Gitlab安装指南

 

 Gitlab安装教程参考:

         https://doc.gitlab.cc/ce/administration/high_availability/README.html

1、  下载gitlab包https://about.gitlab.com/downloads/

查看os版本,并下载对应的包,这里我们下载的是https://about.gitlab.com/downloads/#centos6

 

 

2、  安装依赖包

sudo yum install curl openssh-server openssh-clients postfix cronie

sudo service postfix start

sudo chkconfig postfix on

sudo lokkit -s http -s ssh

 

3、  安装gitlab

rpm -i gitlab-ce-XXX.rpm

 

   启动:gitlab-ctl start

   重新启动:gitlab-ctl restart

   停止:gitlab-ctl stop

   查看状态:gitlab-ctl status

实时日志查看:gitlab-ctl tail

检查报错:gitlab-rake gitlab:check

4、  设置环境变量

export GEM_PATH=/opt/gitlab/embedded

export PATH=$GEM_PATH/bin:$PATH

export BUNDLE_HOME=/opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/bundler-1.13.7

export PATH=$BUNDLE_HOME:$PATH

export ROTP_HOME=/opt/gitlab/embedded/service/gem/ruby/2.3.0/gems/rotp-2.1.2

export PATH=$ROTP_HOME:$PATH

5、  修改配置

修改配置后重新启动

Gitlab-ctl reconfigure

Vim /etc/gitlab/gitlab.rb

1)         Gitlab访问url修改:external_url 'http://git.cnsuning.com'

2)         数据库修改:

postgresql['enable'] = false

gitlab_rails['db_adapter'] = "postgresql"

# gitlab_rails['db_encoding'] = "unicode"

# gitlab_rails['db_collation'] = nil

gitlab_rails['db_database'] = "gitlabhq_production"

# gitlab_rails['db_pool'] = 10

gitlab_rails['db_username'] = "postgres"

gitlab_rails['db_password'] = "gitlab"

gitlab_rails['db_host'] = "xxxxx"

gitlab_rails['db_port'] = 5432

# gitlab_rails['db_socket'] = nil

# gitlab_rails['db_sslmode'] = nil

# gitlab_rails['db_sslrootcert'] = nil

3)         Redis修改

## Redis TCP connection

gitlab_rails['redis_host'] = "xxxx"

gitlab_rails['redis_port'] = 6379

gitlab_rails['redis_password'] = "xxxx"

# gitlab_rails['redis_database'] = 0

4)         Gitlab user修改

user['username'] = "git"

user['group'] = "git"

#user['uid'] = 0

#user['gid'] = 0

# # The shell for the git user

user['shell'] = "/bin/sh"

# # The home directory for the git user

#user['home'] = "/var/opt/gitlab"

user['git_user_name'] = "git"

# user['git_user_email'] = "gitlab@#{node['fqdn']}"

 

增加git用户和git组

Groupadd git –g 501

Useradd git –u 501 –g 501

5)         高可用配置、ldap配置

 

 

增加ldap配置

# For omnibus packages

gitlab_rails['ldap_enabled'] = true

gitlab_rails['ldap_servers'] = YAML.load <<-EOS # remember to close this block with 'EOS' below

main: # 'main' is the GitLab 'provider ID' of this LDAP server

  label: 'LDAP'

  host: 'xxxx'

  port: 389

  uid: 'uid'

  method: 'plain' # "tls" or "ssl" or "plain"

  allow_username_or_email_login: true

  bind_dn: 'cn=xxx,dc=xx,dc=com'

  password: 'xxx'

  active_directory: true

  base: 'ou=xxx,dc=xxx,dc=com'

  user_filter: ''

EOS

6)         修改email

先找到 config/environments/production.rb,默认设置为sendemail

config.action_mailer.delivery_method= :smtp

                            设置/etc/gitlab/gitlab.rb

gitlab_rails['smtp_enable'] = true

gitlab_rails['smtp_address'] = "mail.cnsuning.com"

gitlab_rails['smtp_openssl_verify_mode'] = 'none'

gitlab_rails['smtp_port'] = 25

gitlab_rails['smtp_user_name'] = "xxxxx"

gitlab_rails['smtp_password'] = "xxxx"

gitlab_rails['smtp_authentication'] = "login"

gitlab_rails['smtp_domain'] = "xxxxx"

gitlab_rails['smtp_enable_starttls_auto'] = true

gitlab_rails['gitlab_email_from'] = 'xxxx'

gitlab_rails['gitlab_email_reply_to'] = 'xxxxx'

