事情的起因是因为导师提到让我在实验室服务器搭建一个Git服务器供大家使用,于是我就在网上搜索解决方案,最后选定了两个gitblit以及gitlab,不过最后发现服务器是windows server 2008 r2,gitlab没法部署,最后退而求其次部署了gitblit,感觉速度还蛮不错,功能也可以,就是一点,界面不如gitlab好看。
后来就心痒难耐,觉得gitlab很漂亮,结果就想着在自己vps部署一个,于是就开始了噩梦一般的部署过程。开正体前,我再感叹下,实在是太麻烦了,尤其是在centos 5这种老系统上面。
1.添加EPEL源
不添加这个,什么依赖都装不了。所以,你懂得。这个是centos 5的,其他版本的可以去网上搜,就地址不一样。
1
|
rpm -Uvh http: //dl .fedoraproject.org /pub/epel/6/x86_64/epel-release-5-4 .noarch.rpm |
2.安装依赖
就是安装依赖,建议python自己编译安装一个,版本新一点。
1
2
|
yum -y groupinstall 'Development Tools' 'Additional Development' yum -y install readline readline-devel ncurses-devel gdbm-devel glibc-devel tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc sqlite-devel gcc-c++ libyaml libyaml-devel libffi libffi-devel libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel system-config-firewall-tui python-devel redis |
3.安装Ruby
安装Ruby,千万不要用最新版,要用p327版本
1
2
3
4
|
wget http: //ftp .ruby-lang.org /pub/ruby/1 .9 /ruby-1 .9.3-p327. tar .gz tar xfvz ruby-1.9.3-p327. tar .gz cd ruby-1.9.3-p327 . /configure --disable- install -doc -- enable -shared --disable-pthread |
编译前,如果可以的话,最好安装下qt
1
2
|
yum install qt-devel qtwebkit-devel export PATH=$PATH: /usr/lib32/qt4/bin # 32位和64位,你懂得 |
编译安装
1
|
make && make install |
4.更新gem,安装rails
1
2
3
|
gem update --system gem update gem install rails |
5.Gitolite安装
添加两个用户,安装证书
1
2
3
4
|
adduser --shell /bin/bash --create-home --home- dir /home/gitlab gitlab adduser --system --shell /bin/sh --comment 'gitolite' --create-home --home- dir /home/git git sudo -u gitlab -H ssh -keygen -q -N '' -t rsa -f /home/gitlab/ . ssh /id_rsa sudo usermod -a -G git gitlab |
Gitolite安装
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
cd /home/git sudo -u git -H git clone -b gl-v320 https: //github .com /gitlabhq/gitolite .git /home/git/gitolite # Add Gitolite scripts to $PATH sudo -u git -H mkdir /home/git/bin sudo -u git -H sh -c 'printf "%bn%bn" "PATH=$PATH:/home/git/bin" "export PATH" >> /home/git/.profile' sudo -u git -H sh -c 'gitolite/install -ln /home/git/bin' # Copy the gitlab user's (public) SSH key ... sudo cp /home/gitlab/ . ssh /id_rsa .pub /home/git/gitlab .pub sudo chmod 0444 /home/git/gitlab .pub # ... and use it as the admin key for the Gitolite setup sudo -u git -H sh -c "PATH=/home/git/bin:$PATH; gitolite setup -pk /home/git/gitlab.pub" # Make sure the Gitolite config dir is owned by git sudo chmod -R 750 /home/git/ .gitolite/ sudo chown -R git:git /home/git/ .gitolite/ # Make sure the repositories dir is owned by git and it stays that way sudo chmod -R ug+rwXs,o-rwx /home/git/repositories/ sudo chown -R git:git /home/git/repositories/ |
设置ssh安全选项(这个可能没用)
1
2
3
4
5
6
7
8
9
10
11
12
|
echo "Host localhost StrictHostKeyChecking no UserKnownHostsFile= /dev/null " | sudo tee -a /etc/ssh/ssh_config echo "Host YOUR_DOMAIN_NAME StrictHostKeyChecking no UserKnownHostsFile= /dev/null " | sudo tee -a /etc/ssh/ssh_config # If gitolite domain differs echo "Host YOUR_GITOLITE_DOMAIN StrictHostKeyChecking no UserKnownHostsFile= /dev/null " | sudo tee -a /etc/ssh/ssh_config |
测试gitolite安装
1
2
3
4
5
6
|
# Clone the admin repo so SSH adds localhost to known_hosts ... # ... and to be sure your users have access to Gitolite sudo -u gitlab -H git clone git@localhost:gitolite-admin.git /tmp/gitolite-admin # If it succeeded without errors you can remove the cloned repo sudo rm -rf /tmp/gitolite-admin |
6. 安装Gitlab
首先下载下来
1
2
3
4
5
6
7
8
9
10
|
# We'll install GitLab into home directory of the user "gitlab" cd /home/gitlab # Clone GitLab repository sudo -u gitlab -H git clone https: //github .com /gitlabhq/gitlabhq .git gitlab # Go to gitlab dir cd /home/gitlab/gitlab # Checkout to stable release sudo -u gitlab -H git checkout 4-0-stable |
设置权限还有其他选项
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
cd /home/gitlab/gitlab # Copy the example GitLab config sudo -u gitlab -H cp config /gitlab .yml.example config /gitlab .yml # 把其中的gitlab部分和ssh部分的host改成自己的域名就行了 sudo -u gitlab -H vim config /gitlab .yml # Make sure GitLab can write to the log/ and tmp/ directories sudo chown -R gitlab log/ sudo chown -R gitlab tmp/ sudo chmod -R u+rwX log/ sudo chmod -R u+rwX tmp/ # Copy the example Unicorn config sudo -u gitlab -H cp config /unicorn .rb.example config /unicorn .rb |
