omnibus gitlab-ce安裝
阿新 • • 發佈:2018-08-15
name new fix disable window client enforce tor 自動
架構
關閉防火墻
[root@gitlab ~]# systemctl stop firewalld
[root@gitlab ~]# systemctl disable firewalld
關閉SELinux
[root@gitlab ~]# setenforce 0
setenforce: SELinux is disabled安裝依賴組件
[root@gitlab ~]# yum -y install curl policycoreutils openssh-server openssh-clients postfix下載gitlab-ce倉庫
curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | bash
。
啟動郵件服務器
[root@gitlab data]# systemctl start postfix
[root@gitlab data]# systemctl enable postfix安裝gitlab
安裝omnibus gitlab-ce
omnibus相當於一鍵安裝包,自動安裝gitlab所依賴的所有組件
yum -y install gitlab-ce創建私鑰與證書
[root@gitlab data]# mkdir /etc/gitlab/ssl [root@gitlab data]# openssl genrsa -out "/etc/gitlab/ssl/gitlab.aubin.com.key" 2048 創建申請證書 openssl req -new -key "/etc/gitlab/ssl/gitlab.aubin.com.key" -out "/etc/gitlab/ssl/gitlab.aubin.com.csr Country Name (2 letter code) [XX]:cn # 國家 State or Province Name (full name) []:bj # 省份 Locality Name (eg, city) [Default City]:bj # 城市 Organization Name (eg, company) [Default Company Ltd]:ctyun # 公司名 Organizational Unit Name (eg, section) []:ops # 部門 Common Name (eg, your name or your server's hostname) []:gitlab.aubin.com Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: 給申請證書簽名 [root@gitlab data]# openssl x509 -req -days 3650 -in "/etc/gitlab/ssl/gitlab.aubin.com.csr" -signkey "/etc/gitlab/ssl/gitlab.aubin.com.key" -out "/etc/gitlab/ssl/gitlab.aubin.com.crt" 創建pem openssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048 修改權限 chmod 600 /etc/gitlab/ssl/*
配置gitlab
nginx['redirect_http_to_https'] = ture nginx['ssl_client_certificate'] = "/etc/gitlab/ssl/gitlab.aubin.com.crt" nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.aubin.com.crt" nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.aubin.com.key" nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem" nginx['listen_addresses'] = ['*'] nginx['listen_port'] = 9000
初始化所有配置
[root@gitlab ssl]# gitlab-ctl reconfigure配置本地windows住的hosts文件
# gitlab
42.81.133.59 gitlab.aubin.com瀏覽器訪問
初次進入需要設置管理員密碼(默認賬號為root),前面配置了nginx為https訪問,所以訪問地址應該為https
https://IP:9000
nginx配置文件
修改配置文件後要重啟gitlabgitlab-ctl restart
/var/opt/gitlab/nginx/conf/gitlab-http.confomnibus gitlab-ce安裝