2.gitlab安装部署

gitlab安装部署

第一章 简介

GitLab 是一个用于仓库管理系统的开源项目。使用Git作为代码管理工具，并在此基础上搭建起来的web服务。可 通过Web界面进行访问公开的或者私人项目。它拥有与Github类似的功能，能够浏览源代码，管理缺陷和注释。可 以管理团队对仓库的访问，它非常易于浏览提交过的版本并提供一个文件历史库。团队成员可以利用内置的简单聊 天程序(Wall)进行交流。它还提供一个代码片段收集功能可以轻松实现代码复用。

常用的网站： 官网：https://about.gitlab.com/

国内镜像：https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/

第2章 gitlab安装部署

#git官网
https://about.gitlab.com/installation/#centos‐7

#安装依赖
yum install -y curl policycoreutils-python openssh-server openssh-clients postfix cronie

安装

# mkdir -p /home/oldboy/tools

# cd /home/oldboy/tools

# rz -bye gitlab-ce-10.2.2-ce.0.el7.x86_64.rpm # 上传gitlab安装包 下载方式可通过国内清华源gitlab-ce社区版本下载

配置

# vim /etc/gitlab/gitlab.rb       # gitlab 配置文件更改url地址为本机IP地址 external_url 'http://10.0.1.200'
gitlab-ctl reconfigure            # 更改配置文件后需重新配置
/opt/gitlab/                  # gitlab的程序安装目录
/var/opt/gitlab               # gitlab目录数据目录
/var/opt/gitlab/git-data     # 存放仓库数据
gitlab‐ctl status             # 查看目前gitlab所有服务运维状态
gitlab‐ctl stop               # 停止gitlab服务
gitlab‐ctl stop nginx         # 单独停止某个服务
gitlab‐ctl tail               # 查看所有服务的日志

通过浏览器输入IP地址进行访问gitlab

10.0.1.200
Gitlab的服务构成：
nginx： 静态web服务器
gitlab‐workhorse: 轻量级的反向代理服务器
logrotate：日志文件管理工具
postgresql：数据库
redis：缓存数据库
sidekiq：用于在后台执行队列任务（异步执行）。（Ruby）
unicorn：An HTTP server for Rack applications，GitLab Rails应用是托管在这个服务器上面的。（RubyWeb Server,主要使用Ruby编写）

gitlab汉化

1. 停止服务器

# gitlab‐ctl stop

2. 下载汉化补丁

# git clone https://gitlab.com/xhang/gitlab.git

3. 查看gitlab版本信息及汉化版本

# head -1 /opt/gitlab/version-manifest.txt 
# cat /root/gitlab/VERSION

4. 对比版本、生成补丁包

# cd gitlab 
# git diff v10.2.2 v10.2.2-zh  > /root/10.2.2-zh.diff

5. 打补丁

# yum -y install patch 
# patch ‐d /opt/gitlab/embedded/service/gitlab‐rails ‐p1 < /tmp/10.2.2‐zh.diff

6. 启动和重新配置

# gitlab‐ctl start # gitlab-ctl reconfigure

第3章 gitlab使用

1.配置外观

管理区域‐外观

2.关闭自动注册

可根据实际需求操作 管理区域‐设置‐关闭自动注册

3.创建组‐用户‐项目

创建组

设置组名称、描述等创建群组

创建用户

编辑密码

4.把用户添加到组里面

管理区域-选择创建的oldboy组进行添加用户、权限给开发人员-增加用户到群组

gitlab添加用户自动邮件通知

-检查postfix状态

systemctl status postfix

-编辑gitlab的配置文件，打开邮件通知

gitlab-ctl stop
vim /etc/gitlab/gitlab.rb
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "wufei008@qq.com"   #你自己QQ号
gitlab_rails['smtp_password'] = "xxxxxxxxx"          #QQ授权码
gitlab_rails['smtp_domain'] = "smtp.qq.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = true
gitlab_rails['gitlab_email_from'] = 'wufei008@qq.com' #你自己QQ号

