gitlab搭建

yanchuen

　　一、安装源和依赖包


cd /usr/local/src

#增epel源,如果你是i686系统，请把x86_64修改下。

wget -O /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 https://www.fedoraproject.org/static/0608B895.txt

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm



#确认是否安装成功

rpm -qa gpg*

gpg-pubkey-0608b895-4bd22942



#增puias源

wget -O /etc/yum.repos.d/PUIAS_6_computational.repo https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/install/centos/PUIAS_6_computational.repo

注：如果此处是404，可手动创建 PUIAS_6_computational.repo 源


[PUIAS_6_computational]
name=PUIAS computational Base $releasever - $basearch
mirrorlist=http://puias.math.ias.edu/data/puias/computational/$releasever/$basearch/mirrorlist
#baseurl=http://puias.math.ias.edu/data/puias/computational/$releasever/$basearch
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puias



wget -O /etc/pki/rpm-gpg/RPM-GPG-KEY-puias http://springdale.math.ias.edu/data/puias/6/x86_64/os/RPM-GPG-KEY-puias

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-puias



#验证是否成功

rpm -qa gpg*

gpg-pubkey-41a40948-4ce19266



#查看仓库源

yum repolist

#如果此列表中没有epel和PUIAS_6_computational，请执行以下命令：

yum-config-manager --enable epel --enable PUIAS_6_computational



　　 二、安装依赖包


yum -y update

yum -y groupinstall 'Development Tools'

yum -y install readline readline-devel ncurses-devel gdbm-devel glibc-devel tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc sqlite-devel libyaml libyaml-devel libffi libffi-devel libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel system-config-firewall-tui redis sudo wget crontabs logwatch logrotate perl-Time-HiRes git cmake libcom_err-devel.i686 libcom_err-devel.x86_64





三、安装git



#默认centos的git版本是1.7.10，所以要先删除，然后再下载源码安装





yum remove git -y



yum install zlib-devel perl-CPAN gettext curl-devel expat-devel gettext-devel openssl-devel



mkdir /tmp/git && cd /tmp/git



curl --progress https://www.kernel.org/pub/software/scm/git/git-2.1.3.tar.gz | tar xz



cd  git-2.1.3/ && ./configure && make && make prefix=/usr/local install



#完成后验证



which git



/usr/local/bin/git





git --version



git version 2.1.3

　　四、安装ruby
　　#ruby版本需要2.0+，所以先卸载系统已存在的
　　yum remove ruby
　　#如果是源码安装的
　　cd (your-ruby-source-path) && make uninstall
　　#安装
　　mkdir /tmp/ruby && cd /tmp/ruby
　　curl --progress ang.org/pub/ruby/2.1/ruby-2.1.2.tar.gz | tar xz
　　cd ruby-2.1.2 && ./configure --disable-install-rdoc && make && make prefix=/usr/local install
　　#安装bundler
　　gem install bundler --no-doc
　　

　　#完成后验证


which ruby



/usr/local/bin/ruby



ruby -v



ruby 2.1.2p95 (2014-05-08 revision 45877) [x86_64-linux]　　五、创建系统用户
　　adduser --system --shell /bin/bash --comment 'GitLab' --create-ome --home-dir /home/git/ git
　　增加/usr/local/bin


visudo



#修改以下内容



Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin　　六、安装mysql
　　#mysql的版本至少5.5.14或更新
　　[iyunv@www ~]# /usr/local/mysql/bin/mysql --version
　　/usr/local/mysql/bin/mysql  Ver 14.14 Distrib 5.6.31, for Linux (x86_64) using  EditLine wrapper
　　安装方法略过
　　##创建数据库用户并授权


mysql -u root -p



mysql> CREATE USER 'git'@'localhost' IDENTIFIED BY 'gitpwd';



mysql> show variables like "%engine";

+------------------------+--------+

| Variable_name          | Value  |

+------------------------+--------+

| default_storage_engine | InnoDB |

| storage_engine         | InnoDB |

+------------------------+--------+

2 rows in set (0.01 sec)



