DevOps 理念落实得最为彻底的一类案例就是 CI/CD(持续集成/持续交付) 系统
CI/CD(持续集成/持续交付) 系统的一个关键环节就是版本控制,因为它是多是工作流的起点
版本控制软件有很多种,比较熟知的开源版本控制软件有 CVS ,SVN 和 Git ,从目前使用情况来看最受欢迎的开源版本控制系统还是 Git
单单看 Git 所专注的版本控制功能,其强大与高效鲜有软件可以与其比拟,但是 Git 没有友好的管理界面和配备服务,大型项目管理的过程中也缺少权限管理的功能
于是世面上有各种基于 Git 的集成软件,GitLab 就是其中优秀的一款
Tip: 当前最新版本为 9.4.0
GitLab 除了具备基本的版本控制能力外,还有内建的 CI/CD 功能,GitLab Pages(类似于 github pages,可以用于写 wiki,或其它帮助文档),管理 issue,基本的 review 功能,时间追踪等功能
这些功能对于一个自动化的运维环境来讲,可以非常明显地提升工作效率
相对于基础的社区版,企业版和企业增强版还提供很多附加的功能,详细可以参考 版本对比
这里就如何快速搭建 gitlab-ce 给出一个过程参考
其它环境下的详细安装过程可以参考 GitLab 的安装
[root@much ~]# hostnamectl
Static hostname: much
Icon name: computer-vm
Chassis: vm
Machine ID: 33dc28f7e76c4903ad9b603b77e29a7c
Boot ID: 16c8f52b10f2442f85308cce86bf08f7
Virtualization: kvm
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-514.21.1.el7.x86_64
Architecture: x86-64
[root@much ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:c2:66:f7 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3
valid_lft 86055sec preferred_lft 86055sec
inet6 fe80::2bb7:5b3:9584:d8eb/64 scope link
valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:03:d0:2d brd ff:ff:ff:ff:ff:ff
inet 192.168.56.203/24 brd 192.168.56.255 scope global enp0s8
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe03:d02d/64 scope link
valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether 52:54:00:16:5e:11 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
link/ether 52:54:00:16:5e:11 brd ff:ff:ff:ff:ff:ff
[root@much ~]# uname -a
Linux much 3.10.0-514.21.1.el7.x86_64 #1 SMP Thu May 25 17:04:51 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@much ~]#
[root@much ~]# yum install curl policycoreutils openssh-server openssh-clients
Loaded plugins: fastestmirror, langpacks
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
base | 3.6 kB 00:00:00
c7-media | 3.6 kB 00:00:00
extras | 3.4 kB 00:00:00
updates | 3.4 kB 00:00:00
(1/2): extras/7/x86_64/primary_db | 191 kB 00:00:00
(2/2): updates/7/x86_64/primary_db | 7.8 MB 00:00:00
Determining fastest mirrors
* base: mirrors.tuna.tsinghua.edu.cn
* c7-media:
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
Package curl-7.29.0-35.el7.centos.x86_64 already installed and latest version
Package policycoreutils-2.5-11.el7_3.x86_64 already installed and latest version
Package openssh-server-6.6.1p1-35.el7_3.x86_64 already installed and latest version
Package openssh-clients-6.6.1p1-35.el7_3.x86_64 already installed and latest version
Nothing to do
[root@much ~]# systemctl enable sshd
[root@much ~]# systemctl start sshd
[root@much ~]# yum install postfix
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.tuna.tsinghua.edu.cn
* c7-media:
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
Package 2:postfix-2.10.1-6.el7.x86_64 already installed and latest version
Nothing to do
[root@much ~]# systemctl enable postfix
[root@much ~]# systemctl start postfix
[root@much ~]# firewall-cmd --permanent --add-service=http
success
[root@much ~]# systemctl reload firewalld
[root@much ~]#
gitlab-ce 对 curl policycoreutils openssh-server openssh-clients postfix
这些服务有依赖,需要提前安装和开启
防火墙要打开 http 的访问,否则无法对外提供服务
[root@much ~]# yum list all | grep gitlab
[root@much ~]# curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash
Detected operating system as centos/7.
Checking for curl...
Detected curl...
Downloading repository file: https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/config_file.repo?os=centos&dist=7&source=script
done.
Installing pygpgme to verify GPG signatures...
