Redhat Linux 6 安装使用 gitlab

一、安装gitlab

清华大学镜像网站下载对应的rpm包

https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el6/gitlab-ce-12.0.3-ce.0.el6.x86_64.rpm

[root@admin Downloads]# rpm -ivh gitlab-ce-12.0.3-ce.0.el6.x86_64.rpm
warning: gitlab-ce-12.0.3-ce.0.el6.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID f27eab47: NOKEY
error: Failed dependencies:
        openssh-server is needed by gitlab-ce-12.0.3-ce.0.el6.x86_64

从http://www.rpmfind.net/linux/centos/6.10/updates/x86_64/Packages/openssh-server-5.3p1-124.el6_10.x86_64.rpm下载openssh-server的rpm包。

安装openssh-server时又遇到openssh依赖，如下：

[root@admin Downloads]# rpm -ivh openssh-server-5.3p1-124.el6_10.x86_64.rpm
warning: openssh-server-5.3p1-124.el6_10.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
error: Failed dependencies:
        openssh = 5.3p1-124.el6_10 is needed by openssh-server-5.3p1-124.el6_10.x86_64

从http://www.rpmfind.net/linux/centos/6.10/updates/x86_64/Packages/openssh-5.3p1-124.el6_10.x86_64.rpm下载openssh的rpm包。安装后即可顺利安装openssh-server和gitlab。

[root@admin Downloads]# rpm -ivh openssh-5.3p1-124.el6_10.x86_64.rpm
warning: openssh-5.3p1-124.el6_10.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Preparing...                ########################################### [100%]
   1:openssh                warning: /etc/ssh/moduli created as /etc/ssh/moduli.rpmnew
########################################### [100%]
[root@admin Downloads]# rpm -ivh openssh-server-5.3p1-124.el6_10.x86_64.rpm
warning: openssh-server-5.3p1-124.el6_10.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Preparing...                ########################################### [100%]
   1:openssh-server         warning: /etc/pam.d/sshd created as /etc/pam.d/sshd.rpmnew
warning: /etc/ssh/sshd_config created as /etc/ssh/sshd_config.rpmnew
########################################### [100%]
[root@admin Downloads]# rpm -ivh gitlab-ce-12.0.3-ce.0.el6.x86_64.rpm
warning: gitlab-ce-12.0.3-ce.0.el6.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID f27eab47: NOKEY
Preparing...                ########################################### [100%]
   1:gitlab-ce              ########################################### [100%]
It looks like GitLab has not been configured yet; skipping the upgrade script.

       *.                  *.
      ***                 ***
     *****               *****
    .******             *******
    ********            ********
   ,,,,,,,,,***********,,,,,,,,,
  ,,,,,,,,,,,*********,,,,,,,,,,,
  .,,,,,,,,,,,*******,,,,,,,,,,,,
      ,,,,,,,,,*****,,,,,,,,,.
         ,,,,,,,****,,,,,,
            .,,,***,,,,
                ,*,.



     _______ __  __          __
    / ____(_) /_/ /   ____ _/ /_
   / / __/ / __/ /   / __ `/ __ \
  / /_/ / / /_/ /___/ /_/ / /_/ /
  \____/_/\__/_____/\__,_/_.___/


Thank you for installing GitLab!
GitLab was unable to detect a valid hostname for your instance.
Please configure a URL for your GitLab instance by setting `external_url`
configuration in /etc/gitlab/gitlab.rb file.
Then, you can start your GitLab instance by running the following command:
  sudo gitlab-ctl reconfigure

For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md

二、配置gitlab

gitlab内置了nginx的服务，所以默认会占用80和443端口。如果服务器上之前安装过nginx或者apache，把80和443端口给占了，就需要修改端口防止冲突。但是如果修改了端口，访问的时候就要带上端口号，比较麻烦且看起来不好看。比较好的办法是使用自己安装的nginx做反向代理，连接到gitlab的nginx。

1. 安装nginx

http://nginx.org/packages/rhel/6/x86_64/RPMS/nginx-1.16.0-1.el6.ngx.x86_64.rpm 下载rpm包，

[root@admin Downloads]# rpm -ivh nginx-1.16.0-1.el6.ngx.x86_64.rpm
warning: nginx-1.16.0-1.el6.ngx.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 7bd9bf62: NOKEY
Preparing...                ########################################### [100%]
   1:nginx                  ########################################### [100%]
----------------------------------------------------------------------

Thanks for using nginx!

