源碼安裝gitlab

時間 2019-11-13

標籤源碼安裝 gitlab 欄目 Git 简体版

原文原文鏈接

GitLab服務構成

GitLab由如下服務構成：

nginx：靜態Web服務器

gitlab-shell：用於處理Git命令和修改authorized keys列表

gitlab-workhorse:輕量級的反向代理服務器

logrotate：日誌文件管理工具

postgresql：數據庫

redis：緩存數據庫

sidekiq：用於在後臺執行隊列任務（異步執行）

unicorn：An HTTP server for Rack applications，GitLab Rails應用是託管在這個服務器上面的。

Gitlab Shell

GitLab Shell有兩個做用：爲GitLab處理Git命令、修改authorized keys列表。

當經過SSH訪問GitLab Server時，GitLab Shell會：

限制執行預約義好的Git命令（git push, git pull, git annex）

調用GitLab Rails API 檢查權限

執行pre-receive鉤子（在GitLab企業版中叫作Git鉤子）

執行你請求的動做

處理GitLab的post-receive動做

處理自定義的post-receive動做

當經過http(s)訪問GitLab Server時，工做流程取決於你是從Git倉庫拉取(pull)代碼仍是向git倉庫推送(push)代碼。若是你是從Git倉庫拉取(pull)代碼，GitLab Rails應用會全權負責處理用戶鑑權和執行Git命令的工做；若是你是向Git倉庫推送(push)代碼，GitLab Rails應用既不會進行用戶鑑權也不會執行Git命令，它會把如下工做交由GitLab Shell進行處理：

調用GitLab Rails API 檢查權限

執行pre-receive鉤子（在GitLab企業版中叫作Git鉤子）

執行你請求的動做

處理GitLab的post-receive動做

處理自定義的post-receive動做

也許你會奇怪在經過http(s)推送(push)代碼的狀況下，GitLab Rails應用爲何不在GitLab Shell以前進行鑑權。這是由於GitLab Rails應用沒有解析git push命令的邏輯。好的方法是將這些解析代碼放在一個地方，這個地方就是GitLab Shell，這樣咱們就能夠在經過SSH進行訪問時重用這段代碼。實際上，GitLabShell在執行git push命令時根本不會進行權限檢查，它是依賴於pre-receive鉤子進行權限檢查的。而當你執行git pull命令時，權限檢查是在命令執行以前的。對git pull命令的權限檢查要簡單得多，由於你只須要檢查一個用戶是否能夠訪問這個倉庫就能夠了（不須要檢查分支權限）。

好吧，GitLab Shell這段話都是翻譯官網的。連接在這裏

https://gitlab.com/gitlab-org/gitlab-shell/blob/master/README.md

最後一段話有點拗口，我對此仍是有一點問題的：既然你把git push的邏輯都放在GitLab Shell裏面了，爲何不把git pull的邏輯也都放在裏面提供重用呢？

猜測：git pull這段邏輯沒法重用，由於經過http(s)方式訪問時，要讀取倉庫的數據而且把這些數據封裝成http包返回給客戶端；而經過ssh方式訪問時，倉庫代碼數據是經過ssh數據包返回的。兩種訪問方式返回數據的封裝方式不同，因此也沒有必要提供重用。可是我以爲讀取倉庫數據這段邏輯應該仍是重用了的。

GitLab Workhorse

GitLab Workhorse是一個敏捷的反向代理。它會處理一些大的HTTP請求，好比文件上傳、文件下載、Git push/pull和Git包下載。其它請求會反向代理到GitLab Rails應用，即反向代理給後端的unicorn。官網對GitLab Workhorse的介紹在這裏： https://gitlab.com/gitlab-org/gitlab-workhorse/

6、GitLab工做流程

GitLab工做流程圖

Gitlab Shell

GitLab Shell有兩個做用：爲GitLab處理Git命令、修改authorized keys列表。

當經過SSH訪問GitLab Server時，GitLab Shell會：

限制執行預約義好的Git命令（git push, git pull, git annex）
調用GitLab Rails API 檢查權限
執行pre-receive鉤子（在GitLab企業版中叫作Git鉤子）
執行你請求的動做
處理GitLab的post-receive動做
處理自定義的post-receive動做

