gitlab 杂记

GitLab 编译部署

1，请尽量不要在国内主机上部署，中途天朝很有可能导致gem执行出现问题，以下在AWS上部署；

2，系统中必须要有swap分区，不然会出现500错误；

===============================================

系统版本：CentOS 6.x x86_64 mini

Gitlab版本：6.x-7.x

———————————–基本配置——————————–

sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config 
setenforce 0 
rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm 
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm 
yum -y install wget nano perl perl-Net-SSLeay rsync openssh openssh-clients openssh-server iotop atop htop iftop glances 
wget http://sourceforge.net/projects/webadmin/files/webmin/1.730/webmin-1.730-1.noarch.rpm/download 
rpm -Uvh download 
yum clean all 
rm -rf download 
————————————-升级软件包（必须）—————————–

yum makecache 
yum update

yum -y groupinstall ‘Development Tools’

yum -y install readline readline-devel ncurses-devel gdbm-devel glibc-devel tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc sqlite-devel libyaml libyaml-devel libffi libffi-devel libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel system-config-firewall-tui redis sudo wget crontabs logwatch logrotate perl-Time-HiRes yum-plugin-fastestmirror cmake patch libicu-devel

如果遇到多个源的包冲突添加–skip-broken参数跳过即可。

解决libyaml的问题

yum downgrade libyaml libyaml-devel

yum install libyaml libyaml-devel

———————————————————————-

yum -y install vim-enhanced nano

update-alternatives –set editor /usr/bin/vim.basic

yum -y install python-docutils

————————————-安装redis———————————

yum install redis -y

chkconfig redis on

cp /etc/redis.conf /etc/redis.conf.orig

sed ‘s/^port .*/port 0/’ /etc/redis.conf.orig | sudo tee /etc/redis.conf

echo ‘unixsocket /var/run/redis/redis.sock’ | sudo tee -a /etc/redis.conf

echo -e ‘unixsocketperm 0770’ | sudo tee -a /etc/redis.conf

mkdir /var/run/redis

chown redis:redis /var/run/redis

chmod 755 /var/run/redis

if [ -d /etc/tmpfiles.d ]; then

    echo ‘d  /var/run/redis  0755  redis  redis  10d  -‘ | sudo tee -a /etc/tmpfiles.d/redis.conf

fi

usermod -aG redis git

service redis restart

—————————————-安装邮件—————————–

yum -y install postfix

ln -s /usr/bin/vim /usr/bin/editor

————————————————————————–

必须首先删除自带的ruby和git

yum remove ruby git -y

yum install zlib-devel perl-CPAN gettext curl-devel expat-devel gettext-devel openssl-devel

—————————————安装git———————————–

curl –progress https://www.kernel.org/pub/software/scm/git/git-2.2.2.tar.gz | tar xz

cd git-2.2.2/

./configure

make

make prefix=/usr/local install

which git

echo ‘export PATH="$PATH:/usr/local/bin"’ >> /root/.bashrc

echo ‘export PATH="$PATH:/usr/local/bin"’ >> /etc/profile

source /etc/profile

echo $PATH

git –version

cd && rm -rf git-*

—————————————安装ruby——————————–

yum install libffi-devel -y

Ruby (MRI)版本：2.0 or 2.1（测试ruby2.2与gitlab7.7不兼容）

curl –progress http://cache.ruby-lang.org/pub/ruby/2.0/ruby-2.0.0-p598.tar.gz | tar xz

curl –progress http://cache.ruby-lang.org/pub/ruby/2.1/ruby-2.1.5.tar.gz | tar xz

