[Sever Hacks] 搭建私有 GitLab 代码托管服务器

搭建 GitLab 的原因可能有几个吧：

• 有些项目因为商业原因需要托管到私有服务器；
• GitHub 国内有时候速度真的是伤不起；
• 之前帮公司也部署过 GitLab 服务器，管理，使用起来也挺方便的；
• 暂时也没有计划去试用国内的代码托管平台；
• GitLab 可以快速手动集成很多服务（Pushover，Slack...）

根据自己的需求，解析好子域名（例如：git.ideas.top）, 在阿里云买了一年的服务器(1G Memory, 1 Core, 1M, 20G，Ubuntu 14.04), 总共花了400块大洋，开始我们的折腾之旅吧。

• 硬件需求：http://doc.gitlab.com/ce/install/requireme...
• 官方安装文档：https://gitlab.com/gitlab-org/gitlab-ce/bl...
• DO 社区：https://www.digitalocean.com/community/tut...
• SegmentFault 用GitLab搭建自己的私有GitHub: http://segmentfault.net/a/1190000000345686

当然最快速方便的还是直接使用 GitLab 提供的 omnibus 安装包，不过从源代码安装也是一条可选的方式, 参照以上安装教程，在这里写个快速安装指南（更新一些已经变化的内容）；

安装步骤

• Packages / Dependencies
• Ruby
• System Users
• Database
• Redis
• GitLab
• Nginx

就是这么一个安装列表，所以 ssh 到你的远程服务器，开始安装！（如果你刚申请了一个Ubuntu VPS，可以浏览一下这篇文章，做一些初始化工作.）

ps: 对于本人来讲，GitLab 主要是来存放一些技术小组的开发项目，所以对于稳定性的要求没有那么苛刻，就直接拿最新的版本来安装了；

1. 安装 GitLab 需要的包及依赖软件

更新系统

apt-get update -y
apt-get upgrade -y
apt-get install sudo -y

安装 vim 作为默认文本编辑器可选

sudo apt-get install -y vim
sudo update-alternatives --set editor /usr/bin/vim.basic

安装依赖包（编译 Ruby 以及 Ruby gems 的本地扩展）

sudo apt-get install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libreadline-dev libncurses5-dev libffi-dev curl openssh-server redis-server checkinstall libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev logrotate python-docutils pkg-config cmake libkrb5-dev

安装 Git（So easy）

sudo apt-get install -y git-core
# 需要版本在 1.7.10 以上
git --version

# 如果已经安装了旧版本的 Git， 可以移除然后从源码编译安装最新版本
sudo apt-get remove git-core

# 安装依赖
sudo apt-get install -y libcurl4-openssl-dev libexpat1-dev gettext libz-dev libssl-dev build-essential

# 下载及编译安装
cd /tmp
curl -L --progress https://www.kernel.org/pub/software/scm/git/git-2.1.2.tar.gz | tar xz
cd git-2.1.2/
./configure
make prefix=/usr/local all
sudo make prefix=/usr/local install

安装成功之后，需要在之后的 GitLab 配置文件中设置一下 Git 的执行路径（/usr/local/bin/git）

为了正常使用邮件通知服务，需要简单配置一下邮件服务器, Debian 默认使用 exim4 发送邮件，但在 Ubuntu 有点问题, 所以可以先安装 postfix 来用，我安装了之后，邮件服务一直不正常，最后发现是内存不够导致后台进程内存分配不足，只好又分配了1G的 swap 空间，才 ok

sudo apt-get install -y postfix

安装的时候选择 Internet Site, 配置一下 hostname

2. Ruby (So slow...)

如果系统安装的 Ruby 版本是1.8，需要先卸载一下，GitLab 需要 2.0 以上版本：

ruby --version
sudo apt-get remove ruby1.8

下载新版本的源代码，编译安装：

mkdir /tmp/ruby && cd /tmp/ruby
curl -L --progress http://cache.ruby-lang.org/pub/ruby/2.1/ruby-2.1.5.tar.gz | tar xz
cd ruby-2.1.5
./configure --disable-install-rdoc
make
sudo make install