調用GitLab Rails API 檢查權限
執行pre-receive鉤子（在GitLab企業版中叫作Git鉤子）
執行你請求的動做
處理GitLab的post-receive動做
處理自定義的post-receive動做

好吧，GitLab Shell這段話都是翻譯官網的。連接在這裏

https://gitlab.com/gitlab-org/gitlab-shell/blob/master/README.md

最後一段話有點拗口，我對此仍是有一點問題的：既然你把git push的邏輯都放在GitLab Shell裏面了，爲何不把git pull的邏輯也都放在裏面提供重用呢？

GitLab Workhorse

6、GitLab工做流程

# https://gitlab.com/gitlab-org/gitlab-ce/blob/8-9-stable/doc/install/installation.md

# http://www. fanzicai.com/blog_hexo/Program/20160520-CentOS7%E4%B8%8A%E5%AE%89%E8%A3%85GitLab%EF%BC%88SRC%EF%BC%89.html

# http://www.javashuo.com/article/p-oyjwtheh-bk.html

#1.安裝軟件包及解決依賴項,升級系統

yum -y update

#2.安裝必須的軟件

yum -y install gcc autoconf cmake unzip vim libcurl-devel zlib-devel curl-devel expat-devel gettext-devel openssl-devel perl-devel nodejs libicu-devel wget curl

#安裝git

wget https://www.kernel.org/pub/software/scm/git/git-2.9.0.tar.gz
 
[root@t1 ~]# tar xf git-2.9.0.tar.gz
[root@t1 ~]# cd git-2.9.0
[root@t1 git-2.9.0]# ./configure
[root@t1 git-2.9.0]# make prefix=/usr/local all
# 安裝到/usr/local/bin
[root@t1 git-2.9.0]# make prefix=/usr/local install
[root@t1 git-2.9.0]# source /etc/profile
# 驗證git版本號
[root@t1 git-2.9.0]# git --version
#查看git安裝路徑
[root@t1 git-2.9.0]# which git

# 編輯 config/gitlab.yml (第7步中gitlab), 修改 git 路徑爲 /usr/local/bin/git ！！！

#2.添加系統用戶

#咱們添加一個用來管理運行Gitlab的用戶git

[root@t1 ~]# useradd -c 'Gitlab' -s /bin/bash git

#爲了包含/usr/local/bin到git用戶的$PATH，一個方法是編輯超級用戶文件。以管理員身份運行：html

$ visudo
 
#而後搜索：
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
#將其改爲：
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin

#3.安裝postfixnode

yum -y install postfix

#4. Rubymysql

#Note: The current supported Ruby version is 2.1.x. Ruby 2.2 and 2.3 are currently not supported.
 
[root@t1 ~]# yum -y remove ruby*
 
[root@t1 ~]# curl -O --progress https://cache.ruby-lang.org/pub/ruby/2.1/ruby-2.1.8.tar.gz
[root@t1 ~]# tar xf ruby-2.1.8.tar.gz
[root@t1 ~]# cd ruby-2.1.8
[root@t1 ~]# ./configure --disable-install-rdoc
[root@t1 ~]# make
[root@t1 ~]# make install
 
#Install the Bundler Gem:
[root@t1 ~]# sudo gem install bundler --no-ri --no-rdoc

#5. Golinux

#Since GitLab 8.0, Git HTTP requests are handled by gitlab-workhorse (formerly gitlab-git-http-server). This is a small daemon written in Go. To install gitlab-workhorse we need a Go compiler. The instructions below assume you use 64-bit Linux. You can find downloads for other platforms at the Go download page.
 
[root@t1 ~]# curl -O --progress https://storage.googleapis.com/golang/go1.5.3.linux-amd64.tar.gz
[root@t1 ~]# tar -C /usr/local -xzf go1.5.3.linux-amd64.tar.gz
[root@t1 ~]# ln -sf /usr/local/go/bin/{go,godoc,gofmt} /usr/local/bin/
[root@t1 ~]# rm go1.5.3.linux-amd64.tar.gz

修改數據庫 nginx

#建立數據庫，用戶，添加權限
MariaDB [(none)]> CREATE USER 'git'@'localhost' IDENTIFIED BY 'gitlab';
mysql> SET storage_engine=INNODB;
mysql> CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci`;
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, CREATE TEMPORARY TABLES, DROP, INDEX, ALTER, LOCK TABLES, REFERENCES ON `gitlabhq_production`.* TO 'git'@'localhost';

