CentOS 6.5 安装Gitlab 7.12.2

来源：互联网发布：果壳网知乎编辑：程序博客网时间：2024/05/23 17:57

官网环境要求

参见：https://github.com/gitlabhq/gitlabhq

GitLab is a Ruby on Rails application that runs on the following software:

Ubuntu/Debian/CentOS/RHEL
Ruby (MRI) 2.1
Git 1.7.10+
Redis 2.0+
MySQL or PostgreSQL

For more information please see thearchitecture documentation.

##########################################

关闭防火墙，关闭SELinux

一、安装采用环境

CentOS 6.5 x86_64
Ruby 2.1.7
Git 2.4.8
Redis 2.4.10
MySQL 5.6.26
GitLab 7.12.2
GitLab Shell 2.6.2
Nginx 1.8.0
Gem 2.2.5
Bundler 1.10.6

二、系统添加EPEL、PUIAS源

1.添加EPEL源

wget -O /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 https://www.fedoraproject.org/static/0608B895.txt --no-check-certificate

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

rpm -qa gpg*

#显示gpg-pubkey-41a40948-4ce19266

2.添加PUIAS源

wget -O /etc/yum.repos.d/PUIAS_6_computational.repo https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/install/centos/PUIAS_6_computational.repo --no-check-certificatewget -O /etc/pki/rpm-gpg/RPM-GPG-KEY-puias http://springdale.math.ias.edu/data/puias/6/x86_64/os/RPM-GPG-KEY-puiasrpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-puiasrpm -qa gpg*#显示gpg-pubkey-41a40948-4ce19266

3.查看源列表，验证

输入如下命令：

yum repolist

结果如下：

repo id                                                               repo name                                                                                                   statusPUIAS_6_computational                                                 PUIAS computational Base 6 - x86_64                                                                          2,678base                                                                  CentOS-6 - Base                                                                                              6,575epel                                                                  Extra Packages for Enterprise Linux 6 - x86_64                                                              11,775extras                                                                CentOS-6 - Extras                                                                                               3510updates                                                               CentOS-6 - Updates                                                                                             254repolist: 21,327

If you can't see them listed, use the folowing command (fromyum-utils package) to enable them:

yum-config-manager --enable epel --enable PUIAS_6_computational

三、Install the required tools for GitLab

1.利用yum安装依赖包

yum -y updateyum -y groupinstall 'Development Tools'yum -y install vim-enhanced readline readline-devel ncurses-devel gdbm-devel glibc-devel tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc sqlite-devel libyaml libyaml-devel libffi libffi-devel libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel system-config-firewall-tui redis sudo wget crontabs python-devel logwatch logrotate perl-Time-HiRes libcom_err-devel.x86_64

2.源码安装Git

参见：CentOS 6.5 Git源码安装

3.源码安装Ruby

参见：CentOS 6.5 Ruby源码安装

4.源码安装MySQL

参见：CentOS 6.5 MySQL5.6.26源码安装

四、创建用户

1.创建一个Gitlab系统用户git：

adduser --system --shell /bin/bash --comment 'GitLab' --create-home --home-dir /home/git/ git

为了方便添加git用户拥有root权限 [sudoers文件默认没有写权限需要强制保存:wq!]
使用root用户执行下述命令

vim /etc/sudoers

最后添加

git     ALL=(ALL)       NOPASSWORD: ALL

2.创建一个Gitlab数据库用户并赋权

登陆MySQL，输入密码

mysql -u root -p

创建Gitlab数据库用户git：

CREATE USER 'git'@'localhost' IDENTIFIED BY '$password';#替换$password设定自己的密码CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci`;GRANT SELECT, LOCK TABLES, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON `gitlabhq_production`.* TO 'git'@'localhost';quit

五、配置服务

1.配置MySQL

配置MySQL max_allowed_packet的大小，避免POST太大的内容导致出现500错误，例如GitLab 发出MergeRequest的时候返回500错误。

vim /etc/my.cnf#在mysqld中添加max_allowed_packet，调整值，加大为一个合适的数字即可。[mysqld]max_allowed_packet=512M

重启mysql服务

service mysqld restart

2.配置redis

Make sure redis is started on boot:

chkconfig redis on

Configure redis to use sockets:

cp /etc/redis.conf /etc/redis.conf.orig

Disable Redis listening on TCP by setting 'port' to 0:

sed 's/^port .*/port 0/' /etc/redis.conf.orig | sudo tee /etc/redis.conf

Enable Redis socket for default CentOS path:

echo 'unixsocket /var/run/redis/redis.sock' | sudo tee -a /etc/redis.confecho -e 'unixsocketperm 0775' | sudo tee -a /etc/redis.conf

