笔记：gitlab-ce 替换（2）

笔记二

以gitlab的9.4.3版本为例子
[toc]

1、nginx/apache 替换 gitlab-nginx

• 修改 /etc/gitlab/gitlab.rb:

nginx['enable'] = false## 填写用户，## nginx：nginx.conf 里查看 user（默认是 www www）## apache：httpd.conf 里查看 User与Group （默认是 daemon daemon）web_server['external_users'] = ['www']## 如果是apache，必须配置以下,nginx不写gitlab_workhorse['listen_network'] = "tcp"gitlab_workhorse['listen_addr'] = "127.0.0.1:8181"

• 修改apache/nginx配置文件

apache 配置# This configuration has been tested on GitLab 8.2# Note this config assumes unicorn is listening on default port 8080 and# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to# listen on port 8181, edit /etc/gitlab/gitlab.rb and change the following:## gitlab_workhorse['listen_network'] = "tcp"# gitlab_workhorse['listen_addr'] = "127.0.0.1:8181"##Module dependencies# mod_rewrite# mod_proxy# mod_proxy_http<VirtualHost *:80>  ServerName YOUR_SERVER_FQDN  ServerSignature Off  ProxyPreserveHost On  # Ensure that encoded slashes are not decoded but left in their encoded state.  # http://doc.gitlab.com/ce/api/projects.html#get-single-project  AllowEncodedSlashes NoDecode  <Location />    # New authorization commands for apache 2.4 and up    # http://httpd.apache.org/docs/2.4/upgrading.html#access    Require all granted    #Allow forwarding to gitlab-workhorse    ProxyPassReverse http://127.0.0.1:8181    ProxyPassReverse http://YOUR_SERVER_FQDN/  </Location>  # Apache equivalent of nginx try files  # http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files  # http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab  RewriteEngine on  #Forward all requests to gitlab-workhorse except existing files like error documents  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]  RewriteCond %{REQUEST_URI} ^/uploads/.*  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]  # needed for downloading attachments  DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public  #Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.  ErrorDocument 404 /404.html  ErrorDocument 422 /422.html  ErrorDocument 500 /500.html  ErrorDocument 502 /502.html  ErrorDocument 503 /503.html  # It is assumed that the log directory is in /var/log/httpd.  # For Debian distributions you might want to change this to  # /var/log/apache2.  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined env=!dontlog  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined</VirtualHost>

---

nginx 配置## GitLab 8.3+#### Lines starting with two hashes (##) are comments with information.## Lines starting with one hash (#) are configuration parameters that can be uncommented.######################################        CONTRIBUTING          ######################################## If you change this file in a Merge Request, please also create## a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests#######################################         configuration         ######################################### See installation.md#using-https for additional HTTPS configuration details.upstream gitlab-workhorse {  server unix:/var/opt/gitlab/gitlab-workhorse/socket;}## Normal HTTP hostserver {  ## Either remove "default_server" from the listen line below,  ## or delete the /etc/nginx/sites-enabled/default file. This will cause gitlab  ## to be served if you visit any address that your server responds to, eg.  ## the ip address of the server (http://x.x.x.x/)n 0.0.0.0:80 default_server;  listen 0.0.0.0:80 default_server;  listen [::]:80 default_server;  server_name YOUR_SERVER_FQDN; ## Replace this with something like gitlab.example.com  server_tokens off; ## Don't show the nginx version number, a security best practice  root /opt/gitlab/embedded/service/gitlab-rails/public;  ## See app/controllers/application_controller.rb for headers set  ## Individual nginx logs for this GitLab vhost  access_log  /var/log/nginx/gitlab_access.log;  error_log   /var/log/nginx/gitlab_error.log;  location / {    client_max_body_size 0;    gzip off;    ## https://github.com/gitlabhq/gitlabhq/issues/694    ## Some requests take more than 30 seconds.    proxy_read_timeout      300;    proxy_connect_timeout   300;    proxy_redirect          off;    proxy_http_version 1.1;    proxy_set_header    Host                $http_host;    proxy_set_header    X-Real-IP           $remote_addr;    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;    proxy_set_header    X-Forwarded-Proto   $scheme;    proxy_pass http://gitlab-workhorse;  }}

