官网环境要求
参见:https://github.com/gitlabhq/gitlabhq
GitLab is a Ruby on Rails application that runs on the following software:
- Ubuntu/Debian/CentOS/RHEL
- Ruby (MRI) 2.1
- Git 1.7.10+
- Redis 2.0+
- MySQL or PostgreSQL
For more information please see the architecture documentation.
##########################################
关闭防火墙,关闭SELinux
一、安装采用环境
- CentOS 6.5 x86_64
- Ruby 2.1.7
- Git 2.4.8
- Redis 2.4.10
- MySQL 5.6.26
- GitLab 7.12.2
- GitLab Shell 2.6.2
- Nginx 1.8.0
- Gem 2.2.5
- Bundler 1.10.6
二、系统添加EPEL、PUIAS源
1.添加EPEL源
wget -O /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL- https://www.fedoraproject.org/static/0608B895.txt --no-check-certificate
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -qa gpg*
#显示gpg-pubkey-41a40948-4ce19266
2.添加PUIAS源
wget -O /etc/yum.repos.d/PUIAS_6_computational.repo https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/install/centos/PUIAS_6_computational.repo --no-check-certificate
wget -O /etc/pki/rpm-gpg/RPM-GPG-KEY-puias http://springdale.math.ias.edu/data/puias/6/x86_64/os/RPM-GPG-KEY-puias
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-puias
rpm -qa gpg*
#显示gpg-pubkey-41a40948-4ce19266
3.查看源列表,验证
输入如下命令:
yum repolist
结果如下:
repo id repo name status
PUIAS_6_computational PUIAS computational Base - x86_64 ,
base CentOS- - Base ,
epel Extra Packages for Enterprise Linux - x86_64 ,
extras CentOS- - Extras
updates CentOS- - Updates
repolist: ,
If you can't see them listed, use the folowing command (from yum-utils
package) to enable them:
yum-config-manager --enable epel --enable PUIAS_6_computational
三、Install the required tools for GitLab
1.利用yum安装依赖包
yum -y update
yum -y groupinstall 'Development Tools'
yum -y installvim-enhanced
readline readline-devel ncurses-devel gdbm-devel glibc-devel tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc sqlite-devel libyaml libyaml-devel libffi libffi-devel libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel system-config-firewall-tui redis sudo wget crontabs python-devel logwatch logrotate perl-Time-HiRes libcom_err-devel.x86_64
2.源码安装Git
参见:http://www.cnblogs.com/jim-hwg/p/4748008.html
3.源码安装Ruby
参见:http://www.cnblogs.com/jim-hwg/p/4746977.html
4.源码安装MySQL
参见:http://www.cnblogs.com/jim-hwg/p/4747165.html
四、创建用户
1.创建一个Gitlab系统用户git:
adduser --system --shell /bin/bash --comment 'GitLab' --create-home --home-dir /home/git/ git
为了方便添加git用户拥有root权限 [sudoers文件默认没有写权限需要强制保存:wq!]
使用root用户执行下述命令
vim /etc/sudoers
最后添加
git ALL=(ALL) NOPASSWORD: ALL
2.创建一个Gitlab数据库用户并赋权
登陆MySQL,输入密码
mysql -u root -p
创建Gitlab数据库用户git:
CREATE USER 'git'@'localhost' IDENTIFIED BY '$password';
#替换$password设定自己的密码
CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci`;
GRANT SELECT, LOCK TABLES, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON `gitlabhq_production`.* TO 'git'@'localhost';
quit
五、配置服务
1.配置MySQL
配置MySQL max_allowed_packet的大小,避免POST太大的内容导致出现500错误,例如GitLab 发出MergeRequest的时候返回500错误。
vim /etc/my.cnf
#在mysqld中添加max_allowed_packet,调整值,加大为一个合适的数字即可。
[mysqld]
max_allowed_packet=512M
重启mysql服务
service mysqld restart
2.配置redis
Make sure redis is started on boot:
chkconfig redis on
Configure redis to use sockets:
cp /etc/redis.conf /etc/redis.conf.orig
Disable Redis listening on TCP by setting 'port' to 0:
sed 's/^port .*/port 0/' /etc/redis.conf.orig | sudo tee /etc/redis.conf
Enable Redis socket for default CentOS path:
echo 'unixsocket /var/run/redis/redis.sock' | sudo tee -a /etc/redis.conf
echo -e 'unixsocketperm 0775' | sudo tee -a /etc/redis.conf
Activate the changes to redis.conf:
service redis restart
Add git to the redis group:
usermod -aG redis git
六、安装Gitlab
切换到git用户
su - git
设置不验证SSL
vim /home/git/.bash_profile
export GIT_SSL_NO_VERIFY=
1.克隆Gitlab
git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-12-stable gitlab
或克隆中文版Gitlab
git clone https://gitlab.com/larryli/gitlab.git -b 7-12-zh gitlab
2.配置Gitlab
cd gitlab
cp config/gitlab.yml.example config/gitlab.yml
配置config/gitlab.yml,配置Gitlab服务的端口,IP
vim config/gitlab.yml
host: 10.149.153.81
port:
email_from: gitlab@example.com
email_enabled: false
default_theme:
mkdir /home/git/gitlab-satellites
chmod /home/git/gitlab-satellites
cp config/unicorn.rb.example config/unicorn.rb
配置config/unicorn.rb,配置Ruby提供的服务端口,IP
# Find number of cores
#优化系统参数/etc/security/limits.conf
# Enable cluster mode if you expect to have a high load instance
# Ex. change amount of workers to for 2GB RAM server
# Set the number of workers to at least the number of cores
vim config/unicorn.rb
worker_processes # Set the number of workers to at least the number of core
listen "127.0.0.1:8081", :tcp_nopush => true #注意端口,避免冲突
cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rbgit config --global user.name "GitLab"
git config --global user.email "gitlab@example.com"
git config --global core.autocrlf inputcp config/resque.yml.example config/resque.yml