cd ruby-*

./configure –disable-install-rdoc

make clean && make

make prefix=/usr/local install

which ruby

ruby -v

cd && rm -rf ruby-*

———–ruby降级操作—————

1，root身份重新编译旧版本

2，root身份执行：

chmod 0775 /usr/local/lib/ruby/gems/ -R

chgrp git /usr/local/lib/ruby/gems/ -R

chmod 0775 /usr/local/bin -R

chgrp git /usr/local/bin -R

3，git身份执行：

su git

cd /home/git/gitlab

gem install bundler

gem install bundle

bundle install

———————————————————————–

国外服务器不需要以下操作

gem sources –remove https://rubygems.org/

gem source -a http://ruby.taobao.org/

gem sources -l

gem install bundler

gem install rugged

————————————添加系统用户（必须）———————————

adduser –system –shell /bin/bash –comment ‘GitLab’ –create-home –home-dir /home/git/ git

visudo

Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin

改为

Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin

————————————-数据库配置MySQL和Postgre(选其一)———————————-

yum remove postgresql -y

rpm -Uvh http://yum.postgresql.org/9.4/redhat/rhel-6-x86_64/pgdg-centos94-9.4-1.noarch.rpm

yum install postgresql94-server postgresql94-devel -y

以下可略过

echo ‘export PATH="$PATH:/usr/pgsql-9.4/bin"’ >> /root/.bashrc

echo ‘export PATH="$PATH:/usr/pgsql-9.4/bin"’ >> /etc/profile

source /etc/profile

echo $PATH

mv /etc/init.d/{postgresql-9.4,postgresql}

service postgresql initdb

which psql

psql -V

service postgresql restart

chkconfig postgresql on

su – postgres

export PATH=$PATH:/usr/pgsql-9.4/bin/

psql -d template1

create user git createdb;

create database gitlabhq_production owner git;

\q

exit

whoami

nano /var/lib/pgsql/9.4/data/pg_hba.conf

    host all all 127.0.0.1/32 trust

trust授权本地可以无需账户密码直接访问。

————————————–安装gitlab———————————

cd /home/git

sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-6-stable gitlab

cd /home/git/gitlab

sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml

sudo -u git -H nano config/gitlab.yml

  gitlab:

    host: git.dayunet.com

    port: 8080

    https: false

  git:

bin_path: /usr/local/bin/git

chown -R git log/

chown -R git tmp/

chmod -R u+rwX log/

chmod -R u+rwX tmp/

sudo -u git -H mkdir /home/git/gitlab-satellites

chmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites

chmod -R u+rwX tmp/pids/

chmod -R u+rwX tmp/sockets/

chmod -R u+rwX  public/uploads

sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb

nproc

sudo -u git -H nano config/unicorn.rb

可修改工作进程数和监听地址及端口。

——————————————-

sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb

sudo -u git -H git config –global user.name "GitLab"

sudo -u git -H git config –global user.email "yutaoo1230@gmail.com"

sudo -u git -H git config –global core.autocrlf input

sudo -u git -H cp config/resque.yml.example config/resque.yml

sudo -u git -H nano config/resque.yml

    production: unix:/var/run/redis/redis.sock

sudo -u git -H nano config/gitlab.yml

    host: git.dayunet.com

    port: 80

    https: false

    user: git

    time_zone: ‘Asia/Shanghai’

    email_from: yutaoo1230@163.com

  git:

    bin_path: /usr/local/bin/git

    max_size: 209715200000

    timeout: 100

sudo -u git -H nano config/environments/production.rb

    config.action_mailer.delivery_method = :smtp

sudo -u git -H cp config/initializers/smtp_settings.rb.sample config/initializers/smtp_settings.rb

sudo -u git -H nano config/initializers/smtp_settings.rb

  ActionMailer::Base.smtp_settings = {

    address: "smtp.163.com",

    port: 25,

    user_name: "yutao@163.com",

    password: "123456",

    domain: "163.com",

    authentication: :login,

    enable_starttls_auto: false

sudo -u git -H nano config/initializers/devise.rb

  config.mailer_sender = "DayunetGit <#{Gitlab.config.gitlab.email_from}>"

sudo -u git cp config/database.yml.postgresql config/database.yml

sudo -u git -H chmod o-rwx config/database.yml

sudo -u git -H nano config/database.yml

    production:

