Gitlab安裝指南
Gitlab安裝教程參考:
https://doc.gitlab.cc/ce/administration/high_availability/README.html
1、 下載gitlab包https://about.gitlab.com/downloads/
查看os版本,並下載對應的包,這里我們下載的是https://about.gitlab.com/downloads/#centos6
2、 安裝依賴包
sudo yum install curl openssh-server openssh-clients postfix cronie
sudo service postfix start
sudo chkconfig postfix on
sudo lokkit -s http -s ssh
3、 安裝gitlab
rpm -i gitlab-ce-XXX.rpm
啟動:gitlab-ctl start
重新啟動:gitlab-ctl restart
停止:gitlab-ctl stop
查看狀態:gitlab-ctl status
實時日志查看:gitlab-ctl tail
檢查報錯:gitlab-rake gitlab:check
4、 設置環境變量
export GEM_PATH=/opt/gitlab/embedded
export PATH=$GEM_PATH/bin:$PATH
export BUNDLE_HOME=/opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/bundler-1.13.7
export PATH=$BUNDLE_HOME:$PATH
export ROTP_HOME=/opt/gitlab/embedded/service/gem/ruby/2.3.0/gems/rotp-2.1.2
export PATH=$ROTP_HOME:$PATH
5、 修改配置
修改配置后重新啟動
Gitlab-ctl reconfigure
Vim /etc/gitlab/gitlab.rb
1) Gitlab訪問url修改:external_url 'http://git.cnsuning.com'
2) 數據庫修改:
postgresql['enable'] = false
gitlab_rails['db_adapter'] = "postgresql"
# gitlab_rails['db_encoding'] = "unicode"
# gitlab_rails['db_collation'] = nil
gitlab_rails['db_database'] = "gitlabhq_production"
# gitlab_rails['db_pool'] = 10
gitlab_rails['db_username'] = "postgres"
gitlab_rails['db_password'] = "gitlab"
gitlab_rails['db_host'] = "xxxxx"
gitlab_rails['db_port'] = 5432
# gitlab_rails['db_socket'] = nil
# gitlab_rails['db_sslmode'] = nil
# gitlab_rails['db_sslrootcert'] = nil
3) Redis修改
## Redis TCP connection
gitlab_rails['redis_host'] = "xxxx"
gitlab_rails['redis_port'] = 6379
gitlab_rails['redis_password'] = "xxxx"
# gitlab_rails['redis_database'] = 0
4) Gitlab user修改
user['username'] = "git"
user['group'] = "git"
#user['uid'] = 0
#user['gid'] = 0
# # The shell for the git user
user['shell'] = "/bin/sh"
# # The home directory for the git user
#user['home'] = "/var/opt/gitlab"
user['git_user_name'] = "git"
# user['git_user_email'] = "gitlab@#{node['fqdn']}"
增加git用戶和git組
Groupadd git –g 501
Useradd git –u 501 –g 501
5) 高可用配置、ldap配置
增加ldap配置
# For omnibus packages
gitlab_rails['ldap_enabled'] = true
gitlab_rails['ldap_servers'] = YAML.load <<-EOS # remember to close this block with 'EOS' below
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'LDAP'
host: 'xxxx'
port: 389
uid: 'uid'
method: 'plain' # "tls" or "ssl" or "plain"
allow_username_or_email_login: true
bind_dn: 'cn=xxx,dc=xx,dc=com'
password: 'xxx'
active_directory: true
base: 'ou=xxx,dc=xxx,dc=com'
user_filter: ''
EOS
6) 修改email
先找到 config/environments/production.rb,默認設置為sendemail
config.action_mailer.delivery_method= :smtp
設置/etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "mail.cnsuning.com"
gitlab_rails['smtp_openssl_verify_mode'] = 'none'
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "xxxxx"
gitlab_rails['smtp_password'] = "xxxx"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_domain'] = "xxxxx"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['gitlab_email_from'] = 'xxxx'
gitlab_rails['gitlab_email_reply_to'] = 'xxxxx'
過程中報錯;
OpenSSL::SSL::SSLError: hostname was not match with the server certificate
增加gitlab_rails['smtp_openssl_verify_mode'] = 'none'
6、 搭建nfs服務器
1) 新增用戶git
增加git用戶和git組
Groupadd git –g 501
Useradd git –u 501 –g 501
2) 安裝軟件:
rpcbind
nfs-utils
nfs-utils-lib
3) 創建nfs目錄
mkdir -p /var/opt/gitlab/.ssh /var/opt/gitlab/gitlab-rails/uploads /var/opt/gitlab/gitlab-rails/shared /var/opt/gitlab/gitlab-ci/builds /var/opt/gitlab/git-data
4) 修改配置,
[root@gitppreapp02 ~]# vim /etc/exports
/var/opt/gitlab/.ssh xxx(rw,all_squash,anonuid=501,anongid=501) xxxx(rw,all_squash,anonuid=501,anongid=501,sync)