过程中报错;
OpenSSL::SSL::SSLError: hostname was not match with the server certificate

增加gitlab_rails['smtp_openssl_verify_mode'] = 'none'

 

6、  搭建nfs服务器

1)         新增用户git

增加git用户和git组

Groupadd git –g 501

Useradd git –u 501 –g 501

2)         安装软件:

rpcbind

nfs-utils

nfs-utils-lib

 

 

 

3)         创建nfs目录

mkdir -p /var/opt/gitlab/.ssh /var/opt/gitlab/gitlab-rails/uploads /var/opt/gitlab/gitlab-rails/shared /var/opt/gitlab/gitlab-ci/builds /var/opt/gitlab/git-data

4)         修改配置,

[root@gitppreapp02 ~]# vim /etc/exports

 

/var/opt/gitlab/.ssh xxx(rw,all_squash,anonuid=501,anongid=501)  xxxx(rw,all_squash,anonuid=501,anongid=501,sync)

 

/var/opt/gitlab/gitlab-rails/uploads xxxx(rw,all_squash,anonuid=501,anongid=501)  xxxx(rw,all_squash,anonuid=501,anongid=501,sync)

 

 

/var/opt/gitlab/gitlab-rails/shared xxxx(rw,all_squash,anonuid=501,anongid=501)  xxxx(rw,all_squash,anonuid=501,anongid=501,sync)

 

/var/opt/gitlab/gitlab-ci/builds xxxxx(rw,all_squash,anonuid=501,anongid=501)  xxxxx(rw,all_squash,anonuid=501,anongid=501,sync)

 

/var/opt/gitlab/git-data xxxxx(rw,all_squash,anonuid=501,anongid=501)  xxxxx(rw,all_squash,anonuid=501,anongid=501,sync)

Exportfs –r使其生效

 

5)         在gitlab应用服务器上挂载nfs目录

 

方式一:

xxxx:/var/opt/gitlab/.ssh /var/opt/gitlab/.ssh nfs defaults,soft,rsize=1048576,wsize=1048576,noatime,nobootwait,lookupcache=positive 0 2

xxxxx:/var/opt/gitlab/gitlab-rails/uploads /var/opt/gitlab/gitlab-rails/uploads nfs defaults,soft,rsize=1048576,wsize=1048576,noatime,nobootwait,lookupcache=positive 0 2

xxxx:/var/opt/gitlab/gitlab-rails/shared /var/opt/gitlab/gitlab-rails/shared nfs defaults,soft,rsize=1048576,wsize=1048576,noatime,nobootwait,lookupcache=positive 0 2

xxxxx:/var/opt/gitlab/gitlab-ci/builds /var/opt/gitlab/gitlab-ci/builds nfs defaults,soft,rsize=1048576,wsize=1048576,noatime,nobootwait,lookupcache=positive 0 2

xxxx:/var/opt/gitlab/git-data /var/opt/gitlab/git-data nfs defaults,soft,rsize=1048576,wsize=1048576,noatime,nobootwait,lookupcache=positive 0 2

 

方式二:

命令格式

# mount NFS服务器IP:共享目录 本地挂载点目录

mkdir jenkins

mount xxxx:/var/opt/gitlab/.ssh /var/opt/gitlab/.ssh

查看:[root@gitppreweb02 ~]# mount | grep nfs

sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)

xxx:/var/opt/gitlab/.ssh/ on /var/opt/gitlab/.ssh type nfs (rw,vers=3,addr=10.37.77.186)

xxxx:/var/opt/gitlab/gitlab-rails/uploads/ on /var/opt/gitlab/gitlab-rails/uploads type nfs (rw,vers=3,addr=xxxxx)

xxxx:/var/opt/gitlab/gitlab-rails/shared/ on /var/opt/gitlab/gitlab-rails/shared type nfs (rw,vers=3,addr=xxxx)

xxxx:/var/opt/gitlab/gitlab-ci/builds/ on /var/opt/gitlab/gitlab-ci/builds type nfs (rw,vers=3,addr=xxxxx)

xxxxx:/var/opt/gitlab/git-data/ on /var/opt/gitlab/git-data type nfs (rw,vers=3,addr=xxxx)

