Welcome to my GitHub
https://github.com/zq2599/blog_demos
content: classification summary of all original articles and supporting source code, involving Java, Docker, Kubernetes, DevOPS, etc.;
Cause is laziness
Recently I started tossing about the CI function of GitLab. I plan to deploy a GitLab at home. The usual practice is to turn on the computer, start GitLab, and then turn off the computer after use. I always find these operations very troublesome (Do you want to call me lazy? You are right...)
Synology solves troubles
- There is a Synology DS218+ at home, which never shuts down, and provides stable picture and video services for the whole family. Maven private server and MySQL have been deployed on it before, and it runs very stably. Let’s deploy GitLab on it today. Use it as you want, it's a lazy savior.
- The picture below shows the appearance of DS218+ just bought. Two NAS hard drives have been in stable service:
- The following picture is the memory module purchased online. Now there are a total of 2+8=10G memory. Adequate memory is the confidence to dare to toss:
Previous link
Previous record of tossing Group Hui:
- Synology DS218+ deploys mysql
- Synology DS218+ deploys kafka
- Synology DS218+ do maven private server (nexus3)
- K8S uses Synology DS218+ NFS
- Synology DS218+ deploys Harbor (1.10.3)
Ideas
In fact, the operation is very simple: the deployment of GitLab is based on docker-compose, and Synology already has docker-compose. Just follow the official deployment guide. The following points should be noted:
- The deployment operation requires administrator authority, so it is not operated on the web page, but SSH login to the background to operate;
- GitLab is best to use domain name access. If you use IP, it means that the file access address contains IP. Once the IP is changed, the original file access address is invalid.
Environmental information
- Synology System: DSM 6.2.2-24922 Update 4
- GitLab:Community Edition 13.0.6
Configure host
Files in GitLab have access addresses. It is obviously inappropriate to use the IP of the GitLab server as this address (it will be invalid if the IP of the GitLab server changes the access address of this file), so the following two points need to be met:
- Prepare the domain name for the GitLab server, here is to prepare the domain name for the IP address of Synology: gitlab.synology.com
- Ensure that Synology itself can access GitLab through the domain name
- Ensure that all visitors can access GitLab through the domain name
- Generally, the visitor’s hosts file is modified to achieve the goal of domain name access. To save trouble, I configure it in the router: 192.168.50.43 gitlab.synology.com
Allow SSH login
First, you must set to allow SSH background login:
- The operation in the red box as shown below:
- As shown in the figure below, check the Enable SSH function and use 22 as the port:
- Now you can log in to Synology with the SSH terminal. I used Xshell6 to log in on a windows computer. You can choose any SSH terminal tool. The account password is the account password that can log in to Synology. As shown in the figure below, after logging in, you can Use the daily linux commands:
- Pay attention to the red box in the figure above, the home directory of the login account is /var/services/homes/zq2599
deploy
- Create a docker-compose.yml file with the following content (most of the content can be used directly, and the areas that need to be modified will be discussed later):
version: '2.3'
services:
redis:
restart: always
image: redis:5.0.9
command:
- --loglevel warning
volumes:
- redis-data:/var/lib/redis:Z
postgresql:
restart: always
image: sameersbn/postgresql:11-20200524
volumes:
- postgresql-data:/var/lib/postgresql:Z
environment:
- DB_USER=gitlab
- DB_PASS=password
- DB_NAME=gitlabhq_production
- DB_EXTENSION=pg_trgm
gitlab:
restart: always
image: sameersbn/gitlab:13.0.6
depends_on:
- redis
- postgresql
ports:
- "10080:80"
- "10022:22"
volumes:
- gitlab-data:/home/git/data:Z
healthcheck:
test: ["CMD", "/usr/local/sbin/healthcheck"]
interval: 5m
timeout: 10s
retries: 3
start_period: 5m
environment:
- DEBUG=false
- DB_ADAPTER=postgresql
- DB_HOST=postgresql
- DB_PORT=5432
- DB_USER=gitlab
- DB_PASS=password
- DB_NAME=gitlabhq_production
- REDIS_HOST=redis
- REDIS_PORT=6379
- TZ=Asia/Kolkata
- GITLAB_TIMEZONE=Kolkata
- GITLAB_HTTPS=false
- SSL_SELF_SIGNED=false
- GITLAB_HOST=gitlab.synology.com
- GITLAB_PORT=10080
- GITLAB_SSH_PORT=10022
- GITLAB_RELATIVE_URL_ROOT=
- GITLAB_SECRETS_DB_KEY_BASE=long-and-random-alphanumeric-string
- GITLAB_SECRETS_SECRET_KEY_BASE=long-and-random-alphanumeric-string
- GITLAB_SECRETS_OTP_KEY_BASE=long-and-random-alphanumeric-string
- GITLAB_ROOT_PASSWORD=
- GITLAB_ROOT_EMAIL=
- GITLAB_NOTIFY_ON_BROKEN_BUILDS=true
- GITLAB_NOTIFY_PUSHER=false
- GITLAB_EMAIL=[email protected]
- GITLAB_EMAIL_REPLY_TO=[email protected]
- GITLAB_INCOMING_EMAIL_ADDRESS=[email protected]
- GITLAB_BACKUP_SCHEDULE=daily
- GITLAB_BACKUP_TIME=01:00
- SMTP_ENABLED=false
- SMTP_DOMAIN=www.example.com
- SMTP_HOST=smtp.gmail.com
- SMTP_PORT=587
- SMTP_USER=[email protected]