2、mysql 替换 gitlab-postgres

注意：gitlab-ce-9.4.3-ce.0.el7.x86_64.rpm 为例子，当然，更高版本应该也没问题的。

提示：官方英文文档提到 gitlab 社区版是不支持mysql的，只有企业版支持。（当然，不影响你配置下面的东西）

（1）给gitlab设置一个权限帐号，再建个库

mysql> grant all privileges on *.* to gitlab@"localhost" identified by "lzour";mysql> flush privileges;mysql> CREATE DATABASE IF NOT EXISTS `gitlab` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_general_ci`;

（2）修改gitlab配置 /etc/gitlab/gitlab.rb:

# 禁止 postgresqlpostgresql['enable'] = false# mysql配置 gitlab_rails['db_adapter'] = 'mysql2'gitlab_rails['db_encoding'] = 'utf8'# 如果是不是机，就填公网IP好了gitlab_rails['db_host'] = '127.0.0.1'gitlab_rails['db_port'] = '3306'gitlab_rails['db_username'] = 'gitlab'gitlab_rails['db_password'] = 'lzour'gitlab_rails['db_host'] = "127.0.0.1"gitlab_rails['db_port'] = 3306

（3）配置完后，运行gitlab-ctl reconfigure，会报错

[root@stone ~]# gitlab-ctl reconfigure……Recipe: gitlab::database_migrations  * bash[migrate gitlab-rails database] action run    [execute] rake aborted!              Gem::LoadError: Specified 'mysql2' for database adapter, but the gem is not loaded. Add `gem 'mysql2'` to your Gemfile (and ensure its version is at the minimum required by ActiveRecord).              /opt/gitlab/embedded/service/gitlab-rails/config/environment.rb:5:in `<top (required)>'              /opt/gitlab/embedded/bin/bundle:22:in `load'              /opt/gitlab/embedded/bin/bundle:22:in `<main>'              Gem::LoadError: mysql2 is not part of the bundle. Add it to Gemfile.              /opt/gitlab/embedded/service/gitlab-rails/config/environment.rb:5:in `<top (required)>'              /opt/gitlab/embedded/bin/bundle:22:in `load'              /opt/gitlab/embedded/bin/bundle:22:in `<main>'              Tasks: TOP => gitlab:db:configure => environment              (See full trace by running task with --trace)    ================================================================================    Error executing action `run` on resource 'bash[migrate gitlab-rails database]'    ================================================================================    Mixlib::ShellOut::ShellCommandFailed    ------------------------------------## 根据提示，缺少 mysql2，用ruby的gem工具下载一个，在下载之前，得先配置下ruby的gem与bundle[root@stone bin]# vim /opt/gitlab/embedded/service/gitlab-rails/.bundle/config---BUNDLE_RETRY: "5"BUNDLE_JOBS: "9"## 把mysql改成postgresBUNDLE_WITHOUT: "development:test:postgres"## gitlab几乎所有的命令都在此目录下[root@stone ~]# cd /opt/gitlab/embedded/bin/[root@stone bin]# ./gem install mysql2  Fetching: mysql2-0.4.9.gem (100%)  Building native extensions.  This could take a while...  Successfully installed mysql2-0.4.9  Parsing documentation for mysql2-0.4.9  Installing ri documentation for mysql2-0.4.9  Done installing documentation for mysql2 after 0 seconds  1 gem installed## 先检测一下[root@stone ~]# gitlab-rake gitlab:checkYour bundle is locked to mysql2 (0.3.20), but that version could not be found in any of the sources listed in your Gemfile. If you haven't changed sources, that means the author of mysql2 (0.3.20) has removed it. You'll need to update your bundle to a different version of mysql2 (0.3.20) that hasn't been removed in order to install.Run `bundle install` to install missing gems.## 尴尬，人家只要0.3.20版的，好吧[root@stone bin]# ./gem uninstall mysql2Successfully uninstalled mysql2-0.4.9[root@stone bin]# ./gem install mysql2 -v "0.3.20"Fetching: mysql2-0.3.20.gem (100%)Building native extensions.  This could take a while...Successfully installed mysql2-0.3.20Parsing documentation for mysql2-0.3.20Installing ri documentation for mysql2-0.3.20Done installing documentation for mysql2 after 0 seconds1 gem installed## 查看一下版本号，0.3.20，成功了[root@stone bin]# ./gem list | grep mysqlmysql2 (0.3.20)## 再来检测一下（又报错……，又是少东西，好吧）[root@stone bin]# gitlab-rake gitlab:checkCould not find peek-mysql2-1.1.0 in any of the sourcesRun `bundle install` to install missing gems.[root@stone bin]# ./gem install peek-mysql2 -v 1.1.0……继续按提示，把所有东西都装好，直到检测(gitlab-rake gitlab:check)不报错【略】## 再有不懂的报错，你就QQ我好了，别的我就不写了。## 最后，成功[root@stone ~]# gitlab-ctl reconfigure……Running handlers:Running handlers completeChef Client finished, 11/330 resources updated in 43 secondsgitlab Reconfigured!

