CentOS Git服務安裝

安裝yum源

yum -y install http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

vim /etc/yum.repos.d/epel.repo

baseurl去掉註釋

註釋mirrorlist

安裝git環境所需的包

yum -y install libicu-devel patch gcc-c++ readline-devel zlib-devel libffi-devel openssl-devel make autoconf automake libtool bison libxml2-devel libxslt-devel libyaml-devel zlib-devel openssl-devel cpio expat-devel gettext-devel curl-devel perl-ExtUtils-CBuilder perl-ExtUtils-MakeMaker

移除機器上現有的git ruby

yum -y remove git ruby

安裝git

mkdir /tmp/git && cd /tmp/git

wget https://www.kernel.org/pub/software/scm/git/git-1.8.4.1.tar.gz

tar -zxvf git-1.8.4.1.tar.gz

cd git-1.8.4.1/

make prefix=/usr/local all

make prefix=/usr/local install

ln -fs /usr/local/bin/git* /usr/bin/

安裝ruby

mkdir /tmp/ruby && cd /tmp/ruby

curl --progress ftp://ftp.ruby-lang.org/pub/ruby/2.0/ruby-2.0.0-p353.tar.gz | tar xz

cd ruby-2.0.0-p353/

./configure --disable-install-rdoc

make && make install

gem source -r https://rubygems.org/

gem source -a http://ruby.taobao.org/

gem install bundler --no-ri --no-rdoc

ln -s /usr/local/bin/ruby /usr/bin/ruby

ln -s /usr/local/bin/gem /usr/bin/gem

ln -s /usr/local/bin/bundle /usr/bin/bundle

新建git賬號並允許sudo

useradd --comment 'GitLab' git

echo "git ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers

安裝git-shell

su - git

sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-shell.git -b v1.8.0

cd gitlab-shell/

sudo -u git -H cp config.yml.example config.yml

vim config.yml

修改gitlab域名

gitlab_url: "http://localhost/"

如：

gitlab_url: "http://gitlab.example.com/“

:wq!

sudo -u git -H ./bin/install

使用mysql並建立gitlab數據庫，本機如果沒有mysql直接yum安裝即可

sudo yum -y install mysql mysql-devel mysql-server

sudo /etc/init.d/mysqld start

mysql -uroot -p

CREATE USER 'gituser'@'localhost' IDENTIFIED BY 'gitpasswd';

CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci`;

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON `gitlabhq_production`.*TO 'gituser'@'localhost';

\q

測試gituser登陸數據庫是否正常

sudo -u git -H mysql -u gituser -p -D gitlabhq_production

安裝redis

sudo yum -y install redis

sudo /etc/init.d/redis start

sudo chkconfig redis on

安裝gitlab

cd /home/git

sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 6-4-stable gitlab

cd /home/git/gitlab

sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml

vim config/gitlab.yml

修改git域名，上面git-shell配置文件裏面定義的

gitlab:

  ## Web server settings

  host: gitlab.example.com

  port: 80

  https: false

修改git path

git:

  bin_path: /usr/local/bin/git

:wq!

添加相應文件的權限、新建必要的文件及複製配置文件

chown -R git log/

chown -R git tmp/

chmod -R u+rwX  log/

chmod -R u+rwX  tmp/

sudo -u git -H mkdir /home/git/gitlab-satellites

sudo -u git -H mkdir tmp/pids/

sudo -u git -H mkdir tmp/sockets/

sudo chmod -R u+rwX tmp/pids/

sudo chmod -R u+rwX tmp/sockets/

sudo -u git -H mkdir public/uploads

sudo chmod -R u+rwX public/uploads/

sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb

sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb

設置gitlab全局賬號

sudo -u git -H git config --global user.name "GitLab"

sudo -u git -H git config --global user.email "gitlab@localhost"

sudo -u git -H git config --global core.autocrlf input

設置數據庫連接文件信息，如下是我數據庫信息配置：

sudo -u git cp config/database.yml.mysql config/database.yml

sudo -u git -H vim config/database.yml

#

# PRODUCTION

#

production:

  adapter: mysql2

  encoding: utf8

  reconnect: false

  database: gitlabhq_production

  pool: 10

  username: gituser

  password: "gitpasswd”

  # host: localhost

  # socket: /tmp/mysql.sock

#

# Development specific

#

development:

  adapter: mysql2

  encoding: utf8

  reconnect: false

  database: gitlabhq_development

  pool: 5

  username: gituser

  password: "gitpasswd”

  # socket: /tmp/mysql.sock

# Warning: The database defined as "test" will be erased and

# re-generated from your development database when you run "rake".

# Do not set this db to the same as development or production.

test: &test

  adapter: mysql2

  encoding: utf8

  reconnect: false

  database: gitlabhq_test

  pool: 5

  username: gituser

  password: "gitpasswd”

  # socket: /tmp/mysql.sock

安裝gems

cd /home/git/gitlab

vim Gemfile

修改source "https://rubygems.org/"

