gitlab 安装、配置
来源:原创
时间:2019-07-15
作者:脚本小站
分类:云原生
gitlab-ce版安装:
安装依赖包:
yum install curl openssh-server openssh-clients postfix cronie policycoreutils-python –y
方法一:
官网安装方法:但是安装使用的yum源不是国内的。
https://packages.gitlab.com/gitlab/gitlab-ce/install
国内下载地址:这是清华大学的开源地址
https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/
方法二:
配置yum源:
vim /etc/yum.repos.d/gitlab-ce.repo [gitlab-ce] name=Gitlab CE Repository baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/ gpgcheck=0 enabled=1
安装:因为rpm包比较大,可以先安装一下查看版本,再去清华的yum源下载rpm下来安装。
export EXTERNAL_URL="GitLab服务器的公网IP地址" yum install gitlab-ce
启动:
gitlab-ctl start # 启动所有 gitlab 组件
配置参考:
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md
修改配置:
vim /etc/gitlab/gitlab.rb # 关闭不需要的服务,建议开启,gitlab默认集成了grafana监控面板自带面板 grafana['enable'] = false prometheus['enable'] = false alertmanager['enable'] = false # 几个expoter修改为监听在0.0.0.0地址 gitlab_exporter['enable'] = true gitlab_exporter['listen_address'] = '0.0.0.0' gitlab_exporter['listen_port'] = '9168 node_exporter['enable'] = true node_exporter['listen_address'] = '0.0.0.0:9100' redis_exporter['enable'] = true redis_exporter['listen_address'] = '0.0.0.0:9121'
重新读取配置:
gitlab-ctl reconfigure
其他命令:gitlab默认用户名为root。
gitlab-ctl stop # 停止所有 gitlab 组件 gitlab-ctl restart # 重启所有 gitlab 组件 gitlab-ctl status # 查看服务状态 vim /etc/gitlab/gitlab.rb # 修改默认的配置文件 gitlab-rake gitlab:check SANITIZE=true --trace # 检查gitlab gitlab-ctl tail # 查看日志
参考地址:
www.cnblogs.com/weifeng1463/p/7714492.html
gitlab-jh版安装:jh版是国内企业维护的,国内公司一般都会用jh版本。
添加yum源:
wget https://packages.gitlab.cn/repository/raw/scripts/setup.sh bash setup.sh
安装:
yum install gitlab-jh -y
jh版本需要重载配置才能启动:默认安装好是无法启动的,需要重载配置
gitlab-ctl reconfigure
启动:
gitlab-ctl start
数据目录:默认所有的数据都在这个目录了,可以直接给这个目录单独挂载个盘,停掉gitlab服务后,数据直接mv出去,挂载好之后再mv进来就可以了。
~]# ls -al /var/opt/gitlab/ total 108 drwxr-xr-x 23 root root 4096 Oct 18 17:54 . drwxr-xr-x 4 root root 4096 Oct 18 09:57 .. drwxr-x--- 3 gitlab-prometheus root 4096 Oct 18 17:54 alertmanager drwx------ 2 git root 4096 Oct 17 19:03 backups -rw------- 1 root root 38 Oct 17 10:15 bootstrapped drwxr-xr-x 2 git git 4096 Oct 17 10:12 .bundle drwxr-xr-x 2 root root 4096 Oct 17 10:14 crond drwx------ 3 git root 4096 Oct 18 17:54 gitaly -rw-r--r-- 1 git git 303 Oct 17 10:12 .gitconfig drwxrws--- 3 git git 4096 Oct 17 10:12 git-data drwxr-xr-x 3 git root 4096 Oct 17 10:13 gitlab-ci drwxr-xr-x 2 git root 4096 Oct 18 17:54 gitlab-exporter drwx------ 2 git root 4096 Oct 18 17:54 gitlab-kas drwxr-xr-x 9 git root 4096 Oct 18 17:54 gitlab-rails drwx------ 2 git root 4096 Oct 18 17:54 gitlab-shell drwxr-x--- 3 git gitlab-www 