#如果不是InnoDB引擎，需执行下面命令

mysql> SET storage_engine=INNODB;　　#创建数据库
　　CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci`;
　　#给用户授权
　　GRANT SELECT, LOCK TABLES, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON `gitlabhq_production`.* TO 'git'@'localhost';
　　#测试是否能够成功登录
　　mysql -ugit -pgitpwd -D gitlabhq_production
　　七、配置redis


chkconfig redis on



cp /etc/redis.conf /etc/redis.conf.orig



#修改监听端口（此步骤可忽略）

sed 's/^port .*/port 0/' /etc/redis.conf.orig |tee /etc/redis.conf



#增加内容

echo 'unixsocket /var/run/redis/redis.sock' |tee -a /etc/redis.conf



echo -e 'unixsocketperm 0770' |tee -a /etc/redis.conf　　#创建目录改权限


mkdir /var/run/redis



chown redis:redis /var/run/redis



chmod 755 /var/run/redis



#启动服务

service redis restart



#附加git到redis组

usermod -aG redis git



八、安装gitlab





cd /home/git



#下载源码

sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-4-stable gitlab

#修改配置



cd gitLab/



sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml



sudo -u git -H vim config/gitlab.yml

gitlab:

    ## Web server settings (note: host is the FQDN, do not include http://)

    host: localhost

    port: 80

    https: false



#修改目录权限



chown -R git log/

chown -R git tmp/

chmod -R u+rwX log/

chmod -R u+rwX tmp/

chmod -R u+rwX tmp/pids/

chmod -R u+rwX tmp/sockets/

chmod -R u+rwX  public/uploads



#创建目录





sudo -u git -H mkdir /home/git/gitlab-satellites

chmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites



#编辑配置文件unicorn.rb



sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb



#查看系统核心数

nproc

1



#编辑配置

sudo -u git -H vim config/unicorn.rb

worker_processes 1



#拷贝配置文件rack_attack.rb

sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb



#定义全局的用户和邮箱



sudo -u git -H git config --global user.name "GitLab"

sudo -u git -H git config --global user.email "example@example.com"

sudo -u git -H git config --global core.autocrlf input



#编辑连接redis配置



#拷贝配置

sudo -u git -H cp config/resque.yml.example config/resque.yml



#连接redis配置，默认配置，未修改

sudo -u git -H vim config/resque.yml





九、配置gitlab数据库文件





sudo -u git cp config/database.yml.mysql config/database.yml



#编辑配置文件

sudo -u git -H vim config/database.yml

production:

  adapter: mysql2

  encoding: utf8

  collation: utf8_general_ci

  reconnect: false

  database: gitlabhq_production

  pool: 10

  username: git

  password: "gitpwd"

  host: localhost

  socket: /var/lib/mysql/mysql.sock



#修改文件权限，只有git用户可读

sudo -u git -H chmod o-rwx config/database.yml





十、安装gem





cd /home/git/gitLab



sudo -u git -H bundle install --deployment --without development test postgres aws





十一、安装gitlab-shell



官网上给的gitlab－shell版本是2.1.0，后面会有问题（本地到远程不能连接），网上查找问题是版本问题，需要gitlab－shell的版本是2.0.1



sudo -u git -H bundle exec rake gitlab:shell:install[v2.0.1] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production



#编辑配置

sudo -u git -H vim /home/git/gitlab-shell/config.yml

---

user: git

gitlab_url: https://localhost/

http_settings:

  self_signed_cert: true

repos_path: "/home/git/repositories/"

auth_file: "/home/git/.ssh/authorized_keys"

redis:

  bin: "/usr/bin/redis-cli"

  namespace: resque:gitlab

  socket: "/var/run/redis/redis.sock"

log_level: INFO

audit_usernames: false





十二、初始化数据库





sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production



#可以设置管理员密码(此步骤可省略。。。)

sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=newpassword





十三、下载服务脚本





wget -O /etc/init.d/gitlab  https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/sysvinit/centos/gitlab-unicorn