/var/opt/gitlab/gitlab-rails/uploads xxxx(rw,all_squash,anonuid=501,anongid=501) xxxx(rw,all_squash,anonuid=501,anongid=501,sync)
/var/opt/gitlab/gitlab-rails/shared xxxx(rw,all_squash,anonuid=501,anongid=501) xxxx(rw,all_squash,anonuid=501,anongid=501,sync)
/var/opt/gitlab/gitlab-ci/builds xxxxx(rw,all_squash,anonuid=501,anongid=501) xxxxx(rw,all_squash,anonuid=501,anongid=501,sync)
/var/opt/gitlab/git-data xxxxx(rw,all_squash,anonuid=501,anongid=501) xxxxx(rw,all_squash,anonuid=501,anongid=501,sync)
Exportfs –r使其生效
5) 在gitlab應用服務器上掛載nfs目錄
方式一:
xxxx:/var/opt/gitlab/.ssh /var/opt/gitlab/.ssh nfs defaults,soft,rsize=1048576,wsize=1048576,noatime,nobootwait,lookupcache=positive 0 2
xxxxx:/var/opt/gitlab/gitlab-rails/uploads /var/opt/gitlab/gitlab-rails/uploads nfs defaults,soft,rsize=1048576,wsize=1048576,noatime,nobootwait,lookupcache=positive 0 2
xxxx:/var/opt/gitlab/gitlab-rails/shared /var/opt/gitlab/gitlab-rails/shared nfs defaults,soft,rsize=1048576,wsize=1048576,noatime,nobootwait,lookupcache=positive 0 2
xxxxx:/var/opt/gitlab/gitlab-ci/builds /var/opt/gitlab/gitlab-ci/builds nfs defaults,soft,rsize=1048576,wsize=1048576,noatime,nobootwait,lookupcache=positive 0 2
xxxx:/var/opt/gitlab/git-data /var/opt/gitlab/git-data nfs defaults,soft,rsize=1048576,wsize=1048576,noatime,nobootwait,lookupcache=positive 0 2
方式二:
命令格式
# mount NFS服務器IP:共享目錄 本地掛載點目錄
mkdir jenkins
mount xxxx:/var/opt/gitlab/.ssh /var/opt/gitlab/.ssh
查看:[root@gitppreweb02 ~]# mount | grep nfs
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
xxx:/var/opt/gitlab/.ssh/ on /var/opt/gitlab/.ssh type nfs (rw,vers=3,addr=10.37.77.186)
xxxx:/var/opt/gitlab/gitlab-rails/uploads/ on /var/opt/gitlab/gitlab-rails/uploads type nfs (rw,vers=3,addr=xxxxx)
xxxx:/var/opt/gitlab/gitlab-rails/shared/ on /var/opt/gitlab/gitlab-rails/shared type nfs (rw,vers=3,addr=xxxx)
xxxx:/var/opt/gitlab/gitlab-ci/builds/ on /var/opt/gitlab/gitlab-ci/builds type nfs (rw,vers=3,addr=xxxxx)
xxxxx:/var/opt/gitlab/git-data/ on /var/opt/gitlab/git-data type nfs (rw,vers=3,addr=xxxx)
過程中可能出現目錄的所屬用戶為nobody可使用如下解決
mount -t nfs -o vers=3 xxxx:/opt/gitlab /var/opt/gitlab
6) 開機自啟動:
[root@jenkissitweb210 ~]# chkconfig rpcbind on
[root@jenkissitweb210 ~]# chkconfig nfs on
7、 共享秘鑰
8、 nfs目錄備份,使用rsync備份
備機器上安裝rsync服務
查看:rpm -qa |grep rsync
Vim /etc/rsyncd.conf
[root@gitppreapp01 ~]# vim /etc/rsyncd.conf
#gid = nobody
uid = root
gid = root
use chroot = yes
read only = no
#limit access to private LANs
hosts allow=xxxx
#hosts deny=*
max connections = 5
motd file = /etc/rsyncd.motd
#This will give you a separate log file
log file = /var/log/rsyncd.log
#This will log every file transferred - up to 85,000+ per user, per sync
#transfer logging = yes
log format = %t %a %m %f %b
syslog facility = local3
timeout = 300
[module_gitlab]
path = /var/opt/gitlab/
list = yes
ignore errors
auth users = gitlab
secrets file = /etc/rsyncd.secrets
comment = This is RHEL 186/var/opt data
exclude = workspace/
[test]
path=/var/opt/gitlab/test
list = yes
ignore errors
auth users = gitlab
secrets file = /etc/rsyncd.secrets
comment = This is RHEL186 test
創建,編輯 /etc/rsyncd.secrets
Chomod 600 /etc/rsyncd.secrets
[root@sitjenkins CI]# ll /etc/rsyncd.secrets
-rw------- 1 root root 9 Oct 25 14:55 /etc/rsyncd.secrets
[root@sitjenkins CI]# cat /etc/rsyncd.secrets
Gitlab:gitlab
配置/etc/xinetd.d/rsync 開啟rsync服務
啟動
[root@sitjenkins CI]# /usr/bin/rsync --daemon
也可以安裝yum insall xinetd
通過service xinetd start來啟動或者重啟rsync服務
設置開機自啟動 chkconfig xinetd on
測試
在主機器上執行同步到備份機器
rsync -avz /opt/backup root@xxxxx::test
下圖為從27機器從不到本機
至此rsync 搭建成功!