4096 Oct 18 17:54 gitlab-workhorse drwx------ 3 root root 4096 Oct 18 18:32 logrotate drwxr-x--- 10 root gitlab-www 4096 Oct 18 17:54 nginx drwxr-xr-x 3 root root 4096 Oct 17 11:29 node-exporter drwx------ 2 gitlab-psql root 4096 Oct 18 17:54 postgres-exporter drwxrwsr-x 3 gitlab-psql gitlab-psql 4096 Oct 18 17:54 postgresql drwxr-x--- 4 gitlab-prometheus root 4096 Oct 18 17:54 prometheus -rw-r--r-- 1 root root 426 Oct 18 17:54 public_attributes.json drwxr-x--- 2 gitlab-redis git 4096 Oct 18 19:07 redis drwxrws--- 2 registry registry 4096 Oct 17 10:43 registry drwx------ 2 git git 4096 Oct 17 10:13 .ssh -rw-r--r-- 1 root root 40 Oct 17 10:13 trusted-certs-directory-hash
常用命令
列出可被单独管理的服务:
]# gitlab-ctl service-list alertmanager* gitaly* gitlab-exporter* gitlab-kas* gitlab-workhorse* grafana* logrotate* nginx* node-exporter* postgres-exporter* postgresql* prometheus* puma* redis* redis-exporter* sidekiq*
查看服务状态:
]# gitlab-ctl status
停止服务:
]# gitlab-ctl stop
停止某个服务:
]# gitlab-ctl stop sidekiq ok: down: sidekiq: 0s, normally up
启动服务:
~]# gitlab-ctl start ok: run: alertmanager: (pid 27376) 1s ok: run: gitaly: (pid 27388) 0s ok: run: gitlab-exporter: (pid 27407) 1s ok: run: gitlab-kas: (pid 27410) 0s ok: run: gitlab-workhorse: (pid 27424) 0s ok: run: grafana: (pid 27436) 1s ok: run: logrotate: (pid 27451) 0s ok: run: nginx: (pid 27457) 1s ok: run: node-exporter: (pid 27469) 0s ok: run: postgres-exporter: (pid 27475) 1s ok: run: postgresql: (pid 27484) 0s ok: run: prometheus: (pid 27497) 0s ok: run: puma: (pid 27511) 1s ok: run: redis: (pid 27516) 0s ok: run: redis-exporter: (pid 27522) 1s ok: run: sidekiq: (pid 27529) 0s
启动某个服务:
]# gitlab-ctl start sidekiq ok: run: sidekiq: (pid 27976) 0s
检查配置:
]# gitlab-ctl check-config
直接进入gitlab内部的pg:
]# gitlab-psql psql (13.6) Type "help" for help. gitlabhq_production=#
直接进入gitlab内的redis:
]# gitlab-redis-cli redis /var/opt/gitlab/redis/redis.socket>
备份恢复
一、备份配置文件:
]# gitlab-ctl backup-etc Could not find '/etc/gitlab/config_backup' directory. Creating. Running configuration backup Creating configuration backup archive: gitlab_config_1671011177_2022_12_14.tar /etc/gitlab/ /etc/gitlab/gitlab-secrets.json /etc/gitlab/initial_root_password /etc/gitlab/trusted-certs/ /etc/gitlab/gitlab.rb Configuration backup archive complete: /etc/gitlab/config_backup/gitlab_config_1671011177_2022_12_14.tar Keeping all older configuration backups
二、备份代码:如下两个命令效果等同。
]# gitlab-rake gitlab:backup:create ]# gitlab-backup create
输出如下:
