Chapter 1-3 GitLab Introduction and Configuration Management
- A, GitLab Introduction
- 1.1 What is GitLab
- 1.2, GitLab different and GitHub
- 1.3, GitLab advantages and application scenarios
- 1.4, GitLab constitute the main service
- Two, GitLab workflow
- Three, GitLab installation configuration management
- 3.1, GitLab pre-installation environment ready
- 3.2, GitLab installation (ce Community Edition)
- 3.2.1 installation dependencies GitLab
- 3.2.2 installation dependencies GitLab
- 3.2.3, create a certificate
- 3.2.3.1, to create a private key
- 3.2.3.2, create csr certificate using the private key created above
- 3.2.3.3, crt create a certificate using the private key and certificate csr
- 3.2.3.4, create pem certificate
- 3.2.4, change the certificate authority
- 3.2.5, a certificate generated above configuration to the configuration file GitLab
- 3.2.6, the change GitLab Http profile
- 3.2.7, to change the machine's hosts file so that you can access by domain name gitlab.example.com
- 3.2.8, problems encountered
- 3.2.8.1, because the 8080 port is already deployed an application, leading to a port conflict
- 3.2.8.2, lack of memory needed to start GitLab
- 3.2.9, change the password to log GitLab
- 3.2.10, modify GitLab data storage warehouse address
- 3.3, using GitLab
A, GitLab Introduction
1.1 What is GitLab
1.2, GitLab different and GitHub
1.3, GitLab advantages and application scenarios
1.4, GitLab constitute the main service
Two, GitLab workflow
Three, GitLab installation configuration management
Note: The test environment for a Centos7.3 virtual machine;
3.1, GitLab pre-installation environment ready
3.1.1, turn off the firewall and disable the boot
# 1.查看当前的防火墙状态
firewall-cmd --state
# 2.禁用防火墙
systemctl stop firewalld
# 3.警用防火墙开机启动
systemctl disable firewalld
# 永久关闭后,开启防火墙(开机自动启用)
systemctl enable firewalld
3.1.2, close selinux enforce access policies
Close the policy to prevent the policy impact GitLab normal operation.
# 使用vim编辑器打开selinux配置文件
vim /etc/sysconfig/selinux
The lower profile SELINUX = enforcing modify SELINUX = disabled
# 执行reboot命令使上面的配置生效
reboot
The following screen appears after execution;
log back on Linux systems using ssh [email protected] command;
# 查看selinux是否被禁用
getenforce
3.2, GitLab installation (ce Community Edition)
3.2.1 installation dependencies GitLab
# 安装GitLab的依赖包
yum install curl policycoreutils openssh-server openssh-clients postfixs
3.2.2 installation dependencies GitLab
# 安装gitLab包的仓库地址
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
# 启动postfix服务
systemctl start postfix
# 开启启动postfix服务
systemctl enable postfix
Started GitLab Installation Wizard
# 开始启动GitLab安装向导
yum -y install gitlab-ce
3.2.3, create a certificate
3.2.3.1, to create a private key
# 创建ssl目录
mkdir -p /etc/gitlab/ssl
# 创建本地私有密钥
openssl genrsa -out "/etc/gitlab/ssl/gitlab.example.com.key" 2048
3.2.3.2, create csr certificate using the private key created above
# 创建csr证书
openssl req -new -key "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.csr"
Ll command to view, you can see our csr key and certificate have been created
3.2.3.3, crt create a certificate using the private key and certificate csr
openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.example.com.csr" -signkey "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.crt"
# 509 -req: 代表签署证书的格式
# -days 365:代表签署证书的有效时限
# -in:引入csr证书
# -signkey:使用密钥
# -out:输出crt证书
3.2.3.4, create pem certificate
openssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048
Ll command to view you can see dhparams.pem file has been created
3.2.4, change the certificate authority
3.2.4.1, Linux file permissions brief description
FIG file permissions above three points:
[file or folder owner rights] [] [] [others permission rights group]
[File is -, folder d] [r / w / x [sum] r / w / x [sum] r / w / x] adding
rwx follows:
R & lt read permission. 4 read
W 2 write access write
X operation authority execute 1
Permissions 3.2.4.2, amend the certificate
# 将生成的四个证书文件的权限改为仅root用户可以查看和修改
chmod 600 *
3.2.5, a certificate generated above configuration to the configuration file GitLab
# 编辑gitlab的配置文件
vim /etc/gitlab/gitlab.rb
Modify the configuration file external_url modify the original http to https
after exit edit mode search redirect_http_to_https , uncomment the line and false amended as true; and modify the certification path red frame configuration section in the figure below.