Loaded plugins: fastestmirror, langpacks
gitlab_gitlab-ce-source/signature | 836 B 00:00:00
Retrieving key from https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
Importing GPG key 0xE15E78F4:
Userid : "GitLab B.V. (package repository signing key) <packages@gitlab.com>"
Fingerprint: 1a4c 919d b987 d435 9396 38b9 1421 9a96 e15e 78f4
From : https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
gitlab_gitlab-ce-source/signature | 951 B 00:00:00 !!!
gitlab_gitlab-ce-source/primary | 175 B 00:00:03
Loading mirror speeds from cached hostfile
* base: mirrors.tuna.tsinghua.edu.cn
* c7-media:
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
Package pygpgme-0.3-9.el7.x86_64 already installed and latest version
Nothing to do
Installing yum-utils...
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.tuna.tsinghua.edu.cn
* c7-media:
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
Package yum-utils-1.1.31-40.el7.noarch already installed and latest version
Nothing to do
Generating yum cache for gitlab_gitlab-ce...
Importing GPG key 0xE15E78F4:
Userid : "GitLab B.V. (package repository signing key) <packages@gitlab.com>"
Fingerprint: 1a4c 919d b987 d435 9396 38b9 1421 9a96 e15e 78f4
From : https://packages.gitlab.com/gitlab/gitlab-ce/gpgkey
The repository is setup! You can now install packages.
[root@much ~]# echo $?
0
[root@much ~]# yum list all | grep gitlab
gitlab-ce.x86_64 9.4.0-ce.0.el7 gitlab_gitlab-ce
[root@much ~]#
[root@much ~]# yum install gitlab-ce
Loaded plugins: fastestmirror, langpacks
gitlab_gitlab-ce/x86_64/signature | 836 B 00:00:00
gitlab_gitlab-ce/x86_64/signature | 1.0 kB 00:00:00 !!!
gitlab_gitlab-ce-source/signature | 836 B 00:00:00
gitlab_gitlab-ce-source/signature | 951 B 00:00:00 !!!
Loading mirror speeds from cached hostfile
* base: mirrors.tuna.tsinghua.edu.cn
* c7-media:
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package gitlab-ce.x86_64 0:9.4.0-ce.0.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
============================================================================================================================================================================================
Package Arch Version Repository Size
============================================================================================================================================================================================
Installing:
gitlab-ce x86_64 9.4.0-ce.0.el7 gitlab_gitlab-ce 340 M
Transaction Summary
============================================================================================================================================================================================
Install 1 Package
Total download size: 340 M
Installed size: 1.0 G
Is this ok [y/d/N]: y
Downloading packages:
No Presto metadata available for gitlab_gitlab-ce
gitlab-ce-9.4.0-ce.0.el7.x86_64.rpm | 340 MB 00:44:02
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : gitlab-ce-9.4.0-ce.0.el7.x86_64 1/1
*. *.
*** ***
***** *****
.****** *******
******** ********
,,,,,,,,,***********,,,,,,,,,
,,,,,,,,,,,*********,,,,,,,,,,,
.,,,,,,,,,,,*******,,,,,,,,,,,,
,,,,,,,,,*****,,,,,,,,,.
,,,,,,,****,,,,,,
.,,,***,,,,
,*,.
_______ __ __ __
/ ____(_) /_/ / ____ _/ /_
/ / __/ / __/ / / __ `/ __ \
/ /_/ / / /_/ /___/ /_/ / /_/ /
\____/_/\__/_____/\__,_/_.___/
gitlab: Thank you for installing GitLab!
gitlab: To configure and start GitLab, RUN THE FOLLOWING COMMAND:
sudo gitlab-ctl reconfigure
gitlab: GitLab should be reachable at http://much
gitlab: Otherwise configure GitLab for your system by editing /etc/gitlab/gitlab.rb file
gitlab: And running reconfigure again.
gitlab:
gitlab: For a comprehensive list of configuration options please see the Omnibus GitLab readme
gitlab: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md
gitlab:
It looks like GitLab has not been configured yet; skipping the upgrade script.
Verifying : gitlab-ce-9.4.0-ce.0.el7.x86_64 1/1
Installed:
gitlab-ce.x86_64 0:9.4.0-ce.0.el7
Complete!
[root@much ~]# echo $?
0
[root@much ~]#
[root@much ~]# gitlab-ctl status
[root@much ~]# gitlab-ctl reconfigure
Starting Chef Client, version 12.12.15
resolving cookbooks for run list: ["gitlab"]
Synchronizing Cookbooks:
- package (0.0.0)
- gitlab (0.0.1)
- runit (0.14.2)
- registry (0.1.0)
Installing Cookbook Gems:
Compiling Cookbooks...
