学科:Git/Setup gitlab on ubuntu

来自维基学院

后续配置参考[编辑 | 编辑源代码]

使用gmail发送通知邮件[编辑 | 编辑源代码]

config/gitlab.yml默认使用sendmail发送邮件,地址默认为notify@localhost。

以下步骤不改gitlab配置,而是修改postfix配置使notify@localhost可用。

先停止sendmail服务:

sudo /etc/init.d/postfix stop

备份配置文件

sudo cp /etc/postfix/main.cf /etc/postfix/main.cf.bak

修改main.cf的内容,参考配置:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no
myhostname = mobos2
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost, gmail.com, mobos2, localhost.localdomain
relayhost = 
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

# my config
unknown_local_recipient_reject_code = 550
home_mailbox = Mail/
disable_vrfy_command = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions =
 permit_mynetworks
 reject_unauth_destination
 reject_unauth_pipelining
 reject_invalid_hostname
 reject_non_fqdn_sender
 reject_unknown_sender_domain
 reject_non_fqdn_recipient
 reject_unknown_recipient_domain
 reject_rbl_client dnsbl.njabl.org
 reject_rbl_client dnsbl.sorbs.net
 reject_rbl_client bl.spamcop.net
 permit

## TLS Settings
#
# For no logs set = 0
smtp_tls_loglevel = 1
# 
# smtp_enforce_tls = yes
# Above is commented because doing it site by site below
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
#
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom

##  SASL Settings
# This is going in to THIS server
smtpd_sasl_auth_enable = no
# We need this
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtpd_sasl_local_domain = $myhostname
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtpd_sasl_application_name = smtpd 

## Gmail Relay
relayhost = [smtp.gmail.com]:587
 
## Good for Testing
# sender_bcc_maps = hash:/etc/postfix/bcc_table

# Disable DNS Lookups
disable_dns_lookups = yes

# Great New feature Address Mapping 
smtp_generic_maps = hash:/etc/postfix/generic
transport_maps = hash:/etc/postfix/transport

创建/etc/postfix/sasl_passwd,内容参考:

[smtp.gmail.com]:587       your_gmail_address@gmail.com:password

创建/etc/postfix/transport,内容参考:

# This sends mail to Gmail
gmail.com               smtp:[smtp.gmail.com]:587

创建/etc/postfix/tls_per_site,内容参考:

# Contents of /etc/postfix/tls_per_site
smtp.gmail.com         MUST

创建/etc/postfix/generic,内容参考:

# Contents of /etc/postfix/generic 
# local mail user           real user to send mail as
notify@localhost         your_gmail_address@gmail.com

然后,执行以下命令应用配置:

sudo postmap generic
sudo postmap tls_per_site
sudo postmap transport
sudo postmap sasl_passwd

编辑/etc/postfix/master.cf,将其中:

smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5

替换为:

smtp      unix  -       -       n       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       n       -       -       smtp
        -o smtp_generic_maps=
#       -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=

以上配置修改完毕。之后可以开启服务:

sudo /etc/init.d/postfix start

(可选)使用mail验证配置是否成功

echo "testing sending mail" | mail -s "send mail using gmail" your_gmail_address@gmail.com

参考:

配置Web服务器[编辑 | 编辑源代码]

官方安装文档结尾有很简短的Nginx,Unicorn配置说明,除了这两个,使用Apache也是可以的。

使用Apache[编辑 | 编辑源代码]

先安装passenger,让Apache支持Rack应用,参考命令:

 sudo gem install passenger
 sudo passenger-install-apache2-module

然后该Apache的配置文件,参考:

 <VirtualHost *:80>
     ServerName your.server.name
     # 需要指向gitlab的public目录
     DocumentRoot /home/gitlab/gitlab/public
     <Directory /home/gitlab/gitlab/public>
        # This relaxes Apache security settings.
        AllowOverride all
        # MultiViews must be turned off.
        Options -MultiViews
     </Directory>
  </VirtualHost>

使用Unicorn[编辑 | 编辑源代码]

Unicorn是一个轻量Rack HTTP server,

参考:

疑难解答[编辑 | 编辑源代码]

执行bundle命令时提示:Could not locate Gemfile[编辑 | 编辑源代码]

cd到gitlab安装目录再执行bundle命令

代码pull到仓库但Web页面没更新/没有Resque Worker在工作[编辑 | 编辑源代码]

使用管理员身份登录到gitlab,到Admin area查看Resque的工作情况。

如果没有Workers在工作,请检查Resque的工作情况,有可能Resque没在工作。

使用 sudo -u gitlab bundle exec rake environment resque:work QUEUE=* RAILS_ENV=production BACKGROUND=yes 可以手动启动Resque。

执行app:status检查时报告post-receive检查失败[编辑 | 编辑源代码]

先确认一下post-receive文件是否存在,如果存在应该是权限问题,可参考下列命令修复:

sudo chmod g+rwx /home/git/.gitolite
sudo usermod -g git gitlab

参考:

unicorn无法自动启动 / 启动脚本不工作[编辑 | 编辑源代码]

去检查一下unicorn的日志,如果有像这样的权限错误

/home/gitlab/gitlab/vendor/bundle/ruby/1.9.1/gems/unicorn-4.3.1/lib/unicorn/socket_helper.rb:147:in `initialize': Permission denied - bind(2) (Errno::EACCES)

去修改init.d里的gitlab启动脚本,让其以root权限执行

if [ `whoami` = root ]; then
    sudo -H sh -l -c "$CD_TO_APP_DIR && $START_DAEMON_PROCESS && $START_RESQUE_PROCESS"
else

参考[编辑 | 编辑源代码]