参考
资源
使用 docker 部署 gitlab
scoop 和 choco 的安装请参考: The-Package-Manager-for-Windows-choco-and-scoop
使用 scoop 安装 wget
使用 wget 下载 docker-gitlab 的 docker-compose 配置文件
1
2
| cd ~
wget https://raw.githubusercontent.com/sameersbn/docker-gitlab/master/docker-compose.yml -O gitlab-docker.yml
|
下载随机字符串生成工具 pwgen(windows UI 版) (liunx 系统可以使用自带的 pwgen -Bsv1 64)
1
| sudo choco install pwgen --yes
|
打开 pwgen 然后生成 64 字符长度的随机字符串如下(生产环境不可暴露)
1
| PlYHu1efqnSiXf8YKAvCQyexqvyqHVpCvrbQFRFekk8OEWocq5joTjbrbpo25XB2
|
创建 .env 文件
.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
| CHARACTERS_LONG_64_SECRETS_KEY_BASE=PlYHu1efqnSiXf8YKAvCQyexqvyqHVpCvrbQFRFekk8OEWocq5joTjbrbpo25XB2
DB_NAME=gitlabhq_production
DB_PORT=5432
DB_USER=gitlab
DB_PASS=password
DB_EXTENSION=pg_trgm
REDIS_PORT=6379
GITLAB_PORT=10080
GITLAB_SSH_PORT=10022
TZ=Asia/Shanghai
GITLAB_TIMEZONE=Beijing
SMTP_ENABLED=false
SMTP_DOMAIN=www.example.com
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=mailer@example.com
SMTP_PASS=password
SMTP_STARTTLS=true
SMTP_AUTHENTICATION=login
|
创建 docker 数据卷, 请参考: https://docker_practice.gitee.io/zh-cn/data_management/volume.html
1
2
3
| docker volume create redis-data
docker volume create postgresql-data
docker volume create gitlab-data
|
编辑 gitlab-docker.yml
gitlab 可用配置参数请参考: https://github.com/sameersbn/docker-gitlab/blob/master/README.md#available-configuration-parameters
gitlab-docker.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
| version: '2'
services:
redis:
restart: always
image: sameersbn/redis:4.0.9-2
command:
- --loglevel warning
volumes:
- redis-data:/var/lib/redis:Z
postgresql:
restart: always
image: sameersbn/postgresql:10-2
volumes:
- postgresql-data:/var/lib/postgresql:Z
environment:
- DB_USER=${DB_USER}
- DB_PASS=${DB_PASS}
- DB_NAME=${DB_NAME}
- DB_EXTENSION=${DB_EXTENSION}
gitlab:
restart: always
image: sameersbn/gitlab:12.5.5
depends_on:
- redis
- postgresql
ports:
- "${GITLAB_PORT}:80"
- "${GITLAB_SSH_PORT}:22"
volumes:
- gitlab-data:/home/git/data:Z
environment:
- DEBUG=false
- DB_ADAPTER=postgresql
- DB_HOST=postgresql
- DB_PORT=${DB_PORT}
- DB_USER=${DB_USER}
- DB_PASS=${DB_PASS}
- DB_NAME=${DB_NAME}
- REDIS_HOST=redis
- REDIS_PORT=${REDIS_PORT}
- TZ=${TZ}
- GITLAB_TIMEZONE=${GITLAB_TIMEZONE}
- GITLAB_HTTPS=false
- SSL_SELF_SIGNED=false
- GITLAB_HOST=localhost
- GITLAB_PORT=${GITLAB_PORT}
- GITLAB_SSH_PORT=${GITLAB_SSH_PORT}