Recipe: gitlab::default
* directory[/etc/gitlab] action create
- change mode from '0755' to '0775'
- restore selinux security context
/sbin/init: unrecognized option '--version'
-.mount loaded active mounted /
Converging 465 resources
* directory[/etc/gitlab] action create (up to date)
* directory[Create /var/opt/gitlab] action create
- create new directory /var/opt/gitlab
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
- restore selinux security context
* directory[/opt/gitlab/embedded/etc] action create
- create new directory /opt/gitlab/embedded/etc
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
- restore selinux security context
* template[/opt/gitlab/embedded/etc/gitconfig] action create
- create new file /opt/gitlab/embedded/etc/gitconfig
- update content in file /opt/gitlab/embedded/etc/gitconfig from none to 5fe039
--- /opt/gitlab/embedded/etc/gitconfig 2017-07-24 00:12:56.993000000 +0800
+++ /opt/gitlab/embedded/etc/.chef-gitconfig20170724-7201-pdd52n 2017-07-24 00:12:56.993000000 +0800
@@ -1 +1,10 @@
+[pack]
+ threads = 1
+[receive]
+ fsckObjects = true
+[repack]
+ writeBitmaps = true
+[transfer]
+ hideRefs=^refs/tmp/
+hideRefs=^refs/keep-around/
- change mode from '' to '0755'
- restore selinux security context
Recipe: gitlab::web-server
* group[Webserver user and group] action create
- create group gitlab-www
* user[Webserver user and group] action create
- create user gitlab-www
Recipe: gitlab::users
* directory[/var/opt/gitlab] action create (up to date)
* group[GitLab user and group] action create
- create group git
* user[GitLab user and group] action create
- create user git
* template[/var/opt/gitlab/.gitconfig] action create
- create new file /var/opt/gitlab/.gitconfig
- update content in file /var/opt/gitlab/.gitconfig from none to 973154
--- /var/opt/gitlab/.gitconfig 2017-07-24 00:12:57.192000000 +0800
+++ /var/opt/gitlab/.chef-.gitconfig20170724-7201-161mgmq 2017-07-24 00:12:57.192000000 +0800
@@ -1 +1,12 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+[user]
+ name = GitLab
+ email = gitlab@much
+[core]
+ autocrlf = input
+[gc]
+ auto = 0
- change mode from '' to '0644'
- change owner from '' to 'git'
- change group from '' to 'git'
- restore selinux security context
Recipe: gitlab::gitlab-shell
* ruby_block[directory resource: /var/opt/gitlab/git-data] action run
- execute the ruby block directory resource: /var/opt/gitlab/git-data
* ruby_block[directory resource: /var/opt/gitlab/git-data/repositories] action run
- execute the ruby block directory resource: /var/opt/gitlab/git-data/repositories
* ruby_block[directory resource: /var/opt/gitlab/.ssh] action run
- execute the ruby block directory resource: /var/opt/gitlab/.ssh
* directory[/var/log/gitlab/gitlab-shell/] action create
- create new directory /var/log/gitlab/gitlab-shell/
- change mode from '' to '0700'
- change owner from '' to 'git'
- restore selinux security context
* directory[/var/opt/gitlab/gitlab-shell] action create
- create new directory /var/opt/gitlab/gitlab-shell
- change mode from '' to '0700'
- change owner from '' to 'git'
- restore selinux security context
* templatesymlink[Create a config.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-shell/config.yml] action create
- create new file /var/opt/gitlab/gitlab-shell/config.yml
- update content in file /var/opt/gitlab/gitlab-shell/config.yml from none to cce2bf
--- /var/opt/gitlab/gitlab-shell/config.yml 2017-07-24 00:12:57.952000000 +0800
+++ /var/opt/gitlab/gitlab-shell/.chef-config.yml20170724-7201-18rakrc 2017-07-24 00:12:57.952000000 +0800
@@ -1 +1,44 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+# GitLab user. git by default
+user: git
+
+# Url to gitlab instance. Used for api calls. Should end with a slash.
+gitlab_url: "http://127.0.0.1:8080"
+
+http_settings:
+
+# user: someone
+# password: somepass
+# ca_file: /etc/ssl/cert.pem
+# ca_path: /etc/pki/tls/certs
+# self_signed_cert: false
+
+# File used as authorized_keys for gitlab user
+auth_file: "/var/opt/gitlab/.ssh/authorized_keys"
+
+# Redis settings used for pushing commit notices to gitlab
+redis:
+ bin: /opt/gitlab/embedded/bin/redis-cli
+ host: 127.0.0.1
+ port:
+ socket: /var/opt/gitlab/redis/redis.socket
+ database:
+ namespace: resque:gitlab
+
+# Log file.