#安裝Redisgit

yum install redis -y
cp /etc/redis.conf /etc/redis.conf.orig
#sed 's/^port .*/port 0/' /etc/redis.conf.orig |tee /etc/redis.conf #不須要執行
echo 'unixsocket /var/run/redis/redis.sock' | sudo tee -a /etc/redis.conf
echo 'unixsocketperm 770' | sudo tee -a /etc/redis.conf
mkdir /var/run/redis
chown redis:redis /var/run/redis
chmod 755 /var/run/redis
 
# Persist the directory which contains the socket, if applicable
if [ -d /etc/tmpfiles.d ]; then
echo 'd /var/run/redis 0755 redis redis 10d -' | sudo tee -a /etc/tmpfiles.d/redis.conf
fi
 
systemctl start redis
chkconfig redis on
usermod -aG redis git

#7. GitLabgithub

# We'll install GitLab into home directory of the user "git"
cd /home/git
 
#Clone the Source
# Clone GitLab repository
sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 8-9-stable gitlab #注意gitlab的版本
 
 
#Configure It
# Go to GitLab installation folder
cd /home/git/gitlab
 
# Copy the example GitLab config
sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml
 
# Update GitLab config file, follow the directions at top of file
sudo -u git -H vim config/gitlab.yml
 
gitlab:
## Web server settings (note: host is the FQDN, do not include http://)
host: gitlabtest.ptmind.com
port: 443 # Set to 443 if using HTTPS, see installation.md#using-https for additional HTTPS configuration details
https: true # Set to true if using HTTPS, see installation.md#using-https for additional HTTPS configuration details
 
bin_path: /usr/local/bin/git
 
# Copy the example secrets file #注意：若是將備份文件在異地恢復，須要將老版的secrets.yml拷貝到新版的對應目錄下
sudo -u git -H cp config/secrets.yml.example config/secrets.yml
sudo -u git -H chmod 0600 config/secrets.yml
 
# Make sure GitLab can write to the log/ and tmp/ directories
sudo chown -R git log/
sudo chown -R git tmp/
sudo chmod -R u+rwX,go-w log/
sudo chmod -R u+rwX tmp/
 
# Make sure GitLab can write to the tmp/pids/ and tmp/sockets/ directories
sudo chmod -R u+rwX tmp/pids/
sudo chmod -R u+rwX tmp/sockets/
 
# Create the public/uploads/ directory
sudo -u git -H mkdir public/uploads/
 
# Make sure only the GitLab user has access to the public/uploads/ directory
# now that files in public/uploads are served by gitlab-workhorse
sudo chmod 0700 public/uploads
 
# Change the permissions of the directory where CI build traces are stored
sudo chmod -R u+rwX builds/
 
# Change the permissions of the directory where CI artifacts are stored
sudo chmod -R u+rwX shared/artifacts/
 
# Copy the example Unicorn config
sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb
 
# Find number of cores
nproc
 
# Enable cluster mode if you expect to have a high load instance
# Set the number of workers to at least the number of cores
# Ex. change amount of workers to 3 for 2GB RAM server
sudo -u git -H vim config/unicorn.rb
worker_processes 10
listen "127.0.0.1:8030", :tcp_nopush => true
 
# Copy the example Rack attack config
sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb
 
# Configure Git global settings for git user
# 'autocrlf' is needed for the web editor
sudo -u git -H git config --global core.autocrlf input
 
# Disable 'git gc --auto' because GitLab already runs 'git gc' when needed
sudo -u git -H git config --global gc.auto 0
 
# Configure Redis connection settings
sudo -u git -H cp config/resque.yml.example config/resque.yml
 
# Change the Redis socket path if you are not using the default Debian / Ubuntu configuration
# 修改Redis訪問路徑
sudo -u git -H vim config/resque.yml
 
#Important Note: Make sure to edit both gitlab.yml and unicorn.rb to match your setup.
#Note: If you want to use HTTPS, see Using HTTPS for the additional steps.
 