- GITLAB_RELATIVE_URL_ROOT=
- GITLAB_SECRETS_DB_KEY_BASE=${CHARACTERS_LONG_64_SECRETS_KEY_BASE}
- GITLAB_SECRETS_SECRET_KEY_BASE=${CHARACTERS_LONG_64_SECRETS_KEY_BASE}
- GITLAB_SECRETS_OTP_KEY_BASE=${CHARACTERS_LONG_64_SECRETS_KEY_BASE}
- GITLAB_ROOT_PASSWORD=
- GITLAB_ROOT_EMAIL=
- GITLAB_NOTIFY_ON_BROKEN_BUILDS=true
- GITLAB_NOTIFY_PUSHER=false
- GITLAB_EMAIL=notifications@example.com
- GITLAB_EMAIL_REPLY_TO=noreply@example.com
- GITLAB_INCOMING_EMAIL_ADDRESS=reply@example.com
- GITLAB_BACKUP_SCHEDULE=daily
- GITLAB_BACKUP_TIME=01:00
- SMTP_ENABLED=${SMTP_ENABLED}
- SMTP_DOMAIN=${SMTP_DOMAIN}
- SMTP_HOST=${SMTP_HOST}
- SMTP_PORT=${SMTP_PORT}
- SMTP_USER=${SMTP_USER}
- SMTP_PASS=${SMTP_PASS}
- SMTP_STARTTLS=${SMTP_STARTTLS}
- SMTP_AUTHENTICATION=${SMTP_AUTHENTICATION}
- IMAP_ENABLED=false
- IMAP_HOST=imap.gmail.com
- IMAP_PORT=993
- IMAP_USER=mailer@example.com
- IMAP_PASS=password
- IMAP_SSL=true
- IMAP_STARTTLS=false
- OAUTH_ENABLED=false
- OAUTH_AUTO_SIGN_IN_WITH_PROVIDER=
- OAUTH_ALLOW_SSO=
- OAUTH_BLOCK_AUTO_CREATED_USERS=true
- OAUTH_AUTO_LINK_LDAP_USER=false
- OAUTH_AUTO_LINK_SAML_USER=false
- OAUTH_EXTERNAL_PROVIDERS=
- OAUTH_CAS3_LABEL=cas3
- OAUTH_CAS3_SERVER=
- OAUTH_CAS3_DISABLE_SSL_VERIFICATION=false
- OAUTH_CAS3_LOGIN_URL=/cas/login
- OAUTH_CAS3_VALIDATE_URL=/cas/p3/serviceValidate
- OAUTH_CAS3_LOGOUT_URL=/cas/logout
- OAUTH_GOOGLE_API_KEY=
- OAUTH_GOOGLE_APP_SECRET=
- OAUTH_GOOGLE_RESTRICT_DOMAIN=
- OAUTH_FACEBOOK_API_KEY=
- OAUTH_FACEBOOK_APP_SECRET=
- OAUTH_TWITTER_API_KEY=
- OAUTH_TWITTER_APP_SECRET=
- OAUTH_GITHUB_API_KEY=
- OAUTH_GITHUB_APP_SECRET=
- OAUTH_GITHUB_URL=
- OAUTH_GITHUB_VERIFY_SSL=
- OAUTH_GITLAB_API_KEY=
- OAUTH_GITLAB_APP_SECRET=
- OAUTH_BITBUCKET_API_KEY=
- OAUTH_BITBUCKET_APP_SECRET=
- OAUTH_SAML_ASSERTION_CONSUMER_SERVICE_URL=
- OAUTH_SAML_IDP_CERT_FINGERPRINT=
- OAUTH_SAML_IDP_SSO_TARGET_URL=
- OAUTH_SAML_ISSUER=
- OAUTH_SAML_LABEL="Our SAML Provider"
- OAUTH_SAML_NAME_IDENTIFIER_FORMAT=urn:oasis:names:tc:SAML:2.0:nameid-format:transient
- OAUTH_SAML_GROUPS_ATTRIBUTE=
- OAUTH_SAML_EXTERNAL_GROUPS=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_EMAIL=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_NAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_USERNAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_FIRST_NAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_LAST_NAME=
