gitlab 雜記

GitLab 編譯部署

1，請儘可能不要在國內主機上部署，中途天朝頗有可能致使gem執行出現問題，如下在AWS上部署；

2，系統中必需要有swap分區，否則會出現500錯誤；

===============================================

系統版本：CentOS 6.x x86_64 mini

Gitlab版本：6.x-7.x

———————————–基本配置——————————–

sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config 
setenforce 0 
rpm -ivh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm 
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm 
yum -y install wget nano perl perl-Net-SSLeay rsync openssh openssh-clients openssh-server iotop atop htop iftop glances 
wget http://sourceforge.net/projects/webadmin/files/webmin/1.730/webmin-1.730-1.noarch.rpm/download 
rpm -Uvh download 
yum clean all 
rm -rf download 
————————————-升級軟件包（必須）—————————–

yum makecache 
yum update

yum -y groupinstall ‘Development Tools’

yum -y install readline readline-devel ncurses-devel gdbm-devel glibc-devel tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc sqlite-devel libyaml libyaml-devel libffi libffi-devel libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel system-config-firewall-tui redis sudo wget crontabs logwatch logrotate perl-Time-HiRes yum-plugin-fastestmirror cmake patch libicu-devel

若是遇到多個源的包衝突添加–skip-broken參數跳過便可。

解決libyaml的問題

yum downgrade libyaml libyaml-devel

yum install libyaml libyaml-devel

———————————————————————-

yum -y install vim-enhanced nano

update-alternatives –set editor /usr/bin/vim.basic

yum -y install python-docutils

————————————-安裝redis———————————

yum install redis -y

chkconfig redis on

cp /etc/redis.conf /etc/redis.conf.orig

sed ‘s/^port .*/port 0/’ /etc/redis.conf.orig | sudo tee /etc/redis.conf

echo ‘unixsocket /var/run/redis/redis.sock’ | sudo tee -a /etc/redis.conf

echo -e ‘unixsocketperm 0770’ | sudo tee -a /etc/redis.conf

mkdir /var/run/redis

chown redis:redis /var/run/redis

chmod 755 /var/run/redis

if [ -d /etc/tmpfiles.d ]; then

    echo ‘d  /var/run/redis  0755  redis  redis  10d  -‘ | sudo tee -a /etc/tmpfiles.d/redis.conf

fi

usermod -aG redis git

service redis restart

—————————————-安裝郵件—————————–

yum -y install postfix

ln -s /usr/bin/vim /usr/bin/editor

————————————————————————–

必須首先刪除自帶的ruby和git

yum remove ruby git -y

yum install zlib-devel perl-CPAN gettext curl-devel expat-devel gettext-devel openssl-devel

—————————————安裝git———————————–

curl –progress https://www.kernel.org/pub/software/scm/git/git-2.2.2.tar.gz | tar xz

cd git-2.2.2/

./configure

make

make prefix=/usr/local install

which git

echo ‘export PATH="$PATH:/usr/local/bin"’ >> /root/.bashrc

echo ‘export PATH="$PATH:/usr/local/bin"’ >> /etc/profile

source /etc/profile

echo $PATH

git –version

cd && rm -rf git-*

—————————————安裝ruby——————————–

yum install libffi-devel -y

Ruby (MRI)版本：2.0 or 2.1（測試ruby2.2與gitlab7.7不兼容）

curl –progress http://cache.ruby-lang.org/pub/ruby/2.0/ruby-2.0.0-p598.tar.gz | tar xz

curl –progress http://cache.ruby-lang.org/pub/ruby/2.1/ruby-2.1.5.tar.gz | tar xz