 
##Configure GitLab DB Settings
# MySQL only:
sudo -u git cp config/database.yml.mysql config/database.yml
 
# Change 'secure password' with the value you have given to $password
# You can keep the double quotes around the password
sudo -u git -H vim config/database.yml
 
# MySQL:
# Make config/database.yml readable to git only
sudo -u git -H chmod o-rwx config/database.yml

安裝 Gems

cd /home/git/gitlab
 
# For users from China mainland only
# 僅限中國大陸用戶
# vim /home/git/gitlab/Gemfile
# source "https://ruby.taobao.org" // 原始 source "https://rubygems.org/"
 
# For MySQL (note, the option says "without ... postgres")
 
#修改ruby路徑
vim /usr/local/bin/bundle
#!/usr/local/bin/ruby
 
 
# Or if you use MySQL (note, the option says "without ... postgres")
sudo -u git -H bundle install -j5 --deployment --without development test postgres aws
 
報錯：
Installing org-ruby 0.9.12
Gem::Ext::BuildError: ERROR: Failed to build gem native extension.
 
/usr/local/bin/ruby extconf.rb
checking for ruby/thread.h... yes
checking for rb_thread_call_without_gvl() in ruby/thread.h... yes
checking for rb_thread_blocking_region()... yes
checking for rb_wait_for_single_fd()... yes
checking for rb_hash_dup()... yes
checking for rb_intern3()... yes
checking for mysql_query() in -lmysqlclient... no
-----
libmysqlclient is missing. Trying again with extra runtime libraries...
-----
 
解決：
yum -y install mysql-devel
 
 
Install GitLab Shell
#GitLab Shell is an SSH access and repository management software developed specially for GitLab.
# Run the installation task for gitlab-shell (replace `REDIS_URL` if needed):
 
#若是redis在本地，可以使用以下方式
sudo -u git -H bundle exec rake gitlab:shell:install REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production
 
#若是redis在其餘服務器，可以使用以下方式：
sudo -u git -H bundle exec rake gitlab:shell:install REDIS_URL=redis://172.16.5.101:6379 RAILS_ENV=production
 
# By default, the gitlab-shell config is generated from your main GitLab config.
# You can review (and modify) the gitlab-shell config as follows:
sudo -u git -H vim /home/git/gitlab-shell/config.yml
---
user: git
gitlab_url: http://127.0.0.1:8030/ ######注意修改端口，修改主機名，並在hosts中添加解析！！！！
http_settings:
self_signed_cert: false
repos_path: "/home/git/repositories/"
auth_file: "/home/git/.ssh/authorized_keys"
redis:
bin: "/bin/redis-cli"
namespace: resque:gitlab
socket: "/var/run/redis/redis.sock"
log_level: INFO
audit_usernames: false

Install gitlab-workhorsegolang

cd /home/git
sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-workhorse.git
cd gitlab-workhorse
sudo -u git -H git checkout v0.7.5
sudo -u git -H make
 
 
配置repositories
由於修改了repositories路徑，所以使用下面的/data/repositories/
sudo chmod -R ug+rwX,o-rwx /home/git/repositories/
sudo chmod -R ug-s /home/git/repositories/
sudo find /home/git/repositories/ -type d -print0 | sudo xargs -0 chmod g+s
 
 
sudo chmod -R ug+rwX,o-rwx /data/git/repositories/
sudo chmod -R ug-s /data/git/repositories/
sudo find /data/git/repositories/ -type d -print0 | sudo xargs -0 chmod g+s
 
 
 
Initialize Database and Activate Advanced Features
# Go to GitLab installation folder
 
cd /home/git/gitlab
 
#sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production
sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=yourpassword GITLAB_ROOT_EMAIL=youremail
 
# Type 'yes' to create the database tables.
 
# When done you see 'Administrator account created:'
 
 
 
 
#Secure secrets.yml
# The secrets.yml file stores encryption keys for sessions and secure variables. Backup secrets.yml someplace safe, but don't store it in the same place as your database backups. Otherwise your secrets are exposed if one of your backups is compromised.
 
ls /home/git/gitlab/config/secrets.yml
 
 
 
 
# Install Init Script
# Download the init script (will be /etc/init.d/gitlab):
 
sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
 
# 修改workhorse訪問gitlab-shell端口
vim /etc/init.d/gitlab
gitlab_workhorse_options="-listenUmask 0 -listenNetwork unix -listenAddr $socket_path/gitlab-workhorse.socket -authBackend http://127.0.0.1:8030 -authSocket $rails_socket -documentRoot $app_root/public"
 