Activate the changes to redis.conf:

service redis restart

Add git to the redis group:

usermod -aG redis git

六、安装Gitlab

切换到git用户

su - git

设置不验证SSL

vim /home/git/.bash_profileexport GIT_SSL_NO_VERIFY=1

1.克隆Gitlab

git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-12-stable gitlab

或克隆中文版Gitlab

git clone https://gitlab.com/larryli/gitlab.git -b 7-12-zh gitlab

2.配置Gitlab

cd gitlabcp config/gitlab.yml.example config/gitlab.yml

配置config/gitlab.yml，配置Gitlab服务的端口，IP

vim config/gitlab.ymlhost: 10.149.153.81port: 8049email_from: gitlab@example.comemail_enabled: falsedefault_theme: 1

mkdir /home/git/gitlab-satelliteschmod 750 /home/git/gitlab-satellitescp config/unicorn.rb.example config/unicorn.rb

配置config/unicorn.rb，配置Ruby提供的服务端口，IP

# Find number of cores#优化系统参数/etc/security/limits.conf# Enable cluster mode if you expect to have a high load instance# Ex. change amount of workers to 3 for 2GB RAM server# Set the number of workers to at least the number of coresvim config/unicorn.rbworker_processes 3        # Set the number of workers to at least the number of corelisten "127.0.0.1:8081", :tcp_nopush => true　　　　　　　　#注意端口，避免冲突

cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rbgit config --global user.name "GitLab" git config --global user.email "gitlab@example.com" git config --global core.autocrlf inputcp config/resque.yml.example config/resque.yml

配置config/resque.yml#如果不使用默认的端口，则需要配置

3. Configure GitLab DB settings

cp config/database.yml.mysql config/database.yml# MySQL and remote PostgreSQL only:# Update username/password in config/database.yml.# You only need to adapt the production settings (first part).# If you followed the database guide then please do as follows:# Change 'secure password' with the value you have given to $password# You can keep the double quotes around the passwordvim config/database.yml修改为正确的用户名和密码分别修改git用户和root用户chmod o-rwx config/database.yml

4.Install Gems

Note: As of bundler 1.5.2, you can invokebundle install -jN
(where N the number of your processor cores) and enjoy the parallel gems installation with measurable
difference in completion time (~60% faster). Check the number of your cores with nproc.
For more information check this post.
First make sure you have bundler >= 1.5.2 (run bundle -v) as it addresses someissues
that were fixed in 1.5.2.

cd /home/git/gitlab# Or for MySQL (note, the option says "without ... postgres")修改为淘宝的ruby源vim Gemfile修改为source 'https://ruby.taobao.org/'bundle install --deployment --without development test postgres aws这一步的时间会等很久

5.Install GitLab shell

GitLab Shell is an SSH access and repository management software developed specially for GitLab.

cd /home/git/gitlabbundle exec rake gitlab:shell:install[v2.6.2] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production

报错：ExecJS::RuntimeUnavailable: Could not find a JavaScript runtime. Seehttps://github.com/sstephenson/execjs for a list of available runtimes.

处理：切换到root用户

yum -y install nodejs

配置/home/git/gitlab/Gemfile

vim /home/git/gitlab/Gemfile#末尾添加gem 'execjs'gem 'therubyracer'

cd /home/git/gitlabbundle install --no-deployment

验证：

bundle show execjsbundle show therubyracer

切回git用户，再次执行

cd /home/git/gitlabbundle exec rake gitlab:shell:install[v2.6.2] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production

配置/home/git/gitlab-shell/config.yml,配置gitlab-shell要调用的API接口

# By default, the gitlab-shell config is generated from your main GitLab config.# You can review (and modify) the gitlab-shell config as follows:vim /home/git/gitlab-shell/config.yml# Ensure the correct SELinux contexts are set# Read http://wiki.centos.org/HowTos/Network/SecuringSSHrestorecon -Rv /home/git/.ssh

6.Initialize Database and Activate Advanced Features

cd /home/git/gitlab/bundle exec rake gitlab:setup RAILS_ENV=production

Type yes to create the database.
When done you see Administrator account created:.

Note: You can set the Administrator password by supplying it in environmental variableGITLAB_ROOT_PASSWORD, eg.:

如果要修改gitlab管理员的密码，则执行这一句，否则执行上一句

bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=newpassword

7.Install Init Script

Download the init script (will be /etc/init.d/gitlab):

切换到root用户

wget -O /etc/init.d/gitlab https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/sysvinit/centos/gitlab-unicorn --no-check-certificatechmod +x /etc/init.d/gitlabchkconfig --add gitlabchkconfig gitlab on

8.Set up logrotate

切换到root用户

cd /home/git/gitlabcp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab

9.Check Application Status

Check if GitLab and its environment are configured correctly:

切回git用户

cd /home/git/gitlabbundle exec rake gitlab:env:info RAILS_ENV=production#Compile assetsbundle exec rake assets:precompile RAILS_ENV=production

切回root，执行

service gitlab start

七、Configure the web server

Use either Nginx or Apache, not both. Official installation guide recommends nginx.

