GitLab安装部署

安装前准备

#关闭防火墙
systemctl stop firewalld
#关闭selinux
setenforce 0

安装依赖包

yum install curl policycoreutils openssh-server openssh-clients postfix -y

启动postfix服务，并设置开机启动

systemctl start postfix && systemctl enable postfix

下载rpm包

wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-10.0.6-ce.0.el7.x86_64.rpm

本地安装gitlab-ce

yum -y localinstall gitlab-ce-10.0.6-ce.0.el7.x86_64.rpm 

配置

（1）创建一个ssl目录

mkdir -p /etc/gitlab/ssl

（2）使用openssl创建私有密钥

openssl genrsa -out "/etc/gitlab/ssl/gitlab.example.com.key" 2048

（3）使用刚刚创建的私有密钥创建csr证书

openssl req -new -key "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.csr"

（4）创建crt证书

openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.example.com.csr" -signkey "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.crt"

（5）创建pem证书

openssl dhparam -out /etc/gitlab/ssl/dhparams.pem 2048

（6）授权

chmod 600 /etc/gitlab/ssl/*

（7）修改/etc/gitlab/gitlab.rb文件以下内容

#http改为https
external_url 'https://gitlab.example.com'
#将#nginx['redirect_http_to_https'] = false的注释去掉，修改为nginx['redirect_http_to_https'] = true
nginx['redirect_http_to_https'] = true
#将#nginx['ssl_certificate'] = "/etc/gitlab/ssl/#{node['fqdn']}.crt"修改为nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt"
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt"
#将#nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/#{node['fqdn']}.key"修改为nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key"
将#nginx['ssl_dhparam'] = nil 修改为nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem"
nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem"

（8）初始化gitlab所有相关配置

gitlab-ctl reconfigure

（9）修改gitlab的代理配置文件（/var/opt/gitlab/nginx/conf/gitlab-http.conf）

vim /var/opt/gitlab/nginx/conf/gitlab-http.conf
#修改配置项在找到listen *:8002;
#修改配置项在找到server_name,在server_name下添加如下配置内容：
rewrite ^(.*)$ https://$host$1 permanent;

重启gitlab，使配置生效

gitlab-ctl restart

（10）在访问的机器上修改C:\Windows\System32\drivers\etc\hosts文件，最后一行添加
192.168.186.133 gitlab.example.com
将gitlab服务器的地址添加上gitlab.example.com的配置
然后访问https://gitlab.example.com