部署一套gitlab环境比较复杂,这里把部署的过程写成了shell脚本,这大大简化的gitlab部署的成本。
前言
在51cto的博客上已介绍过企业级GitLab仓库环境构建,这里利用两个shell脚本来完成gitlib的部署。
shell scripts
以下脚本已在debian 8 x64系统下测试通过。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
| #!/bin/bash
sudo dpkg -i gitlab-ce_8.2.1-ce.0_amd64.deb
sudo vim /var/opt/gitlab/gitlab-shell/config.yml sudo vim /var/opt/gitlab/gitlab-rails/etc/gitlab.yml
sudo mkdir -pv /data/git-data/gitlab-satellites sudo mkdir -pv /data/git-data/repositories sudo chown -R git.git /data/git-data/ sudo chmod 2770 /data/git-data/repositories
sudo gitlab-ctl restart
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58
| #!/bin/bash
SUBJECT="/C=CN/ST=ChongQing/L=YuBei/O=SJKJ/OU=CA/CN=$DOMAIN"
SUBJECT_GITLAB="/C=CN/ST=ChongQing/L=YuBei/O=SJKJ/OU=OP/CN=$DOMAIN_GITLAB"
read -p "Enter your CA domain [www.example.com]: " DOMAIN sudo bash -c 'mkdir -pv /etc/ssl/demoCA/{private,newcerts} > /dev/null' cd /etc/ssl
sudo bash -c '(umask 077;openssl genrsa -out ./demoCA/private/cakey.pem 2048)'
sudo bash -c "openssl req -new -subj $SUBJECT -x509 -key ./demoCA/private/cakey.pem -out ./demoCA/cacert.pem -days 3650" sudo touch ./demoCA/index.txt sudo bash -c "echo 01 > ./demoCA/serial" echo -e "\033[33mCertificate services is created...\033[0m"
read -p "Enter your gitlab domain [www.example.com]: " DOMAIN_GITLAB sudo bash -c 'mkdir -p /etc/gitlab/ssl' cd /etc/gitlab/ssl
sudo bash -c "(umask 077;openssl genrsa -out ${DOMAIN_GITLAB}.key 1024)"
sudo bash -c "openssl req -new -subj $SUBJECT_GITLAB -key ${DOMAIN_GITLAB}.key -out ${DOMAIN_GITLAB}.csr"
cd /etc/ssl sudo bash -c "openssl ca -in /etc/gitlab/ssl/${DOMAIN_GITLAB}.csr -out /etc/gitlab/ssl/${DOMAIN_GITLAB}.crt -days 3650"
sudo chmod 700 /etc/gitlab/ssl
sudo vim /etc/gitlab/gitlab.rb sudo bash -c "cat <<- EOF >> /etc/gitlab/gitlab.rb ##### open htts ##################### nginx['redirect_http_to_https'] = true nginx['ssl_certificate'] = \"/etc/gitlab/ssl/${DOMAIN_GITLAB}.crt\" nginx['ssl_certificate_key'] = \"/etc/gitlab/ssl/${DOMAIN_GITLAB}.key\" EOF"
sudo gitlab-ctl reconfigure sudo gitlab-ctl restart
|
参考资料