Docker 版 Gitlab 搭建

发表于 阅读次数: 本文字数: 500 阅读时长 ≈ 2 分钟

  1. 安装Docker-ce
    curl -fsSL https://get.docker.com -o get-docker.sh

  2. 安装docker-compose

    1
    2
    curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
    chmod +x /usr/local/bin/docker-compose

  3. 使用阿里云镜像为docker加速

    首先需要一个阿里云的帐号,然后进入容器镜像服务控制台,下面有一个加速器。我们点击它之后,阿里云会为我们创建一个专属加速器地址。

    1
    2
    3
    4
    5
    tee /etc/docker/daemon.json <<-'EOF'
    {
      "registry-mirrors": ["https://5g1ay0jx.mirror.aliyuncs.com"]
    }
    EOF
    1
    2
    systemctl daemon-reload
    systemctl restart docker

  4. 拉取gitlab docker镜像
    docker pull gitlab/gitlab-ce:latest

  5. 编辑docker-compose文件

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    web:
      container_name: gitlab
      image: 'gitlab/gitlab-ce:latest'
      restart: always
      hostname: 'gitlab.example.com'
      environment:
        TZ: 'Asia/Shanghai'
        GITLAB_OMNIBUS_CONFIG:
          # 默认为http,如下设置为启用HTTPS访问
          external_url 'https://gitlab.example.com'
          gitlab_rails['gitlab_shell_ssh_port'] = 5222
          # 修改docker内部时区
          gitlab_rails['time_zone'] = 'Asia/Shanghai'
          # Add any other gitlab.rb configuration here, each on its own line
      ports:
        - '80:80'
        - '443:443'
        - '5222:22'
      volumes:
        - '/data/gitlab/etc:/etc/gitlab'
        - '/data/gitlab/logs:/var/log/gitlab'
        - '/data/gitlab/data:/var/opt/gitlab'

    默认的 ssl 证书为 OpenSSL 自签名证书,如需使用正规 CA 颁发的 SSL 证书,需要在 /etc/gitlab 目录创建 ssl 路径,并将对应 ssl 证书放到里面

    1
    2
    3
    mkdir -p /etc/gitlab/ssl
    chmod 700 /etc/gitlab/ssl
    cp gitlab.example.com.key gitlab.example.com.crt /etc/gitlab/ssl/

  6. 启动gitlab
    docker-compose up -d

  7. 浏览器访问 [https://gitlab.example.com]

第一次打开需要先修改 root 管理员密码,才可以登录

PS.其他配置

  1. 默认头像不显示
    配置 gravatar 国内镜像站

    1
    2
    gitlab_rails['gravatar_plain_url'] = 'http://sdn.geekzu.org/avatar/%{hash}?s=%{size}&d=identicon'
    gitlab_rails['gravatar_ssl_url'] = 'https://sdn.geekzu.org/avatar/%{hash}?s=%{size}&d=identicon'

  2. 开启SMTP

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    gitlab_rails['gitlab_email_enabled'] = true
    gitlab_rails['gitlab_email_from'] = '[email protected]'
    gitlab_rails['gitlab_email_display_name'] = 'GitLab'
    gitlab_rails['smtp_enable'] = true
    gitlab_rails['smtp_address'] = "smtp.example.com"
    gitlab_rails['smtp_port'] = 994
    gitlab_rails['smtp_user_name'] = "[email protected]"
    gitlab_rails['smtp_password'] = "xxxxxxxxx"
    gitlab_rails['smtp_domain'] = "smtp.example.com"
    gitlab_rails['smtp_authentication'] = "login"
    gitlab_rails['smtp_enable_starttls_auto'] = true
    gitlab_rails['smtp_tls'] = true

  3. 开启 LDAP

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
gitlab_rails['ldap_enabled'] = true
# gitlab_rails['prevent_ldap_sign_in'] = false

###! **remember to close this block with 'EOS' below**
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
  main: # 'main' is the GitLab 'provider ID' of this LDAP server
    label: 'LDAP'
    host: '192.168.x.x'
    port: 389
    uid: 'cn'
    bind_dn: 'cn=admin,dc=example,dc=com'
    password: 'password'
    encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
    verify_certificates: false
    active_directory: false
    block_auto_created_users: false
    allow_username_or_email_login: true
    base: 'dc=example,dc=com'
    user_filter: ''
EOS