爲source "http://ruby.taobao.org/"

vim Gemfile.lock

修改remote: https://rubygems.org/

爲remote: http://ruby.taobao.org/

:wq

sudo -u git -H bundle install --deployment --without development test postgres aws

如出現此類錯誤Could not find modernizr-2.6.2 in any of the sources，則修改：

vim Gemfile

修改:gem "modernizr",        "2.6.2"

爲gem "modernizr-rails",  "2.7.1"

:wq

vim Gemfile.lock

修改:modernizr (2.6.2)

爲:modernizr-rails (2.7.1)

修改:modernizr (= 2.6.2)

爲:modernizr-rails (= 2.7.1)

:wq

再次運行：sudo -u git -H bundle install --deployment --without development test postgres aws

初始化數據庫

sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production

Do you want to continue (yes/no)? yes

初始化完成後最後兩行就是你gitlab默認的用戶名密碼

配置啓動及日誌切割文件

sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab

sudo cp lib/support/init.d/gitlab.default.example /etc/default/gitlab

sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab

測試環境信息

sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production

安裝nginx

sudo yum -y install nginx

以下是我nginx主配置文件內容

cat /etc/nginx/nginx.conf | grep -v "^#" | grep -v "^$"

user              root git;

worker_processes  2;

pid        /var/run/nginx.pid;

events {

    worker_connections  1024;

}

http {

    include       /etc/nginx/mime.types;

    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

                      '$status $body_bytes_sent "$http_referer" '

                      '"$http_user_agent" "$http_x_forwarded_for"';

upstream gitlab {

    server unix:/home/git/gitlab/tmp/sockets/gitlab.socket;

}

server {

    listen *:80 default_server;

    server_name gitlab.example.com;

    server_tokens off;

    root /home/git/gitlab/public;

    client_max_body_size 5m;

    access_log  /var/log/nginx/gitlab_access.log;

    error_log   /var/log/nginx/gitlab_error.log;

    location / {

        try_files $uri $uri/index.html $uri.html @gitlab;

    }

    location @gitlab {

        proxy_read_timeout 300;

        proxy_connect_timeout 300;

        proxy_redirect     off;

        proxy_set_header   X-Forwarded-Proto $scheme;

        proxy_set_header   Host              $http_host;

        proxy_set_header   X-Real-IP         $remote_addr;

        proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;

        proxy_pass http://gitlab;

    }

}

    #tcp_nopush     on;

    #keepalive_timeout  0;

    #gzip  on;

    

    # Load config files from the /etc/nginx/conf.d directory

    # The default server is in conf.d/default.conf

}

更改權限及啓動nginx

sudo nginx -t

sudo chown -R git.git /var/lib/nginx/

sudo /etc/init.d/nginx start

拉取gitlab靜態資源文件

cd /home/git/gitlab

sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production

啓動gitlab

sudo /etc/init.d/gitlab start

檢查各個組件是否正常工作

sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production

一切正常的話 使用你的瀏覽器訪問gitlab吧（域名訪問，修改hosts文件先）

http://gitlab.example.com

賬號密碼爲上面初始化數據後顯示的賬號密碼

[email protected]/5iveL!fe

客戶端首次git clone正常git push後報類似以下錯誤：

fatal: protocol error: bad line length character: 12e

fatal: The remote end hung up unexpectedly

之後在別的地方git clone失敗

nginx訪問日誌報類似以下信息：

10.0.0.5 - - [02/Sep/2014:17:22:50 +0800] "GET /root/testops.git/info/refs?service=git-upload-pack HTTP/1.1" 200 282 "-" "git/1.9.3 (Apple Git-50)"

10.0.0.5 - - [02/Sep/2014:17:22:50 +0800] "POST /root/testops.git/git-upload-pack HTTP/1.1" 200 726 "-" "git/1.9.3 (Apple Git-50)"

解決：

gitlab和nginx版本兼容上出現問題，升級nginx版本到nginx1.6.0問題解決

本機mail對外發送郵件正常，gitlab發送失敗，/var/log/maillog顯示類似以下錯誤：

Jan  8 15:04:04 centos01 sendmail[7374]: t08741Sq007372: to=<[email protected]>, delay=00:00:03, xdelay=00:00:00, mailer=esmtp, pri=122161, relay=qiye163mx01.mxmail.netease.com. [220.181.97.145], dsn=5.0.0, stat=Service unavailable

Jan  8 15:04:04 centos01 sendmail[7374]: t08741Sq007372: t08744Sq007374: DSN: Service unavailable

Jan  8 15:07:41 centos01 sendmail[7573]: t083rICS007905: to=<[email protected]>, delay=03:14:23, xdelay=00:00:00, mailer=esmtp, pri=753386, relay=example.com., dsn=4.0.0, stat=Deferred: Connection timed out with example.com.

修改[email protected]爲本機可識別的地址，如：

vim /home/git/gitlab/config/gitlab.yml

替換[email protected]爲/home/git/.gitconfig裏面的郵件地址，就是上文“設置gitlab全局賬號”下的郵箱地址

git push報以下錯誤：

localhost:test guwenqiang$ git push -u origin master

Counting objects: 4, done.

