gitlab
1、提供一些必须包,提供epel,关闭防火墙和selinux等操作;
2、gitlab依赖的python功能比较多,需要升级python到2.7.X;
3、安装redis的内存数据库;
4、安装MySQL的关系型数据库;
5、为gitlab提供ruby的环境支持;
6、提供gitlab-shell来管理git仓库;
7、安装gitlab系统;
8、安装nginx的web服务,做反向代理。
一、修改yum源为阿里云提高下载速度
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
二、安装依赖包
yum -y install libicu-devel patch gcc-c++ readline-devel zlib-devel libffi-devel openssl-devel make \
autoconf automake libtool bison libxml2-devel libxslt-devel libyaml-devel zlib-devel openssl-devel \
cpio expat-devel gettext-devel curl-devel perl-ExtUtils-CBuilder perl-ExtUtils-MakeMaker cmake \
pcre-devel nodejs postfix mysql-devel libmysql-ruby libmysqlclient-dev
三、安装git
3.1 查看git当前版本
"# git --version"
git version 1.7.1
3.2 如果版本小于1.7.10卸载
rpm -e --nodeps git
3.3 下载最新git源码包并编译安装
cd /usr/local/src/
wget https://www.kernel.org/pub/software/scm/git/git-2.6.2.tar.xz
tar Jxf git-2.6.2.tar.xz
cd git-2.6.2
./configure --prefix=/usr/local/git
make
make install
echo 'export PATH=/usr/local/git/bin:$PATH' >> /etc/profile
四、安装Python
cd /usr/local/src/
wget https://www.python.org/ftp/python/2.7.10/Python-2.7.10.tar.xz
tar Jxf Python-2.7.10.tar.xz
cd Python-2.7.10
./configure --prefix=/usr/local/python
make
make install
echo 'export PATH=/usr/local/python/bin:$PATH' >> /etc/profile
五、安装Ruby
cd /usr/local/src
wget https://cache.ruby-lang.org/pub/ruby/2.2/ruby-2.2.3.tar.gz
tar zxf ruby-2.2.3.tar.gz
cd ruby-2.2.3
./configure --prefix=/usr/local/ruby --disable-install-rdoc
make && make install
echo 'export PATH=/usr/local/ruby/bin:$PATH' >> /etc/profile
5.1 退出Shell重新登录后修改RubyGems镜像为淘宝,提高下载速度
cd /usr/local/src
gem sources --add https://ruby.taobao.org/ --remove https://rubygems.org/
gem install bundler --no-ri --no-rdoc
六、安装Go
cd /usr/local/src
wget https://storage.googleapis.com/golang/go1.6.linux-amd64.tar.gz
tar -zxvf go1.6.linux-amd64.tar.gz
mv go /usr/local/
cd /usr/local/go
cat >> /etc/profile << EOF
> export GOROOT=/usr/local/go
> export GOARCH=amd64
> export GOOS=linux
> export GOBIN=\$GOROOT/bin
> export GOPATH=/usr/local/go
> export PATH=$GOBIN:\$PATH
> EOF
七、安装Redis
cd /usr/local/src/
wget http://download.redis.io/releases/redis-3.0.7.tar.gz
tar -zxvf redis-3.0.7.tar.gz
cd redis-3.0.7
make PREFIX=/usr/local/redis install
echo 'export PATH=/usr/local/redis/bin:$PATH' >> /etc/profile
7.1 添加redis配置/usr/loca/redis/redis.conf
vim /usr/local/redis/redis.conf
daemonize yes
pidfile /usr/local/redis/redis.pid
port 6379
tcp-backlog 60000
timeout 0
tcp-keepalive 60
loglevel warning
logfile "/usr/local/redis/redis.log"
syslog-enabled no
databases 16
save 900 1
save 300 10
save 60 10000
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
dir /usr/local/redis
slave-serve-stale-data yes
repl-diskless-sync yes
repl-diskless-sync-delay 5
repl-ping-slave-period 10
repl-timeout 60
repl-disable-tcp-nodelay no
slave-priority 100
maxclients 60000
maxmemory-policy noeviction
appendonly no
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
lua-time-limit 5000
slowlog-log-slower-than 10000
slowlog-max-len 128
latency-monitor-threshold 0
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
list-max-ziplist-entries 512
list-max-ziplist-value 64
set-max-intset-entries 512
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
hll-sparse-max-bytes 3000
activerehashing yes
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit slave 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
aof-rewrite-incremental-fsync yes
7.2 启动Redis
/usr/local/redis/bin/redis-server /usr/local/redis/redis.conf
netstat -anpt|grep redis"
tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN 16834/redis-server
八、安装配置MariaDB
cd /usr/local/src/
wget http://mirrors.ctyun.cn/MariaDB/mariadb-10.0.21/source/mariadb-10.0.21.tar.gz
tar zxf mariadb-10.0.21.tar.gz
cd mariadb-10.0.21
cmake . \
-DCMAKE_BUILD_TYPE:STRING=Release \
-DCMAKE_INSTALL_PREFIX:PATH=/usr/local/mariadb \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DWITH_EMBEDDED_SERVER:BOOL=OFF \
-DWITH_UNIT_TESTS:BOOL=OFF \
-LAH
make && make install
