If you install Postfix to send email please select ‘Internet Site’ during setup. Instead of using Postfix you can also use Sendmail or configure a custom SMTP server and configure it as an SMTP server.
On Centos 6 and 7, the commands below will also open HTTP and SSH access in the system firewall.
sudo yum install curl openssh-server openssh-clients postfix cronie
sudo service postfix start
sudo chkconfig postfix on
sudo lokkit -s http -s ssh
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
sudo yum install gitlab-ce
If you are not comfortable installing the repository through a piped script, you can find the entire script here and select and download the package manually and install using
curl -LJO https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/6/gitlab-ce-XXX.rpm/download
rpm -i gitlab-ce-XXX.rpm
Configure domain, in /etc/gitlab/gitlab.rb
:
external_url "http://gitlab.example.com"
sudo gitlab-ctl reconfigure
On your first visit, you’ll be redirected to a password reset screen to provide the password for the initial administrator account. Enter your desired password and you’ll be redirected back to the login screen.
The default account’s username is root. Provide the password you created earlier and login. After login you can change the username if you wish.
In file /var/opt/gitlab/gitlab-rails/etc/gitlab.yml
and /opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml
modify
gitlab:
## Web server settings (note: host is the FQDN, do not include http://)
host: localhost
port: 80
https: false
and
gitlab:
host: localhost
port: 80
to your ip address, and port to your custom port ,eg:880
Then, in /var/opt/gitlab/nginx/conf/gitlab-http.conf
, modify port to your custom port.
server {
listen *:80;
}
Git LFS objects can be large in size. By default, they are stored on the server GitLab is installed on. There are two configuration options to help GitLab server administrators:
Omnibus packages
In/etc/gitlab/gitlab.rb
:
gitlab_rails['lfs_enabled'] = false
# Optionally, change the storage path location. Defaults to
# `#{gitlab_rails['shared_path']}/lfs-objects`. Which evaluates to
# `/var/opt/gitlab/gitlab-rails/shared/lfs-objects` by default.
gitlab_rails['lfs_storage_path'] = "/mnt/storage/lfs-objects"
Installations from source
In/opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml
:
lfs:
enabled: true
storage_path: /mnt/storage/lfs-objects
sudo yum install -y curl policycoreutils-python openssh-server openssh-clients
sudo systemctl enable sshd
sudo systemctl start sshd
sudo firewall-cmd --permanent --add-service=http
sudo systemctl reload firewalld
sudo yum install postfix
sudo systemctl enable postfix
sudo systemctl start postfix
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
yum install gitlab-ce-11.2.3* -y --nogpgchec # 安装11.2.3版本的gitlab
yum install gitlab-ce-11.2.3* -y --nogpgchec # 加上--nogpgchec
systemctl start firewalld
yum -y install lokkit
ruby_block[supervise_redis_sleep] action run
运行sudo systemctl restart gitlab-runsvdir
然后再执行sudo gitlab-ctl reconfigure
gitlab-ctl stop #停止gitlab
gitlab-ctl restart #重启gitlab
rpm -e gitlab-ce #卸载gitlab
ps aux | grep gitlab #查看进程
kill -9 18777 #杀掉进程
find / -name gitlab | xargs rm -rf #删除所有包含gitlab的文件
nginx config:
# gitlab socket 文件地址
upstream gitlab {
# 7.x 版本在此位置
# server unix:/var/opt/gitlab/gitlab-rails/tmp/sockets/gitlab.socket;
# 8.0 位置
server unix://var/opt/gitlab/gitlab-rails/sockets/gitlab.socket;
}
log_format gitlab_access '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';
log_format gitlab_mattermost_access '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';
proxy_cache_path proxy_cache keys_zone=gitlab:10m max_size=1g levels=1:2;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
include /var/opt/gitlab/nginx/conf/gitlab-http.conf;
include /var/opt/gitlab/nginx/conf/nginx-status.conf;
docker stop gitlab
docker rm gitlab
# from 11.2.3 to 11.2.4
docker run --detach \
--hostname git.marstau.com \
--publish 443:443 --publish 88:80 --publish 2222:22 \
--name gitlab \
--restart always \
--volume ~/softwares/docker/gitlab/config:/etc/gitlab \
--volume ~/softwares/docker/gitlab/logs:/var/log/gitlab \
--volume ~/softwares/docker/gitlab/data:/var/opt/gitlab \
gitlab/gitlab-ce:11.2.4-ce.0
sudo docker exec -it gitlab /bin/bash
gitlab-ctl reconfigure
gitlab-ctl status #查看运行状态
gitlab-ctl restart nginx # gitlab-ctl 守护进程启动的 nginx.