gitlab-ctl start
gitlab-ctl reconfigure

-测试邮箱是否正常发送

执行 gitlab-rails console进入控制台交互界面, 然后在控制台提示符后输入下面内容发送一封测试邮件，测试完成后exit()退出。

[root@gitlab ~]# gitlab-rails console
--------------------------------------------------------------------------------
 GitLab:       12.3.5 (2417d5becc7)
 GitLab Shell: 10.0.0
 PostgreSQL:   10.9
--------------------------------------------------------------------------------
Loading production environment (Rails 5.2.3)
irb(main):001:0> Notify.test_email('wufei008@qq.com', '邮件标题_test', '邮件正文_test').deliver_now 
Notify#test_email: processed outbound mail in 0.7ms
Sent mail to wufei008@qq.com (1344.4ms)
Date: Thu, 05 Dec 2019 18:57:37 +0800
From: GitLab <wufei008@qq.com>
Reply-To: GitLab <noreply@192.168.124.200>
To: wufei008@qq.com
Message-ID: <5de8e2a1858a1_7993f8fddccf98c6189e@gitlab.mail>
Subject: =?UTF-8?Q?=E9=82=AE=E4=BB=B6=E6=A0=87=E9=A2=98=5Ftest?=
Mime-Version: 1.0
Content-Type: text/html;
 charset=UTF-8
Content-Transfer-Encoding: 7bit
Auto-Submitted: auto-generated
X-Auto-Response-Suppress: All

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html><body><p>&#37038;&#20214;&#27491;&#25991;_test</p></body></html>

=> #<Mail::Message:69886775708240, Multipart: false, Headers: <Date: Thu, 05 Dec 2019 18:57:37 +0800>, <From: GitLab <wufei008@qq.com>>, <Reply-To: GitLab <noreply@192.168.124.200>>, <To: wufei008@qq.com>, <Message-ID: <5de8e2a1858a1_7993f8fddccf98c6189e@gitlab.mail>>, <Subject: 邮件标题_test>, <Mime-Version: 1.0>, <Content-Type: text/html; charset=UTF-8>, <Content-Transfer-Encoding: 7bit>, <Auto-Submitted: auto-generated>, <X-Auto-Response-Suppress: All>>
irb(main):002:0> exit

5.创建仓库

管理区域-创建仓库

6.登陆dev用户测试是否能看到空的git‐test仓库

7.添加ssh‐keys到gitlab

注：一个服务器的key只能添加到一个gitlab服务器上，一个用户可以添加多个key

ssh-keygen -t rsa

8.添加远程仓库、推送本地代码到远程仓库

git remote add origin git@10.0.1.200:oldboy/git_data.git   # 添加远程仓库

git remote rename origin old‐origin # 远程 origin 如果已经存在则重新命名或者新添加仓库名称不同

git push ‐u origin ‐‐all # 推送代码到远程仓库

9.克隆代码到另外一台主机

如果不做认证会让输入gitlab的密码、我们使用key进行认证

ssh-keygen -t rsa

把公钥复制到dev用户下进行测试

然后在克隆代码

git clone git@10.0.1.200:oldboy/git_data.git

测试推送代码到dev下

git branch dev 
git checkout dev 
touch dev 
git add . 
git commit ‐m "add dev" 
git push ‐u origin dev # 推送dev分支到远程仓库

提交合并请求进行分支合并到master主分支

合并后在gitlab服务端master上没有dev、要先进行pull

cd /root/git_data 
git pull

9.设置保护主分支

测试dev分支推送代码则显示为拒绝，如果还是可以推送请查看配置保护分支选项

git checkout master 
git merge dev 
git push ‐u origin master

10.返回master端测试推送

由于其他分支进行推送，和master端内容不一致，所以无法进行推送，使用git pull把代码拉取到本地，或者git fetch把代码拉取到本地仓库后进行合并（注意：git pull = git fetch+git merge）

