Back to home

部署配置gitlab

获取镜像(enterprise edition)

docker pull gitlab/gitlab-ee

创建数据目录

/mnt/disk2/gitlab# mkdir config
/mnt/disk2/gitlab# mkdir logs
/mnt/disk2/gitlab# mkdir data

启动

docker run -d --name gitlab \
-p 9443:443 -p 9022:22 \
-v /mnt/disk2/gitlab/config:/etc/gitlab \
-v /mnt/disk2/gitlab/logs:/var/log/gitlab \
-v /mnt/disk2/gitlab/data:/var/opt/gitlab \
gitlab/gitlab-ee:latest

配置

  • 启用https
root@gitlab:~# mkdir -p /etc/gitlab/ssl
root@gitlab:~# chmod 700 /etc/gitlab/ssl
root@gitlab:~# cd /etc/gitlab/ssl
root@gitlab:/etc/gitlab/ssl# openssl genrsa -out gitlab.css.intra.nsfocus.com.key 2048
root@gitlab:/etc/gitlab/ssl# openssl req -new -key gitlab.css.intra.nsfocus.com.key -out gitlab.css.intra.nsfocus.com.csr
root@gitlab:/etc/gitlab/ssl# openssl x509 -req -in gitlab.css.intra.nsfocus.com.csr -signkey gitlab.css.intra.nsfocus.com.key -out gitlab.css.intra.nsfocus.com.crt
root@gitlab:~# vi /etc/gitlab/gitlab.rb
external_url "https://0.0.0.0:443"

nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.css.intra.nsfocus.com.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.css.intra.nsfocus.com.key"
  • 启用ldap
root@gitlab:~# vi /etc/gitlab/gitlab.rb
gitlab_rails['ldap_enabled'] = true

###! **remember to close this block with 'EOS' below**
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS' #
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'LDAP'
host: '192.168.1.1'
port: 389
uid: 'sAMAccountName'
bind_dn: 'CN=LDAPUser;CN=Users;DC=intra,DC=nsfocus,DC=com'
password: '4Auth_Only'
encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
verify_certificates: true
active_directory: false
allow_username_or_email_login: true
block_auto_created_users: false
base: 'OU=Enterprise,DC=intra,DC=nsfocus,DC=com'
user_filter: ''
  • 重新加载配置
root@gitlab:/etc/gitlab/ssl# gitlab-ctl reconfigure