cp support-files/mysql.server /etc/init.d/mariadb
chmod u+x /etc/init.d/mariadb
echo 'export PATH=/App/mariadb/bin:$PATH' >> /etc/profile
8.1 修改MariaDB配置/etc/my.cnf
vim /etc/my.cnf
[client]
port = 3306
socket = /tmp/mysql.sock
[mysqld]
user = mysql
port = 3306
socket = /tmp/mysql.sock
server-id = 1
log-bin = bin.log
log-error = error.log
pid-file = mysql.pid
long_query_time = 1
slow_query_log
slow_query_log_file = slow.log
binlog_cache_size = 4M
binlog_format = mixed
max_binlog_cache_size = 16M
max_binlog_size = 1G
expire_logs_days = 30
ft_min_word_len = 4
back_log = 4096
max_allowed_packet = 64M
max_connections = 65536
max_connect_errors = 100
join_buffer_size = 1M
read_buffer_size = 1M
read_rnd_buffer_size = 1M
sort_buffer_size = 1M
query_cache_size = 64M
table_open_cache = 2048
thread_cache_size = 256
max_heap_table_size = 64M
tmp_table_size = 64M
thread_stack = 192K
connect_timeout = 600
interactive_timeout = 600
wait_timeout = 600
thread_concurrency = 8
local-infile = 0
skip-show-database
skip-name-resolve
skip-external-locking
#*** MyISAM
key_buffer_size = 512M
bulk_insert_buffer_size = 64M
myisam_sort_buffer_size = 32M
myisam_max_sort_file_size = 1G
myisam_repair_threads = 1
myisam_recover
#*** INNODB
innodb_buffer_pool_size = 4G
innodb_additional_mem_pool_size = 32M
innodb_data_file_path = ibdata:32M:autoextend
innodb_read_io_threads = 8
innodb_write_io_threads = 8
innodb_file_per_table = 1
innodb_flush_log_at_trx_commit = 2
innodb_lock_wait_timeout = 120
innodb_log_buffer_size = 8M
innodb_log_file_size = 256M
innodb_log_files_in_group = 3
innodb_max_dirty_pages_pct = 10
innodb_thread_concurrency = 16
#innodb_force_recovery = 4
#*** Replication Slave
#read-only
#skip-slave-start
relay-log = relay.log
log-slave-updates
[mysqldump]
quick
max_allowed_packet = 32M
[mysql]
no-auto-rehash
[myisamchk]
key_buffer_size = 512M
sort_buffer_size = 512M
read_buffer = 8M
write_buffer = 8M
[mysqlhotcopy]
interactive-timeout
[mysqld_safe]
open-files-limit = 60000
8.2 初始化MariaDB
useradd -s /bin/false -M mysql
/usr/local/mariadb/scripts/mysql_install_db --basedir=/usr/local/mariadb --datadir=/usr/local/mariadb/data --user=mysql
8.3 启动MaridDB
/etc/init.d/mariadb start
8.4 登录MaridDB
创建数据库并授权
mysql -uroot -p
mysql> CREATE DATABASE `gitlabhq_production`;
mysql> GRANT ALL ON `gitlabhq_production`.* TO 'git'@'127.0.0.1' IDENTIFIED BY 'PASSWORD';\
mysql> FLUSH PRIVILEGES;
九、安装配置gitlab
9.1 创建用户
useradd --system -s /bin/bash --comment 'GitLab' -m -d /home/git git
9.2 修改git
家目录权限
chmod 755 /home/git/
9.3 切换为git用户
su - git
git clone https://gitlab.com/larryli/gitlab.git -b 8-0-zh gitlab
9.4 配置gitlab
cd gitlab/
cp config/gitlab.yml.example config/gitlab.yml
9.5 修改gitlab.yml
将配置host:localhost
修改为本机ip地址,bin_path: /usr/bin/git
修改为bin_path: /usr/local/git/bin/git
vim config/gitlab.yml
host: xxxxx
bin_path: /usr/local/git/bin/git
//说明: 该配置文件里有两个```host```都需要改为本机ip地址
9.6 新建测试
目录,拷贝实例文件,修改权限
mkdir -p /home/git/gitlab-satellites
cp /home/git/gitlab/config/secrets.yml.example /home/git/gitlab/config/secrets.yml
chmod 0600 config/secrets.yml
chmod -R u+rwX,go-w log/
chmod -R u+rwX tmp/
chmod -R u+rwX tmp/pids/
chmod -R u+rwX tmp/sockets/
chmod -R u+rwX public/uploads/
chmod 0750 public/uploads/
chmod -R ug+rwX,o-rwx /home/git/gitlab-satellites/
chmod -R ug-s /home/git/gitlab-satellites/
find /home/git/gitlab-satellites/ -type d -print0 | xargs -0 chmod g+s
cp config/unicorn.rb.example config/unicorn.rb
cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb
git config --global core.autocrlf input
cp config/resque.yml.example config/resque.yml
9.7 修改Redis相关配置config/resque.yml
文件
vim /home/git/gitlab/config/resque.yml
production: redis://127.0.0.1:6379 //说明: 需改后的样子
9.8 数据库配置
cp /home/git/gitlab/config/database.yml.mysql /home/git/gitlab/config/database.yml
chmod o-rwx config/database.yml
vim /home/git/gitlab/config/database.yml
username: git
password: PASSWORD
host: 127.0.0.1
//说明: 以上是修改后的配置内容
9.9 修改Gemfile
手行内容
vim /home/git/gitlab/Gemfile
source "https://ruby.taobao.org" //说明: 修改后的配置文件.
