搭建Gitlab
大约 3 分钟
GitLab 是一个用于仓库管理系统的开源项目,使用 Git 作为代码管理工具,并在此基础上搭建起来的 web 服务。
CentOS7 安装 gitlab-ce
########################
## gitlab官网介绍:https://about.gitlab.com/
## gitlab官方文档:https://docs.gitlab.com/
## gitlab中文文档:https://docs.gitlab.cn/jh/install/docker.html
## gitlab代码地址:https://gitlab.com/
## 官网安装介绍:https://about.gitlab.com/install/#centos-7
## RPM安装包地址:https://packages.gitlab.com/gitlab/gitlab-ce
## 清华大学开源软件镜像站 https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/
## GitLab认证:https://docs.gitlab.com/ee/integration/omniauth.html
########################
# 前置条件
yum install -y wget vim net-tools lsof git curl policycoreutils-python openssh-server openssh-clients cronie
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
systemctl reload firewalld
# 下载安装包
wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-14.6.0-ce.0.el7.x86_64.rpm/download.rpm
# 安装rpm包
rpm -ivh gitlab-ce-14.6.0-ce.0.el7.x86_64.rpm
# 修改对外访问的域名或IP,注意gitlab默认会占用一些端口,比如:80,8080,8082,9090等
sed -i "s/external_url .*/external_url 'http:\/\/192.168.13.100:9091'/g" /etc/gitlab/gitlab.rb
# 重新生成相关配置文件,执行此命令时间比较长
gitlab-ctl reconfigure
# 上面没有错误,重启gitlab
gitlab-ctl restart
# 配置gitlab开机自动启动
systemctl enable gitlab-runsvdir.service
# gitlab服务启动|停止|重启|状态|日志
gitlab-ctl start|stop|restart|status|tail
# 查看 gitlab 版本
cat /opt/gitlab/embedded/service/gitlab-rails/VERSION
head -1 /opt/gitlab/version-manifest.txt
# gitlab初始化root密码
cat /etc/gitlab/initial_root_password
###### 补充
# 修改HTTP默认的80端口,用于HTTP克隆项目,改完直接重启即可 gitlab-ctl restart
#docker exec -it gitlab vi /var/opt/gitlab/gitlab-rails/etc/gitlab.yml
# gitlab:
# host: 192.168.10.151 # 默认的是容器id,这里修改成宿主机IP
# port: 8090 # 需要修改成通过宿主机访问的那个端口
# https: false
docker 搭建
docker-compose.yml
version: '3'
services:
gitlab:
image: gitlab/gitlab-ce:14.6.3-ce.0
container_name: gitlab
restart: always
environment:
TZ: "Asia/Shanghai"
GITLAB_ROOT_PASSWORD: 'aA123456'
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://192.168.13.100:9080'
gitlab_rails['gitlab_shell_ssh_port'] = 9022
ports:
- '9080:80'
- '9022:22'
volumes:
- './data/conf:/etc/gitlab'
- './data/logs:/var/log/gitlab'
- './data/data:/var/opt/gitlab'
ulimits:
nproc: 65535
nofile:
soft: 65535
hard: 65535
start.sh
#!/bin/bash
# docker部署gitlab
set -e
# 创建挂载目录
rm -rf ./data
mkdir -p ./data/{conf,logs,data}
# 启动容器
docker-compose up -d
# 查看 gitlab 版本
echo 成功安装gitlab,版本: `docker exec -it gitlab cat /opt/gitlab/embedded/service/gitlab-rails/VERSION`,正在启动,请稍后访问:http://192.68.13.100:9080
将 docker-compose.yml 和 start.sh 放在同一目录,执行 ./start.sh 即可。启动时,注意端口占用情况。
破解 gitlab-ee 的授权证书
Dockerfile
FROM ruby:3.1.0
WORKDIR /opt
RUN gem install gitlab-license
ADD ./license.rb /opt/license.rb
RUN ruby license.rb
CMD [ "bash" ]
license.rb
require "openssl"
require "gitlab/license"
key_pair = OpenSSL::PKey::RSA.generate(2048)
File.open("license_key", "w") { |f| f.write(key_pair.to_pem) }
public_key = key_pair.public_key
File.open("license_key.pub", "w") { |f| f.write(public_key.to_pem) }