+# Default is gitlab-shell.log in the root directory.
+log_file: "/var/log/gitlab/gitlab-shell/gitlab-shell.log"
+
+# Log level. INFO by default
+log_level:
+
+# Audit usernames.
+# Set to true to see real usernames in the logs instead of key ids, which is easier to follow, but
+# incurs an extra API call on every gitlab-shell command.
+audit_usernames:
+
+
- restore selinux security context
* link[Link /opt/gitlab/embedded/service/gitlab-shell/config.yml to /var/opt/gitlab/gitlab-shell/config.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-shell/config.yml to /var/opt/gitlab/gitlab-shell/config.yml
* link[/opt/gitlab/embedded/service/gitlab-shell/.gitlab_shell_secret] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-shell/.gitlab_shell_secret to /opt/gitlab/embedded/service/gitlab-rails/.gitlab_shell_secret
* execute[/opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-keys check-permissions] action run
- execute /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-keys check-permissions
* bash[Set proper security context on ssh files for selinux] action run
- execute "bash" "/tmp/chef-script20170724-7201-1q92aa0"
Recipe: gitlab::gitlab-rails
* directory[/var/log/gitlab] action create
- change owner from 'root' to 'git'
- restore selinux security context
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/shared
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/artifacts] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/shared/artifacts
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/lfs-objects] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/shared/lfs-objects
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/uploads] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/uploads
* ruby_block[directory resource: /var/opt/gitlab/gitlab-ci/builds] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-ci/builds
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/pages] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/shared/pages
* directory[create /var/opt/gitlab/gitlab-rails/etc] action create
- create new directory /var/opt/gitlab/gitlab-rails/etc
- change mode from '' to '0700'
- change owner from '' to 'git'
- restore selinux security context
* directory[create /opt/gitlab/etc/gitlab-rails] action create
- create new directory /opt/gitlab/etc/gitlab-rails
- change mode from '' to '0700'
- change owner from '' to 'git'
- restore selinux security context
* directory[create /var/opt/gitlab/gitlab-rails/working] action create
- create new directory /var/opt/gitlab/gitlab-rails/working
- change mode from '' to '0700'
- change owner from '' to 'git'
- restore selinux security context
* directory[create /var/opt/gitlab/gitlab-rails/tmp] action create
- create new directory /var/opt/gitlab/gitlab-rails/tmp
- change mode from '' to '0700'
- change owner from '' to 'git'
- restore selinux security context
* directory[create /var/opt/gitlab/gitlab-rails/upgrade-status] action create
- create new directory /var/opt/gitlab/gitlab-rails/upgrade-status
- change mode from '' to '0700'
- change owner from '' to 'git'
- restore selinux security context
* directory[create /var/log/gitlab/gitlab-rails] action create
- create new directory /var/log/gitlab/gitlab-rails
- change mode from '' to '0700'
- change owner from '' to 'git'
- restore selinux security context
* directory[/var/opt/gitlab/backups] action create
- create new directory /var/opt/gitlab/backups
- change mode from '' to '0700'
- change owner from '' to 'git'
- restore selinux security context
* directory[/var/opt/gitlab/gitlab-rails] action create
- change owner from 'root' to 'git'
- restore selinux security context
* directory[/var/opt/gitlab/gitlab-ci] action create
- change owner from 'root' to 'git'
- restore selinux security context
* file[/var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key] action create (skipped due to only_if)
* template[/opt/gitlab/etc/gitlab-rails/gitlab-rails-rc] action create
- create new file /opt/gitlab/etc/gitlab-rails/gitlab-rails-rc
- update content in file /opt/gitlab/etc/gitlab-rails/gitlab-rails-rc from none to 15c7d9
--- /opt/gitlab/etc/gitlab-rails/gitlab-rails-rc 2017-07-24 00:12:59.564000000 +0800
+++ /opt/gitlab/etc/gitlab-rails/.chef-gitlab-rails-rc20170724-7201-cyydm3 2017-07-24 00:12:59.564000000 +0800
@@ -1 +1,2 @@
+gitlab_user='git'
- restore selinux security context
* file[/opt/gitlab/embedded/service/gitlab-rails/.secret] action delete (up to date)
* file[/var/opt/gitlab/gitlab-rails/etc/secret] action delete (up to date)