 

过程中可能出现目录的所属用户为nobody可使用如下解决

mount -t nfs -o vers=3 xxxx:/opt/gitlab /var/opt/gitlab

 

6)         开机自启动:

[root@jenkissitweb210 ~]# chkconfig rpcbind on

[root@jenkissitweb210 ~]# chkconfig nfs on

7、  共享秘钥

 

 

 

8、  nfs目录备份,使用rsync备份

备机器上安装rsync服务

查看:rpm -qa |grep rsync

Vim /etc/rsyncd.conf

[root@gitppreapp01 ~]# vim /etc/rsyncd.conf

 

#gid = nobody   

uid = root

gid = root

 

use chroot = yes

read only = no

 

#limit access to private LANs

hosts allow=xxxx

#hosts deny=*

 

max connections = 5

motd file = /etc/rsyncd.motd

 

#This will give you a separate log file

log file = /var/log/rsyncd.log

 

#This will log every file transferred - up to 85,000+ per user, per sync

#transfer logging = yes

 

log format = %t %a %m %f %b

syslog facility = local3

timeout = 300

 

[module_gitlab]

path = /var/opt/gitlab/

list = yes

ignore errors

auth users = gitlab

secrets file = /etc/rsyncd.secrets

comment = This is RHEL 186/var/opt data

exclude = workspace/

 

[test]

path=/var/opt/gitlab/test

list = yes

ignore errors

auth users = gitlab

secrets file = /etc/rsyncd.secrets

comment = This is RHEL186 test

 

创建,编辑 /etc/rsyncd.secrets

Chomod 600 /etc/rsyncd.secrets

[root@sitjenkins CI]# ll /etc/rsyncd.secrets

-rw------- 1 root root 9 Oct 25 14:55 /etc/rsyncd.secrets

[root@sitjenkins CI]# cat /etc/rsyncd.secrets

Gitlab:gitlab

 

配置/etc/xinetd.d/rsync 开启rsync服务

 

 

 

启动

[root@sitjenkins CI]# /usr/bin/rsync --daemon

 

 

 

也可以安装yum insall xinetd 

通过service xinetd start来启动或者重启rsync服务

设置开机自启动 chkconfig xinetd on

测试

在主机器上执行同步到备份机器

rsync -avz  /opt/backup  root@xxxxx::test

下图为从27机器从不到本机

 

至此rsync 搭建成功!

 

在主NFS上面

创建/etc/rsync_client.pwd,权限为600 内容为rsync账户的密码

执行同步:/usr/bin/rsync -avz --delete --progress --password-file=/etc/rsync_client.pwd /var/opt/gitlab/ gitlab@xxxxx::module_gitlab

后台自动检测执行设置如下:

(1)在nfs Server主上面安装inotify-tools-3.14-1.el6.x86_64.rpm

把软件拖到nfs server上面随便一个目录

 

执行安装:

[root@jenkissitweb210 software]# yum install inotify-tools-3.14-1.el6.x86_64.rpm

 

增加后台脚本:

[root@gitppreapp02 CI]# vim rsync.sh

 

#rsync auto sync script with inotify

#2014-12-11 Sean

#variables

current_date=$(date +%Y%m%d_%H%M%S)

source_path=/var/opt/gitlab/

log_file=/opt/log/rsync_client.log

 

#rsync

rsync_server=xxxx

rsync_user=gitlab

rsync_pwd=/etc/rsync_client.pwd

#rsync_module=module_test

rsync_module=module_gitlab

#INOTIFY_EXCLUDE='(.*/*\.swp)$|^/var/opt/gitlab/'

RSYNC_EXCLUDE='/etc/rsyncd.d/rsync_exclude.lst'

 

#rsync client pwd check

if [ ! -e ${rsync_pwd} ];then

    echo -e "rsync client passwod file ${rsync_pwd} does not exist!"

    exit 0

fi

 

#inotify_function

inotify_fun(){

    /usr/bin/inotifywait -mrq --timefmt '%Y/%m/%d-%H:%M:%S' --format '%T %w %f' \

             -e modify,delete,create,move,attrib ${source_path} \

          | while read file

      do

          /usr/bin/rsync -avz --delete  --progress  --password-file=${rsync_pwd} ${source_path} ${rsync_user}@${rsync_server}::${rsync_module}