11.dev分支发起合并流程

dev分支提交代码

[root@jenkins2 ~/git_data]# git branch 
* dev
  master
[root@jenkins2 ~/git_data]# echo dd > dd.txt
[root@jenkins2 ~/git_data]# git add .
[root@jenkins2 ~/git_data]# git commit -m "add dd.txt"
[dev 77010d9] add dd.txt
 1 file changed, 1 insertion(+)
 create mode 100644 dd.txt
[root@jenkins2 ~/git_data]# git push -u origin dev
Counting objects: 4, done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 256 bytes | 0 bytes/s, done.
Total 3 (delta 1), reused 0 (delta 0)
remote: 
remote: View merge request for dev:
remote:   http://10.0.1.200/oldboy/git_data/merge_requests/5
remote: 
To git@10.0.1.200:oldboy/git_data.git
   eeb87fd..77010d9  dev -> dev
Branch dev set up to track remote branch dev from origin.

代码提交后，dev用户登录gitlab提交合并请求

root用户进行合并

查看master主分支，发现已合并

第4章 gitlab备份

对gitlab进行备份将会创建一个包含所有库和附件的归档文件。对备份的恢复只能恢复到与备份时的gitlab相同的版本。将gitlab迁移到另一台服务器上的最佳方法就是通过备份和还原。

gitlab提供了一个简单的命令行来备份整个gitlab，并且能灵活的满足需求。

备份文件将保存在配置文件中定义的backup_path中，文件名为TIMESTAMP_gitlab_backup.tar,

TIMESTAMP为备份时的时间戳。TIMESTAMP的格式为：EPOCH_YYYY_MM_DD_Gitlab‐version。

如果自定义备份目录需要赋予git权限

配置文件中加入

gitlab_rails['backup_path'] = "/var/opt/gitlab/backups" 
gitlab_rails['backup_keep_time'] = 604800 #备份保留的时间（以秒为单位，这个是七天默认值）
gitlab‐ctl reconfigure #完成后执行

4.1 手动备份

执行：gitlab-rake gitlab:backup:create生成一次备份

[root@gitlab-200 ~]# gitlab-rake gitlab:backup:create
Dumping database ... 
Dumping PostgreSQL database gitlabhq_production ... [DONE]
done
Dumping repositories ...
 * oldboy/git_data ... [DONE]
 * oldboy/git_data.wiki ...  [SKIPPED]
done
Dumping uploads ... 
done
Dumping builds ... 
done
Dumping artifacts ... 
done
Dumping pages ... 
done
Dumping lfs objects ... 
done
Dumping container registry images ... 
[DISABLED]
Creating backup archive: 1567562451_2019_09_04_10.2.2_gitlab_backup.tar ... done
Uploading backup archive to remote storage  ... skipped
Deleting tmp directories ... done
done
done
done
done
done
done
done
Deleting old backups ... done. (0 removed)

4.2 定时备份

在定时任务里添加：

#定时备份gitlab
0 2 * * *  /usr/bin/gitlab-rake gitlab:backup:create  >/dev/null 2>&1

4.3 恢复

只能还原到与备份文件相同的gitlab版本。

执行恢复操作时，需要gitlab处于运行状态，备份文件位于gitlab_rails['backup_path']

[root@gitlab-200 ~]# ll /var/opt/gitlab/backups/
-rw------- 1 git git 204800 Sep  4 10:00 1567562451_2019_09_04_10.2.2_gitlab_backup.tar

