学科:Git/Setup gitlab on ubuntu

后续配置参考

使用gmail发送通知邮件

config/gitlab.yml默认使用sendmail发送邮件，地址默认为notify@localhost。

以下步骤不改gitlab配置，而是修改postfix配置使notify@localhost可用。

先停止sendmail服务：

sudo /etc/init.d/postfix stop

备份配置文件

sudo cp /etc/postfix/main.cf /etc/postfix/main.cf.bak

修改main.cf的内容，参考配置：

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no
myhostname = mobos2
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost, gmail.com, mobos2, localhost.localdomain
relayhost = 
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

# my config
unknown_local_recipient_reject_code = 550
home_mailbox = Mail/
disable_vrfy_command = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions =
 permit_mynetworks
 reject_unauth_destination
 reject_unauth_pipelining
 reject_invalid_hostname
 reject_non_fqdn_sender
 reject_unknown_sender_domain
 reject_non_fqdn_recipient
 reject_unknown_recipient_domain
 reject_rbl_client dnsbl.njabl.org
 reject_rbl_client dnsbl.sorbs.net
 reject_rbl_client bl.spamcop.net
 permit

## TLS Settings
#
# For no logs set = 0
smtp_tls_loglevel = 1
# 
# smtp_enforce_tls = yes
# Above is commented because doing it site by site below
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
#
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom

##  SASL Settings
# This is going in to THIS server
smtpd_sasl_auth_enable = no
# We need this
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtpd_sasl_local_domain = $myhostname
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtpd_sasl_application_name = smtpd 

## Gmail Relay
relayhost = [smtp.gmail.com]:587
 
## Good for Testing
# sender_bcc_maps = hash:/etc/postfix/bcc_table

# Disable DNS Lookups
disable_dns_lookups = yes

# Great New feature Address Mapping 
smtp_generic_maps = hash:/etc/postfix/generic
transport_maps = hash:/etc/postfix/transport

创建/etc/postfix/sasl_passwd，内容参考：

[smtp.gmail.com]:587       your_gmail_address@gmail.com:password

创建/etc/postfix/transport，内容参考：

# This sends mail to Gmail
gmail.com               smtp:[smtp.gmail.com]:587

创建/etc/postfix/tls_per_site，内容参考：

# Contents of /etc/postfix/tls_per_site
smtp.gmail.com         MUST

创建/etc/postfix/generic，内容参考：

# Contents of /etc/postfix/generic 
# local mail user           real user to send mail as
notify@localhost         your_gmail_address@gmail.com

然后，执行以下命令应用配置：

sudo postmap generic
sudo postmap tls_per_site
sudo postmap transport
sudo postmap sasl_passwd

编辑/etc/postfix/master.cf，将其中：

smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5

替换为：

smtp      unix  -       -       n       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       n       -       -       smtp
        -o smtp_generic_maps=
#       -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=

以上配置修改完毕。之后可以开启服务：

sudo /etc/init.d/postfix start

（可选）使用mail验证配置是否成功

echo "testing sending mail" | mail -s "send mail using gmail" your_gmail_address@gmail.com

参考：

http://wiki.excito.org/wiki/index.php/Send_mail_using_gmail

配置Web服务器

官方安装文档结尾有很简短的Nginx，Unicorn配置说明，除了这两个，使用Apache也是可以的。

使用Apache

先安装passenger，让Apache支持Rack应用，参考命令：

 sudo gem install passenger
 sudo passenger-install-apache2-module

然后该Apache的配置文件，参考：

 <VirtualHost *:80>
     ServerName your.server.name
     # 需要指向gitlab的public目录
     DocumentRoot /home/gitlab/gitlab/public
     <Directory /home/gitlab/gitlab/public>
        # This relaxes Apache security settings.
        AllowOverride all
        # MultiViews must be turned off.
        Options -MultiViews
     </Directory>
  </VirtualHost>

使用Unicorn

Unicorn是一个轻量Rack HTTP server，

参考：

Unicorn!，GitHub团队写的使用分享，不错的介绍
Unicorn::Configurator，配置官方文档

疑难解答

执行bundle命令时提示：Could not locate Gemfile

cd到gitlab安装目录再执行bundle命令

代码pull到仓库但Web页面没更新/没有Resque Worker在工作

使用管理员身份登录到gitlab，到Admin area查看Resque的工作情况。

如果没有Workers在工作，请检查Resque的工作情况，有可能Resque没在工作。

使用 sudo -u gitlab bundle exec rake environment resque:work QUEUE=* RAILS_ENV=production BACKGROUND=yes 可以手动启动Resque。

执行app:status检查时报告post-receive检查失败

先确认一下post-receive文件是否存在，如果存在应该是权限问题，可参考下列命令修复：

sudo chmod g+rwx /home/git/.gitolite
sudo usermod -g git gitlab

参考：

https://github.com/gitlabhq/gitlabhq/issues/1543 Checking post-receive hooks fails even post-receive file exits

unicorn无法自动启动 / 启动脚本不工作

去检查一下unicorn的日志，如果有像这样的权限错误

/home/gitlab/gitlab/vendor/bundle/ruby/1.9.1/gems/unicorn-4.3.1/lib/unicorn/socket_helper.rb:147:in `initialize': Permission denied - bind(2) (Errno::EACCES)

去修改init.d里的gitlab启动脚本，让其以root权限执行

if [ `whoami` = root ]; then
    sudo -H sh -l -c "$CD_TO_APP_DIR && $START_DAEMON_PROCESS && $START_RESQUE_PROCESS"
else

参考

GitLab on an Ubuntu 10.04 server with Apache，没必要按这篇的Apache配置做，他也开了Unicorn然后将Apache的部分流量负载到这个Unicorn，实际上只需要一个Web server。