配置config/resque.yml
#如果不使用默认的端口,则需要配置
3. Configure GitLab DB settings
cp config/database.yml.mysql config/database.yml
# MySQL and remote PostgreSQL only:
# Update username/password in config/database.yml.
# You only need to adapt the production settings (first part).
# If you followed the database guide then please do as follows:
# Change 'secure password' with the value you have given to $password
# You can keep the double quotes around the password
vim config/database.yml
修改为正确的用户名和密码
分别修改git用户和root用户chmod o-rwx config/database.yml
4.Install Gems
Note: As of bundler 1.5.2, you can invoke bundle install -jN
(where N
the number of your processor cores) and enjoy the parallel gems installation with measurable
difference in completion time (~60% faster). Check the number of your cores with nproc
.
For more information check this post.
First make sure you have bundler >= 1.5.2 (run bundle -v
) as it addresses some issues
that were fixed in 1.5.2.
cd /home/git/gitlab
# Or for MySQL (note, the option says "without ... postgres")
修改为淘宝的ruby源
vim Gemfile
修改为
source 'https://ruby.taobao.org/' bundle install --deployment --without development test postgres aws
这一步的时间会等很久
5.Install GitLab shell
GitLab Shell is an SSH access and repository management software developed specially for GitLab.
cd /home/git/gitlab
bundle exec rake gitlab:shell:install[v2.6.2] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production
报错:ExecJS::RuntimeUnavailable: Could not find a JavaScript runtime. See https://github.com/sstephenson/execjs for a list of available runtimes.
处理:切换到root用户
yum -y install nodejs
配置/home/git/gitlab/Gemfile
vim /home/git/gitlab/Gemfile
#末尾添加
gem 'execjs'
gem 'therubyracer'
cd /home/git/gitlab
bundle install --no-deployment
验证:
bundle show execjs
bundle show therubyracer
切回git用户,再次执行
cd /home/git/gitlab
bundle exec rake gitlab:shell:install[v2.6.2] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production
配置/home/git/gitlab-shell/config.yml,配置gitlab-shell要调用的API接口
# By default, the gitlab-shell config is generated from your main GitLab config.
# You can review (and modify) the gitlab-shell config as follows:
vim /home/git/gitlab-shell/config.yml # Ensure the correct SELinux contexts are set
# Read http://wiki.centos.org/HowTos/Network/SecuringSSH
restorecon -Rv /home/git/.ssh
6.Initialize Database and Activate Advanced Features
cd /home/git/gitlab/
bundle exec rake gitlab:setup RAILS_ENV=production
Type yes to create the database.
When done you see Administrator account created:.
Note: You can set the Administrator password by supplying it in environmental variable GITLAB_ROOT_PASSWORD
, eg.:
如果要修改gitlab管理员的密码,则执行这一句,否则执行上一句
bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=newpassword
7.Install Init Script
Download the init script (will be /etc/init.d/gitlab):
切换到root用户
wget -O /etc/init.d/gitlab https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/sysvinit/centos/gitlab-unicorn --no-check-certificate
chmod +x /etc/init.d/gitlab
chkconfig --add gitlab
chkconfig gitlab on
8.Set up logrotate
切换到root用户
cd /home/git/gitlab
cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab
9.Check Application Status
Check if GitLab and its environment are configured correctly:
切回git用户
cd /home/git/gitlab
bundle exec rake gitlab:env:info RAILS_ENV=production
#Compile assets
bundle exec rake assets:precompile RAILS_ENV=production
切回root,执行
service gitlab start
七、Configure the web server
Use either Nginx or Apache, not both. Official installation guide recommends nginx.
Nginx
You will need a new version of nginx otherwise you might encounter an issue like this.