         #/usr/bin/rsync -avz --delete --progress --password-file=/etc/rsync_client.pwd /var/opt/gitlab/ gitlab@xxxxx::module_gitlab

      done

}

 

#inotify log

inotify_fun >> ${log_file} 2>&1 &

 

执行:sh rsync.sh 发现没有进程

遇到报错:

 

 

修改:[root@jenkissitweb210 jenkins]# sysctl -w fs.inotify.max_user_watches="99999999"

启动:成功

 

 

 

 

9、  安装postgresql

安装参考:

http://www.cnblogs.com/mchina/archive/2012/06/06/2539003.html

1)         下载postgresql

2)         安装

安装PostgreSQL,注意安装顺序

a)         # rpm -ivh postgresql92-libs-9.2.4-1PGDG.rhel6.i686.rpm

b)         # rpm -ivh postgresql92-9.2.4-1PGDG.rhel6.i686.rpm

c)         # rpm -ivh postgresql92-server-9.2.4-1PGDG.rhel6.i686.rpm

d)         # rpm -ivh postgresql92-contrib-9.2.4-1PGDG.rhel6.i686.rpm

3)         执行4. 初始化PostgreSQL 数据库

PostgreSQL 服务初次启动的时候会提示初始化。

 

 

4)         初始化数据库

# service postgresql-9.2 initdb

 

 

5)          启动服务

# service postgresql-9.2 start

 

 

6)          把PostgreSQL 服务加入到启动列表

# chkconfig postgresql-9.2 on

# chkconfig --list|grep postgres

 

 

7)          修改PostgreSQL 数据库用户postgres的密码(注意不是linux系统帐号)

8)         PostgreSQL 数据库默认会创建一个postgres的数据库用户作为数据库的管理员,默认密码为空,我们需要修改为指定的密码,这里设定为’postgres’。

# su - postgres

$ psql

# ALTER USER postgres WITH PASSWORD 'postgres';

# select * from pg_shadow ;

 

 

9)         测试数据库

 创建测试数据库

# create database david;

 

 

安装扩展包:contrib如有报错resource libxslt.so.1()(64bit) 找不到下载

libxslt-1.1.26-2.el6_3.1.x86_64.htmlLibrary providing the Gnome XSLT engineCentOS 6.9 for x86_64libxslt-1.1.26-2.el6_3.1.x86_64.rpm

 

git汉化

汉化下载

https://gitlab.com/xhang/gitlab 下载中文包

cp -r /opt/gitlab/embedded/service/gitlab-rails{,.ori}
 
\cp -rf /opt/software/gitlab-8-17-stable-zh-32901e18e918aa8631a711910cdd2d56ba7a8a44/* /opt/gitlab/embedded/service/gitlab-rails/
 
[root@gitppreweb02 gitlab]# umount /var/opt/gitlab/git-data
[root@gitppreweb02 gitlab]# umount /var/opt/gitlab/gitlab-ci/builds
[root@gitppreweb02 gitlab]# umount /var/opt/gitlab/gitlab-rails/shared
[root@gitppreweb02 gitlab]# umount  /var/opt/gitlab/gitlab-rails/uploads
[root@gitppreweb02 gitlab]# mount -t nfs -o vers=3 xxx:/var/opt/gitlab/git-data /var/opt/gitlab/git-data
[root@gitppreweb02 gitlab]# mount -t nfs -o vers=3 xxx:/var/opt/gitlab/gitlab-ci/builds /var/opt/gitlab/gitlab-ci/builds
[root@gitppreweb02 gitlab]# mount -t nfs -o vers=3 xxx:/var/opt/gitlab/gitlab-rails/shared /var/opt/gitlab/gitlab-rails/shared
[root@gitppreweb02 gitlab]# mount -t nfs -o vers=3 xxx:/var/opt/gitlab/gitlab-rails/uploads /var/opt/gitlab/gitlab-rails/uploads
[root@gitppreweb02 gitlab]# umount /var/opt/gitlab/.ssh
[root@gitppreweb02 gitlab]# mount -t nfs -o vers=3 xxxx:/var/opt/gitlab/.ssh /var/opt/gitlab/.ssh
[root@gitppreweb02 gitlab]# df -h