cd ruby-*

./configure –disable-install-rdoc

make clean && make

make prefix=/usr/local install

which ruby

ruby -v

cd && rm -rf ruby-*

———–ruby降級操做—————

1，root身份從新編譯舊版本

2，root身份執行：

chmod 0775 /usr/local/lib/ruby/gems/ -R

chgrp git /usr/local/lib/ruby/gems/ -R

chmod 0775 /usr/local/bin -R

chgrp git /usr/local/bin -R

3，git身份執行：

su git

cd /home/git/gitlab

gem install bundler

gem install bundle

bundle install

———————————————————————–

國外服務器不須要如下操做

gem sources –remove https://rubygems.org/

gem source -a http://ruby.taobao.org/

gem sources -l

gem install bundler

gem install rugged

————————————添加系統用戶（必須）———————————

adduser –system –shell /bin/bash –comment ‘GitLab’ –create-home –home-dir /home/git/ git

visudo

Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin

改成

Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin

————————————-數據庫配置MySQL和Postgre(選其一)———————————-

yum remove postgresql -y

rpm -Uvh http://yum.postgresql.org/9.4/redhat/rhel-6-x86_64/pgdg-centos94-9.4-1.noarch.rpm

yum install postgresql94-server postgresql94-devel -y

如下可略過

echo ‘export PATH="$PATH:/usr/pgsql-9.4/bin"’ >> /root/.bashrc

echo ‘export PATH="$PATH:/usr/pgsql-9.4/bin"’ >> /etc/profile

source /etc/profile

echo $PATH

mv /etc/init.d/{postgresql-9.4,postgresql}

service postgresql initdb

which psql

psql -V

service postgresql restart

chkconfig postgresql on

su – postgres

export PATH=$PATH:/usr/pgsql-9.4/bin/

psql -d template1

create user git createdb;

create database gitlabhq_production owner git;

\q

exit

whoami

nano /var/lib/pgsql/9.4/data/pg_hba.conf

    host all all 127.0.0.1/32 trust

trust受權本地能夠無需帳戶密碼直接訪問。

————————————–安裝gitlab———————————

cd /home/git

sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-6-stable gitlab

cd /home/git/gitlab

sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml

sudo -u git -H nano config/gitlab.yml

  gitlab:

    host: git.dayunet.com

    port: 8080

    https: false

  git:

bin_path: /usr/local/bin/git

chown -R git log/

chown -R git tmp/

chmod -R u+rwX log/

chmod -R u+rwX tmp/

sudo -u git -H mkdir /home/git/gitlab-satellites

chmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites

chmod -R u+rwX tmp/pids/

chmod -R u+rwX tmp/sockets/

chmod -R u+rwX  public/uploads

sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb

nproc

sudo -u git -H nano config/unicorn.rb

可修改工做進程數和監聽地址及端口。

——————————————-

sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb

sudo -u git -H git config –global user.name "GitLab"

sudo -u git -H git config –global user.email "yutaoo1230@gmail.com"

sudo -u git -H git config –global core.autocrlf input

sudo -u git -H cp config/resque.yml.example config/resque.yml

sudo -u git -H nano config/resque.yml

    production: unix:/var/run/redis/redis.sock

sudo -u git -H nano config/gitlab.yml

    host: git.dayunet.com

    port: 80

    https: false

    user: git

    time_zone: ‘Asia/Shanghai’

    email_from: yutaoo1230@163.com

  git:

    bin_path: /usr/local/bin/git

    max_size: 209715200000

    timeout: 100

sudo -u git -H nano config/environments/production.rb

    config.action_mailer.delivery_method = :smtp

sudo -u git -H cp config/initializers/smtp_settings.rb.sample config/initializers/smtp_settings.rb

sudo -u git -H nano config/initializers/smtp_settings.rb

  ActionMailer::Base.smtp_settings = {

    address: "smtp.163.com",

    port: 25,

    user_name: "yutao@163.com",

    password: "123456",

    domain: "163.com",

    authentication: :login,

    enable_starttls_auto: false

sudo -u git -H nano config/initializers/devise.rb

  config.mailer_sender = "DayunetGit <#{Gitlab.config.gitlab.email_from}>"

sudo -u git cp config/database.yml.postgresql config/database.yml

sudo -u git -H chmod o-rwx config/database.yml

sudo -u git -H nano config/database.yml

    production:

      adapter: postgresql

      encoding: unicode

      database: gitlabhq_production

      pool: 10

———————————-安裝Gem————————————-

cd /home/git/gitlab

chmod ugo+rx /usr/local/bin/bundle

chmod -R ugo+rX /usr/local/lib/ruby/

rm -fv /usr/bin/{bundle,bundler}

ln -s /usr/local/bin/bundle /usr/bin/bundle

ln -s /usr/local/bin/bundler /usr/bin/bundler

sudo -u git -H bundle config build.pg –with-pg-config=/usr/pgsql-9.4/bin/pg_config

sudo -u git -H bundle install –deployment –without development test mysql aws

若是在國內須要更換源

nano /home/git/gitlab/Gemfile

    source "http://ruby.taobao.org"

postgresql數據庫使用：

sudo -u git -H bundle install –deployment –without development test mysql aws

mysql數據庫使用：

sudo -u git -H bundle install –deployment –without development test postgres aws

———————————-安裝gitlab-shell————————————-

cd /home/git/gitlab 
netstat -ntlp

sudo -u git -H bundle exec rake gitlab:shell:install[v2.4.1] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production

sudo -u git -H nano /home/git/gitlab-shell/config.yml

    user: git 
        gitlab_url: http://127.0.0.1:8080/

restorecon -Rv /home/git/.ssh

———————————–初始化數據庫並設置密碼——————————–

sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=passwprd

wget -O /etc/init.d/gitlab https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/sysvinit/centos/gitlab-unicorn

chmod +x /etc/init.d/gitlab 
chkconfig –add gitlab 
chkconfig gitlab on 
cp /home/git/gitlab/lib/support/logrotate/gitlab /etc/logrotate.d/gitlab

————————————–檢查環境並編譯————————————–

sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production

sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production

service gitlab restart

netstat -ntlp

——————————–導入ssh-keys—————————————-

su git

cd

ssh-keygen -t rsa -C "mail@qq.com"

cat ~/.ssh/id_rsa.pub

將該結果填入GitLab的ssh-keys。

私鑰文件爲

/home/git/.ssh/id_rsa

該文件爲客戶端使用。

——————————-Nginx安裝——————————————-

nginx最少1.4版本以上，否則會報錯：

fatal: protocol error: bad line length character

自簽名證書在客戶端經過https推送或提交時會報錯。

安裝Nginx請參考編譯安裝筆記，本文以 nginx 1.6.2 爲例。

chkconfig nginx on

chkconfig httpd off 
wget -O /etc/nginx/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-ce/raw/master/lib/support/nginx/gitlab-ssl

usermod -a -G git nginx

chmod g+rx /home/git/ 
service nginx restart

上傳證書文件並修改主機名

nano /etc/sysconfig/network

nano /etc/hosts

注意：

配置文件中的代理配置

    proxy_set_header    X-Forwarded-Ssl     on;

也能起到

    return 301 https://$server_name$request_uri;

的做用，請注意這個重定向功能。

————————————-添加防火牆———————————-

lokkit -s http -s https -s ssh

lokkit -p 10000:tcp

lokkit -p 10001:tcp

service iptables restart

========================測試安裝結果========================

cd /home/git/gitlab

sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production

chkconfig gitlab on 
chkconfig nginx on 
chkconfig redis on

service nginx restart

service redis restart

service gitlab restart

 

GitLab 常見問題解決

=========================常見故障解決====================

報錯：

Git configured for git user? … no

解決：

sudo -u git -H git config –global user.name "GitLab" 
sudo -u git -H git config –global user.email "yutao@163.com" 
sudo -u git -H git config –global core.autocrlf "input"

————————————————————–

報錯：

GitLab Shell version >= 1.9.7 ? … FAIL. Please update gitlab-shell to 1.9.7 from 1.9.6

解決：

sudo -u git -H bundle exec rake gitlab:shell:install[v1.9.7] REDIS_URL=redis://localhost:6379 RAILS_ENV=prodduction

