---------------------------------------------------------------------------
-- GitLab install
---------------------------------------------------------------------------
1. Install and configure the necessary dependencies
---------------------------------------------------------------------------
On CentOS 7 (and RedHat/Oracle/Scientific Linux 7), the commands below will also open HTTP and SSH access in the system firewall.
sudo yum install -y curl policycoreutils-python openssh-server
sudo systemctl enable sshd
sudo systemctl start sshd
sudo firewall-cmd --permanent --add-service=http
sudo systemctl reload firewalld
Next, install Postfix to send notification emails. If you want to use another solution to send emails please skip this step and configure an external SMTP server after GitLab has been installed.
sudo yum install postfix
sudo systemctl enable postfix
sudo systemctl start postfix
During Postfix installation a configuration screen may appear. Select 'Internet Site' and press enter. Use your server's external DNS for 'mail name' and press enter. If additional screens appear, continue to press enter to accept the defaults.
2. Add the GitLab package repository and install the package
---------------------------------------------------------------------------
Add the GitLab package repository.
# gitlab-ee
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
# gitlab-ce
curl -s https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
Next, install the GitLab package. Change `http://gitlab.example.com` to the URL at which you want to access your GitLab instance. Installation will automatically configure and start GitLab at that URL. HTTPS requires additional configuration after installation.
# gitlab-ee
sudo EXTERNAL_URL="http://gitlab.example.com" yum install -y gitlab-ee
# gitlab-ce
sudo EXTERNAL_URL="http://gitlab.example.com" yum install -y gitlab-ce
3. Browse to the hostname and login
---------------------------------------------------------------------------
On your first visit, you'll be redirected to a password reset screen. Provide the password for the initial administrator account and you will be redirected back to the login screen. Use the default account's username root to login.
See our documentation for detailed instructions on installing and configuration.
4. Set up your communication preferences
---------------------------------------------------------------------------
Visit our email subscription preference center to let us know when to communicate with you. We have an explicit email opt-in policy so you have complete control over what and how often we send you emails.
Twice a month, we send out the GitLab news you need to know, including new features, integrations, docs, and behind the scenes stories from our dev teams. For critical security updates related to bugs and system performance, sign up for our dedicated security newsletter.
IMPORTANT NOTE: If you do not opt-in to the security newsletter, you will not receive security alerts.
5. gitlab restart
---------------------------------------------------------------------------
systemctl restart gitlab-runsvdir
systemctl status gitlab-runsvdir
systemctl list-units --type=service
systemctl list-units --type=service --state=running
systemctl list-unit-files |grep docker
https://about.gitlab.com/installation/#centos-7
---------------------------------------------------------------------------
-- # gitlab offline install
---------------------------------------------------------------------------
1. gitlab rpm download
---------------------------------------------------------------------------
https://packages.gitlab.com/gitlab/gitlab-ce
# latest version
https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-11.3.0-ce.0.el7.x86_64.rpm
https://packages.gitlab.com/gitlab/gitlab-ee/packages/el/7/gitlab-ee-11.3.0-ee.0.el7.x86_64.rpm
2. 내려받은 rpm을 서버에 upload하고 설치합니다.
---------------------------------------------------------------------------
rpm -ivh gitlab-ce-11.3.0-ce.0.el7.x86_64.rpm
3. gitlab 설치
---------------------------------------------------------------------------
local dns에 해당 domain을 등록합니다.