]# gitlab-backup create 2022-12-14 23:43:43 +0800 -- Dumping database ... Dumping PostgreSQL database gitlabhq_production ... [DONE] 2022-12-14 23:43:47 +0800 -- Dumping database ... done 2022-12-14 23:43:47 +0800 -- Dumping repositories ... ...... 2022-12-14 23:43:48 +0800 -- Dumping repositories ... done 2022-12-14 23:43:48 +0800 -- Dumping uploads ... 2022-12-14 23:43:48 +0800 -- Dumping uploads ... done 2022-12-14 23:43:48 +0800 -- Dumping builds ... 2022-12-14 23:43:48 +0800 -- Dumping builds ... done 2022-12-14 23:43:48 +0800 -- Dumping artifacts ... 2022-12-14 23:43:52 +0800 -- Dumping artifacts ... done 2022-12-14 23:43:52 +0800 -- Dumping pages ... 2022-12-14 23:43:52 +0800 -- Dumping pages ... done 2022-12-14 23:43:52 +0800 -- Dumping lfs objects ... 2022-12-14 23:43:52 +0800 -- Dumping lfs objects ... done 2022-12-14 23:43:52 +0800 -- Dumping terraform states ... 2022-12-14 23:43:52 +0800 -- Dumping terraform states ... done 2022-12-14 23:43:52 +0800 -- Dumping container registry images ... [DISABLED] 2022-12-14 23:43:52 +0800 -- Dumping packages ... 2022-12-14 23:43:52 +0800 -- Dumping packages ... done 2022-12-14 23:43:52 +0800 -- Creating backup archive: 1671032623_2022_12_14_15.0.2_gitlab_backup.tar ... 2022-12-14 23:43:52 +0800 -- Creating backup archive: 1671032623_2022_12_14_15.0.2_gitlab_backup.tar ... done 2022-12-14 23:43:52 +0800 -- Uploading backup archive to remote storage ... [SKIPPED] 2022-12-14 23:43:52 +0800 -- Deleting tar staging files ... 2022-12-14 23:43:52 +0800 -- Cleaning up /var/opt/gitlab/backups/backup_information.yml 2022-12-14 23:43:52 +0800 -- Cleaning up /var/opt/gitlab/backups/db 2022-12-14 23:43:52 +0800 -- Cleaning up /var/opt/gitlab/backups/repositories 2022-12-14 23:43:52 +0800 -- Cleaning up /var/opt/gitlab/backups/uploads.tar.gz 2022-12-14 23:43:52 +0800 -- Cleaning up /var/opt/gitlab/backups/builds.tar.gz 2022-12-14 23:43:52 +0800 -- Cleaning up /var/opt/gitlab/backups/artifacts.tar.gz 2022-12-14 23:43:52 +0800 -- Cleaning up /var/opt/gitlab/backups/pages.tar.gz 2022-12-14 23:43:52 +0800 -- Cleaning up /var/opt/gitlab/backups/lfs.tar.gz 2022-12-14 23:43:52 +0800 -- Cleaning up /var/opt/gitlab/backups/terraform_state.tar.gz 2022-12-14 23:43:52 +0800 -- Cleaning up /var/opt/gitlab/backups/packages.tar.gz 2022-12-14 23:43:52 +0800 -- Deleting tar staging files ... done 2022-12-14 23:43:52 +0800 -- Deleting old backups ... [SKIPPED] 2022-12-14 23:43:52 +0800 -- Warning: Your gitlab.rb and gitlab-secrets.json files contain sensitive data and are not included in this backup. You will need these files to restore a backup. Please back them up manually. 2022-12-14 23:43:52 +0800 -- Backup 1671032623_2022_12_14_15.0.2 is done.