Nginx

You will need a new version of nginx otherwise you might encounter an issue likethis.
To do so, follow the instructions provided by the nginx wiki and then install nginx with:

rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpmyum updateyum -y install nginxchkconfig nginx on使用SSlwget -O /etc/nginx/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-ce/raw/master/lib/support/nginx/gitlab-ssl --no-check-certificate不使用SSLwget -O /etc/nginx/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-ce/raw/master/lib/support/nginx/gitlab --no-check-certificate

最后加上--no-check-certificate不检查证书，这里不使用SSL

Edit /etc/nginx/conf.d/gitlab.conf and replacegit.example.com with your FQDN. Make sure to read the comments in order to properly set up SSL.

vim /etc/nginx/conf.d/gitlab.conf去掉listen后面的default_server，修改为正确的端口号去掉 listen [::]:修改server_name 为本机的IP地址修改client_max_body_size 256m;否则当推送较多数据到 gitlab 上时，会由于数据过大，而出现错误fatal: The remote end hung up unexpectedly fatal: The remote end hung up unexpectedly error: RPC failed; result=22, HTTP code = 413

Add nginx user togit group:

usermod -a -G git nginx

Finally start nginx with:

service nginx start

Test Configuration

Validate your gitlab or gitlab-ssl Nginx config file with the following command:

nginx -t

八、Double-check Application Status

To make sure you didn't miss anything run a more thorough check with:

su - gitcd /home/git/gitlabbundle exec rake gitlab:check RAILS_ENV=production

九、Initial Login

Visit YOUR_SERVER in your web browser for your first GitLab login.
The setup has created an admin account for you. You can use it to log in:

root5iveL!fe

#####################以上即完成了Gitlab的搭建################################

十、后期维护

1.Upgrade GitLab Shell

GitLab Shell might be outdated, running the commands below ensures you're using a compatible version:

su - gitcd /home/git/gitlab-shellgit fetchgit checkout v`cat /home/git/gitlab/GITLAB_SHELL_VERSION`

2.Upgrade GitLab

One line upgrade command
You've read through the entire guide and probably already did all the steps one by one.

Here is a one line command with step 1 to 5 for the next time you upgrade:

切换到git用户

cd /home/git/gitlab; \sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production; \sudo service gitlab stop; \if [ -f bin/upgrade.rb ]; then sudo -u git -H ruby bin/upgrade.rb -y; else sudo -u git -H ruby script/upgrade.rb -y; fi; \cd /home/git/gitlab-shell; \sudo -u git -H git fetch; \sudo -u git -H git checkout v`cat /home/git/gitlab/GITLAB_SHELL_VERSION`; \cd /home/git/gitlab; \exit; \sudo service gitlab start; \sudo service nginx restart; sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production

3.Upgrade `/etc/init.d/gitlab`

wget https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/sysvinit/centos/gitlab-unicornmv gitlab-unicorn gitlabcp -f gitlab /etc/init.d/gitlabrm gitlab

复制完后，要删除/etc/init.d/gitlab.swap文件

4.Gitlab源代码更新

cd /home/git/gitlab/git fetch origingit merge origin/7-5-zh#重启 gitlabservice gitlab restart

十一、Gitlab 备份

官网的备份说明

https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/raketasks/backup_restore.md

查看备份设置

vim /home/git/gitlab/config/gitlab.yml

检查Backup Settings设置项
默认情况下，备份文件是存放在/home/git/gitlab/tmp/backups/

执行备份

sudo service gitlab stop # 先停止Gitlab，可以不暂停cd /home/git/gitlab/sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production

执行完成后，会在/home/git/gitlab/tmp/backups/目录下创建一个备份俄文件，以时间戳_gitlab_backup命名如 1417040627_gitlab_backup.tar

重新启动

sudo service gitlab startsudo service nginx restart

还原

需要给其他用户配置读写执行的权限

chmod o+wrx /home/git/.ssh/authorized_keys.lock

否则会出现如下错误，是由于没有权限
/home/git/gitlab-shell/lib/gitlab_keys.rb:101:in `initialize': Permission denied @ rb_sysopen - /home/git/.ssh/authorized_keys.lock (Errno::EACCES)

需要使用 git 用户来执行，否则会没有权限操作 git 目录下的文件，timestamp_of_backup为时间戳如 1417040627

sudo service gitlab stopcd /home/git/gitlab/ sudo -u git -H bundle exec rake gitlab:backup:restore BACKUP=timestamp_of_backup RAILS_ENV=productionsudo service gitlab startsudo service nginx restartsudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production

设置自动备份

sudo service gitlab stop;cd /home/git/gitlab;sudo -u git -H editor config/gitlab.yml; # Enable keep_time in the backup section to automatically delete old backups

keep_time参数默认是604800（单位是秒），因此会保留最近7天内的备份

sudo -u git crontab -e # Edit the crontab for the git user

将如下内容添加到文件末尾

# Create a full backup of the GitLab repositories and SQL database every day at 2am0 2 * * * cd /home/git/gitlab && PATH=/usr/local/bin:/usr/bin:/bin bundle exec rake gitlab:backup:create RAILS_ENV=production CRON=1

每天凌晨2点自动备份

The CRON=1 environment setting tells the backup script to suppress all progress output if there are no errors. This is recommended to reduce cron spam.