bundle install --deployment --without development test postgres aws kerberos
十、安装GitLab Shell
bundle exec rake gitlab:shell:install[v2.6.6] REDIS_URL=redis://127.0.0.1:6379 RAILS_ENV=production
十一、安装gitlab-git-http-server
cd /home/git
git clone https://gitlab.com/gitlab-org/gitlab-git-http-server.git
cd gitlab-git-http-server
git checkout 0.3.0
make
十二、切换为root
用户后拷贝服务脚步
12.1 拷贝gitlab脚步
cp /home/git/gitlab/lib/support/init.d/gitlab /etc/init.d/
12.2 root权限配置Logrotate
cp /home/git/gitlab/lib/support/logrotate/gitlab /etc/logrotate.d/
12.3 初始化数据库并激活GITLAB_ROOT_PASSWORD
值为管理员 root 登录密码本例设为newpassword
pwd
/home/git/gitlab
bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=newpassword
12.4 检查应用状态
su - git
cd gitlab
bundle exec rake gitlab:env:info RAILS_ENV=production
12.5 编译静态文件
bundle exec rake assets:precompile RAILS_ENV=production
十三、安装Nginx
13.1 下载Nginx
cd /usr/local/src/
wget http://nginx.org/download/nginx-1.8.0.tar.gz
tar zxf nginx-1.8.0.tar.gz
cd nginx-1.8.0
./configure \
--prefix=/usr/local/nginx \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--with-http_ssl_module \
--with-http_realip_module
make && make install
useradd -s /bin/false nginx
13.2 配置Nginx
user root;
worker_processes 16;
worker_rlimit_nofile 512000;
pid /a8root/logs/nginx.rewrite/nginx.pid;
events {
use epoll;
worker_connections 512000;
}
http {
include mime.types;
default_type application/octet-stream;
client_header_buffer_size 4k;
client_body_buffer_size 10M;
client_max_body_size 4M;
large_client_header_buffers 4 4k;
tcp_nopush on;
tcp_nodelay on;
sendfile on;
keepalive_timeout 60;
gzip on;
gzip_proxied any;
gzip_min_length 2048;
gzip_buffers 4 8k;
gzip_comp_level 4;
gzip_types text/plain textml text text/xml application/xml application/json application/javascript application/octet-stream *;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
upstream gitlab {
server unix:/home/git/gitlab/tmp/sockets/gitlab.socket;
}
server {
listen *:80 default_server; # e.g., listen 192.168.1.1:80; In most cases *:80 is a good idea
server_name YOUR_SERVER_FQDN; # e.g., server_name source.example.com;
server_tokens off; # don't show the version number, a security best practice
root /home/git/gitlab/public;
client_max_body_size 5m;
access_log /a8root/logs/nginx.rewrite/gitlab_access.log;
error_log /a8root/logs/nginx.rewrite/gitlab_error.log;
location / {
try_files $uri $uri/index.html $uri.html @gitlab;
}
location @gitlab {
proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://gitlab;
}
}
}
十四、SMTP相关配置
配置企业邮箱的stmp来发送邮件
[git@gitlab ~]$ cd gitlab
[git@gitlab gitlab]$ pwd
/home/git/gitlab
[git@gitlab gitlab]$ vim config/environments/production.rb
在#config.action_mailer.delivery_method = :sendmail下加入
config.action_mailer.delivery_method = :smtp
config.action_mailer.perform_deliveries = true
config.action_mailer.raise_delivery_errors = true
config.action_mailer.smtp_settings = {
:address => "smtp.exmail.qq.com",
:port => 25,
:domain => 'meelive.cn',
:user_name => 'register@meelive.cn',
:password => 'password',
:authentication => :plain,
:enable_starttls_auto => true
}
[git@gitlab gitlab]$ vim config/gitlab.yml
# Email settings
# Uncomment and set to false if you need to disable email sending from GitLab (default:true)
email_enabled: true
#Email address used in the "From" field in mails sent by GitLab
#email_from: example@example.com
email_from: register@meelive.cn
protocol: http
email_display_name: GitLab
email_reply_to: noreply@example.com
十五、启动GitLab实例
/etc/init.d/gitlab start
十六、浏览器打开登录页面
用户名为root
,密码为newpassword
参考自: 90root gitlab中文部署文档
参考自: 中文部署文档