跳至主要內容

搭建Gitlab

知识库运维技巧开发搭建GitLab大约 3 分钟

GitLab 是一个用于仓库管理系统的开源项目,使用 Git 作为代码管理工具,并在此基础上搭建起来的 web 服务。

CentOS7 安装 gitlab-ce

########################
## gitlab官网介绍:https://about.gitlab.com/
## gitlab官方文档:https://docs.gitlab.com/
## gitlab中文文档:https://docs.gitlab.cn/jh/install/docker.html
## gitlab代码地址:https://gitlab.com/
## 官网安装介绍:https://about.gitlab.com/install/#centos-7
## RPM安装包地址:https://packages.gitlab.com/gitlab/gitlab-ce
## 清华大学开源软件镜像站 https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/
## GitLab认证:https://docs.gitlab.com/ee/integration/omniauth.html
########################
# 前置条件
yum install -y wget vim net-tools lsof git curl policycoreutils-python openssh-server openssh-clients cronie
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
systemctl reload firewalld
# 下载安装包
wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-14.6.0-ce.0.el7.x86_64.rpm/download.rpm
# 安装rpm包
rpm -ivh gitlab-ce-14.6.0-ce.0.el7.x86_64.rpm
# 修改对外访问的域名或IP,注意gitlab默认会占用一些端口,比如:80,8080,8082,9090等
sed -i "s/external_url .*/external_url 'http:\/\/192.168.13.100:9091'/g" /etc/gitlab/gitlab.rb
# 重新生成相关配置文件,执行此命令时间比较长
gitlab-ctl reconfigure
# 上面没有错误,重启gitlab
gitlab-ctl restart
# 配置gitlab开机自动启动
systemctl enable gitlab-runsvdir.service
# gitlab服务启动|停止|重启|状态|日志
gitlab-ctl start|stop|restart|status|tail
# 查看 gitlab 版本
cat /opt/gitlab/embedded/service/gitlab-rails/VERSION
head -1 /opt/gitlab/version-manifest.txt
# gitlab初始化root密码
cat /etc/gitlab/initial_root_password

###### 补充
# 修改HTTP默认的80端口,用于HTTP克隆项目,改完直接重启即可 gitlab-ctl restart
#docker exec -it gitlab vi /var/opt/gitlab/gitlab-rails/etc/gitlab.yml
# gitlab:
#   host: 192.168.10.151  # 默认的是容器id,这里修改成宿主机IP
#   port: 8090            # 需要修改成通过宿主机访问的那个端口
#   https: false

docker 搭建

docker-compose.yml
version: '3'
services:
  gitlab:
    image: gitlab/gitlab-ce:14.6.3-ce.0
    container_name: gitlab
    restart: always
    environment:
      TZ: "Asia/Shanghai"
      GITLAB_ROOT_PASSWORD: 'aA123456'
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://192.168.13.100:9080'
        gitlab_rails['gitlab_shell_ssh_port'] = 9022
    ports:
      - '9080:80'
      - '9022:22'
    volumes:
      - './data/conf:/etc/gitlab'
      - './data/logs:/var/log/gitlab'
      - './data/data:/var/opt/gitlab'
    ulimits:
        nproc: 65535
        nofile:
          soft: 65535
          hard: 65535
start.sh
#!/bin/bash
# docker部署gitlab
set -e

# 创建挂载目录
rm -rf ./data
mkdir -p ./data/{conf,logs,data}
# 启动容器
docker-compose up -d

# 查看 gitlab 版本
echo 成功安装gitlab,版本: `docker exec -it gitlab cat /opt/gitlab/embedded/service/gitlab-rails/VERSION`,正在启动,请稍后访问:http://192.68.13.100:9080

将 docker-compose.yml 和 start.shopen in new window 放在同一目录,执行 ./start.sh 即可。启动时,注意端口占用情况。