cat /opt/gitlab/embedded/service/gitlab-rails/VERSION # 查看gitlab版本号
sudo gitlab-ctl tail postgresql # 检查postgresql运行状态
sudo gitlab-rake gitlab:check #校验gitlab安装状态
sudo gitlab-ctl tail
禁用自带nginx
vim /etc/gitlab/gitlab.rb
禁用
nginx['enable'] = false
重启nginx
sudo /usr/local/nginx/sbin/nginx -s reload
sudo gitlab-ctl reconfigure
配置gitlab ssh端口
gitlab_rails['gitlab_shell_ssh_port'] = 2222
权限配置
访问会报502。原本是 使用自己安装的nginx用户无法访问gitlab用户的 socket 文件,用户权限配置,因人而异。粗暴地:
sudo chmod -R o+x /var/opt/gitlab/gitlab-rails
sudo chmod -R o+x /var/opt/gitlab/gitlab-workhorse
/var/log/gitlab/gitlab-rails
find ./ -name *.log | xargs rm -rf
sudo -u gitlab-psql /opt/gitlab/embedded/bin/psql -h /var/opt/gitlab/postgresql -d gitlabhq_production
In Profile settings -> Access tokens
requirements.txt for python
-e git+http://username:access_token@ip/project/projectname.git@#egg=services
/opt/gitlab/embedded/service/gitlab-rails/public
run sudo vim /etc/gitlab/gitlab.rb
:
external_url 'https://domain.com'
nginx['ssl_certificate'] = "/etc/gitlab/ssl/domain.com.pem"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/domain.com.key"
// optional
nginx['redirect_http_to_https'] = true
sudo mkdir -p /etc/gitlab/ssl
sudo chmod 700 /etc/gitlab/ssl
gitlab-http.conf
in /var/opt/gitlab/nginx/conf
modify to below:
server {
listen *:443;
server_name domain.com;
server_tokens off; ## Don't show the nginx version number, a security best practice
ssl_certificate /etc/gitlab/ssl/domain.com.pem;
ssl_certificate_key /etc/gitlab/ssl/domain.com.key;
ssl on;
// ...
}
server {
listen *:80;
server_name domain.com;
rewrite ^(.*) https://domain.com$1 permanent;
}
sudo gitlab-ctl reconfigure
batch response: Post https://domain.com/X/test.git/info/lfs/objects/batch: dial tcp 192.168.1.1
29:443: connectex: A connection attempt failed because the connected party did not properly respond
after a period of time, or established connection failed because connected host has failed to respon
d.
Solution:
in /etc/gitlab/gitlab.rb
, external_url
要使用http,不能使用https.
Run systemctl status postfix.service
, send error:Failed to start Postfix Mail Transport Agent.
In /var/log/maillog
, It records fatal: parameter inet_interfaces: no local interface found
.
Solution:More
In vim /etc/postfix/main.cf
, replace:
inet_interfaces = localhost
to
inet_interfaces = all
#vim /etc/postfix/main.cf
myhostname = mail.mydomain.com #不能为IP
the problem of repositories
permission
chmod 2770 /var/opt/gitlab/git-data/repositories
run
on resource ‘execute[clear the gitlab-rails cache]’sudo gitlab-rake cache:clear
Use http clone occurs error 502, check if you didn’t add port. eg: http://name:private_token@192.168.1.2:880/Common/Common.git
修改nginx配置client_max_body_size 4096m;
nginx配置使用gitlab的配置
Fatal error: Server error: http://domain.com/group/project.git/gitlab-lfs/objects/1f1f186edcc09b8677bc1037f3f812dff89077187b24c8558ca2a89186ea3251/7254673
error: failed to push some refs to 'git@domain.com:group/project.git
Solution:
升级gitlab到11.2.3
Maybe a problem with git-lfs-authenticateMore
检查.gitignore
文件是否有类似如下配置
[url "https://username:djskfjkd@git.domain.com/"]
insteadOf = https://git.domain.com/
Parameters: {"utf8"=>"?., "authenticity_token"=>"FH+0p+xxxxxx==", "user"=>{"login"=>"marstau", "password"=>"[FILTERED]", "remember_me"=>"0"}}
Can't verify CSRF token authenticity
Completed 422 Unprocessable Entity in 58ms (ActiveRecord: 3.5ms)
ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
lib/gitlab/performance_bar/peek_performance_bar_with_rack_body.rb:16:in `call'
lib/gitlab/middleware/multipart.rb:93:in `call'
lib/gitlab/request_profiler/middleware.rb:14:in `call'
lib/gitlab/middleware/go.rb:16:in `call'
lib/gitlab/etag_caching/middleware.rb:11:in `call'
lib/gitlab/request_context.rb:18:in `call'
lib/gitlab/metrics/requests_rack_middleware.rb:27:in `call'
Solution:More
"X-Forwarded-Proto" => "https",
"X-Forwarded-Ssl" => "on"
/etc/gitlab/gitlab.rb
add:
nginx['proxy_set_headers'] = {
"X-Forwarded-Proto" => "http",
"CUSTOM_HEADER" => "VALUE"
}
Error downloading object: db/file.sql (bdd1171): Smudge error: Error downloading db/file.sql (bdd1171baebb881ed95c29deefd554e76ebf9a0d358769d2f2f3e31c3dd44127): batch response: Post "https://github.com/project.git/info/lfs/objects/batch": x509: certificate has expired or is not yet valid: current time 2021-10-10T11:05:41+08:00 is after 2020-04-26T12:00:00Z
Moregit config --global http.sslVerify false
数据过大,直接使用import的方式导入