* templatesymlink[Create a database.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/database.yml] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/database.yml
- update content in file /var/opt/gitlab/gitlab-rails/etc/database.yml from none to f96ae4
--- /var/opt/gitlab/gitlab-rails/etc/database.yml 2017-07-24 00:12:59.594000000 +0800
+++ /var/opt/gitlab/gitlab-rails/etc/.chef-database.yml20170724-7201-1imtzor 2017-07-24 00:12:59.594000000 +0800
@@ -1 +1,22 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+production:
+ adapter: postgresql
+ encoding: unicode
+ collation:
+ database: gitlabhq_production
+ pool: 10
+ username: 'gitlab'
+ password:
+ host: '/var/opt/gitlab/postgresql'
+ port: 5432
+ socket:
+ sslmode:
+ sslrootcert:
+ sslca:
+ load_balancing: {"hosts":[]}
+ prepared_statements: true
+ statements_limit: 1000
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
- restore selinux security context
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/database.yml to /var/opt/gitlab/gitlab-rails/etc/database.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/config/database.yml to /var/opt/gitlab/gitlab-rails/etc/database.yml
* templatesymlink[Create a secrets.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/secrets.yml] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/secrets.yml
- update content in file /var/opt/gitlab/gitlab-rails/etc/secrets.yml from none to b7ccd5
- suppressed sensitive resource
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
- restore selinux security context
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/secrets.yml to /var/opt/gitlab/gitlab-rails/etc/secrets.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/config/secrets.yml to /var/opt/gitlab/gitlab-rails/etc/secrets.yml
* templatesymlink[Create a resque.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/resque.yml] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/resque.yml
- update content in file /var/opt/gitlab/gitlab-rails/etc/resque.yml from none to ec4232
--- /var/opt/gitlab/gitlab-rails/etc/resque.yml 2017-07-24 00:12:59.663000000 +0800
+++ /var/opt/gitlab/gitlab-rails/etc/.chef-resque.yml20170724-7201-6xk1z2 2017-07-24 00:12:59.663000000 +0800
@@ -1 +1,3 @@
+production:
+ url: unix:/var/opt/gitlab/redis/redis.socket
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
- restore selinux security context
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/resque.yml to /var/opt/gitlab/gitlab-rails/etc/resque.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/config/resque.yml to /var/opt/gitlab/gitlab-rails/etc/resque.yml
* templatesymlink[Create a aws.yml and create a symlink to Rails root] action delete
* template[/var/opt/gitlab/gitlab-rails/etc/aws.yml] action delete (up to date)
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/aws.yml to /var/opt/gitlab/gitlab-rails/etc/aws.yml] action delete (up to date)
(up to date)
* templatesymlink[Create a smtp_settings.rb and create a symlink to Rails root] action delete
* template[/var/opt/gitlab/gitlab-rails/etc/smtp_settings.rb] action delete (up to date)
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/initializers/smtp_settings.rb to /var/opt/gitlab/gitlab-rails/etc/smtp_settings.rb] action delete (up to date)
(up to date)
* templatesymlink[Create a gitlab.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/gitlab.yml] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/gitlab.yml
- update content in file /var/opt/gitlab/gitlab-rails/etc/gitlab.yml from none to 1666f1
--- /var/opt/gitlab/gitlab-rails/etc/gitlab.yml 2017-07-24 00:12:59.706000000 +0800
+++ /var/opt/gitlab/gitlab-rails/etc/.chef-gitlab.yml20170724-7201-1a7q6sx 2017-07-24 00:12:59.704000000 +0800
@@ -1 +1,466 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+production: &base
+ #
+ # 1. GitLab app settings
+ # ==========================
+
+ ## GitLab settings
+ gitlab:
+ ## Web server settings (note: host is the FQDN, do not include http://)
+ host: much
+ port: 80
+ https: false
+
+ # Uncommment this line below if your ssh host is different from HTTP/HTTPS one
+ # (you'd obviously need to replace ssh.host_example.com with your own host).
+ # Otherwise, ssh host will be set to the `host:` value above
+ ssh_host:
+
+ # WARNING: See config/application.rb under "Relative url support" for the list of
+ # other files that need to be changed for relative url support
+ relative_url_root:
+
+ # Trusted Proxies
+ # Customize if you have GitLab behind a reverse proxy which is running on a different machine.
+ # Add the IP address for your reverse proxy to the list, otherwise users will appear signed in from that address.
