From 4f6042e3e33d5fb71b8835496c44e0e52aba6188 Mon Sep 17 00:00:00 2001 From: literaryloong Date: Mon, 31 May 2021 09:55:16 +0800 Subject: [PATCH] add gitlab.md --- gtilab.md | 185 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 185 insertions(+) create mode 100644 gtilab.md diff --git a/gtilab.md b/gtilab.md new file mode 100644 index 0000000..d74581d --- /dev/null +++ b/gtilab.md @@ -0,0 +1,185 @@ + + +# 容器安装 +[[../docker/docker volume]] +```shell + +docker volume create --name fs-girlab-config --opt type=none --opt device=/data/girlab/config --opt o=bind + +docker volume create --name fs-girlab-data --opt type=none --opt device=/data/girlab/data --opt o=bind + +docker volume create --name fs-girlab-log --opt type=none --opt device=/data/girlab/log --opt o=bind + +docker volume create --name fs-girlab-redis --opt type=none --opt device=/data/redis/data --opt o=bind + +docker run --detach --publish 18086:8181 --publish 1022:22 --name fs-gitlab --restart always --net=net-gitlab -v fs-gitlab-config:/etc/gitlab -v fs-gitlab-log:/var/log/gitlab -v fs-gitlab-data:/var/opt/gitlab gitlab/gitlab-ce:latest + + +docker run -d -v fs-girlab-redis:/data -p 6379:6379 --net=net-gitlab --name fs-gitlab-redis redis:6-alpine + +``` + +配置文件 + +```shell +vi /etc/gitlab/gitlab.rb +``` + +# 配置优化 +## 配置使用外部 pg +[[postgres]] +```sql +-- 创建一个有创建数据库的权限的角色 +CREATE ROLE gitlab WITH LOGIN PASSWORD 'mypassword!' SUPERUSER; + +-- 创建数据库(没有数据库会提示初始化数据库失败) +create database "fsgitlab" owner "gitlab"; + +GRANT ALL PRIVILEGES ON DATABASE fsgitlab TO gitlab; +``` + +```ini +postgresql['enable'] = false +gitlab_rails['db_adapter'] = "postgresql" +gitlab_rails['db_encoding'] = "utf8" +gitlab_rails['db_database'] = "fsgitlab" +gitlab_rails['db_username'] = "gitlab" +gitlab_rails['db_password'] = "mypassword" +gitlab_rails['db_host'] = "10.8.40.223" +gitlab_rails['db_port'] = 5432 +``` + + +## 配置使用外部redis + +```ini +# 禁用内部 redis +redis['enable'] = false + +gitlab_rails['redis_host'] = "10.8.40.122" +gitlab_rails['redis_port'] = 6379 +gitlab_rails['redis_database'] = 0 +``` + + +## 配置禁用内部nginx + +```ini +nginx['enable'] = false +gitlab_workhorse['listen_network'] = "tcp" +gitlab_workhorse['listen_addr'] = "0.0.0.0:8181" +``` + + +## 禁用其他服务 + +```ini + +# 禁用容器仓库服务 +gitlab_rails['registry_enabled'] = false +registry['enable'] = false + +# 禁用 k8s 代理服务 +gitlab_kas['enable'] = false + +# 禁用 prometheus +prometheus['enable'] = false + +# 禁用 grafana +grafana['enable'] = false + +``` + + + + +## 配置邮箱 +```ini +gitlab_rails['smtp_enable'] = true +gitlab_rails['smtp_address'] = "smtp.exmail.qq.com" +gitlab_rails['smtp_port'] = 465 +gitlab_rails['smtp_user_name'] = "anxinyunwarning@free-sun.com.cn" +gitlab_rails['smtp_password'] = "SGVd7FU7vesjj9su" +gitlab_rails['smtp_domain'] = "smtp.exmail.qq.com" +gitlab_rails['smtp_authentication'] = "login" +gitlab_rails['smtp_enable_starttls_auto'] = true +gitlab_rails['smtp_tls'] = true + + +gitlab_rails['gitlab_email_enabled'] = true + +gitlab_rails['gitlab_email_from'] = 'anxinyunwarning@free-sun.com.cn' +gitlab_rails['gitlab_email_display_name'] = 'fs-gitlab' + +``` + + +# k8s ingress 代理 + +`endpoints.yaml` : +```yaml +apiVersion: v1 +kind: Endpoints +metadata: + name: fs-gitlab + namespace: ops +subsets: + - addresses: + - ip: 10.8.40.122 + ports: + - port: 18086 + name: web +``` + +`service.yaml` : +```yaml +apiVersion: v1 +kind: Service +metadata: + name: fs-gitlab + namespace: ops +spec: + type: ClusterIP + ports: + - protocol: TCP + name: web + port: 18086 + targetPort: 18086 + +``` + +`ingress.yaml`: +```yaml +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: ingress-fs-gitlab + namespace: ops + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/rewrite-target: / +spec: + rules: + - host: gitlab.free-sun.vip + http: + paths: + - path: / + pathType: Prefix + backend: + serviceName: fs-gitlab + servicePort: 18086 + + +``` + +# 常用命令 + +```shell + + +gitlab-ctl reconfigure + +gitlab-ctl restart + + +``` \ No newline at end of file