq: (pid 7703) 0s
3、浏览器访问
4、设置密码 xxxxxxxx
默认用户 root 密码 xxxxxxxx
5、创建一个项目
6、进行简单的git 操作:
cd C:\Users\Administrator cd Desktop/
mkdir repo
cd repo 克隆gitlab的项目到本地 git -c http.sslVerify=false clone https://gitlab.example.com/root/test-repo.git [C:\Users\Administrator\Desktop\repo\test-repo]$ git add . [C:\Users\Administrator\Desktop\repo\test-repo]$ git commit -m"First commit" On branch master Your branch is based on 'origin/master', but the upstream is gone. (use "git branch --unset-upstream" to fixup) nothing to commit, working tree clean [C:\Users\Administrator\Desktop\repo\test-repo]$ git config --global user.email "admin@example" [C:\Users\Administrator\Desktop\repo\test-repo]$ git config --global user.name "admin" git commit -m"First commit" git -c http.sslVerify=false push origin master
7、可以看到test.py 已经上传到 gitlab仓库中
二 、Gitlab 应用
1、gitlab 后台管理:强大的分布式代码版本的控制系统的同时 ,也有出色的后台管理功能;
2、开发使用gitlab:代码的快速发布与审核,每个项目下各小组维护自己的代码分支,提交代码后在不同的环境部署测试成功后,提交master主分支合并的申请,项目领导审核,审核合并通过后,开发人员继续就fitre分支继续工作;
3、运维人员使用gitlab :维护gitlab的维护与管理,去系统后台获取相关的系统关键值,CPU。mem。disk利用率等,系统的健康状况,保证gitlab 在高并发的场景下仍旧能够正常,快速,稳定的运行;and 关注gitlab的权限管理,分配不同人对项目具有不同权限,保证开发人员有分支的删除,克隆,推送。提交。合并。创建分支等权限,leader 具有基础权限的同时,还具有添加项目用户,开启禁用保护分支,编辑项目信息,审核确认分支申请等权限;运维人员不仅要掌握开发人员使用gitlab的同时,还应该具有gitlab 后台的核心管理能力,解决各种突发问题,保证gitlab 在高效,安全,稳定的状态下运转。
4、Gitlab 不同角色使用实例
1).查看系资源信息
2).添加权限
3).修改角色的密码
拉到最底下 保存即可
4)忘记root 的登录密码
解决办法:
1 [root@gitleb ~]# gitlab-rails console -e production 2 3 user = User.where(id: 1).first 4 5 user.password = '你的密码' 6 7 user.password_confirmation = '你的密码' 8 9 user.save! 10 11 exit
执行过程:
使用修改后密码登录成功
