1.原因
新项目需要使用gitlab管理代码,在clone项目的时候一直提示输入密码,输入密码显示权限拒绝请重新输入。反复查看原因仍然无法解决,最后决定服务器重新搭建gitlab服务。
2.流程
2.1 服务器信息
[root@localhost ~]# uname -a
Linux localhost.localdomain 3.10.0-1127.el7.x86_64 #1 SMP Tue Mar 31 23:36:51 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost ~]# cat /etc/system-release
CentOS Linux release 7.8.2003 (Core)
2.2 安装软件
# 安装依赖
sudo yum install -y curl policycoreutils-python openssh-server postfix
# 启动SSH和postfix
sudo systemctl enable sshd
sudo systemctl start sshd
sudo systemctl enable postfix
sudo systemctl start postfix
# 开放端口(防火墙未开忽略)
sudo firewall-cmd --add-service=ssh --permanent
sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --reload
# 安装gitlab
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
sudo yum install -y gitlab-ce
最后一步安装失败多次,最后改用阿里云的镜像下载顺利通过
# 修改阿里云镜像
1、备份
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
or
cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
2、下载新的CentOS-Base.repo 到/etc/yum.repos.d/
CentOS 5
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-5.repo
或者
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-5.repo
CentOS 6
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
或者
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
CentOS 7
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
或者
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
CentOS 8
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo
3.添加EPEL源
EPEL(http://fedoraproject.org/wiki/EPEL)是由 Fedora 社区打造,为 RHEL 及衍生发行版如 CentOS、Scientific Linux 等提供高质量软件包的项目。装上 EPEL后,可以像在 Fedora 上一样,可以通过 yum install package-name,安装更多软件。
wget -P /etc/yum.repos.d/ http://mirrors.aliyun.com/repo/epel-7.repo
4.清理缓存并生成新的缓存
yum clean all
yum makecache
2.3配置
[root@node102 ~]# ll /etc/gitlab/
total 96
-rw------- 1 root root 97727 Nov 26 23:05 gitlab.rb
[root@node102 ~]#
[root@node102 ~]# cat /etc/gitlab/gitlab.rb |grep -v "#" |grep -Ev "^$"
external_url 'http://gitlab.example.com'
[root@node102 ~]#
[root@node102 ~]# vim /etc/gitlab/gitlab.rb
[root@node102 ~]#
[root@node102 ~]# cat /etc/gitlab/gitlab.rb |grep -v "#" |grep -Ev "^$"
external_url 'http://192.168.16.102'
unicorn['listen'] = '192.168.16.102'
unicorn['port'] = 8081
[root@node102 ~]#
[root@test102 ~]# gitlab-ctl diff-config
diff --git a/etc/gitlab/gitlab.rb b/opt/gitlab/etc/gitlab.rb.template
index 3e27e40..31c0b45 100644
--- a/etc/gitlab/gitlab.rb
+++ b/opt/gitlab/etc/gitlab.rb.template
@@ -20,7 +20,7 @@
##! URL on which GitLab will be reachable.
##! For more details on configuring external_url see:
##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
-external_url 'http://192.168.16.102'
+external_url 'GENERATED_EXTERNAL_URL'
## Roles for multi-instance GitLab
##! The default is to have no roles enabled, which results in GitLab running as an all-in-one instance.
@@ -740,8 +740,8 @@ external_url 'http://192.168.16.102'
# unicorn['worker_processes'] = 2
### Advanced settings
-unicorn['listen'] = '192.168.16.102'
-unicorn['port'] = 8081
+# unicorn['listen'] = 'localhost'
+# unicorn['port'] = 8080
# unicorn['socket'] = '/var/opt/gitlab/gitlab-rails/sockets/gitlab.socket'
# unicorn['pidfile'] = '/opt/gitlab/var/unicorn/unicorn.pid'
# unicorn['tcp_nopush'] = true
[root@test102 ~]#
[root@node102 ~]# firewall-cmd --zone=public --permanent --add-port=8081/tcp
success
[root@node102 ~]# firewall-cmd --reload
success
[root@node102 ~]#
[root@node102 ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s3 enp0s8
sources:
services: ssh dhcpv6-client http
ports: 8081/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@node102 ~]#
[root@node102 ~]# gitlab-ctl reconfigure
Starting Chef Client, version 14.13.11
resolving cookbooks for run list: ["gitlab"]
Synchronizing Cookbooks:
- gitlab (0.0.1)
- package (0.1.0)
- postgresql (0.1.0)
- redis (0.1.0)
- monitoring (0.1.0)
- registry (0.1.0)
- mattermost (0.1.0)
- consul (0.1.0)
- gitaly (0.1.0)
- nginx (0.1.0)
- praefect (0.1.0)
- letsencrypt (0.1.0)
- runit (4.3.0)
- acme (4.0.0)
- crond (0.1.0)
Installing Cookbook Gems:
Compiling Cookbooks...