To do so, follow the instructions provided by the nginx wiki and then install nginx with:
rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
yum update
yum -y install nginx
chkconfig nginx on 使用SSl
wget -O /etc/nginx/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-ce/raw/master/lib/support/nginx/gitlab-ssl --no-check-certificate 不使用SSL
wget -O /etc/nginx/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-ce/raw/master/lib/support/nginx/gitlab --no-check-certificate
最后加上--no-check-certificate不检查证书,这里不使用SSL
Edit /etc/nginx/conf.d/gitlab.conf
and replace git.example.com
with your FQDN. Make sure to read the comments in order to properly set up SSL.
vim /etc/nginx/conf.d/gitlab.conf
去掉listen后面的default_server,修改为正确的端口号
去掉 listen [::]:
修改server_name 为本机的IP地址 修改client_max_body_size 256m;
否则当推送较多数据到 gitlab 上时,会由于数据过大,而出现错误
fatal: The remote end hung up unexpectedly fatal: The remote end hung up unexpectedly error: RPC failed; result=, HTTP code =
Add nginx
user to git
group:
usermod -a -G git nginx
Finally start nginx with:
service nginx start
Test Configuration
Validate your gitlab
or gitlab-ssl
Nginx config file with the following command:
nginx -t
八、Double-check Application Status
To make sure you didn't miss anything run a more thorough check with:
su - git
cd /home/git/gitlab
bundle exec rake gitlab:check RAILS_ENV=production
九、Initial Login
Visit YOUR_SERVER in your web browser for your first GitLab login.
The setup has created an admin account for you. You can use it to log in:
root
5iveL!fe
#####################以上即完成了Gitlab的搭建################################
十、后期维护
1.Upgrade GitLab Shell
GitLab Shell might be outdated, running the commands below ensures you're using a compatible version:
su - git
cd /home/git/gitlab-shell
git fetch
git checkout v`cat /home/git/gitlab/GITLAB_SHELL_VERSION`
2.Upgrade GitLab
One line upgrade command
You've read through the entire guide and probably already did all the steps one by one.
Here is a one line command with step 1 to 5 for the next time you upgrade:
切换到git用户
cd /home/git/gitlab; \
sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production; \
sudo service gitlab stop; \
if [ -f bin/upgrade.rb ]; then sudo -u git -H ruby bin/upgrade.rb -y; else sudo -u git -H ruby script/upgrade.rb -y; fi; \
cd /home/git/gitlab-shell; \
sudo -u git -H git fetch; \
sudo -u git -H git checkout v`cat /home/git/gitlab/GITLAB_SHELL_VERSION`; \
cd /home/git/gitlab; \
exit; \
sudo service gitlab start; \
sudo service nginx restart; sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
3.Upgrade /etc/init.d/gitlab
wget https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/sysvinit/centos/gitlab-unicorn
mv gitlab-unicorn gitlab
cp -f gitlab /etc/init.d/gitlab
rm gitlab
复制完后,要删除/etc/init.d/gitlab.swap文件
4.Gitlab源代码更新
cd /home/git/gitlab/ git fetch origin
git merge origin/--zh #重启 gitlab
service gitlab restart
十一、Gitlab 备份
官网的备份说明
https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/raketasks/backup_restore.md
查看备份设置
vim /home/git/gitlab/config/gitlab.yml
检查Backup Settings设置项
默认情况下,备份文件是存放在/home/git/gitlab/tmp/backups/
执行备份
sudo service gitlab stop # 先停止Gitlab,可以不暂停
cd /home/git/gitlab/
sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
执行完成后,会在/home/git/gitlab/tmp/backups/目录下创建一个备份俄文件,以时间戳_gitlab_backup命名如 1417040627_gitlab_backup.tar
重新启动
sudo service gitlab start
sudo service nginx restart
还原
需要给其他用户配置读写执行的权限
chmod o+wrx /home/git/.ssh/authorized_keys.lock
否则会出现如下错误,是由于没有权限
/home/git/gitlab-shell/lib/gitlab_keys.rb:101:in
`initialize': Permission denied @ rb_sysopen -
/home/git/.ssh/authorized_keys.lock (Errno::EACCES)
需要使用 git 用户来执行,否则会没有权限操作 git 目录下的文件,timestamp_of_backup
为时间戳如 1417040627
sudo service gitlab stop
cd /home/git/gitlab/
sudo -u git -H bundle exec rake gitlab:backup:restore BACKUP=timestamp_of_backup RAILS_ENV=production
sudo service gitlab start
sudo service nginx restart
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
设置自动备份
sudo service gitlab stop;
cd /home/git/gitlab;
sudo -u git -H editor config/gitlab.yml; # Enable keep_time in the backup section to automatically delete old backups
keep_time参数默认是604800(单位是秒),因此会保留最近7天内的备份
sudo -u git crontab -e # Edit the crontab for the git user
将如下内容添加到文件末尾
# Create a full backup of the GitLab repositories and SQL database every day at 2am
* * * cd /home/git/gitlab && PATH=/usr/local/bin:/usr/bin:/bin bundle exec rake gitlab:backup:create RAILS_ENV=production CRON=
每天凌晨2点自动备份
The CRON=1 environment setting tells the backup script to suppress all progress output if there are no errors. This is recommended to reduce cron spam.
重新启动
sudo service gitlab start;
sudo service nginx restart;
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production;