- SMTP_PASS=password
- SMTP_STARTTLS=true
- SMTP_AUTHENTICATION=login
- IMAP_ENABLED=false
- IMAP_HOST=imap.gmail.com
- IMAP_PORT=993
- IMAP_USER=[email protected]
- IMAP_PASS=password
- IMAP_SSL=true
- IMAP_STARTTLS=false
- OAUTH_ENABLED=false
- OAUTH_AUTO_SIGN_IN_WITH_PROVIDER=
- OAUTH_ALLOW_SSO=
- OAUTH_BLOCK_AUTO_CREATED_USERS=true
- OAUTH_AUTO_LINK_LDAP_USER=false
- OAUTH_AUTO_LINK_SAML_USER=false
- OAUTH_EXTERNAL_PROVIDERS=
- OAUTH_CAS3_LABEL=cas3
- OAUTH_CAS3_SERVER=
- OAUTH_CAS3_DISABLE_SSL_VERIFICATION=false
- OAUTH_CAS3_LOGIN_URL=/cas/login
- OAUTH_CAS3_VALIDATE_URL=/cas/p3/serviceValidate
- OAUTH_CAS3_LOGOUT_URL=/cas/logout
- OAUTH_GOOGLE_API_KEY=
- OAUTH_GOOGLE_APP_SECRET=
- OAUTH_GOOGLE_RESTRICT_DOMAIN=
- OAUTH_FACEBOOK_API_KEY=
- OAUTH_FACEBOOK_APP_SECRET=
- OAUTH_TWITTER_API_KEY=
- OAUTH_TWITTER_APP_SECRET=
- OAUTH_GITHUB_API_KEY=
- OAUTH_GITHUB_APP_SECRET=
- OAUTH_GITHUB_URL=
- OAUTH_GITHUB_VERIFY_SSL=
- OAUTH_GITLAB_API_KEY=
- OAUTH_GITLAB_APP_SECRET=
- OAUTH_BITBUCKET_API_KEY=
- OAUTH_BITBUCKET_APP_SECRET=
- OAUTH_SAML_ASSERTION_CONSUMER_SERVICE_URL=
- OAUTH_SAML_IDP_CERT_FINGERPRINT=
- OAUTH_SAML_IDP_SSO_TARGET_URL=
- OAUTH_SAML_ISSUER=
- OAUTH_SAML_LABEL="Our SAML Provider"
- OAUTH_SAML_NAME_IDENTIFIER_FORMAT=urn:oasis:names:tc:SAML:2.0:nameid-format:transient
- OAUTH_SAML_GROUPS_ATTRIBUTE=
- OAUTH_SAML_EXTERNAL_GROUPS=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_EMAIL=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_NAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_USERNAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_FIRST_NAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_LAST_NAME=
- OAUTH_CROWD_SERVER_URL=
- OAUTH_CROWD_APP_NAME=
- OAUTH_CROWD_APP_PASSWORD=
- OAUTH_AUTH0_CLIENT_ID=
- OAUTH_AUTH0_CLIENT_SECRET=
- OAUTH_AUTH0_DOMAIN=
- OAUTH_AUTH0_SCOPE=
- OAUTH_AZURE_API_KEY=
- OAUTH_AZURE_API_SECRET=
- OAUTH_AZURE_TENANT_ID=
volumes:
redis-data:
postgresql-data:
gitlab-data:
- In the above configuration, there are four places you need to modify;
- The first place: gitlab.ports, here we use port 10080 of the host to map the http port of the container, and port 10022 of the host to map the ssh port of the container
- The second place: gitlab.environment.GITLAB_PORT, which should be consistent with the port 10080 mapped earlier, so that the file url on GitLab will have port 10080 in it to ensure that the file can be accessed normally on the web page
- The third place: gitlab.environment.GITLAB_SSH_PORT, which should be consistent with the port 10022 mapped earlier, so that the warehouse address given on GitLab will contain 10022. You can connect to GitLab successfully when you use the git clone command on the client
- Fourth place: gitlab.environment.GITLAB_HOST, configured as the host prepared earlier: gitlab.synology.com
- I don’t need to modify other parameters for the time being, please adjust them as you see fit. Refer to the document: https://github.com/sameersbn/docker-gitlab
- Confirm again that the domain name on Synology is accessible (192.168.50.43 is Synology’s IP address):
- Execute the command sudo docker-compose up -d to complete the deployment and startup of GitLab;
- Wait for the startup to succeed. Synology's hardware performance is average. I will wait for about 10 minutes here (a 502 error will appear during web page access, and it will be fine after the startup is successful);
- After the startup is successful, visit the address http://gitlab.synology.com:10080 , and you will be prompted to set the password of the root account:
- After setting the password, you can log in with the root account:
- As shown in the figure below, please register another account, which will be used in the actual operation later. My registered account is zq2599 and the email is [email protected]
Verification: Create project
- Log in with the newly created account and click Create a project :
- The information of the new warehouse is as follows:
- On the page of the new warehouse, the red box in the picture below is the address of the warehouse. Please write it down and use it later:
Verification: Submit code
- Find a computer to verify the submitted code, I found a CentOS7 server here;
- Install git: yum install -y git
- Create an ssh key, execute ssh-keygen -t rsa -C "[email protected]", and press Enter all the way:
- To configure the account and mailbox globally, execute the following command:
git config --global user.name "zq2599" \
&& git config --global user.email [email protected]
- Copy the contents of the file ~/.ssh/id_rsa.pub to the following location:
- Go back to the client machine and try to clone the project:
git clone ssh://[email protected]:10022/zq2599/test001.git
- As shown in the figure below, the code is downloaded successfully:
- Let's try again to see whether the modified content can be successfully submitted. The operation command is shown in the figure below:
- Go to the website again, and the content has been successfully submitted: So
far, GitLab has been successfully installed on the Synology server, and then you can happily toss GitLab CI;