(또는 /etc/host파일에 domain등록)
sudo EXTERNAL_URL="http://gitlab.example.com" yum install -y gitlab-ee
4. console login & 사용자 등록
---------------------------------------------------------------------------
http://gitlab.example.com
5. gitlab 재기동
---------------------------------------------------------------------------
systemctl restart gitlab-runsvdir
systemctl status gitlab-runsvdir
6. gitlab external web port change
---------------------------------------------------------------------------
sudo -e /etc/gitlab/gitlab.rb
# nginx: 90, unicorn: 8090로 변경하는 경우
external_url 'http://gitlab.example.com:90'
unicorn['worker_timeout'] = 60
unicorn['listen'] = '127.0.0.1'
unicorn['port'] = 8090 # 8080 => 8090
sudo gitlab-ctl reconfigure
cat /var/opt/gitlab/gitlab-rails/etc/gitlab.yml
production: &base
#
# 1. GitLab app settings
# ==========================
## GitLab settings
gitlab:
## Web server settings (note: host is the FQDN, do not include http://)
host: gitlab.example.com
port: 90
https: false
gitlab-ctl stop
gitlab-ctl start
netstat -anp | grep :90
netstat -anp | grep :8090
# console 로그인
http://gitlab.example.com:90
https://docs.gitlab.com/omnibus/settings/configuration.html
https://docs.gitlab.com/omnibus/settings/nginx.html
7. Manually configuring HTTPS
---------------------------------------------------------------------------
/etc/gitlab/gitlab.rb
external_url "https://gitlab.example.com:3443"
sudo mkdir -p /etc/gitlab/ssl
sudo chmod 700 /etc/gitlab/ssl
sudo cp gitlab.example.com.key gitlab.example.com.crt /etc/gitlab/ssl/
# SSL firewall-cmd
sudo firewall-cmd --permanent --add-service=https
sudo systemctl reload firewalld
# Redirect HTTP requests to HTTPS
external_url "https://gitlab.example.com:3443"
nginx['redirect_http_to_https'] = true
# For GitLab
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key"
# Setting the NGINX listen port
nginx['listen_port'] = 8081
sudo gitlab-ctl reconfigure
systemctl restart gitlab-runsvdir
systemctl status gitlab-runsvdir sudo gitlab-ctl restart
sudo gitlab-ctl stop
systemctl restart gitlab-runsvdir
systemctl status gitlab-runsvdir
systemctl list-units --type=service
systemctl list-units --type=service --state=running
systemctl list-unit-files |grep docker
8. Supporting proxied SSL
---------------------------------------------------------------------------
vi /etc/gitlab/gitlab.rb
registry_external_url 'https://registry.example.com'
registry_nginx['listen_port'] = 80
registry_nginx['listen_https'] = false
# Setting HTTP Strict Transport Security
nginx['hsts_max_age'] = 31536000 # default: 1 year
nginx['hsts_include_subdomains'] = false
---------------------------------------------------------------------------
-- Gitlab Install (OpenShift)
---------------------------------------------------------------------------
1. private docker registry Image Import
---------------------------------------------------------------------------
docker pull gitlab/gitlab-ce
docker tag gitlab/gitlab-ce:latest registry.example.com:5000/gitlab/gitlab-ce:latest
docker push registry.example.com:5000/gitlab/gitlab-ce:latest
2. push images from the integrated container registry directly
---------------------------------------------------------------------------
docker login -p $(oc whoami -t) -e unused -u unused docker-registry-default.apps.example.com
docker tag registry.example.com:5000/gitlab/gitlab-ce:latest docker-registry-default.apps.example.com/openshift/gitlab-ce:latest
docker push docker-registry-default.apps.example.com/openshift/gitlab-ce:latest
3. Updating and Tagging Existing Images
---------------------------------------------------------------------------
oc import-image registry.example.com:5000/gitlab/gitlab-ce:latest --insecure=true --confirm -n openshift
oc tag gitlab-ce:latest gitlab-ce:12.1 -n openshift
4. Create project
---------------------------------------------------------------------------
oc new-project gitlab
oc adm policy add-scc-to-user anyuid -z default -n gitlab
oc adm policy add-scc-to-user anyuid system:serviceaccount:gitlab:gitlab-ce-user
5. Create serviceaccount and secret
---------------------------------------------------------------------------
oc create serviceaccount gitlab-sa -n $(oc project -q)
oc policy add-role-to-user view system:serviceaccount:$(oc project -q):gitlab-sa -n $(oc project -q)
oc policy add-role-to-user view system:serviceaccount:$(oc project -q):default -n $(oc project -q)
oc create secret generic gitlab-secret --from-literal=username=user --from-literal=password=1234 --type=kubernetes.io/basic-auth -n $(oc project -q)
oc secrets link gitlab-sa gitlab-secret -n $(oc project -q)
6. Create a new application
---------------------------------------------------------------------------
● CLI
oc new-app registry.example.com:5000/gitlab/test-gitlab:1.0 --name=gitlab-ce -n gitlab
oc expose svc/gitlab-ce --hostname=gitlab.example.com --port 80 -n gitlab
oc get route gitlab-ce -n gitlab
or
oc new-app registry.example.com:5000/gitlab/gitlab-ce:1.0 -o yaml -n gitlab > gitlab-ce.yaml
vi gitlab-ce.yaml
oc create -f gitlab-ce.yaml -n gitlab
● console
- console > gitlab project > Add to Project > Deploy Image
- Namespace: openshift
- Image Name: registry.example.com:5000/gitlab/test-gitlab:1.0
deploy
8. PV(Persistent Volume), PVC(Persistent Volume Claim)
---------------------------------------------------------------------------
volume name Container location Usage
---------------------------------------------------------------------------
gitlab-ce-volume-1 /etc/gitlab For storing application data
gitlab-ce-volume-2 /var/log/gitlab For storing logs
gitlab-ce-volume-3 /var/opt/gitlab For storing the GitLab configuration files