+ trusted_proxies:
+
+ # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
+ user: git
+
+ ## Date & Time settings
+ time_zone:
+
+ ## Email settings
+ # Uncomment and set to false if you need to disable email sending from GitLab (default: true)
+ email_enabled:
+ # Email address used in the "From" field in mails sent by GitLab
+ email_from: gitlab@much
+ email_display_name:
+ email_reply_to:
+ email_subject_suffix:
+
+ # Email server smtp settings are in [a separate file](initializers/smtp_settings.rb.sample).
+
+ ## User settings
+ default_can_create_group: # default: true
+ username_changing_enabled: # default: true - User can change her username/namespace
+ ## Default theme
+ ## 1 - Graphite
+ ## 2 - Charcoal
+ ## 3 - Green
+ ## 4 - Gray
+ ## 5 - Violet
+ ## 6 - Blue
+ default_theme: # default: 2
+
+ ## Automatic issue closing
+ # If a commit message matches this regular expression, all issues referenced from the matched text will be closed.
+ # This happens when the commit is pushed or merged into the default branch of a project.
+ # When not specified the default issue_closing_pattern as specified below will be used.
+ # Tip: you can test your closing pattern at http://rubular.com
+ issue_closing_pattern:
+
+ ## Default project features settings
+ default_projects_features:
+ issues:
+ merge_requests:
+ wiki:
+ snippets:
+ builds:
+ container_registry:
+
+ ## Webhook settings
+ # Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10)
+ webhook_timeout:
+
+ ## Repository downloads directory
+ # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory.
+ # The default is 'tmp/repositories' relative to the root of the Rails app.
+ repository_downloads_path:
+
+ usage_ping_enabled:
+
+ ## Reply by email
+ # Allow users to comment on issues and merge requests by replying to notification emails.
+ # For documentation on how to set this up, see https://docs.gitlab.com/ce/administration/reply_by_email.html
+ incoming_email:
+ enabled: false
+
+ # The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to.
+ # The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`).
+ address:
+
+ # Email account username
+ # With third party providers, this is usually the full email address.
+ # With self-hosted email servers, this is usually the user part of the email address.
+ user:
+ # Email account password
+ password:
+
+ # IMAP server host
+ host:
+ # IMAP server port
+ port:
+ # Whether the IMAP server uses SSL
+ ssl:
+ # Whether the IMAP server uses StartTLS
+ start_tls:
+
+ # The mailbox where incoming mail will end up. Usually "inbox".
+ mailbox: 'inbox'
+ # The IDLE command timeout.
+ idle_timeout:
+
+ ## Build Artifacts
+ artifacts:
+ enabled: true
+ # The location where Build Artifacts are stored (default: shared/artifacts).
+ path: /var/opt/gitlab/gitlab-rails/shared/artifacts
+ object_store:
+ enabled: false
+ remote_directory: 'artifacts'
+ connection: {}
+
+ ## Git LFS
+ lfs:
+ enabled:
+ # The location where LFS objects are stored (default: shared/lfs-objects).
+ storage_path: /var/opt/gitlab/gitlab-rails/shared/lfs-objects
+
+ ## Container Registry
+ registry:
+ enabled: false
+ host:
+ port:
+ api_url: # internal address to the registry, will be used by GitLab to directly communicate with API
+ path:
+ key: /var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key
+ issuer: omnibus-gitlab-issuer
+
+ mattermost:
+ enabled: false
+ host:
+
+ ## GitLab Pages
+ pages:
+ enabled: false
+ path: /var/opt/gitlab/gitlab-rails/shared/pages
+ host:
+ port:
+ https: false
+ external_http: nil
+ external_https: nil
+
+ ## Gravatar
+ ## For Libravatar see: https://docs.gitlab.com/ce/customization/libravatar.html
+ gravatar:
+ # gravatar urls: possible placeholders: %{hash} %{size} %{email}
+ plain_url: # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
+ ssl_url: # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
+
+ ## Auxiliary jobs
+ # Periodically executed jobs, to self-heal GitLab, do external synchronizations, etc.
+ # Please read here for more information: https://github.com/ondrejbartas/sidekiq-cron#adding-cron-job
+ cron_jobs:
+ # Flag stuck CI builds as failed
+ stuck_ci_jobs_worker:
+ cron:
+ # Remove expired build artifacts
+ expire_build_artifacts_worker:
+ cron:
+ # Schedule pipelines in the near future
+ pipeline_schedule_worker:
+ cron:
+ # Periodically run 'git fsck' on all repositories. If started more than
+ # once per hour you will have concurrent 'git fsck' jobs.