Delta compression using up to 4 threads.

Compressing objects: 100% (3/3), done.

Writing objects: 100% (3/3), 1.06 MiB | 0 bytes/s, done.

Total 3 (delta 1), reused 0 (delta 0)

fatal: The remote end hung up unexpectedly

fatal: The remote end hung up unexpectedly

Everything up-to-date

push文件過大導致，解決方法如下：

客戶端（push報錯機器）執行：

linux：

git config http.postBuffer 524288000

windows:

在.git/config 文件中加入

[http]

postBuffer = 524288000

git clone報錯如下：

Cloning into 'opstest'...

remote: Not Found

fatal: repository 'http://git.inner-dev.sincestar.com/guwenqiang/opstest.git/' not found

解決：

拉取gitlab-ssl文件至/etc/nginx/sites-available/gitlab

gitlab-ssl信息（）：

域名換爲git.domob-inc.cn

cat sites-available/gitlab | grep -v "^{#" | grep -v "}$"

upstream gitlab {

server unix:/home/git/gitlab/tmp/sockets/gitlab.socket;

}

server {

listen *:80 default_server;

server_name gitlab.example.com; ## Replace this with something like gitlab.example.com

server_tokens off; ## Don't show the nginx version number, a security best practice

root /nowhere; ## root doesn't have to be a valid path since we are redirecting

rewrite ^{https://$server_name$request_uri permanent;}

}

server {

listen 443 ssl;

server_name YOUR_SERVER_FQDN; ## Replace this with something like gitlab.example.com

server_tokens off;

root /home/git/gitlab/public;

## Increase this if you want to upload large attachments

## Or if you want to accept large git objects over http

client_max_body_size 20m;

## Strong SSL Security

## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html

ssl on;

ssl_certificate /etc/nginx/ssl/gitlab.crt;

ssl_certificate_key /etc/nginx/ssl/gitlab.key;

ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4';

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_session_cache builtin:1000 shared:SSL:10m;

ssl_prefer_server_ciphers on;

add_header Strict-Transport-Security max-age=63072000;

add_header X-Frame-Options DENY;

add_header X-Content-Type-Options nosniff;

## Individual nginx logs for this GitLab vhost

access_log /var/log/nginx/gitlab_access.log;

error_log /var/log/nginx/gitlab_error.log;

location / {

## Serve static files from defined root folder.

## @gitlab is a named location for the upstream fallback, see below.

try_files $uri $uri/index.html $uri.html @gitlab;

}

## If a file, which is not found in the root folder is requested,

## then the proxy pass the request to the upsteam (gitlab unicorn).

location @gitlab {

## If you use https make sure you disable gzip compression

## to be safe against BREACH attack.

gzip off;

## https://github.com/gitlabhq/gitlabhq/issues/694

## Some requests take more than 30 seconds.

proxy_read_timeout 300;

proxy_connect_timeout 300;

proxy_redirect off;

proxy_set_header Host $http_host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-Ssl on;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

proxy_set_header X-Frame-Options SAMEORIGIN;

proxy_pass http://gitlab;

}

## Enable gzip compression as per rails guide:

## http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression

## WARNING: If you are using relative urls do remove the block below

## See config/application.rb under "Relative url support" for the list of

## other files that need to be changed for relative url support

location ~ ^{/(assets)/ {}

root /home/git/gitlab/public;

gzip_static on; # to serve pre-gzipped version

expires max;

add_header Cache-Control public;

}

error_page 502 /502.html;

}

ln -sf /etc/nginx/sites-available/gitlab /etc/nginx/sites-enabled/gitlab

重啓gitlab nginx服務即可

git push報錯如下：

Counting objects: 3, done.

Delta compression using up to 4 threads.

Compressing objects: 100% (2/2), done.

Writing objects: 100% (3/3), 256 bytes | 0 bytes/s, done.

Total 3 (delta 0), reused 0 (delta 0)

remote: /usr/local/lib/ruby/gems/2.1.0/gems/bundler-1.3.1/lib/bundler/runtime.rb:216: warning: Insecure world writable dir /data in PATH, mode 040777

remote: GitLab: You are not allowed to access master!

remote: error: hook declined to update refs/heads/master

To http://git.inner-dev.sincestar.com/guwenqiang/opstest.git

 ! [remote rejected] master -> master (hook declined)

error: failed to push some refs to 'http://git.inner-dev.sincestar.com/guwenqiang/opstest.git'

解決：

上面一共報了兩個地方的錯誤：

1、提示已經說明/data目錄權限不安全，ll看後發現權限爲777，改爲755第一個錯誤解決。

2、鏈接出錯，刪除/data/home/git/gitlab-shell/hooks/update文件

問題：

gitlab升級後訪問網頁端界面佈局全亂了

解決：

service gitlab stop

cd /home/git/gitlab

sudo -u git -H bundle exec rake assets:clean assets:precompile cache:clear RAILS_ENV=production

service gitlab start