- OAUTH_CROWD_SERVER_URL=
- OAUTH_CROWD_APP_NAME=
- OAUTH_CROWD_APP_PASSWORD=
- OAUTH_AUTH0_CLIENT_ID=
- OAUTH_AUTH0_CLIENT_SECRET=
- OAUTH_AUTH0_DOMAIN=
- OAUTH_AUTH0_SCOPE=
- OAUTH_AZURE_API_KEY=
- OAUTH_AZURE_API_SECRET=
- OAUTH_AZURE_TENANT_ID=
volumes:
redis-data:
postgresql-data:
gitlab-data:
|
生成并运行
1
| docker-compose -f gitlab-docker.yml up
|
打开 http://127.0.0.1:10080 修改默认的 root 用户密码
配置邮箱
google 邮箱被墙了, 所以这里避免麻烦,配置 sina 邮箱
参考: https://docs.gitlab.com/omnibus/settings/smtp.html
首先登录邮箱, 开启 smtp
然后修改 gitlab-docker.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
| version: '2'
services:
redis:
restart: always
image: sameersbn/redis:4.0.9-2
command:
- --loglevel warning
volumes:
- redis-data:/var/lib/redis:Z
postgresql:
restart: always
image: sameersbn/postgresql:10-2
volumes:
- postgresql-data:/var/lib/postgresql:Z
environment:
- DB_USER=${DB_USER}
- DB_PASS=${DB_PASS}
- DB_NAME=${DB_NAME}
- DB_EXTENSION=${DB_EXTENSION}
gitlab:
restart: always
image: sameersbn/gitlab:12.5.5
depends_on:
- redis
- postgresql
ports:
- "${GITLAB_PORT}:80"
- "${GITLAB_SSH_PORT}:22"
volumes:
- gitlab-data:/home/git/data:Z
environment:
- DEBUG=false
- DB_ADAPTER=postgresql
- DB_HOST=postgresql
- DB_PORT=${DB_PORT}
- DB_USER=${DB_USER}
- DB_PASS=${DB_PASS}
- DB_NAME=${DB_NAME}
- REDIS_HOST=redis
- REDIS_PORT=${REDIS_PORT}
- TZ=${TZ}
- GITLAB_TIMEZONE=${GITLAB_TIMEZONE}
- GITLAB_HTTPS=false
- SSL_SELF_SIGNED=false
- GITLAB_HOST=localhost
- GITLAB_PORT=${GITLAB_PORT}
- GITLAB_SSH_PORT=${GITLAB_SSH_PORT}
- GITLAB_RELATIVE_URL_ROOT=
- GITLAB_SECRETS_DB_KEY_BASE=${CHARACTERS_LONG_64_SECRETS_KEY_BASE}
- GITLAB_SECRETS_SECRET_KEY_BASE=${CHARACTERS_LONG_64_SECRETS_KEY_BASE}
- GITLAB_SECRETS_OTP_KEY_BASE=${CHARACTERS_LONG_64_SECRETS_KEY_BASE}
- GITLAB_ROOT_PASSWORD=${GITLAB_ROOT_PASSWORD}
- GITLAB_ROOT_EMAIL=
- GITLAB_NOTIFY_ON_BROKEN_BUILDS=true
- GITLAB_NOTIFY_PUSHER=false
- GITLAB_EMAIL=${GITLAB_EMAIL}
- GITLAB_EMAIL_REPLY_TO=${GITLAB_EMAIL_REPLY_TO}
- GITLAB_INCOMING_EMAIL_ADDRESS=${GITLAB_INCOMING_EMAIL_ADDRESS}
- GITLAB_BACKUP_SCHEDULE=daily
- GITLAB_BACKUP_TIME=01:00
- SMTP_ENABLED=${SMTP_ENABLED}
- SMTP_DOMAIN=${SMTP_DOMAIN}
- SMTP_HOST=${SMTP_HOST}
- SMTP_PORT=${SMTP_PORT}
- SMTP_USER=${SMTP_USER}
- SMTP_PASS=${SMTP_PASS}
- SMTP_STARTTLS=${SMTP_STARTTLS}
- SMTP_AUTHENTICATION=${SMTP_AUTHENTICATION}
- SMTP_ADDRESS=${SMTP_ADDRESS}
- SMTP_ENABLE_STARTTLS_AUTO=${SMTP_ENABLE_STARTTLS_AUTO}