+ repository_check_worker:
+ cron:
+ # Send admin emails once a week
+ admin_email_worker:
+ cron:
+
+ # Remove outdated repository archives
+ repository_archive_cache_worker:
+ cron:
+
+ ##
+ # GitLab EE only jobs:
+
+ # Snapshot active users statistics
+
+ # In addition to refreshing users when they log in,
+ # periodically refresh LDAP users membership.
+ # NOTE: This will only take effect if LDAP is enabled
+
+ # GitLab LDAP group sync worker
+ # NOTE: This will only take effect if LDAP is enabled
+
+ # Gitlab Geo nodes notification worker
+ # NOTE: This will only take effect if Geo is enabled
+
+ # GitLab Geo repository sync worker
+ # NOTE: This will only take effect if Geo is enabled
+
+ # GitLab Geo file download dispatch worker
+ # NOTE: This will only take effect if Geo is enabled
+
+ #
+ # 2. GitLab CI settings
+ # ==========================
+
+ gitlab_ci:
+ # Default project notifications settings:
+ #
+ # Send emails only on broken builds (default: true)
+ all_broken_builds:
+ #
+ # Add pusher to recipients list (default: false)
+ add_pusher:
+
+ # The location where build traces are stored (default: builds/). Relative paths are relative to Rails.root
+ builds_path: /var/opt/gitlab/gitlab-ci/builds
+
+ #
+ # 3. Auth settings
+ # ==========================
+
+ ## LDAP settings
+ # You can inspect a sample of the LDAP users with login access by running:
+ # bundle exec rake gitlab:ldap:check RAILS_ENV=production
+ ldap:
+ enabled: false
+ sync_time:
+ host:
+ port:
+ uid:
+ method: # "tls" or "ssl" or "plain"
+ bind_dn:
+ password:
+ active_directory:
+ allow_username_or_email_login:
+ base:
+ user_filter:
+
+ ## EE only
+ group_base:
+ admin_group:
+ sync_ssh_keys:
+ sync_time:
+
+ ## Kerberos settings
+ kerberos:
+ # Allow the HTTP Negotiate authentication method for Git clients
+ enabled:
+
+ # Kerberos 5 keytab file. The keytab file must be readable by the GitLab user,
+ # and should be different from other keytabs in the system.
+ # (default: use default keytab from Krb5 config)
+ keytab:
+
+ # The Kerberos service name to be used by GitLab.
+ # (default: accept any service name in keytab file)
+ service_principal_name:
+
+ # Dedicated port: Git before 2.4 does not fall back to Basic authentication if Negotiate fails.
+ # To support both Basic and Negotiate methods with older versions of Git, configure
+ # nginx to proxy GitLab on an extra port (e.g. 8443) and uncomment the following lines
+ # to dedicate this port to Kerberos authentication. (default: false)
+ use_dedicated_port:
+ port:
+ https:
+
+
+ ## OmniAuth settings
+ omniauth:
+ # Allow login via Twitter, Google, etc. using OmniAuth providers
+ enabled: false
+
+ # Uncomment this to automatically sign in with a specific omniauth provider's without
+ # showing GitLab's sign-in page (default: show the GitLab sign-in page)
+ auto_sign_in_with_provider:
+
+ # Sync user's email address from the specified Omniauth provider every time the user logs
+ # in (default: nil). And consequently make this field read-only.
+
+ # CAUTION!
+ # This allows users to login without having a user account first. Define the allowed
+ # providers using an array, e.g. ["saml", "twitter"]
+ # User accounts will be created automatically when authentication was successful.
+ allow_single_sign_on: ["saml"]
+
+ # Locks down those users until they have been cleared by the admin (default: true).
+ block_auto_created_users:
+ # Look up new users in LDAP servers. If a match is found (same uid), automatically
+ # link the omniauth identity with the LDAP account. (default: false)
+ auto_link_ldap_user:
+
+ # Allow users with existing accounts to login and auto link their account via SAML
+ # login, without having to do a manual login first and manually add SAML
+ # (default: false)
+ auto_link_saml_user: null
+
+ # Set different Omniauth providers as external so that all users creating accounts
+ # via these providers will not be able to have access to internal projects. You
+ # will need to use the full name of the provider, like `google_oauth2` for Google.
+ # Refer to the examples below for the full names of the supported providers.
+ # (default: [])
+ external_providers: null
+
+ ## Auth providers
+ # Uncomment the following lines and fill in the data of the auth provider you want to use
+ # If your favorite auth provider is not listed you can use others:
+ # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations
+ # The 'app_id' and 'app_secret' parameters are always passed as the first two
+ # arguments, followed by optional 'args' which can be either a hash or an array.