  

chmod +x /etc/init.d/gitlab



chkconfig --add gitlab



chkconfig gitlab on



#设置logrotate

cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab



#检测应用状态

sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production



sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production



#启动服务

service gitlab start





十四、配置web服务







#本人使用的nginx



yum -y install nginx
chkconfig nginx on
mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled
wget -O /etc/nginx/sites-available/gitlab https://raw.github.com/gitlabhq/gitlab-recipes/master/web-server/nginx/gitlab-ssl
ln -sf /etc/nginx/sites-available/gitlab /etc/nginx/sites-enabled/gitlab



　　编辑/etc/nginx/nginx.conf，将 include /etc/nginx/conf.d/*.conf; 替换成 include /etc/nginx/sites-enabled/*;，就是修改额外加载的配置文件目录。
　　编辑/etc/nginx/sites-available/gitlab，将配置中server_name替换成实际访问的域名。
　　#将nginx加入git用户组
　　usermod -a -G git nginx
　　chmod g+rx /home/git/
　　#添加ssl证书或者自己生成一个
　　cd /etc/nginx
　　openssl req -new -x509 -nodes -days 3560 -out gitlab.crt -keyout gitlab.key
　　#启动nginx
　　service nginx start
　　
　　#登陆
　　用户名/密码
　　root/5iveL!fe
　　https://192.168.16.111/users/sign_in
　　
　　nginx基于http的配置（）

[iyunv@node4 gitlab]$ sudo wget https://raw.github.com/gitlabhq/gitlab-recipes/master/init/sysvinit/centos/gitlab-unicorn -P /etc/init.d/
gitlab 内容

　　#!/bin/bash
#
# GitLab
# Contributors  : @elvanja, @troyanov, @eiyaya, @foyo23, @nielsbasjes, @relip, @JasonMing, @andronat, @axilleas, @md
irkse
# App Version   : 6.x - 7.x


　　# chkconfig: 2345 82 55
# processname: unicorn
# processname: sidekiq
# description: Runs unicorn and sidekiq for nginx integration.


　　# Related (kudos @4sak3n0ne):
# https://github.com/gitlabhq/gitlabhq/issues/1049#issuecomment-8386882
# https://gist.github.com/3062860


　　# Include RedHat function library
. /etc/rc.d/init.d/functions


　　# The name of the service
NAME=${0##*/}


　　### Environment variables
RAILS_ENV="production"


　　# The username and path to the gitlab source
USER=git
APP_PATH=/home/$USER/gitlab


　　# The PID and LOCK files used by unicorn and sidekiq
UPID=$APP_PATH/tmp/pids/unicorn.pid
ULOCK=/var/lock/subsys/unicorn
SPID=$APP_PATH/tmp/pids/sidekiq.pid
SLOCK=/var/lock/subsys/sidekiq


　　# Evaluate the real path for the user (should already have RVM)
PATH_PATCH="PATH=$(su $USER -s /bin/bash -l -c "echo \"\$PATH\"") && export PATH && "


　　start() {
  cd $APP_PATH


　　# Start unicorn
  echo -n $"Starting unicorn: "
  daemon --pidfile=$UPID --user=$USER "$PATH_PATCH RAILS_ENV=$RAILS_ENV bin/web start"
  unicorn=$?
  [ $unicorn -eq 0 ] && touch $ULOCK
  echo


　　# Start sidekiq
  echo -n $"Starting sidekiq: "
  daemon --pidfile=$SPID --user=$USER "$PATH_PATCH RAILS_ENV=$RAILS_ENV bin/background_jobs start"
  sidekiq=$?
  [ $sidekiq -eq 0 ] && touch $SLOCK
  echo


　　retval=$unicorn || $sidekiq
  return $retval
}


　　stop() {
  cd $APP_PATH


　　# Stop unicorn
  echo -n $"Stopping unicorn: "
  killproc -p $UPID
  unicorn=$?
  [ $unicorn -eq 0 ] && rm -f $ULOCK
  echo


