gitlab使用配置

按照官网安装 (安装完成后,组件无法启动,可能是缺少一些基础库依赖,需要注意)

1. 配置文件

1
/etc/gitlab/gitlab.rb
  1. 配置url
1
external_url 'http://gitlab.xxxxx.com'

然后gitlab-ctl reconfigure
再重启 gitlab-ctl restart
单机版就可用了
2. 常用命令

1
2
3
4
5
6
7
8
gitlab-ctl status    查看状态
gitlab-ctl start (可单独启动)
gitlab-ctl stop
gitlab-ctl restart
gitlab-ctl tail 查看日志(可单独查看对应组件日志)

gitlab-ctl reconfigure 
gitlab-ctl show-config        验证配置文件
  1. 配置目录
1
2
3
4
5
6
/var/opt/gitlab/git-data/repositories/:库默认存储目录
/opt/gitlab:            应用代码和相应的依赖程序
/var/opt/gitlab:gitlab-ctl reconfigure命令编译后的应用数据和配置文件,不需要人为修改配置
/etc/gitlab:    配置文件目录
/var/log/gitlab:此目录下存放了gitlab各个组件产生的日志
/var/opt/gitlab/backups/:备份文件生成的目录
  1. 其他配置
    邮件配置
1
2
3
4
5
6
7
8
9
10
11
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = 'xxxx@163.com'
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.163.com"
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "xxxx@163.com"
gitlab_rails['smtp_password'] = "xxxxxxxx"
gitlab_rails['smtp_domain'] = "163.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = false

ldap配置(注意yaml语法)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
gitlab_rails['ldap_enabled'] = true

 gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
   main: # 'main' is the GitLab 'provider ID' of this LDAP server
     label: 'ldap'
     host: 'host'
     port: 8989
     uid: 'uid'
     bind_dn: 'dc=xxxx,dc=com'
     password: 'xxxx'
     encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
     verify_certificates: true
     active_directory: true
     allow_username_or_email_login: false
     lowercase_usernames: false
     block_auto_created_users: false
     base: 'dc=huajiao,dc=com'
     user_filter: ''
     ## EE only
     group_base: 'dc=xxxx,dc=com'
     admin_group: ''
     sync_ssh_keys: false
EOS

  1. 包含组件
1
2
3
4
5
6
7
8
9
10
11
12
13
nginx:静态Web服务器
gitlab-shell:用于处理Git命令
gitlab-workhorse:轻量级的反向代理服务器
logrotate:日志文件管理工具
postgresql:数据库/可支持mysql
redis:缓存数据库
sidekiq:用于在后台执行队列任务(异步执行)
unicorn:GitLab Rails应用是托管在这个服务器上面的。
以下是监控相关组件
gitlab-monitor
alertmanager
node-exporter
prometheus
  1. gitlab架构
    image
  2. 安装gitlab-ci

安装文档参考:http://docs.gitlab.com/runner/register/index.html

  1. 分布式部署方案

    1. 原本repositories是存放在磁盘上的, 可使用NFS
    • Unicorn / Workhorse - Web请求(UI,API,Git over HTTP)
    • Sidekiq - 异步/后台作业
    • PostgreSQL - 数据库(可以换mysql)
      • Consul - 数据库服务发现和运行状况检查/故障转移
      • PGBouncer - 数据库池管理器
    • Redis - 键/值存储(用户会话,缓存,Sidekiq队列)
      • Sentinel - Redis运行状况检查/故障转移管理器
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
postgresql['enable']= false
gitlab_rails['db_adapter'] = "mysql2"
gitlab_rails['db_encoding'] = "utf8"
gitlab_rails['db_collation'] = nil
gitlab_rails['db_database'] = "gitlab_test"
gitlab_rails['db_pool'] = 10
gitlab_rails['db_username'] = "gitlab_test"
gitlab_rails['db_password'] = "Huajiao#1234"
gitlab_rails['db_host'] = "10.10.10.10"
gitlab_rails['db_port'] = 3306
gitlab_rails['db_socket'] = nil
gitlab_rails['db_sslmode'] = nil
gitlab_rails['db_sslcompression'] = 0
gitlab_rails['db_sslrootcert'] = nil
gitlab_rails['db_prepared_statements'] = false
gitlab_rails['db_statements_limit'] = 1000

  1. 502
    1. 服务是否都启动了 gitlab-ctl status
    2. 如果down gitlab-ctl tail 查看日志
    3. 如果服务器不只有gitlab一种服务,查看端口占用,unicorn是8080端口
    4. 确认权限问题(基本上都是这个问题,只是具体出现权限问题的地方还需根据日志追踪,有些更诡异的是日志没有写入权限,啥也看不到。。。),connect() to unix:/var/opt/gitlab/gitlab-workhorse/socket failed (111: Connection refused) ,看下是否存在有该文件,以及文件和目录权限

root密码重置

1
2
3
4
5
6
7
8
9
10
11
[root@321 bin]# gitlab-rails console production
Loading production environment (Rails 4.2.5.2)
irb(main):001:0> user = User.where(id: 1).first
=> #<User id: 1, email: "admin@example.com", ...
irb(main):002:0> user.password=12345678
=> 12345678
irb(main):003:0> user.password_confirmation=12345678
=> 12345678
irb(main):004:0> user.save!
=> true
irb(main):005:0> quit