#And if you are installing with a non-default folder or user copy and edit the defaults file:
 
sudo cp lib/support/init.d/gitlab.default.example /etc/default/gitlab
 
# 修改workhorse訪問gitlab-shell端口
vim /etc/default/gitlab
gitlab_workhorse_options="-listenUmask 0 -listenNetwork unix -listenAddr $socket_path/gitlab-workhorse.socket -authBackend http://127.0.0.1:8030 -authSocket $rails_socket -documentRoot $app_root/public"

#If you installed GitLab in another directory or as a user other than the default you should change these settings in /etc/default/gitlab. Do not edit /etc/init.d/gitlab as it will be changed on upgrade.

#Make GitLab start on boot:

chkconfig gitlab on

#Setup Logrotateweb

sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab

#Check Application Statusredis

#Check if GitLab and its environment are configured correctly:

sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production

Compile Assets 編譯靜態文件

sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production

# Start Your GitLab Instance

sudo service gitlab start

Nginx配置

yum -y install nginx
 
sudo cp lib/support/nginx/gitlab /etc/nginx/conf.d/gitlab.conf
 
vim /etc/nginx/conf.d/gitlab.conf
## GitLab
 
## See installation.md#using-https for additional HTTPS configuration details.
 
upstream gitlab-workhorse {
server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
}
 
## Normal HTTP host
server {
## Either remove "default_server" from the listen line below,
## or delete the /etc/nginx/sites-enabled/default file. This will cause gitlab
## to be served if you visit any address that your server responds to, eg.
## the ip address of the server (http://x.x.x.x/)n 0.0.0.0:80 default_server;
# listen 0.0.0.0:80 default_server;
# listen [::]:80 default_server;
listen 80;
server_name gitlabtest.ptmind.com; ## Replace this with something like gitlab.example.com
server_tokens off; ## Don't show the nginx version number, a security best practice
 
## See app/controllers/application_controller.rb for headers set
 
## Individual nginx logs for this GitLab vhost
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
 
location / {
client_max_body_size 0;
gzip off;
 
## https://github.com/gitlabhq/gitlabhq/issues/694
## Some requests take more than 30 seconds.
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
 
proxy_http_version 1.1;
 
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
 
proxy_pass http://gitlab-workhorse;
}
 
error_page 404 /404.html;
error_page 422 /422.html;
error_page 500 /500.html;
error_page 502 /502.html;
error_page 503 /503.html;
location ~ ^/(404|422|500|502|503)\.html$ {
root /home/git/gitlab/public;
internal;
}
 
}
 
################Nginx ssl 配置文件####################
upstream gitlab-workhorse {
server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
}
server {
listen 0.0.0.0:80;
server_name gitlab.ptengine.jp; ## Replace this with something like gitlab.example.com
server_tokens off; ## Don't show the nginx version number, a security best practice
return 301 https://$http_host$request_uri;
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
}
server {
listen 0.0.0.0:443 ssl;
server_name gitlab.ptengine.jp; ## Replace this with something like gitlab.example.com
server_tokens off; ## Don't show the nginx version number, a security best practice
ssl on;
ssl_certificate /usr/local/nginx/ssl/www.ptengine.jp.pem;
ssl_certificate_key /usr/local/nginx/ssl/www.ptengine.jp.key;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
client_max_body_size 0;
gzip off;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://gitlab-workhorse;
}
error_page 404 /404.html;
error_page 422 /422.html;
error_page 500 /500.html;
error_page 502 /502.html;
error_page 503 /503.html;
location ~ ^/(404|422|500|502|503)\.html$ {
root /home/git/gitlab/public;
internal;
}
}
##############################################################

# 修改/home/git權限

chmod 755 /home/git

# 檢查安裝

cd /home/git/gitlab
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production