恢复:恢复之前先停止如下两个服务
]# gitlab-ctl stop unicorn ok: down: unicorn: 0s, normally up ]# gitlab-ctl stop sidekiq ok: down: sidekiq: 1s, normally up
备份准备:备份文件移动到备份目录,并赋予相应的权限
mv *_gitlab_backup.tar /var/opt/gitlab/backups chown git.git *_gitlab_backup.tar
恢复:
gitlab-rake gitlab:backup:restore BACKUP=要恢复版本的包名 gitlab-backup restore BACKUP=要恢复版本的包名
执行恢复:恢复过程有应答
]# gitlab-rake gitlab:backup:restore BACKUP=1671119227_2022_12_15_15.0.2 2022-12-15 23:51:30 +0800 -- Unpacking backup ... 2022-12-15 23:51:30 +0800 -- Unpacking backup ... done 2022-12-15 23:51:30 +0800 -- Restoring database ... 2022-12-15 23:51:30 +0800 -- Be sure to stop Puma, Sidekiq, and any other process that connects to the database before proceeding. For Omnibus installs, see the following link for more information: https://docs.gitlab.com/ee/raketasks/backup_restore.html#restore-for-omnibus-gitlab-installations Before restoring the database, we will remove all existing tables to avoid future upgrade problems. Be aware that if you have custom tables in the GitLab database these tables and all data will be removed. Do you want to continue (yes/no)? yes ...... 2022-12-15 23:54:41 +0800 -- Restoring uploads ... done 2022-12-15 23:54:41 +0800 -- Restoring builds ... 2022-12-15 23:54:41 +0800 -- Restoring builds ... done 2022-12-15 23:54:41 +0800 -- Restoring artifacts ... 2022-12-15 23:54:42 +0800 -- Restoring artifacts ... done 2022-12-15 23:54:42 +0800 -- Restoring pages ... 2022-12-15 23:54:42 +0800 -- Restoring pages ... done 2022-12-15 23:54:42 +0800 -- Restoring lfs objects ... 2022-12-15 23:54:42 +0800 -- Restoring lfs objects ... done 2022-12-15 23:54:42 +0800 -- Restoring terraform states ... 2022-12-15 23:54:42 +0800 -- Restoring terraform states ... done 2022-12-15 23:54:42 +0800 -- Restoring packages ... 2022-12-15 23:54:42 +0800 -- Restoring packages ... done This task will now rebuild the authorized_keys file. You will lose any data stored in the authorized_keys file. Do you want to continue (yes/no)? yes 2022-12-15 23:55:00 +0800 -- Deleting tar staging files ... 2022-12-15 23:55:00 +0800 -- Cleaning up /var/opt/gitlab/backups/backup_information.yml 2022-12-15 23:55:00 +0800 -- Cleaning up /var/opt/gitlab/backups/db 2022-12-15 23:55:00 +0800 -- Cleaning up /var/opt/gitlab/backups/repositories 2022-12-15 23:55:00 +0800 -- Cleaning up /var/opt/gitlab/backups/uploads.tar.gz 2022-12-15 23:55:00 +0800 -- Cleaning up /var/opt/gitlab/backups/builds.tar.gz 2022-12-15 23:55:00 +0800 -- Cleaning up /var/opt/gitlab/backups/artifacts.tar.gz 2022-12-15 23:55:00 +0800 -- Cleaning up /var/opt/gitlab/backups/pages.tar.gz 2022-12-15 23:55:00 +0800 -- Cleaning up /var/opt/gitlab/backups/lfs.tar.gz 2022-12-15 23:55:00 +0800 -- Cleaning up /var/opt/gitlab/backups/terraform_state.tar.gz 2022-12-15 23:55:00 +0800 -- Cleaning up /var/opt/gitlab/backups/packages.tar.gz 2022-12-15 23:55:00 +0800 -- Deleting tar staging files ... done 2022-12-15 23:55:00 +0800 -- Deleting backups/tmp ... 2022-12-15 23:55:00 +0800 -- Deleting backups/tmp ... done 2022-12-15 23:55:00 +0800 -- Warning: Your gitlab.rb and gitlab-secrets.json files contain sensitive data and are not included in this backup. You will need to restore these files manually. 2022-12-15 23:55:00 +0800 -- Restore task is done.