—————————————————

報錯：

Satellites access is drwxr-x—? … no

解決：

sudo chmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites

—————————————————

報錯：

Init script up-to-date? … no

解決：

cp /home/git/gitlab/lib/support/init.d/gitlab /etc/init.d/gitlab

文件大小爲8K，2K大小的不是最新的；

—————————————————

報錯：

gitlab-shell self-check failed

解決：

Gitlab-Shell經過http調用gitlab的API，那多是配置的API接口不對（ip，端口等）。 
gitlab的配置依賴於三個文件： 
/home/git/gitlab/config/unicorn.rb：配置ruby提供的服務端口，ip 
/home/git/gitlab/config/gitlab.yml：配置gitlab服務的端口，ip 
/home/git/gitlab-shell/config.yml：配置gitlab-shell要調用的API接口 
這三個文件的配置要保持一致，只須要更改ip和端口就能夠了，其餘不用動。

例如： 
unicorn.rb：第40行改爲 
listen "115.28.21.20:8000", :tcp_nopush => true 
gitlab.yml：第18行和第19行改爲 
host: 115.28.21.20 
port: 8000 
config.yml：第5行改爲 
gitlab_url: "http://localhost:8000/" 
再檢測一次，gitlab-shell應該會正確鏈接到gitlab，檢測結果爲yes。

這裏改成非80端口也可，只要Nginx或Apache是經過80或443登陸訪問便可。 
———————————————–

報錯：

can’t check, you have no projects

can’t create, repository is empty

解決：

登陸後建立項目並添加文件便可。

———————————————————–

配置smtp發送郵件

config/environments/production.rb

編輯 

config.action_mailer.delivery_method= :smtp

再編輯 config/initializers/smtp_settings.rb

if Gitlab::Application.config.action_mailer.delivery_method == :smtp

  ActionMailer::Base.smtp_settings = {

    address: "smtp.domain.com",

    port: 587,

    user_name: "mail_username",

    password: "mail_password",

    domain: "domain.com",

    authentication: ‘plain’,

    enable_starttls_auto: true

  }end

Tip: 若是沒用smtp沒有開加密鏈接的話 enable_starttls_auto 的值應該配置爲 false

這裏須要注意一個問題, 若是你的smtp服務器作了權限限制,只能以登錄帳戶的郵件賬號發郵件的話,還須要修改編輯config/gitlab.yml 找到下面兩個字段將內容改爲你的郵件賬戶地址:

email_from: yourmail@domain.com

support_email: yourmail@domain.com

若是用docker來運行的話還須要修改 /home/git/gitlab/docker 的配置便可。

——————————————————————————-

報錯：

remote: /usr/local/lib/ruby/2.1.0/net/protocol.rb:158:in `rescue in rbuf_fill’: Net::ReadTimeout (Net::ReadTimeout)

解決：

nano /home/git/gitlab/config/unicorn.rb

worker_processes 2

———————————————————————

減小內存佔用：

修改 /home/git/gitlab/config/unicorn.rb:

worker_processes 2

減小進程數便可，可是性能會下降，並有可能出現上面的網絡超時錯誤。

——————————————————-

報錯：

error rpc failed result=18 http code = 200

解決：

git config –global http.postBuffer 524288000

git config –global https.postBuffer 524288000

——————————————————-

報500錯誤

緣由：內存不足

解決：增長swap（文件方式）

建立文件

dd if=/dev/zero of=/var/tmp/swap bs=1024 count=1024000

cd /var/tmp

製做swap格式文件

mkswap swap

文件生效

swapon swap

查看swap

swapon -s

開機自動掛載

nano /etc/fstab

   /var/tmp/swap    swap     swap   defaults        0 1

無需重啓掛載分區

mount -a

查看結果

free -m

———————————————————-

報錯：

remote: GitLab: No such project

[remote rejected] master -> master (pre-receive hook declined)

 

或者執行檢查後提示：

Projects have satellites? …

MTao / GitLab … can’t create, repository is empty

解決：

gitlab-satellites下沒法建立文件，緣由是使用了文件夾硬鏈接致使的，取消便可。

————————————————————-

報錯：

try increasing http.postBuffer

解決：

sudo -u git -H git config http.postBuffer 52428800000