After modify save and exit.
Restart GitLab configuration
# 重启GitLab的配置
gitlab-ctl reconfigure
After a long wait for success to this configuration and reboot
3.2.6, the change GitLab Http profile
# 打开GitLab的配置文件
vim /var/opt/gitlab/nginx/conf/gitlab-http.conf
Server_name search fields, add the following content in the red box in the figure below
# 重启http配置
gitlab-ctl restart
3.2.7, to change the machine's hosts file so that you can access by domain name gitlab.example.com
I am using win10 system, win10 modify the hosts file will have insufficient permissions issues; (where to find the degree of your mother resolved)
C: \ WINDOWS \ system32 \ the Drivers \ etc; edit the hosts file
after saving open the browser of the machine use access gitlab.example.com
But error ~~ shown in my virtual machine already deployed an application using Linux, so the use of the domain names do not have access to gitlab
3.2.8, problems encountered
Access over IP + port in the browser, the browser returns the following interface found.
3.2.8.1, because the 8080 port is already deployed an application, leading to a port conflict
After seeing the above FIG errors, the next first Baidu. Many say the problem is port 8080 conflict;
# 查看错误日志
cat /var/log/gitlab/unicorn/unicorn_stderr.log
From the graph we can see that is a result of our 8080 port is occupied due.
# 打开配置文件
vim /etc/gitlab/gitlab.rb
Modify the port, where there is a pit! ! ! ! , Baidu to a query from the said method is the port in question, but also gives the solution is to modify the two places, but the examples given in the upper and lower ports two parameters are the same, or restart the configuration packet 502 found . Modified to other port is not occupied by the port also reported occupancy. So it took two ports modified into different ports up and down. After rebooting found to be possible.
Note: In the previous configuration, we also need to modify the Http GitLab a configuration file that is mentioned in section 3.2.6, but after the configuration here if we execute the following two lines of code to configure and reboot after gitlab
gitlab-ctl reconfigure
gitlab-ctl restart
Open gitlab-http.conf this profile will find this file attribute is automatically updated.
3.2.8.2, lack of memory needed to start GitLab
GitLab minimum required memory is about 2G, 1G if the Linux system startup is not started up.
3.2.9, change the password to log GitLab
Finally returning to see this GitLab interface, then we need to set our password to log in
using the account name: root ; Password: password that were set ; login system
3.2.10, modify GitLab data storage warehouse address
3.2.10.1, create a saved GitLab data storage repository folder
Here 4T made to mount a mechanical hard drive on my server, mount to the lower data. As shown below
# 创建保存GitLab的数据存储仓库文件夹
mkdir -pv /data/gitlab-data
# 查看data文件夹下的文件情况
ls -al
3.2.10.2, the configuration of the warehouse address GitLab
# 打开gitlab的配置文件
vim /etc/gitlab/gitlab.rb
git_data_dirs({
"default" => {
"path" => "/data/gitlab-data"
}
})
3.2.10.3, re-read configuration GitLab
# 重新读取GitLab的配置
gitlab-ctl reconfigure
# 重启GitLab服务
gitlab-ctl restart
After the restart you can see, with the repositories in the folder created our own warehouse;
3.3, using GitLab
3.3.1, to create a test-repo warehouse
Click below
3.3.2, test-repo warehouse downloaded to the machine desktop repo folder
First, we create a test repo file in the machine folder
, double-click to open the git tools installed on the desktop, open Git Bash
# 查看当前所在的目录路劲
pwd
# 进入到桌面文件夹
cd Desktop/
download
git -c http.sslverify=false clone http://192.168.2.200:8091/root/test-repo.git
# -c http.sslverify=false 用来避免本地证书无法进行克隆操作
Enter the bomb out of the box, enter the account number and password before the
prompt to download the entry is complete
3.3.3 write code test in test-repo warehouse submitted
Into the test-repo folder and file test.py write a
file to add to git management, and commit to your local repository
If this screen appears you need to set up a global git-mail and name
# 提交到远程分支
git -c http.sslverify=false push origin master
But the figure, the machine does not add parameters can also be submitted
after viewing the page, you can see the submitted content can already be seen in the interface.