# 備份：

##修改默認的備份目錄
vim /home/git/gitlab/config/gitlab.yml
backup:
path: "/data/git/gitlab-backup/"
 
mkdir -p /data/git/gitlab-backup/
chown -R git.git /data/git/gitlab-backup/
 
#重啓 gitlab
service gitlab restart
 
#執行備份
sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production

# 遇到的問題，執行備份失敗，緣由是讀取config/database.yml文件中的password有問題,須要修改/home/git/gitlab/lib/backup/database.rb

[root@nexus-5-101 gitlab]# sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
Dumping database ...
Dumping MySQL database gitlabhq_production ... mysqldump: Got error: 1045: "Access denied for user 'git'@'172.16.3.65' (using password: YES)" when trying to connect
[FAILED]
Backup failed
 
vim /home/git/gitlab/lib/backup/database.rb
#第23行，將關於mysql的ENV['MYSQL_PWD']註銷
#第75行，mysql_args下面添加'password' => '--password',
#########################################################################
vim /home/git/gitlab/lib/backup/database.rb
 
require 'yaml'
 
module Backup
class Database
attr_reader :config, :db_file_name
 
def initialize
@config = YAML.load_file(File.join(Rails.root,'config','database.yml'))[Rails.env]
@db_file_name = File.join(Gitlab.config.backup.path, 'db', 'database.sql.gz')
end
 
def dump
FileUtils.mkdir_p(File.dirname(db_file_name))
FileUtils.rm_f(db_file_name)
compress_rd, compress_wr = IO.pipe
compress_pid = spawn(*%W(gzip -1 -c), in: compress_rd, out: [db_file_name, 'w', 0600])
compress_rd.close
 
dump_pid = case config["adapter"]
when /^mysql/ then
$progress.print "Dumping MySQL database #{config['database']} ... "
# Workaround warnings from MySQL 5.6 about passwords on cmd line
# ENV['MYSQL_PWD'] = config["password"].to_s if config["password"]
spawn('mysqldump', *mysql_args, config['database'], out: compress_wr)
when "postgresql" then
$progress.print "Dumping PostgreSQL database #{config['database']} ... "
pg_env
pgsql_args = ["--clean"] # Pass '--clean' to include 'DROP TABLE' statements in the DB dump.
if Gitlab.config.backup.pg_schema
pgsql_args << "-n"
pgsql_args << Gitlab.config.backup.pg_schema
end
spawn('pg_dump', *pgsql_args, config['database'], out: compress_wr)
end
compress_wr.close
 
success = [compress_pid, dump_pid].all? { |pid| Process.waitpid(pid); $?.success? }
 
report_success(success)
abort 'Backup failed' unless success
end
 
def restore
decompress_rd, decompress_wr = IO.pipe
decompress_pid = spawn(*%W(gzip -cd), out: decompress_wr, in: db_file_name)
decompress_wr.close
 
restore_pid = case config["adapter"]
when /^mysql/ then
$progress.print "Restoring MySQL database #{config['database']} ... "
# Workaround warnings from MySQL 5.6 about passwords on cmd line
ENV['MYSQL_PWD'] = config["password"].to_s if config["password"]
spawn('mysql', *mysql_args, config['database'], in: decompress_rd)
when "postgresql" then
$progress.print "Restoring PostgreSQL database #{config['database']} ... "
pg_env
spawn('psql', config['database'], in: decompress_rd)
end
decompress_rd.close
 
success = [decompress_pid, restore_pid].all? { |pid| Process.waitpid(pid); $?.success? }
 
report_success(success)
abort 'Restore failed' unless success
end
 
protected
 
def mysql_args
args = {
'host' => '--host',
'port' => '--port',
'socket' => '--socket',
'username' => '--user',
'password' => '--password',
'encoding' => '--default-character-set'
}
args.map { |opt, arg| "#{arg}=#{config[opt]}" if config[opt] }.compact
end
 
def pg_env
ENV['PGUSER'] = config["username"] if config["username"]
ENV['PGHOST'] = config["host"] if config["host"]
ENV['PGPORT'] = config["port"].to_s if config["port"]
ENV['PGPASSWORD'] = config["password"].to_s if config["password"]
end
 
def report_success(success)
if success
$progress.puts '[DONE]'.color(:green)
else
$progress.puts '[FAILED]'.color(:red)
end
end
end
end
#########################################################################

#再次執行備份：

sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production

#恢復

恢復時要確保兩邊的gitlab版本是同樣的

# Stop processes that are connected to the database
sudo service gitlab stop
 
sudo -u git -H bundle exec rake gitlab:backup:restore RAILS_ENV=production BACKUP=1474170453
 
# Options:
BACKUP=timestamp_of_backup (required if more than one backup exists)
force=yes (do not ask if the authorized_keys file should get regenerated)