006-虚拟机或物理机部署Gitlab

作者：Odboy (opens new window)

本站地址：https://blog.odboy.cn (opens new window)

前言

容器化部署gitlab有各种各样奇怪的问题，所以决定裸机部署

部署节点

192.168.235.104

写hosts记录

cat << EOF >> /etc/hosts
192.168.235.103 kenaito-redis.odboy.local
192.168.235.103 kenaito-mysql.odboy.local
192.168.235.103 kenaito-minio.odboy.local
192.168.235.103 kenaito-register.odboy.local
192.168.235.104 kenaito-gitlab.odboy.local
EOF

安装包

• gitlab https://packages.gitlab.com/gitlab/gitlab-ce (opens new window)
• gitlab-runner https://gitlab.com/gitlab-org/gitlab-runner/-/tags (opens new window)

Gitlab Version	Gitlab Url	Runner Version	Runner Url	Download Url
17.5.2	wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-14.8.2-ce.0.el7.x86_64.rpm/download.rpm	17.5.2	https://gitlab.com/gitlab-org/gitlab-runner/-/releases/v17.5.2	https://gitlab.com/gitlab-org/gitlab-runner/-/releases/v17.5.2/downloads/binaries/gitlab-runner-linux-amd64
14.8.2	wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-14.8.2-ce.0.el7.x86_64.rpm/download.rpm	14.8.2	https://gitlab.com/gitlab-org/gitlab-runner/-/releases/v14.8.2	https://gitlab.com/gitlab-org/gitlab-runner/-/releases/v14.8.2/downloads/binaries/gitlab-runner-linux-amd64

下载安装包

wget --content-disposition https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-17.5.2-ce.0.el7.x86_64.rpm/download.rpm

部署Gitlab

# 如果出现Gitlab和狐狸图案，说明安装成功
yum install policycoreutils-python -y
rpm -i gitlab-ce-17.5.2-ce.0.el7.x86_64.rpm

配置还原（如果配置搞坏了，服务起不来可用）

cat /opt/gitlab/etc/gitlab.rb.template > /etc/gitlab/gitlab.rb

配置Gitlab

vi /etc/gitlab/gitlab.rb
# -------------------- 替换为以下内容 -----------------
# 设置url地址，web站点访问地址
external_url 'http://kenaito-gitlab.odboy.local:20080'
# 关闭反垃圾邮件引擎
spamcheck['enable'] = false
# 关闭备份
gitlab_backup_cli['enable'] = false
# 设置ssh地址，ssh访问地址
gitlab_rails['gitlab_ssh_host'] = 'kenaito-gitlab.odboy.local'
#gitlab_rails['gitlab_shell_ssh_port'] = 20022
gitlab_rails['gitlab_shell_ssh_port'] = 22
gitlab_rails['gitlab_shell_git_timeout'] = 800
gitlab_rails['time_zone'] = 'Asia/Shanghai'
### Git LFS
gitlab_rails['lfs_enabled'] = true
# ================ Nginx配置 ================
nginx['enable'] = true
# Gitlab默认用这个端口号作为其Nginx的监听端口
nginx['listen_port'] = 20080
nginx['client_max_body_size'] = '512m'
# nginx进程数
nginx['worker_processes'] = 4
nginx['worker_connections'] = 10240
# 设置是否监听https
nginx['listen_https'] = false
# ================ http服务器 ================
# http服务器，worker=cpu核数+1
puma['enable'] = true
puma['worker_processes'] = 4
puma['min_threads'] = 4
puma['max_threads'] = 4
# ================ Sidekip是Gitlab的异步任务队列 ================
sidekiq['enable'] = true
# 设置sidekiq并发数，默认值25
sidekiq['concurrency'] = 5
# ================ API限流 ================
gitlab_workhorse['enable'] = true
gitlab_workhorse['api_limit'] = 0
gitlab_workhorse['api_queue_limit'] = 0
gitlab_pages['rate_limit_source_ip'] = 0
gitlab_pages['rate_limit_domain'] = 0
gitlab_pages['rate_limit_tls_source_ip'] = 0
gitlab_pages['rate_limit_tls_domain'] = 0
# ================ 数据库 ================
# 使用内置的postgresql
postgresql['enable'] = true
# 设置数据库缓存，默认256MB，这里设置为1GB
postgresql['shared_buffers'] = "1GB"
# 设置数据库并发数
postgresql['max_worker_processes'] = 4
# 使用内置的redis
redis['enable'] = true
redis['maxclients'] = "5000"
# ================ 禁用 容器仓库 ================
registry['enable'] = false
registry_nginx['enable'] = false
gitlab_rails['gitlab_default_projects_features_container_registry'] = false
gitlab_rails['registry_enabled'] = false 
# ================ 关闭 包仓库、依赖管理 ================
gitlab_rails['packages_enabled'] = false
gitlab_rails['dependency_proxy_enabled'] = false
# ================ 关闭 GitLab Pages ================
gitlab_pages['enable'] = false
pages_nginx['enable'] = false
# ================ 关闭 邮箱 ================
gitlab_rails['smtp_enable'] = false
# ================ 应用性能分析和上报 Usage Statistics ================
gitlab_rails['usage_ping_enabled'] = false
gitlab_rails['sentry_enabled'] = false
# ================ 关闭对k8s的cd功能 ================
# GitLab-KAS And Terraform
gitlab_kas['enable'] = false
gitlab_rails['gitlab_kas_enabled'] = false
gitlab_rails['terraform_state_enabled'] = false
# ================ 关闭Kerberos和sentinel ================
gitlab_rails['kerberos_enabled'] = false
sentinel['enable'] = false
# ================ 关闭自带聊天Mattermost ================
mattermost['enable'] = false
mattermost_nginx['enable'] = false
# ================ 关闭 监控和性能基准相关功能 ================
prometheus_monitoring['enable'] = false
prometheus['enable'] = false
alertmanager['enable'] = false
node_exporter['enable'] = false
redis_exporter['enable'] = false
postgres_exporter['enable'] = false
pgbouncer_exporter['enable'] = false
gitlab_exporter['enable'] = false
sidekiq['metrics_enabled'] = false

重启gitlab

gitlab-ctl reconfigure
gitlab-ctl restart

查看默认密码

[root@localhost ~]# cat /etc/gitlab/initial_root_password
# WARNING: This value is valid only in the following conditions
#          1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`，it was provided before database was seeded for the first time (usually，the first reconfigure run).
#          2. Password hasn't been changed manually，either via UI or via command line.
#
#          If the password shown here doesn't work，you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.

Password: 4GLTsBMCBaUKjcHJHf4mH3AZu4YvSmYZ9/o0nU3hJF0=

# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.

一定要改一个没有特殊符号的密码，否则后面的流程走不通

修改密码 http://kenaito-gitlab.odboy.local:20080/-/user_settings/password/edit (opens new window)

# 默认密码
4GLTsBMCBaUKjcHJHf4mH3AZu4YvSmYZ9/o0nU3hJF0=

# 新密码，最好不要有 / 和 = 号
BMCBaUKjcHJHf4mH3AZu4YvSm