- SMTP_TLS=${SMTP_TLS}
- GITLAB_EMAIL_FROM=${GITLAB_EMAIL_FROM}
- IMAP_ENABLED=false
- IMAP_HOST=imap.gmail.com
- IMAP_PORT=993
- IMAP_USER=mailer@example.com
- IMAP_PASS=password
- IMAP_SSL=true
- IMAP_STARTTLS=false
- OAUTH_ENABLED=false
- OAUTH_AUTO_SIGN_IN_WITH_PROVIDER=
- OAUTH_ALLOW_SSO=
- OAUTH_BLOCK_AUTO_CREATED_USERS=true
- OAUTH_AUTO_LINK_LDAP_USER=false
- OAUTH_AUTO_LINK_SAML_USER=false
- OAUTH_EXTERNAL_PROVIDERS=
- OAUTH_CAS3_LABEL=cas3
- OAUTH_CAS3_SERVER=
- OAUTH_CAS3_DISABLE_SSL_VERIFICATION=false
- OAUTH_CAS3_LOGIN_URL=/cas/login
- OAUTH_CAS3_VALIDATE_URL=/cas/p3/serviceValidate
- OAUTH_CAS3_LOGOUT_URL=/cas/logout
- OAUTH_GOOGLE_API_KEY=
- OAUTH_GOOGLE_APP_SECRET=
- OAUTH_GOOGLE_RESTRICT_DOMAIN=
- OAUTH_FACEBOOK_API_KEY=
- OAUTH_FACEBOOK_APP_SECRET=
- OAUTH_TWITTER_API_KEY=
- OAUTH_TWITTER_APP_SECRET=
- OAUTH_GITHUB_API_KEY=
- OAUTH_GITHUB_APP_SECRET=
- OAUTH_GITHUB_URL=
- OAUTH_GITHUB_VERIFY_SSL=
- OAUTH_GITLAB_API_KEY=
- OAUTH_GITLAB_APP_SECRET=
- OAUTH_BITBUCKET_API_KEY=
- OAUTH_BITBUCKET_APP_SECRET=
- OAUTH_SAML_ASSERTION_CONSUMER_SERVICE_URL=
- OAUTH_SAML_IDP_CERT_FINGERPRINT=
- OAUTH_SAML_IDP_SSO_TARGET_URL=
- OAUTH_SAML_ISSUER=
- OAUTH_SAML_LABEL="Our SAML Provider"
- OAUTH_SAML_NAME_IDENTIFIER_FORMAT=urn:oasis:names:tc:SAML:2.0:nameid-format:transient
- OAUTH_SAML_GROUPS_ATTRIBUTE=
- OAUTH_SAML_EXTERNAL_GROUPS=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_EMAIL=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_NAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_USERNAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_FIRST_NAME=
- OAUTH_SAML_ATTRIBUTE_STATEMENTS_LAST_NAME=
- OAUTH_CROWD_SERVER_URL=
- OAUTH_CROWD_APP_NAME=
- OAUTH_CROWD_APP_PASSWORD=
- OAUTH_AUTH0_CLIENT_ID=
- OAUTH_AUTH0_CLIENT_SECRET=
- OAUTH_AUTH0_DOMAIN=
- OAUTH_AUTH0_SCOPE=
- OAUTH_AZURE_API_KEY=
- OAUTH_AZURE_API_SECRET=
- OAUTH_AZURE_TENANT_ID=
volumes:
redis-data:
postgresql-data:
gitlab-data:
|
修正 .env 中的 SMTP_USE, SMTP_PASS, GITLAB_EMAIL_FROM
.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
| CHARACTERS_LONG_64_SECRETS_KEY_BASE=PlYHu1efqnSiXf8YKAvCQyexqvyqHVpCvrbQFRFekk8OEWocq5joTjbrbpo25XB2
DB_NAME=gitlabhq_production
DB_PORT=5432
DB_USER=gitlab
DB_PASS=password
DB_EXTENSION=pg_trgm
REDIS_PORT=6379
GITLAB_PORT=10080
GITLAB_SSH_PORT=10022
TZ=Asia/Shanghai
GITLAB_TIMEZONE=Beijing