破解 gitlab-ee 的授权证书

Dockerfile
FROM ruby:3.1.0
WORKDIR /opt
RUN gem install gitlab-license
ADD ./license.rb /opt/license.rb
RUN ruby license.rb
CMD [ "bash" ]
license.rb
require "openssl"
require "gitlab/license"

key_pair = OpenSSL::PKey::RSA.generate(2048)
File.open("license_key", "w") { |f| f.write(key_pair.to_pem) }

public_key = key_pair.public_key
File.open("license_key.pub", "w") { |f| f.write(public_key.to_pem) }

private_key = OpenSSL::PKey::RSA.new File.read("license_key")
Gitlab::License.encryption_key = private_key

license = Gitlab::License.new
license.licensee = {
  "Name" => "none",
  "Company" => "none",
  "Email" => "admin@example.com",
}
license.starts_at = Date.new(2020, 1, 1) # 开始时间
license.expires_at = Date.new(2050, 1, 1) # 结束时间
license.notify_admins_at = Date.new(2049, 12, 1)
license.notify_users_at = Date.new(2049, 12, 1)
license.block_changes_at = Date.new(2050, 1, 1)
license.restrictions = {
  active_user_count: 10000,
}

puts "License:"
puts license

data = license.export
puts "Exported license:"
puts data
File.open(".gitlab-license", "w") { |f| f.write(data) }

public_key = OpenSSL::PKey::RSA.new File.read("license_key.pub")
Gitlab::License.encryption_key = public_key

data = File.read(".gitlab-license")
$license = Gitlab::License.import(data)

puts "Imported license:"
puts $license

unless $license
  raise "The license is invalid."
end

if $license.restricted?(:active_user_count)
  active_user_count = 10000
  if active_user_count > $license.restrictions[:active_user_count]
    raise "The active user count exceeds the allowed amount!"
  end
end

if $license.notify_admins?
  puts "The license is due to expire on #{$license.expires_at}."
end

if $license.notify_users?
  puts "The license is due to expire on #{$license.expires_at}."
end

module Gitlab
  class GitAccess
    def check(cmd, changes = nil)
      if $license.block_changes?
        return build_status_object(false, "License expired")
      end
    end
  end
end

puts "This instance of GitLab Enterprise Edition is licensed to:"
$license.licensee.each do |key, value|
  puts "#{key}: #{value}"
end

if $license.expired?
  puts "The license expired on #{$license.expires_at}"
elsif $license.will_expire?
  puts "The license will expire on #{$license.expires_at}"
else
  puts "The license will never expire."
end
keygen.sh
#!/bin/bash
# 生成 Gitlab License

IMAGE_NAME="gitlab_license"
CONTAINER_NAME="gen_gitlab_license"

echo "Building image ..."
docker build . -t ${IMAGE_NAME}
sleep 2

echo "Generate gitlab license ..."
IMAGE_ID=`docker image ls -aq --filter reference=${IMAGE_NAME}`
docker run --name=${CONTAINER_NAME} ${IMAGE_ID} bash
sleep 2

echo "Copy gitlab license to ."
DOCKER_ID=`docker ps -aq --filter name=${CONTAINER_NAME}`
if [ ! -z "${DOCKER_ID}" ]; then
    docker cp ${DOCKER_ID}:/opt/license_key ./license_key
    docker cp ${DOCKER_ID}:/opt/license_key.pub ./license_key.pub
    docker rm -f ${DOCKER_ID}
    docker rmi -f ${IMAGE_ID}
fi

echo "结束......"
exit 0

将 Dockerfile、license.rb、keygen.shopen in new window 放在同一目录下, 执行./keygen.sh 得到 license_key 和 license_key.pub

cp -avf license_key.pub /opt/gitlab/embedded/service/gitlab-rails/.license_encryption_key.pub

sed -i "s@|| STARTER_PLAN@|| ULTIMATE_PLAN@g" /opt/gitlab/embedded/service/gitlab-rails/ee/app/models/license.rb

配置启动 gitlab 即可:gitlab-ctl reconfigure && gitlab-ctl restart

gitlab 卸载

# 停止服务
gitlab-ctl stop
# 查看gitlab进程
ps aux | grep gitlab
# 卸载gitlab
rpm -e gitlab-ce
# 删除所有包含gitlab文件
find / -name gitlab | xargs rm -rf