数据库设置
1
2
3
4
5
|
# Mysql sudo -u gitlab cp config /database .yml.mysql config /database .yml # PostgreSQL sudo -u gitlab cp config /database .yml.postgresql config /database .yml |
安装Gems
1
2
3
4
5
6
7
8
9
|
cd /home/gitlab/gitlab sudo gem install charlock_holmes --version '0.6.9' # For mysql db sudo -u gitlab -H bundle install --deployment --without development test postgres # Or For postgres db sudo -u gitlab -H bundle install --deployment --without development test mysql |
额外设置
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
# 设置git全局设置 sudo -u gitlab -H git config --global user.name "GitLab" sudo -u gitlab -H git config --global user.email "gitlab@localhost" # 设置Hook脚本 sudo cp . /lib/hooks/post-receive /home/git/ .gitolite /hooks/common/post-receive sudo chown git:git /home/git/ .gitolite /hooks/common/post-receive # 初始化数据库 sudo -u gitlab -H bundle exec rake gitlab:app:setup RAILS_ENV=production # 安装初始化脚本,这是centos,ubuntu有对应的脚本 sudo wget https: //raw .github.com /gitlabhq/gitlab-recipes/master/init .d /gitlab-centos -P /etc/init .d/ sudo chmod +x /etc/init .d /gitlab-centos chkconfig --add gitlab-centos |
测试gitlab的状态,正常则启动
1
2
3
4
5
6
7
8
|
# 查看环境信息 sudo -u gitlab -H bundle exec rake gitlab: env :info RAILS_ENV=production # 检测gitlab状态,非绿色的太多了,要注意修复下 sudo -u gitlab -H bundle exec rake gitlab:check RAILS_ENV=production # 启动 sudo service gitlab start |
7. Nginx配置
安装就不说了,配置写法,这个是http
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
# GITLAB # Maintainer: @randx # App Version: 4.0 upstream gitlab { server unix:/home/gitlab/gitlab/tmp/sockets/gitlab.socket; } server { listen 80; # e.g., listen 192.168.1.1:80; server_name Domain_NAME; # e.g., server_name source.example.com; root /home/gitlab/gitlab/public; # individual nginx logs for this gitlab vhost access_log /var/log/nginx/gitlab_access.log; error_log /var/log/nginx/gitlab_error.log; location / { # serve static files from defined root folder;. # @gitlab is a named location for the upstream fallback, see below try_files $uri $uri/index.html $uri.html @gitlab; } # if a file, which is not found in the root folder is requested, # then the proxy pass the request to the upsteam (gitlab unicorn) location @gitlab { proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 proxy_redirect off; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://gitlab; } } |
https的对应配置,建议使用最新版openssl编译nginx可以激活ECDHE前向加密。加密算法建议使用AES 不过首先应该先自己签名一个证书
1
2
|
sudo openssl req -new -x509 -nodes -days 3560 -out gitlab.crt -keyout gitlab.key sudo chmod o-r gitlab.key |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
# GITLAB # Maintainer: @randx # App Version: 4.0 upstream gitlab { server unix:/home/gitlab/gitlab/tmp/sockets/gitlab.socket; } # This is a normal HTTP host which redirects all traffic to the HTTPS host. server { listen 80; listen [::]:80; server_name Domain_NAME; root /nowhere; rewrite ^ https://gitlab.stardrad.com$request_uri permanent; } server { listen 443; listen [::]:443 ipv6only=on; server_name Domain_NAME; root /home/gitlab/gitlab/public; ssl on; ssl_certificate gitlab.crt; ssl_certificate_key gitlab.key; ssl_protocols SSLv3 TLSv1 TLSv2; ssl_ciphers AES:HIGH:!ADH:!MD5; ssl_prefer_server_ciphers on; # individual nginx logs for this gitlab vhost access_log /var/log/nginx/gitlab_access.log; error_log /var/log/nginx/gitlab_error.log; location / { # serve static files from defined root folder;. # @gitlab is a named location for the upstream fallback, see below try_files $uri $uri/index.html $uri.html @gitlab; } # if a file, which is not found in the root folder is requested, # then the proxy pass the request to the upsteam (gitlab unicorn) location @gitlab { proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 proxy_redirect off; #proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-Ssl on; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://gitlab; } } |
8. 完成
记住初始账号密码,登入即可
1
2
|
admin@local.host 5iveL!fe |
附注
如果你的ssh的端口非标准的22(vps一般都是这样),则应当修改配置文件
1
2
3
4
5
6
7
|
su gitlab vim ~/. ssh /config # 在vim中插入 host localhost user git port 888 hostname Your Ip or Your domain name |
参考
转载请注明:爱开源 » CentOS 上GitLab的搭建