+ # Documentation for this is available at https://docs.gitlab.com/ce/integration/omniauth.html
+ providers:
+ # - { name: 'google_oauth2', app_id: 'YOUR APP ID',
+ # app_secret: 'YOUR APP SECRET',
+ # args: { access_type: 'offline', approval_prompt: '' } }
+ # - { name: 'twitter', app_id: 'YOUR APP ID',
+ # app_secret: 'YOUR APP SECRET'}
+ # - { name: 'github', app_id: 'YOUR APP ID',
+ # app_secret: 'YOUR APP SECRET',
+ # args: { scope: 'user:email' } }
+
+ # Shared file storage settings
+ shared:
+ path: /var/opt/gitlab/gitlab-rails/shared
+
+ # Gitaly settings
+ # This setting controls whether GitLab uses Gitaly
+ # Eventually Gitaly use will become mandatory and
+ # this option will disappear.
+ gitaly:
+ token: ""
+
+
+ #
+ # 4. Advanced settings
+ # ==========================
+
+ ## Repositories settings
+ repositories:
+ # Paths where repositories can be stored. Give the canonicalized absolute pathname.
+ # NOTE: REPOS PATHS MUST NOT CONTAIN ANY SYMLINK!!!
+ storages: {"default":{"path":"/var/opt/gitlab/git-data/repositories","gitaly_address":"unix:/var/opt/gitlab/gitaly/gitaly.socket"}}
+
+ ## Backup settings
+ backup:
+ path: "/var/opt/gitlab/backups" # Relative paths are relative to Rails.root (default: tmp/backups/)
+ archive_permissions: # Permissions for the resulting backup.tar file (default: 0600)
+ keep_time: # default: 0 (forever) (in seconds)
+ pg_schema: # default: nil, it means that all schemas will be backed up
+ upload:
+ # Fog storage connection settings, see http://fog.io/storage/ .
+ connection:
+ # The remote 'directory' to store your backups. For S3, this would be the bucket name.
+ remote_directory:
+ multipart_chunk_size:
+ encryption:
+ storage_class:
+
+ ## GitLab Shell settings
+ gitlab_shell:
+ path: /opt/gitlab/embedded/service/gitlab-shell/
+ hooks_path: /opt/gitlab/embedded/service/gitlab-shell/hooks/
+
+ # Git over HTTP
+ upload_pack:
+ receive_pack:
+
+ # If you use non-standard ssh port you need to specify it
+ ssh_port:
+
+ # Git import/fetch timeout
+ git_timeout: 800
+
+ ## Git settings
+ # CAUTION!
+ # Use the default values unless you really know what you are doing
+ git:
+ bin_path: /opt/gitlab/embedded/bin/git
+ # The next value is the maximum memory size grit can use
+ # Given in number of bytes per git object (e.g. a commit)
+ # This value can be increased if you have very large commits
+ max_size:
+ # Git timeout to read a commit, in seconds
+ timeout:
+
+ ## GitLab Geo settings (EE-only)
+ geo_primary_role:
+ enabled: false
+ geo_secondary_role:
+ enabled: false
+
+ monitoring:
+ # Time between sampling of unicorn socket metrics, in seconds
+ unicorn_sampler_interval: 10
+ # IP whitelist controlling access to monitoring endpoints
+ ip_whitelist:
+ - 127.0.0.0/8
+
+ #
+ # 5. Extra customization
+ # ==========================
+
+ extra:
+
+
+ rack_attack:
+ git_basic_auth:
+
+
+development:
+ <<: *base
+
+test:
+ <<: *base
+ gravatar:
+ enabled: true
+ gitlab:
+ host: localhost
+ port: 80
+
+ # When you run tests we clone and setup gitlab-shell
+ # In order to setup it correctly you need to specify
+ # your system username you use to run GitLab
+ # user: YOUR_USERNAME
+ repositories:
+ storages:
+ default: { "path": "tmp/tests/repositories/" }
+ gitlab_shell:
+ path: tmp/tests/gitlab-shell/
+ hooks_path: tmp/tests/gitlab-shell/hooks/
+ issues_tracker:
+ redmine:
+ title: "Redmine"
+ project_url: "http://redmine/projects/:issues_tracker_id"
+ issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
+ new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
+ jira:
+ title: "JIRA"
+ url:
本文系转载,前往查看
如有侵权,请联系 cloudcommunity@tencent.com 删除。
本文系转载,前往查看
如有侵权,请联系 cloudcommunity@tencent.com 删除。