private_key = OpenSSL::PKey::RSA.new File.read("license_key")
Gitlab::License.encryption_key = private_key
license = Gitlab::License.new
license.licensee = {
"Name" => "none",
"Company" => "none",
"Email" => "admin@example.com",
}
license.starts_at = Date.new(2020, 1, 1) # 开始时间
license.expires_at = Date.new(2050, 1, 1) # 结束时间
license.notify_admins_at = Date.new(2049, 12, 1)
license.notify_users_at = Date.new(2049, 12, 1)
license.block_changes_at = Date.new(2050, 1, 1)
license.restrictions = {
active_user_count: 10000,
}
puts "License:"
puts license
data = license.export
puts "Exported license:"
puts data
File.open(".gitlab-license", "w") { |f| f.write(data) }
public_key = OpenSSL::PKey::RSA.new File.read("license_key.pub")
Gitlab::License.encryption_key = public_key
data = File.read(".gitlab-license")
$license = Gitlab::License.import(data)
puts "Imported license:"
puts $license
unless $license
raise "The license is invalid."
end
if $license.restricted?(:active_user_count)
active_user_count = 10000
if active_user_count > $license.restrictions[:active_user_count]
raise "The active user count exceeds the allowed amount!"
end
end
if $license.notify_admins?
puts "The license is due to expire on #{$license.expires_at}."
end
if $license.notify_users?
puts "The license is due to expire on #{$license.expires_at}."
end
module Gitlab
class GitAccess
def check(cmd, changes = nil)
if $license.block_changes?
return build_status_object(false, "License expired")
end
end
end
end
puts "This instance of GitLab Enterprise Edition is licensed to:"
$license.licensee.each do |key, value|
puts "#{key}: #{value}"
end
if $license.expired?
puts "The license expired on #{$license.expires_at}"
elsif $license.will_expire?
puts "The license will expire on #{$license.expires_at}"
else
puts "The license will never expire."
end
keygen.sh
#!/bin/bash
# 生成 Gitlab License
IMAGE_NAME="gitlab_license"
CONTAINER_NAME="gen_gitlab_license"
echo "Building image ..."
docker build . -t ${IMAGE_NAME}
sleep 2
echo "Generate gitlab license ..."
IMAGE_ID=`docker image ls -aq --filter reference=${IMAGE_NAME}`
docker run --name=${CONTAINER_NAME} ${IMAGE_ID} bash
sleep 2
echo "Copy gitlab license to ."
DOCKER_ID=`docker ps -aq --filter name=${CONTAINER_NAME}`
if [ ! -z "${DOCKER_ID}" ]; then
docker cp ${DOCKER_ID}:/opt/license_key ./license_key
docker cp ${DOCKER_ID}:/opt/license_key.pub ./license_key.pub
docker rm -f ${DOCKER_ID}
docker rmi -f ${IMAGE_ID}
fi
echo "结束......"
exit 0
将 Dockerfile、license.rb、keygen.sh 放在同一目录下, 执行./keygen.sh 得到 license_key 和 license_key.pub
cp -avf license_key.pub /opt/gitlab/embedded/service/gitlab-rails/.license_encryption_key.pub
sed -i "s@|| STARTER_PLAN@|| ULTIMATE_PLAN@g" /opt/gitlab/embedded/service/gitlab-rails/ee/app/models/license.rb
配置启动 gitlab 即可:gitlab-ctl reconfigure && gitlab-ctl restart
gitlab 卸载
# 停止服务
gitlab-ctl stop
# 查看gitlab进程
ps aux | grep gitlab
# 卸载gitlab
rpm -e gitlab-ce
# 删除所有包含gitlab文件
find / -name gitlab | xargs rm -rf