安装 ruby Bundle Gem(国内速度让人受不了。。。)：

sudo gem install bundler --no-ri --no-rdoc

3. System User

sudo adduser --disabled-login --gecos 'GitLab' git

4. Database

官方推荐使用 PostgreSQL：

# Install the database packages
sudo apt-get install -y postgresql postgresql-client libpq-dev

# Login to PostgreSQL
sudo -u postgres psql -d template1

# Create a user for GitLab
CREATE USER git CREATEDB;

# Create the GitLab production database & grant all privileges on database
CREATE DATABASE gitlabhq_production OWNER git;

# Quit the database session
 \q

# Try connecting to the new database with the new user
sudo -u git -H psql -d gitlabhq_production

# Quit the database session
gitlabhq_production> \q

如果你更熟悉 MySQL，这是配置脚本：

# Install the database packages
sudo apt-get install -y mysql-server mysql-client libmysqlclient-dev

# Ensure you have MySQL version 5.5.14 or later
mysql --version

# Pick a MySQL root password (can be anything), type it and press enter
# Retype the MySQL root password and press enter

# Secure your installation
sudo mysql_secure_installation

# Login to MySQL
mysql -u root -p

# Type the MySQL root password

# Create a user for GitLab
# do not type the 'mysql>', this is part of the prompt
# change $password in the command below to a real password you pick
mysql> CREATE USER 'git'@'localhost' IDENTIFIED BY '$password';

# Ensure you can use the InnoDB engine which is necessary to support long indexes
# If this fails, check your MySQL config files (e.g. `/etc/mysql/*.cnf`, `/etc/mysql/conf.d/*`) for the setting "innodb = off"
mysql> SET storage_engine=INNODB;

# Create the GitLab production database
mysql> CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci`;

# Grant the GitLab user necessary permissions on the database
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, LOCK TABLES ON `gitlabhq_production`.* TO 'git'@'localhost';

# Quit the database session
mysql> \q

# Try connecting to the new database with the new user
sudo -u git -H mysql -u git -p -D gitlabhq_production

# Type the password you replaced $password with earlier

# You should now see a 'mysql>' prompt

# Quit the database session
mysql> \q

# You are done installing the database and can go back to the rest of the installation.

5 安装 Redis

sudo apt-get install redis-server

# Configure redis to use sockets
sudo cp /etc/redis/redis.conf /etc/redis/redis.conf.orig

# Disable Redis listening on TCP by setting 'port' to 0
sed 's/^port .*/port 0/' /etc/redis/redis.conf.orig | sudo tee /etc/redis/redis.conf

# Enable Redis socket for default Debian / Ubuntu path
echo 'unixsocket /var/run/redis/redis.sock' | sudo tee -a /etc/redis/redis.conf
# Grant permission to the socket to all members of the redis group
echo 'unixsocketperm 770' | sudo tee -a /etc/redis/redis.conf

# Create the directory which contains the socket
mkdir /var/run/redis
chown redis:redis /var/run/redis
chmod 755 /var/run/redis
# Persist the directory which contains the socket, if applicable
if [ -d /etc/tmpfiles.d ]; then
  echo 'd  /var/run/redis  0755  redis  redis  10d  -' | sudo tee -a /etc/tmpfiles.d/redis.conf
fi

# Activate the changes to redis.conf
sudo service redis-server restart

# Add git to the redis group
sudo usermod -aG redis git

6. 安装 GitLab

# We'll install GitLab into home directory of the user "git"
cd /home/git

从 GitHub 克隆一份源码：

sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-8-stable gitlab

配置 GitLab

# Go to GitLab installation folder
cd /home/git/gitlab

# Copy the example GitLab config
sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml

# Update GitLab config file, follow the directions at top of file
sudo -u git -H editor config/gitlab.yml

# Make sure GitLab can write to the log/ and tmp/ directories
sudo chown -R git log/
sudo chown -R git tmp/
sudo chmod -R u+rwX,go-w log/
sudo chmod -R u+rwX tmp/