GITLAB_EMAIL=youremailpassword
GITLAB_EMAIL_REPLY_TO=youremailpassword
GITLAB_INCOMING_EMAIL_ADDRESS=youremailpassword
GITLAB_EMAIL_FROM=youremailpassword
SMTP_ENABLED=true
SMTP_DOMAIN=sina.com
SMTP_HOST=smtp.sina.com
SMTP_PORT=465
SMTP_USER=youremail@sina.com
SMTP_PASS=youremailpassword
SMTP_STARTTLS=true
SMTP_AUTHENTICATION=login
SMTP_ADDRESS=smtp.sina.com
SMTP_ENABLE_STARTTLS_AUTO=true
SMTP_TLS=true
|
ctrl+c 停止 gitlab 容器, 重新运行
1
| docker-compose -f gitlab-docker.yml up
|
新开个终端, 进入 gitlab 容器, 发送测试邮件,以验证邮件配置正确
参考: https://docs.gitlab.com/ee/administration/troubleshooting/debug.html#mail-not-working
参考: https://docs.gitlab.com/ee/administration/troubleshooting/gitlab_rails_cheat_sheet.html#use-the-rails-runner
参考: https://docs.docker.com/engine/reference/commandline/ps/
参考: https://docs.docker.com/engine/reference/commandline/exec/
参考: https://github.com/sameersbn/docker-gitlab/issues/929
注意修正邮箱地址
powershell
1
2
| $id=docker ps -qf 'name=gitlab';sudo docker exec -it $id bash -c "sudo -u git -H bundle exec rails console production"
Notify.test_email('yourotheremail@email.com', 'Hello World', 'This is a test message').deliver_now
|
bash
1
2
| docker exec -it $(docker ps -qf 'name=gitlab') bash -c "sudo -u git -H bundle exec rails console production"
Notify.test_email('yourotheremail@email.com', 'Hello World', 'This is a test message').deliver_now
|
添加用户
访问 http://127.0.0.1:10080/admin
然后参考 http://localhost:10080/users/password/edit?reset_password_token=rpXz8_psLCC4zhcEgnZo 添加用户即可
添加用户后, 该用户邮箱会收到设置密码的链接
也可以直接设置 GITLAB_SIGNUP_ENABLED=true 来开放用户注册
配置 SSH config
参考: https://github.com/FloatingShuYin/development-environment-manual#%E9%85%8D%E7%BD%AE-git
参考: https://www.ssh.com/ssh/config
~/.ssh/config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| # gitlab localhost
Host 127.0.0.1
HostName 127.0.0.1
Port 10022
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_gitlab_private
# gitlab
Host gitlab.com
HostName gitlab.com
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_gitlab
# gitlab private
Host internal.maodouling.com
HostName internal.maodouling.com
Port 2224
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_gitlab_private
# github
Host github.com
HostName github.com
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa_github
|
值得一提的是这里 .env 中 GITLAB_SSH_PORT=10022 将 ssh 默认端口 22 映射到了主机端口 10022
将 ssh pubilc key 添加到 gitlab 中后,即可执行测试
扩展阅读