GitLab社区版安装步骤

最新推荐文章于 2025-07-19 17:04:00 发布

原创最新推荐文章于 2025-07-19 17:04:00 发布 · 423 阅读

0 ·

CC 4.0 BY-SA版权

文章标签：

#gitlab

java 专栏收录该内容

2 篇文章

订阅专栏

本文详细介绍了如何在服务器上安装GitLab社区版（CE），包括系统准备、防火墙与SELINUX关闭、依赖包安装、证书生成与配置加载、GitLab配置初始化及SSL代理服务器设置。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

系统准备工作

关闭系统防火墙

systemctl stop firewalld
systemctl disable firewalld

关闭SELINUX并重启系统

vim /etc/sysconfig/selinux

修改内容：

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

重启服务器

reboot

安装Omnibus Gitlab-ce package

安装依赖包

yum -y install curl policycoreutils openssh-server openssh-clients postfix

配置yum仓库

curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash

启动postfix邮件服务

systemctl start postfix && systemctl enable postfix

安装Gitlab-ce社区版本

yum install -y gitlab-ce

Gitlab相关配置初始化

证书创建与配置加载

创建保存证书目录

mkdir -p /etc/gitlab/ssl

生成秘钥和证书

openssl genrsa -out /etc/gitlab/ssl/gitlab.example.com.key 2048
openssl req -new -key "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.csr"

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-S8LGFYbT-1597377750119)(/Users/lijiabin/Library/Application Support/typora-user-images/image-20200813185525456.png)]

openssl x509 -req -days 365 -in "/etc/gitlab/ssl/gitlab.example.com.csr" -signkey "/etc/gitlab/ssl/gitlab.example.com.key" -out "/etc/gitlab/ssl/gitlab.example.com.crt"

openssl dhparam -out /etc/gitlab/ssl/dhparam.pem 2048

修改证书权限(在证书目录执行)

chmod 600 *

修改Gitlab配置文件

vim /etc/gitlab/gitlab.rb

external_url 中的链接  将http改为https
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = 生成的crt证书路径
nginx['ssl_certificate_key'] = 生成的key路径
nginx['ssl_dhparam'] = 生成的pem证书路径

初始化配置

gitlab-ctl reconfigure

Nginx SSL代理服务器配置并重启

修改nginx配置

vim /var/opt/gitlab/nginx/conf/gitlab-http.conf

在server_name gitlab.example.com下面添加 rewrite将https请求重定向

rewrite ^(.*)$ https://$host$1 permanent;

重启服务

gitlab-ctl restart

修改本机的DNS hosts文件

此处替换为gitlab的IP地址 gitlab.example.com

在浏览器访问测试

https://gitlab.example.com