3、redis 替换 gitlab-redis

（1） 准备 - redis 示例安装目录 /usr/loacl/redis

---

[root@stone etc]# 将本机两块网卡接口地址记录下来inet xx.xx.xx.xx，inet 127.0.0.1[root@stone etc]# ifconfigeth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500        inet xx.xx.xx.xx  netmask 255.255.240.0  broadcast 172.17.239.255        ether 00:16:3e:10:66:35  txqueuelen 1000  (Ethernet)        RX packets 6900  bytes 673498 (657.7 KiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 6525  bytes 1549613 (1.4 MiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536        inet 127.0.0.1  netmask 255.0.0.0        loop  txqueuelen 1  (Local Loopback)        RX packets 9297  bytes 16797712 (16.0 MiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 9297  bytes 16797712 (16.0 MiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0---[root@stone etc]# vim /usr/local/redis/etc/redis.conf# Redis configuration file example.## Note that in order to read the configuration file, Redis must be……## 绑定本机网卡接口地址（ifconfig中的两个inet）bind 127.0.0.1 xx.xx.xx.xx……## 配置redis密码requirepass love---[root@stone etc]redis添加密码后，path/redis stop会出错，解决方法：[root@stone etc]# vim /etc/init.d/redis ……REDISPORT=6379EXEC=/usr/local/redis/bin/redis-serverREDIS_CLI=/usr/local/redis/bin/redis-cliPIDFILE=/var/run/redis.pid## 添加 PWD=lovePWD=stone……## 搜索`shutdown`，在此命令中添加 `-a $PWD`$REDIS_CLI -a $PWD -p $REDISPORT shutdown

用redis客户端 RedisDesktopManager 远程登录redis成功 （注意开放6379端口）

（2） 配置/etc/gitlab/gitlab.rb

[root@stone etc]# vim /etc/gitlab/gitlab.rb---redis['enable'] = false# 如果redis不是本机，就写公网IPgitlab_rails['redis_host'] = '127.0.0.1'gitlab_rails['redis_port'] = 6379# 此处的密码必须加引号，否则会报错gitlab_rails['redis_password'] = 'love'# 没特别的话，就放在tmp下吧gitlab_rails['redis_socket'] = '/tmp/redis.sock'

（3） 关闭gitlab-redis,重置gitlab配置

用redis-cli方法关闭，具体位置：/opt/gitlab/embedded/bin/redis-cli

( tip：我这不知道怎么回事，gitlab-redis总是关不掉，所有我直接”init 6” ……)

[root@stone ~]#gitlab-ctl reconfigure(成功)[root@stone ~]# gitlab-ctl statusrun: gitaly: (pid 480) 1632s; run: log: (pid 479) 1632srun: gitlab-monitor: (pid 6271) 18s; run: log: (pid 486) 1632srun: gitlab-workhorse: (pid 6261) 18s; run: log: (pid 484) 1632srun: logrotate: (pid 489) 1632s; run: log: (pid 488) 1632srun: node-exporter: (pid 478) 1632s; run: log: (pid 477) 1632srun: prometheus: (pid 496) 1632s; run: log: (pid 495) 1632srun: sidekiq: (pid 6243) 19s; run: log: (pid 490) 1632srun: unicorn: (pid 6228) 19s; run: log: (pid 494) 1632s(没有redis进程，哈，成功)[root@stone ~]# ps aux | grep redisroot      1184  0.0  0.4 145244  9364 ?        Ssl  17:06   0:00 /usr/local/redis/bin/redis-server 127.0.0.1:6379root      6437  0.0  0.0 112652   968 pts/0    R+   17:34   0:00 grep --color=auto redis(只有自己装的redis，成功)