　　# Stop sidekiq
  echo -n $"Stopping sidekiq: "
  killproc -p $SPID
  sidekiq=$?
  [ $sidekiq -eq 0 ] && rm -f $SLOCK
  echo


　　retval=$unicorn || $sidekiq
  return $retval
}


　　restart() {
  stop
  start
}


　　get_status() {
  status -p $UPID unicorn
  unicorn=$?


　　status -p $SPID sidekiq
  sidekiq=$?


　　retval=$unicorn || $sidekiq
  return $retval
}


　　query_status() {
  get_status >/dev/null 2>&1
  return $?
}


　　case "$1" in
  start)
    query_status && exit 0
    start || exit 1
    ;;
  stop)
    query_status || exit 0
    stop || exit 1
    ;;
  restart)
    restart || exit 1
    ;;
  status)
    get_status
        exit $?
    ;;
  *)
    N=/etc/init.d/$NAME
    echo "Usage: $N {start|stop|restart|status}" >&2
    exit 1
    ;;
esac


　　exit 0


[iyunv@node4 gitlab]$ sudo mv /etc/init.d/gitlab-unicorn /etc/init.d/gitlab
[iyunv@node4 gitlab]$ sudo chmod +x /etc/init.d/gitlab
[iyunv@node4 gitlab]$ sudo chkconfig --add gitlab
[iyunv@node4 gitlab]$ sudo chkconfig gitlab on
[iyunv@node4 gitlab]$ sudo /etc/init.d/gitlab start


[iyunv@node4 gitlab]$ cp lib/support/nginx/gitlab /usr/local/nginx/conf/conf.d/
[iyunv@node4 gitlab]$ cd /usr/local/nginx/conf/conf.d/
[iyunv@node4 gitlab]$ sudo chown -R git:git .
[iyunv@node4 conf.d]$ cp gitlab gitlab.conf
[iyunv@node4 conf.d]$ vi gitlab.conf
upstream gitlab {
server unix:/home/git/gitlab/tmp/sockets/gitlab.socket;
}
server {
listen 80 default_server;         # e.g., listen 192.168.1.1:80; In most cases *:80 is a good idea
server_name your domain;     # e.g., server_name source.example.com;
server_tokens off;     # don't show the version number, a security best practice
root /home/git/gitlab/public;
client_max_body_size 5m;
access_log  logs/gitlab_access.log;
error_log   logs/gitlab_error.log;
location / {
try_files $uri $uri/index.html $uri.html @gitlab;
}
location @gitlab {
proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_redirect     off;
proxy_set_header   X-Forwarded-Proto $scheme;
proxy_set_header   Host              $http_host;
proxy_set_header   X-Real-IP         $remote_addr;
proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
proxy_pass http://gitlab;
}
}
[iyunv@node4 conf.d]$ sudo service nginx restart
[iyunv@node4 conf.d]$ cd /home/git/gitlab
[iyunv@node4 gitlab]$ bundle exec rake assets:precompile RAILS_ENV=production
[iyunv@node4 gitlab]$ sudo service gitlab restart

　　遇到的问题：
　　启动后打开页面显示 502 错误：
　　解决方法：看日志
　　
　　2016/10/28 11:50:46 [crit] 15189#0: *6 connect() to unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket failed (2: No such file or directory) while con
necting to upstream, client: 192.168.16.231, server: 192.168.16.111, request: "GET /static.css HTTP/1.1", upstream: "http://unix:/home/git/gitlab/tmp/sockets
/gitlab-workhorse.socket:/static.css", host: "192.168.16.111", referrer: "https://192.168.16.111/users/sign_in"
　　此时需要修改 nginx 里 gitlab.socketde 路径
　　nginx.conf 配置文件

　　图中红框内的socket文件改成  /home/git/gitlab/tmp/sockets 路径下存在的socket文件