在主NFS上面
創建/etc/rsync_client.pwd,權限為600 內容為rsync賬戶的密碼
執行同步:/usr/bin/rsync -avz --delete --progress --password-file=/etc/rsync_client.pwd /var/opt/gitlab/ gitlab@xxxxx::module_gitlab
后台自動檢測執行設置如下:
(1)在nfs Server主上面安裝inotify-tools-3.14-1.el6.x86_64.rpm
把軟件拖到nfs server上面隨便一個目錄
執行安裝:
[root@jenkissitweb210 software]# yum install inotify-tools-3.14-1.el6.x86_64.rpm
增加后台腳本:
[root@gitppreapp02 CI]# vim rsync.sh
#rsync auto sync script with inotify
#2014-12-11 Sean
#variables
current_date=$(date +%Y%m%d_%H%M%S)
source_path=/var/opt/gitlab/
log_file=/opt/log/rsync_client.log
#rsync
rsync_server=xxxx
rsync_user=gitlab
rsync_pwd=/etc/rsync_client.pwd
#rsync_module=module_test
rsync_module=module_gitlab
#INOTIFY_EXCLUDE='(.*/*\.swp)$|^/var/opt/gitlab/'
RSYNC_EXCLUDE='/etc/rsyncd.d/rsync_exclude.lst'
#rsync client pwd check
if [ ! -e ${rsync_pwd} ];then
echo -e "rsync client passwod file ${rsync_pwd} does not exist!"
exit 0
fi
#inotify_function
inotify_fun(){
/usr/bin/inotifywait -mrq --timefmt '%Y/%m/%d-%H:%M:%S' --format '%T %w %f' \
-e modify,delete,create,move,attrib ${source_path} \
| while read file
do
/usr/bin/rsync -avz --delete --progress --password-file=${rsync_pwd} ${source_path} ${rsync_user}@${rsync_server}::${rsync_module}
#/usr/bin/rsync -avz --delete --progress --password-file=/etc/rsync_client.pwd /var/opt/gitlab/ gitlab@xxxxx::module_gitlab
done
}
#inotify log
inotify_fun >> ${log_file} 2>&1 &
執行:sh rsync.sh 發現沒有進程
遇到報錯:
修改:[root@jenkissitweb210 jenkins]# sysctl -w fs.inotify.max_user_watches="99999999"
啟動:成功
9、 安裝postgresql
安裝參考:
http://www.cnblogs.com/mchina/archive/2012/06/06/2539003.html
1) 下載postgresql
2) 安裝
安裝PostgreSQL,注意安裝順序
a) # rpm -ivh postgresql92-libs-9.2.4-1PGDG.rhel6.i686.rpm
b) # rpm -ivh postgresql92-9.2.4-1PGDG.rhel6.i686.rpm
c) # rpm -ivh postgresql92-server-9.2.4-1PGDG.rhel6.i686.rpm
d) # rpm -ivh postgresql92-contrib-9.2.4-1PGDG.rhel6.i686.rpm
3) 執行4. 初始化PostgreSQL 數據庫
PostgreSQL 服務初次啟動的時候會提示初始化。
4) 初始化數據庫
# service postgresql-9.2 initdb
5) 啟動服務
# service postgresql-9.2 start
6) 把PostgreSQL 服務加入到啟動列表
# chkconfig postgresql-9.2 on
# chkconfig --list|grep postgres
7) 修改PostgreSQL 數據庫用戶postgres的密碼(注意不是linux系統帳號)
8) PostgreSQL 數據庫默認會創建一個postgres的數據庫用戶作為數據庫的管理員,默認密碼為空,我們需要修改為指定的密碼,這里設定為’postgres’。
# su - postgres
$ psql
# ALTER USER postgres WITH PASSWORD 'postgres';
# select * from pg_shadow ;
9) 測試數據庫
創建測試數據庫
# create database david;
安裝擴展包:contrib如有報錯resource libxslt.so.1()(64bit) 找不到下載
libxslt-1.1.26-2.el6_3.1.x86_64.htmlLibrary providing the Gnome XSLT engineCentOS 6.9 for x86_64libxslt-1.1.26-2.el6_3.1.x86_64.rpm
git漢化
漢化下載
https://gitlab.com/xhang/gitlab 下載中文包
cp -r /opt/gitlab/embedded/service/gitlab-rails{,.ori}