omnibus gitlab-ce安装

发布日期:2019-02-26

架构

关闭防火墙

[root@gitlab ~]# systemctl stop firewalld[root@gitlab ~]# systemctl disable firewalld

关闭SELinux

[root@gitlab ~]# setenforce 0setenforce: SELinux is disabled

安装依赖组件

[root@gitlab ~]# yum -y install curl policycoreutils openssh-server openssh-clients postfix

下载gitlab-ce仓库

curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | bash

启动邮件服务器

[root@gitlab data]# systemctl start postfix[root@gitlab data]# systemctl enable postfix

安装gitlab

安装omnibus gitlab-ceomnibus相当于一键安装包,自动安装gitlab所依赖的所有组件

yum -y install gitlab-ce

创建私钥与证书

[root@gitlab data]# mkdir /etc/gitlab/ssl[root@gitlab data]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.aubin.com.key" 2048创建申请证书openssl req -new -key "/etc/gitlab/ssl/gitlab.aubin.com.key" -out "/etc/gitlab/ssl/gitlab.aubin.com.csrCountry Name (2 letter code) [XX]:cn # 国家State or Province Name (full name) []:bj # 省份Locality Name (eg city) [Default City]:bj # 城市Organization Name (eg company) [Default Company Ltd]:ctyun # 公司名Organizational Unit Name (eg section) []:ops # 部门Common Name (eg your name or your server"s hostname) []:gitlab.aubin.comEmail Address []:Please enter the following "extra" attributesto be sent with your certificate requestA challenge password []:An optional company name []:给申请证书签名[root@gitlab data]# openssl x509 -req -days 3650 -in "/etc/gitlab/ssl/gitlab.aubin.com.csr" -signkey "/etc/gitlab/ssl/gitlab.aubin.com.key" -out "/etc/gitlab/ssl/gitlab.aubin.com.crt"创建pemopenssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048 修改权限chmod 600 /etc/gitlab/ssl/*

配置gitlab

nginx["redirect_http_to_https"] = turenginx["ssl_client_certificate"] = "/etc/gitlab/ssl/gitlab.aubin.com.crt"nginx["ssl_certificate"] = "/etc/gitlab/ssl/gitlab.aubin.com.crt"nginx["ssl_certificate_key"] = "/etc/gitlab/ssl/gitlab.aubin.com.key"nginx["ssl_dhparam"] = "/etc/gitlab/ssl/dhparams.pem"nginx["listen_addresses"] = ["*"]nginx["listen_port"] = 9000

初始化所有配置

[root@gitlab ssl]# gitlab-ctl reconfigure

配置本地windows住的hosts文件

# gitlab42.81.133.59 gitlab.aubin.com

浏览器访问

初次进入需要设置管理员密码(默认账号为root)前面配置了nginx为https访问,所以访问地址应该为https

https://IP:9000

nginx配置文件

修改配置文件后要重启gitlabgitlab-ctl restart

/var/opt/gitlab/nginx/conf/gitlab-http.conf