      adapter: postgresql

      encoding: unicode

      database: gitlabhq_production

      pool: 10

———————————-安装Gem————————————-

cd /home/git/gitlab

chmod ugo+rx /usr/local/bin/bundle

chmod -R ugo+rX /usr/local/lib/ruby/

rm -fv /usr/bin/{bundle,bundler}

ln -s /usr/local/bin/bundle /usr/bin/bundle

ln -s /usr/local/bin/bundler /usr/bin/bundler

sudo -u git -H bundle config build.pg –with-pg-config=/usr/pgsql-9.4/bin/pg_config

sudo -u git -H bundle install –deployment –without development test mysql aws

如果在国内需要更换源

nano /home/git/gitlab/Gemfile

    source "http://ruby.taobao.org"

postgresql数据库使用：

sudo -u git -H bundle install –deployment –without development test mysql aws

mysql数据库使用：

sudo -u git -H bundle install –deployment –without development test postgres aws

———————————-安装gitlab-shell————————————-

cd /home/git/gitlab 
netstat -ntlp

sudo -u git -H bundle exec rake gitlab:shell:install[v2.4.1] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production

sudo -u git -H nano /home/git/gitlab-shell/config.yml

    user: git 
        gitlab_url: http://127.0.0.1:8080/

restorecon -Rv /home/git/.ssh

———————————–初始化数据库并设置密码——————————–

sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=passwprd

wget -O /etc/init.d/gitlab https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/sysvinit/centos/gitlab-unicorn

chmod +x /etc/init.d/gitlab 
chkconfig –add gitlab 
chkconfig gitlab on 
cp /home/git/gitlab/lib/support/logrotate/gitlab /etc/logrotate.d/gitlab

————————————–检查环境并编译————————————–

sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production

sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production

service gitlab restart

netstat -ntlp

——————————–导入ssh-keys—————————————-

su git

cd

ssh-keygen -t rsa -C "mail@qq.com"

cat ~/.ssh/id_rsa.pub

将该结果填入GitLab的ssh-keys。

私钥文件为

/home/git/.ssh/id_rsa

该文件为客户端使用。

——————————-Nginx安装——————————————-

nginx最少1.4版本以上，不然会报错：

fatal: protocol error: bad line length character

自签名证书在客户端通过https推送或提交时会报错。

安装Nginx请参考编译安装笔记，本文以 nginx 1.6.2 为例。

chkconfig nginx on

chkconfig httpd off 
wget -O /etc/nginx/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-ce/raw/master/lib/support/nginx/gitlab-ssl

usermod -a -G git nginx

chmod g+rx /home/git/ 
service nginx restart

上传证书文件并修改主机名

nano /etc/sysconfig/network

nano /etc/hosts

注意：

配置文件中的代理配置

    proxy_set_header    X-Forwarded-Ssl     on;

也能起到

    return 301 https://$server_name$request_uri;

的作用，请注意这个重定向功能。

————————————-添加防火墙———————————-

lokkit -s http -s https -s ssh

lokkit -p 10000:tcp

lokkit -p 10001:tcp

service iptables restart

========================测试安装结果========================

cd /home/git/gitlab

sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production

chkconfig gitlab on 
chkconfig nginx on 
chkconfig redis on

service nginx restart

service redis restart

service gitlab restart

 

GitLab 常见问题解决

=========================常见故障解决====================

报错：

Git configured for git user? … no

解决：

sudo -u git -H git config –global user.name "GitLab" 
sudo -u git -H git config –global user.email "yutao@163.com" 
sudo -u git -H git config –global core.autocrlf "input"

————————————————————–

报错：

GitLab Shell version >= 1.9.7 ? … FAIL. Please update gitlab-shell to 1.9.7 from 1.9.6

解决：

sudo -u git -H bundle exec rake gitlab:shell:install[v1.9.7] REDIS_URL=redis://localhost:6379 RAILS_ENV=prodduction

