1.gitlab的安装
# wget
https://mirror.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-10.7.3-ce.0.el7.x86_64.rpm
# yum localinstall gitlab-ce-10.7.3-ce.0.el7.x86_64.rpm
/opt/gitlab 存放所有gitlab本身的代码和依赖库
/var/opt/gitlab 存放gitlab-ctl reconfigure写入的应用数据和配置文件
/etc/gitlab
用于存放omnibus-gitlab的配置文件,我们只可以手工修改这里的配置文件,其他地方的配置由gitlab自动生成。
/var/log/gitlab 用于存放gitlab所有组件产生的日志文件
2.配置gitlab使用ssl加密
# mkdir -p /etc/gitlab/ssl
# cd /etc/gitlab/ssl
# chmod 700 /etc/gitlab/ssl
创建自签名证书
# openssl req -x509 -newkey rsa:4096 -keyout key.pem -out
cert.pem -days 365 -nodes \
-subj
"/C=CN/ST=Beijing/L=Beijing/O=mycompany/OU=OPS/CN=gitlab.example.com"
CN= 这里输入Gitlab所在机器的FQDN.
可以用下边命令来确认生成的PEM证书是否是有效的
# openssl x509 -in cert.pem -text -noout
生成DH文件
# openssl dhparam -out dhparams.pem 4096
修改证书文件属性
# chmod 600 /etc/gitlab/ssl/*
配置nginx使用SSL证书
# vi /etc/gitlab/gitlab.rb
...
external_url 'https://gitlab.example.com'
...
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/cert.pem"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/key.pem"
...
nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem"
...
重新配置gitlab
# gitlab-ctl reconfigure
重启gitlab
# gitlab-ctl restart
3.gitlab的日常操作
3.1 默认数据存放路径更改
# vi /etc/gitlab/gitlab.rb
...
git_data_dir “/var/opt/gitlab/git-data”
...
3.2 gitlab日常操作命令
# gitlab-ctl start
# gitlab-ctl stop
# gitlab-ctl restart
3.3 查看日志
gitlab 默认的日志文件存放在/var/log/gitlab 目录下
# gitlab-ctl tail
# gitlab-ctl tail nginx/gitlab_acces.log
# gitlab-ctl tail postgresql
4.gitlab的数据备份
gitlab自带备份工具,会在数据备份路径下,生成[TIMESTAMP]_gitlab_backup.tar
默认的数据备份存放路径
# vi /etc/gitlab/gitlab.rb
...
gitlab_rails['backup_path'] = "/var/opt/gitlab/backups"
...
创建备份
# gitlab-rake gitlab:backup:create
也可以跳过备份一些数据,可选项为: db, uploads (附件), repositories
# gitlab-rake gitlab:backup:create SKIP=db,uploads
5.gitlab数据备份的恢复
# cp 1393513186_gitlab_backup.tar
/var/opt/gitlab/backups/
关闭连接数据库的进程
# gitlab-ctl stop unicorn
# gitlab-ctl stop sidekiq
从备份文件中恢复数据库
# gitlab-rake gitlab:backup:restore BACKUP=1393513186
重启itLab
# gitlab-ctl start
创建 satellites
# gitlab-rake gitlab:satellites:create
检查gitlab是否正常
# gitlab-rake gitlab:check SANITIZE=true
6.gitlab配置文件的备份与恢复
上述的备份过程并不会备份gitlab的配置文件,所以需要手工备份/etc/gitlab目录。
# sh -c 'umask 0077; tar -cf $(date "+etc-gitlab-%s.tar") -C /
etc/gitlab'
做成每天备份的cron job
# crontab -e -u root
15 04 * * 2-6 umask 0077; tar cfz
/secret/gitlab/backups/$(date "+etc-gitlab-\%s.tgz") -C /
etc/gitlab
恢复,如果已存在的/etc/gitlab,先重命名一下
# mv /etc/gitlab /etc/gitlab.$(date
+%s)
从备份文件中恢复配置数据
# tar -xf etc-gitlab-1399948539.tar -C /
还要记得备份ssh key
# tar -cf $(date "+sshkey-%s.tar") -C / etc/ssh
5.测试gitlab
# git config --global user.name "example"
# git config --global user.email "admin@dhj.com"
# git clone
https://example@gitlab.dhj.com/example/demo.git
# cd demo/
# vim README.md
# git add .
# git commit -m 'Add README.md file by example user'
# git push origin master
参考文档:
https://www.bonusbits.com/wiki/HowTo:Setup_HTTPS_for_Gitlab
/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl
https://vaelen.org/2016/02/05/adding-certificates-to-ubuntu-and-gitlab/
https://www.akadia.com/services/ssh_test_certificate.html
https://www.howtoforge.com/tutorial/how-to-install-and-configure-gitlab-ce-on-centos-7/
https://www.icicletech.com/blog/gitlab-backup-made-easy
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/backups.md#backup-and-restore-omnibus-gitlab-configuration
