gitlab 使用現有 nginx 服務器

gitlab 安裝自帶 nginx，若是想利用原有 nginx，可按以下操做：

8.0 版本 socket 文件位置有變更，感謝評論區的同窗。

• nginx 增長虛擬主機配置

  # gitlab socket 文件地址
  upstream gitlab {
    # 7.x 版本在此位置
    # server unix:/var/opt/gitlab/gitlab-rails/tmp/sockets/gitlab.socket;
    # 8.0 位置
    server unix://var/opt/gitlab/gitlab-rails/sockets/gitlab.socket;
  }
  
  server {
    listen *:80;
  
    server_name gitlab.liaohuqiu.com;   # 請修改成你的域名
  
    server_tokens off;     # don't show the version number, a security best practice
    root /opt/gitlab/embedded/service/gitlab-rails/public;
  
    # Increase this if you want to upload large attachments
    # Or if you want to accept large git objects over http
    client_max_body_size 250m;
  
    # individual nginx logs for this gitlab vhost
    access_log  /var/log/gitlab/nginx/gitlab_access.log;
    error_log   /var/log/gitlab/nginx/gitlab_error.log;
  
    location / {
      # serve static files from defined root folder;.
      # @gitlab is a named location for the upstream fallback, see below
      try_files $uri $uri/index.html $uri.html @gitlab;
    }
  
    # if a file, which is not found in the root folder is requested,
    # then the proxy pass the request to the upsteam (gitlab unicorn)
    location @gitlab {
      # If you use https make sure you disable gzip compression 
      # to be safe against BREACH attack
  
      proxy_read_timeout 300; # Some requests take more than 30 seconds.
      proxy_connect_timeout 300; # Some requests take more than 30 seconds.
      proxy_redirect     off;
  
      proxy_set_header   X-Forwarded-Proto $scheme;
      proxy_set_header   Host              $http_host;
      proxy_set_header   X-Real-IP         $remote_addr;
      proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_set_header   X-Frame-Options   SAMEORIGIN;
  
      proxy_pass http://gitlab;
    }
  
    # Enable gzip compression as per rails guide: http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression
    # WARNING: If you are using relative urls do remove the block below
    # See config/application.rb under "Relative url support" for the list of
    # other files that need to be changed for relative url support
    location ~ ^/(assets)/  {
      root /opt/gitlab/embedded/service/gitlab-rails/public;
      # gzip_static on; # to serve pre-gzipped version
      expires max;
      add_header Cache-Control public;
    }
  
    error_page 502 /502.html;
  }

• 禁用自帶 nginx

  vim /etc/gitlab/gitlab.rb

  加入

  nginx['enable'] = false

• 重啓 nginx, 重啓gitlab

  sudo /usr/local/nginx/sbin/nginx -s reload
  sudo gitlab-ctl reconfigure

• 權限配置

  訪問會報502。本來是 nginx 用戶沒法訪問gitlab用戶的 socket 文件，用戶權限配置，因人而異。粗暴地:

  sudo chmod -R o+x /var/opt/gitlab/gitlab-rails
  
  

  1. 拷貝一分內置nginx 的配置文件 gitlab-http.conf  到新的nginx的配置中
  2. 修改 /etc/gitlab/gitlab.rb ，禁用nginx  nginx[enable] = false
  3. vim /etc/gitlab/gitlab.rb
  
   external_url 'http://git.qiwenqiqu.com' #域名配置
   unicorn['listen'] = '0.0.0.0'
   unicorn['port'] = 8081
  # git_data_dirs({ "default" => { "path" => "/var/opt/gitlab/git-data" } })
   git_data_dirs({ "default" => { "path" => "/data/git-data" } })
  
  #web_server['external_users'] = ['nginx','gitlab-www','git','www','www-data']
  #新nginx用戶www可以訪問gitlab，很重要
  web_server['external_users'] = ['www'] 
  
  #而後 gitlab-ctl reconfigure ,而後 gitlab-ctl restart

   

  #備忘錄 ，比較亂 忽略
  
  gitlab 坑
  ./embedded/service/gitlab-shell/lib/gitlab_config.rb
  
  
  ./embedded/lib/ruby/gems/2.3.0/gems/omniauth-gitlab-1.0.2/lib/omniauth/strategies/gitlab.rb
  ./embedded/cookbooks/cache/cookbooks/gitlab/libraries/gitlab.rb
  ./embedded/cookbooks/gitlab/libraries/gitlab.rb
  ./embedded/service/gitlab-rails/lib/gitlab.rb
  
  
  1.［端口不通］
  vim /var/opt/gitlab/gitlab-rails/etc/unicorn.rb
  listen "0.0.0.0:8081", :tcp_nopush => true
  必定不要用 127.0.0.1
  
  firewall-cmd --permanent --add-port=8081/tcp
  firewall-cmd --reload
  
  1.[樣式錯亂] gitlab error compiling css asset 
  vim ./embedded/service/gitlab-rails/config/gitlab.yml
  webhook_timeout: 120
   
  
  gitlab 數據遷移
  http://blog.csdn.net/hj7jay/article/details/54311010
  
  vim /etc/gitlab/gitlab.rb
  
  external_url 'http://git.qiwenqiqu.com' #域名配置
   unicorn['listen'] = '0.0.0.0'
   unicorn['port'] = 8081
  # git_data_dirs({ "default" => { "path" => "/var/opt/gitlab/git-data" } })
   git_data_dirs({ "default" => { "path" => "/data/git-data" } })
  ［遷移數據注意目錄名稱不要寫錯了］
   
  #web_server['external_users'] = ['nginx','gitlab-www','git','www','www-data']
  web_server['external_users'] = ['www’]
  
  配置文件位置：
  
   [
  /opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml     
   /etc/gitlab/gitlab.rb
  /opt/gitlab/embedded/service/gitlab-shell/config.yml
  ]
  
  域名配置
  vim /opt/gitlab/embedded/service/gitlab-shell/config.yml
  gitlab_url: "http://0.0.0.0:8081"
  
  
  
  ＃＃＃＃
  配置GitLab域名，不然項目git clone的地址時錯
  vim  /etc/gitlab/gitlab.rb
  
  編輯：external_url '你的網址'
  
  例如：external_url 'http://192.168.1.100'
  
  編輯完成後，再sudo gitlab-ctl reconfigure一下，使配置生效
  
  ＃＃＃＃
  
  ＃＃＃ gitlab配置 http://www.cnblogs.com/softidea/p/5229412.html ＃＃＃
  
  
  nginx 衝突配置
  https://docs.gitlab.com/omnibus/settings/nginx.html 
  https://gitlab.com/gitlab-org/gitlab-workhorse/issues/26
  
  $$
  2017/04/25 00:18:37 [crit] 6297#0: *32 connect() to unix:/var/opt/gitlab/gitlab-workhorse/socket failed (13: Permission denied) while connecting to upstream, client: 221.216.146.9, server: test.qiwenqiqu.com, request: "GET / HTTP/1.1", upstream: "http://unix:/var/opt/gitlab/gitlab-workhorse/socket:/", host: "test.qiwenqiqu.com"
  $$
  $$sudo usermod -aG gitlab-www www$$