# Create directory for satellites
sudo -u git -H mkdir /home/git/gitlab-satellites
sudo chmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites

# Make sure GitLab can write to the tmp/pids/ and tmp/sockets/ directories
sudo chmod -R u+rwX tmp/pids/
sudo chmod -R u+rwX tmp/sockets/

# Make sure GitLab can write to the public/uploads/ directory
sudo chmod -R u+rwX  public/uploads

# Copy the example Unicorn config
sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb

# Find number of cores
nproc

# Enable cluster mode if you expect to have a high load instance
# Ex. change amount of workers to 3 for 2GB RAM server
# Set the number of workers to at least the number of cores
sudo -u git -H editor config/unicorn.rb

# Copy the example Rack attack config
sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb

# Configure Git global settings for git user, useful when editing via web
# Edit user.email according to what is set in gitlab.yml
sudo -u git -H git config --global user.name "GitLab"
sudo -u git -H git config --global user.email "example@example.com"
sudo -u git -H git config --global core.autocrlf input

# Configure Redis connection settings
sudo -u git -H cp config/resque.yml.example config/resque.yml

# Change the Redis socket path if you are not using the default Debian / Ubuntu configuration
sudo -u git -H editor config/resque.yml

配置数据库

# PostgreSQL only:
sudo -u git cp config/database.yml.postgresql config/database.yml

# MySQL only:
sudo -u git cp config/database.yml.mysql config/database.yml

# MySQL and remote PostgreSQL only:
# Update username/password in config/database.yml.
# You only need to adapt the production settings (first part).
# If you followed the database guide then please do as follows:
# Change 'secure password' with the value you have given to $password
# You can keep the double quotes around the password
sudo -u git -H editor config/database.yml

# PostgreSQL and MySQL:
# Make config/database.yml readable to git only
sudo -u git -H chmod o-rwx config/database.yml

安装 Gems

# For PostgreSQL (note, the option says "without ... mysql")
sudo -u git -H bundle install --deployment --without development test mysql aws

# Or if you use MySQL (note, the option says "without ... postgres")
sudo -u git -H bundle install --deployment --without development test postgres aws

安装 GitLab 的命令行工具

# Run the installation task for gitlab-shell (replace `REDIS_URL` if needed):
sudo -u git -H bundle exec rake gitlab:shell:install[v2.5.4] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production

# By default, the gitlab-shell config is generated from your main GitLab config.
# You can review (and modify) the gitlab-shell config as follows:
sudo -u git -H editor /home/git/gitlab-shell/config.yml

初始化数据库以及激活高级功能

sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production

# Type 'yes' to create the database tables.

# When done you see 'Administrator account created:'

安装初始化脚本

sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
sudo cp lib/support/init.d/gitlab.default.example /etc/default/gitlab
# Make GitLab start on boot:
sudo update-rc.d gitlab defaults 21

设置 logroate

sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitla

检查应用程序的状态

sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production

编译资源文件

sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production

启动 GitLab 实例

sudo service gitlab start
# or
sudo /etc/init.d/gitlab restart

7 Nginx（终于快完结了）

安装

sudo apt-get install -y nginx

复制 GitLab 的虚拟主机配置文件到 nginx

sudo cp lib/support/nginx/gitlab /etc/nginx/sites-available/gitlab
sudo ln -s /etc/nginx/sites-available/gitlab /etc/nginx/sites-enabled/gitlab

# test configruation
sudo nginx -t

使用 HTTPS 可选

重启

sudo service nginx restart

Important Note

The setup has created a default admin account for you

root
5iveL!fe