启动被停止的两个服务:
]# gitlab-ctl start sidekiq ]# gitlab-ctl start unicorn
参考:
cnblogs.com/easonscx/p/12615981.html
恢复gitlab:jh版示例
1、安装gitlab-jh:注意rpm包的版本和数据的版本要对应,否者会报错,恢复不成功。
rpm -i gitlab-jh-17.4.2-jh.0.el9.x86_64.rpm # 本地没有安装包的情况下,使用如下命令找出对应版本安装包安装 yum list gitlab-jh --showduplicates yum install gitlab-jh-17.4.2 -y
2、拷贝配置
tar -xf gitlab_config_1729447201_2024_10_21.tar mv /etc/gitlab/ /home/ mv ./etc/gitlab/ /etc/ gitlab-ctl reconfigure
3、恢复数据
mv 1729447218_2024_10_20_17.4.2-jh_gitlab_backup.tar /var/opt/gitlab/backups/ chown git.git /var/opt/gitlab/backups/1729447218_2024_10_20_17.4.2-jh_gitlab_backup.tar gitlab-rake gitlab:backup:restore BACKUP=1729447218_2024_10_20_17.4.2-jh
邮件重置密码
配置重置密码邮箱:
vim vim /etc/gitlab/gitlab.rb gitlab_rails['smtp_enable'] = true gitlab_rails['smtp_address'] = "smtp.demo.com" # 貌似不支持imap协议,推荐使用smtp协议 gitlab_rails['smtp_port'] = 465 gitlab_rails['smtp_user_name'] = "example@email.com" gitlab_rails['smtp_password'] = "xxxxxx" gitlab_rails['smtp_domain'] = "email.com" gitlab_rails['smtp_authentication'] = "login" gitlab_rails['smtp_enable_starttls_auto'] = false gitlab_rails['smtp_tls'] = true gitlab_rails['smtp_pool'] = false gitlab_rails['smtp_openssl_verify_mode'] = 'none' # from和reply地址貌似要相同,要不然可能发生成功却收不到邮件 gitlab_rails['gitlab_email_from'] = 'example@email.com' gitlab_rails['gitlab_email_display_name'] = 'gitlab' gitlab_rails['gitlab_email_reply_to'] = 'example@email.com'
重新读取配置:
gitlab-ctl reconfigure
邮件发生测试:
]# gitlab-rails console
--------------------------------------------------------------------------------
Ruby: ruby 3.1.5p253 (2024-04-023 revision 1945f8dc0e) [x86_64-linux]
GitLab: 17.4.2-jh (174ac7c3a0e) EE
GitLab Shell: 14.39.0
PostgreSQL: 14.11
------------------------------------------------------------[ booted in 24.93s ]
WARNING: Active Record does not support composite primary key.
security_findings has composite primary key. Composite primary key is ignored.
Loading production environment (Rails 7.0.8.4)
irb(main):001:0> Notify.test_email('example@email.com', '密码重置', 'content').deliver_now
Delivered mail 6712308344058_622b3110585a8@gitlab.mail (2150.3ms)
=> #<Mail::Message:794380, Multipart: false, Headers: <Date: Fri, 18 Oct 2024 17:55:15 +0800>, <From: finstep-gitlab <example@email.com>>, <Reply-To: finstep-gitlab <example@email.com>>, <To: example@email.com>, <Message-ID: <6712308344058_622b3110585a8@gitlab.mail>>, <Subject: 密码重置>, <Mime-Version: 1.0>, <Content-Type: text/html; charset=US-ASCII>, <Content-Transfer-Encoding: 7bit>, <Auto-Submitted: auto-generated>, <X-Auto-Response-Suppress: All>>
irb(main):002:0> exitgitlab代码迁移:
cnblogs.com/chuanzhang053/p/17887062.html
配置证书
gitlab配置https证书:
external_url 'https://gitlab.demo.com' nginx['redirect_http_to_https'] = true nginx['ssl_certificate'] = "/opt/gitlab/certs/demo.com.crt" nginx['ssl_certificate_key'] = "/opt/gitlab/certs/demo.com.key" letsencrypt['enable'] = false
重新读取配置:
gitlab-ctl reconfigure gitlab-ctl status gitlab-ctl tail nginx
更换证书:重启nginx即可
gitlab-ctl stop nginx gitlab-ctl start nginx