Recipe: gitlab::default
......
......
......
Recipe: <Dynamically Defined Resource>
* service[alertmanager] action restart
- restart service service[alertmanager]
* service[postgres-exporter] action restart
- restart service service[postgres-exporter]
* service[grafana] action restart
- restart service service[grafana]
Running handlers:
Running handlers complete
Chef Client finished, 543/1455 resources updated in 04 minutes 09 seconds
gitlab Reconfigured!
[root@node102 ~]#
[root@node102 ~]# gitlab-ctl status
run: alertmanager: (pid 6469) 45s; run: log: (pid 6123) 128s
run: gitaly: (pid 6335) 50s; run: log: (pid 5516) 263s
run: gitlab-exporter: (pid 6380) 48s; run: log: (pid 5972) 146s
run: gitlab-workhorse: (pid 6358) 49s; run: log: (pid 5882) 174s
run: grafana: (pid 6529) 44s; run: log: (pid 6273) 74s
run: logrotate: (pid 5920) 159s; run: log: (pid 5929) 158s
run: nginx: (pid 5893) 171s; run: log: (pid 5905) 167s
run: node-exporter: (pid 6367) 49s; run: log: (pid 5960) 152s
run: postgres-exporter: (pid 6488) 45s; run: log: (pid 6150) 121s
run: postgresql: (pid 5632) 255s; run: log: (pid 5644) 254s
run: prometheus: (pid 6406) 47s; run: log: (pid 6080) 132s
run: redis: (pid 5471) 272s; run: log: (pid 5479) 271s
run: redis-exporter: (pid 6384) 48s; run: log: (pid 6003) 140s
run: sidekiq: (pid 5842) 183s; run: log: (pid 5853) 180s
run: unicorn: (pid 5803) 189s; run: log: (pid 5835) 186s
[root@node102 ~]#
2.4 登陆
http://192.168.16.102 注意:这个地址是“external_url 'http://192.168.16.102'” 首次登录显示为密码设置界面,设置管理员密码,管理员账号默认username是root 设置完成之后,刷新即可使用root账号登录,登陆后会进入登陆页面
3.gitlab操作
gitlab 基本操作创建用户创建分组分配权限,项目的创建,分支的合并等不细说。
4.备忘
默认存储目录为/var/opt/gitlab/git-data/repositories
如果要更新或增加存储仓库目录,可以修改/etc/gitlab/gitlab.rb配置文件中git_data_dirs部分的内容,然后执行“gitlab-ctl reconfigure”命令使之生效。
gitlab-ctl 常用操作
sudo gitlab-ctl upgrade # 组件更新(可选)
sudo gitlab-ctl stop # 停止服务
sudo rsync -av <old-dir> <new-dir>/ # 目录同步(注意斜杠的作用)
ls <new-dir> # 检查文件及目录层级
sudo gitlab-ctl start # 启动服务
sudo gitlab-ctl reconfigure # 重配置
gitlab-ctl reconfigure # 重载配置
gitlab-ctl check-config # 检查配置并启动
gitlab-ctl diff-config # 将用户配置与包可用配置进行比较
gitlab-ctl status # 查看所有启动组件的进程和状态
gitlab-ctl service-list # 查看所有服务
gitlab-ctl stop # 停止GitLab服务
gitlab-ctl start # 启动GitLab服务
gitlab-ctl restart # 重启GitLab服务
gitlab-ctl once # 如果GitLab服务已停止则启动服务,如果GitLab服务已启动则重启GitLab服务
修改root密码
https://docs.gitlab.com/ce/security/reset_root_password.html
