zoukankan      html  css  js  c++  java
  • omnibus gitlab-ce安装

    架构

    关闭防火墙

    [root@gitlab ~]# systemctl stop firewalld
    [root@gitlab ~]# systemctl disable firewalld
    
    

    关闭SELinux

    [root@gitlab ~]# setenforce 0
    setenforce: SELinux is disabled
    

    安装依赖组件

    [root@gitlab ~]# yum -y install curl policycoreutils openssh-server openssh-clients postfix
    

    下载gitlab-ce仓库

    curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh  | bash
    

    启动邮件服务器

    [root@gitlab data]# systemctl start postfix
    [root@gitlab data]# systemctl enable postfix
    

    安装gitlab

    安装omnibus gitlab-ce
    omnibus相当于一键安装包,自动安装gitlab所依赖的所有组件

     yum -y install gitlab-ce
    

    创建私钥与证书

    [root@gitlab data]# mkdir /etc/gitlab/ssl
    [root@gitlab data]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.aubin.com.key" 2048
    
    
    创建申请证书
    openssl req -new -key "/etc/gitlab/ssl/gitlab.aubin.com.key" -out "/etc/gitlab/ssl/gitlab.aubin.com.csr
    Country Name (2 letter code) [XX]:cn                # 国家
    State or Province Name (full name) []:bj            # 省份
    Locality Name (eg, city) [Default City]:bj          # 城市
    Organization Name (eg, company) [Default Company Ltd]:ctyun # 公司名
    Organizational Unit Name (eg, section) []:ops       # 部门
    Common Name (eg, your name or your server's hostname) []:gitlab.aubin.com
    Email Address []:
    
    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:
    An optional company name []:
    
    
    给申请证书签名
    [root@gitlab data]# openssl x509 -req -days 3650 -in "/etc/gitlab/ssl/gitlab.aubin.com.csr" -signkey "/etc/gitlab/ssl/gitlab.aubin.com.key" -out "/etc/gitlab/ssl/gitlab.aubin.com.crt"
    
    创建pem
    openssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048
     
    修改权限
    chmod 600 /etc/gitlab/ssl/*
    

    配置gitlab

    nginx['redirect_http_to_https'] = ture
    nginx['ssl_client_certificate'] = "/etc/gitlab/ssl/gitlab.aubin.com.crt"
    nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.aubin.com.crt"
    nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.aubin.com.key"
    nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem"
    nginx['listen_addresses'] = ['*']
    nginx['listen_port'] = 9000
    

    初始化所有配置

    [root@gitlab ssl]# gitlab-ctl reconfigure
    

    配置本地windows住的hosts文件

    # gitlab
    42.81.133.59 gitlab.aubin.com
    

    浏览器访问

    初次进入需要设置管理员密码(默认账号为root),前面配置了nginx为https访问,所以访问地址应该为https

    https://IP:9000
    

    nginx配置文件

    修改配置文件后要重启gitlabgitlab-ctl restart

    /var/opt/gitlab/nginx/conf/gitlab-http.conf
    
  • 相关阅读:
    【版本控制工具】 Git进阶1
    【版本控制工具】 Git基础
    问题:com.alibaba.dubbo.rpc.RpcException: Failed to invoke ......
    互联网安全架构之常见的Web攻击手段及解决办法
    【Spring Boot】七、整合actuator实现监控管理
    问题:tomcat启动后,可以访问主页面,但是无法访问dubbo-admin
    【Spring Boot】六、整合dubbo(注解的方式)
    这篇文章,彻底搞懂八大开源框架源码
    Spring Cloud Greenwich.SR4 发布了,跟不上了……
    手把手教你画架构图,看一次就会了!
  • 原文地址:https://www.cnblogs.com/aubin/p/9478912.html
Copyright © 2011-2022 走看看