学科:Git/Setup gitlab on ubuntu
config/gitlab.yml默认使用sendmail发送邮件,地址默认为notify@localhost。
以下步骤不改gitlab配置,而是修改postfix配置使notify@localhost可用。
先停止sendmail服务:
sudo /etc/init.d/postfix stop
备份配置文件
sudo cp /etc/postfix/main.cf /etc/postfix/main.cf.bak
修改main.cf的内容,参考配置:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no myhostname = mobos2 alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = localhost, gmail.com, mobos2, localhost.localdomain relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all # my config unknown_local_recipient_reject_code = 550 home_mailbox = Mail/ disable_vrfy_command = yes smtpd_helo_required = yes smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_non_fqdn_sender reject_unknown_sender_domain reject_non_fqdn_recipient reject_unknown_recipient_domain reject_rbl_client dnsbl.njabl.org reject_rbl_client dnsbl.sorbs.net reject_rbl_client bl.spamcop.net permit ## TLS Settings # # For no logs set = 0 smtp_tls_loglevel = 1 # # smtp_enforce_tls = yes # Above is commented because doing it site by site below smtp_tls_per_site = hash:/etc/postfix/tls_per_site # smtp_tls_CApath = /etc/ssl/certs smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache smtp_use_tls = yes smtpd_tls_CApath = /etc/ssl/certs smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtpd_use_tls = yes tls_random_source = dev:/dev/urandom ## SASL Settings # This is going in to THIS server smtpd_sasl_auth_enable = no # We need this smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtpd_sasl_local_domain = $myhostname smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtpd_sasl_application_name = smtpd ## Gmail Relay relayhost = [smtp.gmail.com]:587 ## Good for Testing # sender_bcc_maps = hash:/etc/postfix/bcc_table # Disable DNS Lookups disable_dns_lookups = yes # Great New feature Address Mapping smtp_generic_maps = hash:/etc/postfix/generic transport_maps = hash:/etc/postfix/transport
创建/etc/postfix/sasl_passwd,内容参考:
[smtp.gmail.com]:587 your_gmail_address@gmail.com:password
创建/etc/postfix/transport,内容参考:
# This sends mail to Gmail gmail.com smtp:[smtp.gmail.com]:587
创建/etc/postfix/tls_per_site,内容参考:
# Contents of /etc/postfix/tls_per_site smtp.gmail.com MUST
创建/etc/postfix/generic,内容参考:
# Contents of /etc/postfix/generic # local mail user real user to send mail as notify@localhost your_gmail_address@gmail.com
然后,执行以下命令应用配置:
sudo postmap generic sudo postmap tls_per_site sudo postmap transport sudo postmap sasl_passwd
编辑/etc/postfix/master.cf,将其中:
smtp unix - - - - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - - - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
替换为:
smtp unix - - n - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - n - - smtp -o smtp_generic_maps= # -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=
以上配置修改完毕。之后可以开启服务:
sudo /etc/init.d/postfix start
(可选)使用mail验证配置是否成功
echo "testing sending mail" | mail -s "send mail using gmail" your_gmail_address@gmail.com
参考:
官方安装文档结尾有很简短的Nginx,Unicorn配置说明,除了这两个,使用Apache也是可以的。
先安装passenger,让Apache支持Rack应用,参考命令:
sudo gem install passenger sudo passenger-install-apache2-module
然后该Apache的配置文件,参考:
<VirtualHost *:80> ServerName your.server.name # 需要指向gitlab的public目录 DocumentRoot /home/gitlab/gitlab/public <Directory /home/gitlab/gitlab/public> # This relaxes Apache security settings. AllowOverride all # MultiViews must be turned off. Options -MultiViews </Directory> </VirtualHost>
Unicorn是一个轻量Rack HTTP server,
参考:
- Unicorn!,GitHub团队写的使用分享,不错的介绍
- Unicorn::Configurator,配置官方文档
cd到gitlab安装目录再执行bundle命令
使用管理员身份登录到gitlab,到Admin area查看Resque的工作情况。
如果没有Workers在工作,请检查Resque的工作情况,有可能Resque没在工作。
使用 sudo -u gitlab bundle exec rake environment resque:work QUEUE=* RAILS_ENV=production BACKGROUND=yes 可以手动启动Resque。
先确认一下post-receive文件是否存在,如果存在应该是权限问题,可参考下列命令修复:
sudo chmod g+rwx /home/git/.gitolite sudo usermod -g git gitlab
参考:
- https://github.com/gitlabhq/gitlabhq/issues/1543 Checking post-receive hooks fails even post-receive file exits
去检查一下unicorn的日志,如果有像这样的权限错误
/home/gitlab/gitlab/vendor/bundle/ruby/1.9.1/gems/unicorn-4.3.1/lib/unicorn/socket_helper.rb:147:in `initialize': Permission denied - bind(2) (Errno::EACCES)
去修改init.d里的gitlab启动脚本,让其以root权限执行
if [ `whoami` = root ]; then sudo -H sh -l -c "$CD_TO_APP_DIR && $START_DAEMON_PROCESS && $START_RESQUE_PROCESS" else
- GitLab on an Ubuntu 10.04 server with Apache,没必要按这篇的Apache配置做,他也开了Unicorn然后将Apache的部分流量负载到这个Unicorn,实际上只需要一个Web server。