停止连接到数据库的进程（也就是停止数据写入服务），但是保持GitLab是运行的。

[root@gitlab-200 ~]# gitlab-ctl stop unicorn
ok: down: unicorn: 1s, normally up
[root@gitlab-200 ~]#  gitlab-ctl stop sidekiq
ok: down: sidekiq: 0s, normally up
[root@gitlab-200 ~]# gitlab-ctl status    #确认状态
run: gitaly: (pid 11111) 18801s; run: log: (pid 1040) 23368s
run: gitlab-monitor: (pid 11149) 18785s; run: log: (pid 1138) 23367s
run: gitlab-workhorse: (pid 11166) 18781s; run: log: (pid 1038) 23368s
run: logrotate: (pid 25081) 2346s; run: log: (pid 1044) 23368s
run: nginx: (pid 11187) 18777s; run: log: (pid 1036) 23369s
run: node-exporter: (pid 11190) 18776s; run: log: (pid 1052) 23369s
run: postgres-exporter: (pid 11193) 18775s; run: log: (pid 1147) 23368s
run: postgresql: (pid 11207) 18773s; run: log: (pid 1042) 23369s
run: prometheus: (pid 11217) 18771s; run: log: (pid 1139) 23368s
run: redis: (pid 11225) 18770s; run: log: (pid 1046) 23369s
run: redis-exporter: (pid 11264) 18770s; run: log: (pid 1143) 23368s
down: sidekiq: 8s, normally up; run: log: (pid 1048) 23369s
down: unicorn: 19s, normally up; run: log: (pid 1035) 23369s

接下我们进行恢复，指定时间戳你要从那个备份恢复：

gitlab-rake gitlab:backup:restore BACKUP=1567562451_2019_09_04_10.2.2  #恢复
Unpacking backup ... done
Before restoring the database, we will remove all existing
tables to avoid future upgrade problems. Be aware that if you have
custom tables in the GitLab database these tables and all data will be
removed.

Do you want to continue (yes/no)?  #将移除我们自建的表。回答yes
Restoring uploads ... 
done
Restoring builds ... 
done
Restoring artifacts ... 
done
Restoring pages ... 
done
Restoring lfs objects ... 
done
This will rebuild an authorized_keys file.
You will lose any data stored in authorized_keys file.
Do you want to continue (yes/no)? #将移除所有的认证Key。回答yes
....
Deleting tmp directories ... done
done
done
done
done
done
done
done

[root@gitlab-200 ~]# gitlab-ctl restart  #完成后重启GitLab服务
ok: run: gitaly: (pid 29450) 0s
ok: run: gitlab-monitor: (pid 29466) 1s
ok: run: gitlab-workhorse: (pid 29469) 0s
ok: run: logrotate: (pid 29477) 0s
ok: run: nginx: (pid 29483) 0s
ok: run: node-exporter: (pid 29488) 1s
ok: run: postgres-exporter: (pid 29492) 0s
ok: run: postgresql: (pid 29514) 0s
ok: run: prometheus: (pid 29522) 0s
ok: run: redis: (pid 29527) 1s
ok: run: redis-exporter: (pid 29558) 0s
ok: run: sidekiq: (pid 29573) 1s
ok: run: unicorn: (pid 29580) 0s


检查GitLab的服务

[root@gitlab-200 ~]# gitlab-rake gitlab:check SANITIZE=true
Checking GitLab Shell ...

GitLab Shell version >= 5.9.4 ? ... OK (5.9.4)
Repo base directory exists?
default... yes
Repo storage directories are symlinks?
default... no
Repo paths owned by git:root, or git:git?
default... yes
Repo paths access is drwxrws---?
default... yes
hooks directories in repos are links: ... 
2/1 ... ok
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Check GitLab API access: OK
Redis available via internal API: OK

Access to /var/opt/gitlab/.ssh/authorized_keys: OK
gitlab-shell self-check successful

Checking GitLab Shell ... Finished

Checking Sidekiq ...

Running? ... yes
Number of Sidekiq processes ... 1

Checking Sidekiq ... Finished

Reply by email is disabled in config/gitlab.yml
Checking LDAP ...

LDAP is disabled in config/gitlab.yml

Checking LDAP ... Finished

Checking GitLab ...

Git configured correctly? ... yes
Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... yes
Init script exists? ... skipped (omnibus-gitlab has no init script)
Init script up-to-date? ... skipped (omnibus-gitlab has no init script)
Projects have namespace: ... 
2/1 ... yes
Redis version >= 2.8.0? ... yes
Ruby version >= 2.3.5 ? ... yes (2.3.5)
Git version >= 2.7.3 ? ... yes (2.13.6)
Git user has default SSH configuration? ... yes
Active users: ... 2

Checking GitLab ... Finished