Jenkins+Ansible+Gitlab自动化部署三剑客

一、gitlab安装

环境：centos 7 x64

1、关闭防火墙

systemctl stop firewalld
systemctl disable firewalld

2、禁用selinux

vim /etc/selinux/config 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

改为SELINUX=disabled，然后重启服务器，使用getenforce进行验证

3、安装环境依赖

yum install curl policycoreutils openssh-server openssh-clients postfix

4、下载仓库文件

curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash

5、启动邮件服务

systemctl start postfix
systemctl enable postfix

6、安装gitlab-ce

yum install -y gitlab-ce

7、配置ssl

mkdir /etc/gitlab/ssl
cd /etc/gitlab/ssl
openssl genrsa -out /etc/gitlab/ssl/gitlab.example.com.key 2048
openssl req -new -key "gitlab.example.com.key" -out "gitlab.example.com.csr"
openssl x509 -req -days 3650 -in "gitlab.example.com.csr" -signkey "gitlab.example.com.key" -out "gitlab.example.com.crt"
openssl dhparam -out dhparams.pem 2048
chmod 600 *

8、配置gitlab.rb

vim /etc/gitlab/gitlab.rb

external_url 'https://gitlab.example.com'
//external_url 'https://192.168.71.128'

Nginx['redirect_http_to_https'] = true Nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt" Nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key" Nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem" # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem

gitlab-ctl reconfigure

9、配置Nginx

server {
  listen *:80;
  server_name gitlab.example.com;
  //server_name 192.168.71.128;

  rewrite ^(.*)$ https://$host$1 permanent;

  server_tokens off; ## Don't show the Nginx version number, a security best practice

版权声明：本文内容由互联网用户自发贡献，该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容， 请发送邮件至 [email protected] 举报，一经查实，本站将立刻删除。