Please find the official documentation for nginx here:
* http://nginx.org/en/docs/

Please subscribe to nginx-announce mailing list to get
the most important news about nginx:
* http://nginx.org/en/support.html

Commercial subscriptions for nginx are available on:
* http://nginx.com/products/

----------------------------------------------------------------------

启动nginx：

#显示nginx的配置路径
[root@admin Downloads]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

#启动nginx并检查进程和监听端口
[root@admin Downloads]# nginx
[root@admin Downloads]# ps -ef | grep nginx
root     121141      1  0 19:26 ?        00:00:00 nginx: master process nginx
nginx    121142 121141  0 19:26 ?        00:00:00 nginx: worker process
root     121144 115450  0 19:26 pts/17   00:00:00 grep nginx
[root@admin Downloads]# netstat -anp | grep 80
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      121141/nginx

nginx启动后，可以从浏览器访问主机地址的80端口，如下：

2. 配置nginx并重启

编辑nginx的配置文件/etc/nginx/nginx.conf， 改配置的全部内容如下：

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;

    upstream gitlab-workhorse {  
        server  localhost:8181;  //这里对应的是gitlab配置文件中定义的IP地址和端口号
    }

    server {
        listen 80;
        listen [::]:80 default_server;
        server_name 10.0.74.179;  //这里用IP地址或者用域名
        server_tokens off; ## Don't show the nginx version number, a security best practice
        root /opt/gitlab/embedded/service/gitlab-rails/public;

        ## See app/controllers/application_controller.rb for headers set

        ## Individual nginx logs for this GitLab vhost
        #access_log  /home/wwwlogs/gitlab_access.log; # 根据实际情况修改
        #error_log   /home/wwwlogs/gitlab_error.log; # 根据实际情况修改

        location / {
            # 设置最大允许上传单个的文件大小
            client_max_body_size 1024m;
            gzip off;
            proxy_redirect off;

            proxy_http_version 1.1;

            #以下确保 gitlab中项目的 url 是域名而不是 http://git，不可缺少
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;

            # 反向代理到 gitlab
            proxy_pass http://gitlab-workhorse;
        }
    }
}

配置完成后重新启动一下nginx，如下：

# 检测配置是否正确
$ nginx -t

# 重启nginx
$ nginx -s reload

#停止nginx
$ service nginx stop

#启动nginx
$ service nginx start

3. 配置gitlab并重启

编辑gitlab的配置文件/etc/gitlab/gitlab.rb，需要更改的内容如下：

external_url 'http://10.0.74.179'    #这里是域名或者IP地址
gitlab_workhorse['listen_network'] = "tcp"
gitlab_workhorse['listen_addr'] = "localhost:8181" #这里要与nginx配置中的代理指向的地址一致
unicorn['port'] = 8182  #unicorn的监听端口，不能与其他应用的监听端口冲突，否则会出错
web_server['external_users'] = ['nginx'] #这个user要跟nginx配置中的user一致
nginx['enable'] = false  #关闭gitlab中自带的nginx

使用下面命令中的reconfigure命令来更新配置并重启： 

#开启
gitlab-ctl start

#关闭
gitlab-ctl stop

#重启
gitlab-ctl restart

#重新配置并重启 -- 一般修改了配置文件后都要运行改命令
gitlab-ctl reconfigure 

#查看状态
gitlab-ctl status

4. 从浏览器输入IP地址访问gitlab，安装成功的话会看到如下界面：

首次登陆会要求重置管理员密码，管理员的默认用户名为root。

参考资料：

【1】https://www.centos.bz/2018/01/centos-7-x%E4%B8%8Agitlab%E6%90%AD%E5%BB%BA%E6%95%99%E7%A8%8Bhttps%E5%8F%AF%E7%94%A8%EF%BC%8C%E9%82%AE%E4%BB%B6%E5%8F%AF%E7%94%A8/  CentOS 7.x上gitlab搭建教程(https可用，邮件可用)

【2】https://www.cnblogs.com/xudong-bupt/p/8661523.html  正向代理与反向代理区别图解 (nginx)