—————————————————

报错：

Satellites access is drwxr-x—? … no

解决：

sudo chmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites

—————————————————

报错：

Init script up-to-date? … no

解决：

cp /home/git/gitlab/lib/support/init.d/gitlab /etc/init.d/gitlab

文件大小为8K，2K大小的不是最新的；

—————————————————

报错：

gitlab-shell self-check failed

解决：

Gitlab-Shell通过http调用gitlab的API，那可能是配置的API接口不对（ip，端口等）。 
gitlab的配置依赖于三个文件： 
/home/git/gitlab/config/unicorn.rb：配置ruby提供的服务端口，ip 
/home/git/gitlab/config/gitlab.yml：配置gitlab服务的端口，ip 
/home/git/gitlab-shell/config.yml：配置gitlab-shell要调用的API接口 
这三个文件的配置要保持一致，只需要更改ip和端口就可以了，其他不用动。

例如： 
unicorn.rb：第40行改成 
listen "115.28.21.20:8000", :tcp_nopush => true 
gitlab.yml：第18行和第19行改成 
host: 115.28.21.20 
port: 8000 
config.yml：第5行改成 
gitlab_url: "http://localhost:8000/" 
再检测一次，gitlab-shell应该会正确连接到gitlab，检测结果为yes。

这里改为非80端口也可，只要Nginx或Apache是通过80或443登录访问即可。 
———————————————–

报错：

can’t check, you have no projects

can’t create, repository is empty

解决：

登录后创建项目并添加文件即可。

———————————————————–

配置smtp发送邮件

config/environments/production.rb

编辑 

config.action_mailer.delivery_method= :smtp

再编辑 config/initializers/smtp_settings.rb

if Gitlab::Application.config.action_mailer.delivery_method == :smtp

  ActionMailer::Base.smtp_settings = {

    address: "smtp.domain.com",

    port: 587,

    user_name: "mail_username",

    password: "mail_password",

    domain: "domain.com",

    authentication: ‘plain’,

    enable_starttls_auto: true

  }end

Tip: 如果没用smtp没有开加密连接的话 enable_starttls_auto 的值应该配置为 false

这里需要注意一个问题, 如果你的smtp服务器做了权限限制,只能以登陆账户的邮件帐号发邮件的话,还需要修改编辑config/gitlab.yml 找到下面两个字段将内容改成你的邮件帐户地址:

email_from: yourmail@domain.com

support_email: yourmail@domain.com

如果用docker来运行的话还需要修改 /home/git/gitlab/docker 的配置即可。

——————————————————————————-

报错：

remote: /usr/local/lib/ruby/2.1.0/net/protocol.rb:158:in `rescue in rbuf_fill’: Net::ReadTimeout (Net::ReadTimeout)

解决：

nano /home/git/gitlab/config/unicorn.rb

worker_processes 2

———————————————————————

减少内存占用：

修改 /home/git/gitlab/config/unicorn.rb:

worker_processes 2

减少进程数即可，但是性能会降低，并有可能出现上面的网络超时错误。

——————————————————-

报错：

error rpc failed result=18 http code = 200

解决：

git config –global http.postBuffer 524288000

git config –global https.postBuffer 524288000

——————————————————-

报500错误

原因：内存不足

解决：增加swap（文件方式）

创建文件

dd if=/dev/zero of=/var/tmp/swap bs=1024 count=1024000

cd /var/tmp

制作swap格式文件

mkswap swap

文件生效

swapon swap

查看swap

swapon -s

开机自动挂载

nano /etc/fstab

   /var/tmp/swap    swap     swap   defaults        0 1

无需重启挂载分区

mount -a

查看结果

free -m

———————————————————-

报错：

remote: GitLab: No such project

[remote rejected] master -> master (pre-receive hook declined)

 

或者执行检查后提示：

Projects have satellites? …

MTao / GitLab … can’t create, repository is empty

解决：

gitlab-satellites下无法创建文件，原因是使用了文件夹硬连接导致的，取消即可。

————————————————————-

报错：

try increasing http.postBuffer

解决：

sudo -u git -H git config http.postBuffer 52428800000