Monthly Archives: 十月 2015

SCP 命令

==================
scp 命令
==================
scp 可以在 2个 linux 主机间复制文件;

命令基本格式:
scp [可选参数] file_source file_target

======
从 本地 复制到 远程
======
* 复制文件:
* 命令格式:
scp local_file remote_username@remote_ip:remote_folder
或者
scp local_file remote_username@remote_ip:remote_file
或者
scp local_file remote_ip:remote_folder
或者
scp local_file remote_ip:remote_file

第1,2个指定了用户名,命令执行后需要再输入密码,第1个仅指定了远程的目录,文件名字不变,第2个指定了文件名;
第3,4个没有指定用户名,命令执行后需要输入用户名和密码,第3个仅指定了远程的目录,文件名字不变,第4个指定了文件名;
* 例子:
scp /home/space/music/1.mp3 root@www.cumt.edu.cn:/home/root/others/music
scp /home/space/music/1.mp3 root@www.cumt.edu.cn:/home/root/others/music/001.mp3
scp /home/space/music/1.mp3 www.cumt.edu.cn:/home/root/others/music
scp /home/space/music/1.mp3 www.cumt.edu.cn:/home/root/others/music/001.mp3

* 复制目录:
* 命令格式:
scp -r local_folder remote_username@remote_ip:remote_folder
或者
scp -r local_folder remote_ip:remote_folder

第1个指定了用户名,命令执行后需要再输入密码;
第2个没有指定用户名,命令执行后需要输入用户名和密码;
* 例子:
scp -r /home/space/music/ root@www.cumt.edu.cn:/home/root/others/
scp -r /home/space/music/ www.cumt.edu.cn:/home/root/others/

上面 命令 将 本地 music 目录 复制 到 远程 others 目录下,即复制后有 远程 有 ../others/music/ 目录

======
从 远程 复制到 本地
======
从 远程 复制到 本地,只要将 从 本地 复制到 远程 的命令 的 后2个参数 调换顺序 即可;

例如:
scp root@www.cumt.edu.cn:/home/root/others/music /home/space/music/1.mp3
scp -r www.cumt.edu.cn:/home/root/others/ /home/space/music/

最简单的应用如下 :

scp 本地用户名 @IP 地址 : 文件名 1 远程用户名 @IP 地址 : 文件名 2

[ 本地用户名 @IP 地址 :] 可以不输入 , 可能需要输入远程用户名所对应的密码 .

可能有用的几个参数 :

-v 和大多数 linux 命令中的 -v 意思一样 , 用来显示进度 . 可以用来查看连接 , 认证 , 或是配置错误 .

-C 使能压缩选项 .

-P 选择端口 . 注意 -p 已经被 rcp 使用 .

-4 强行使用 IPV4 地址 .

-6 强行使用 IPV6 地址 .

 

注意两点:
1.如果远程服务器防火墙有特殊限制,scp便要走特殊端口,具体用什么端口视情况而定,命令格式如下:
#scp -p 4588 remote@www.abc.com:/usr/local/sin.sh /home/administrator
2.使用scp要注意所使用的用户是否具有可读取远程服务器相应文件的权限。

一个不会敲代码的程序员

APACHE 多站点 多证书 配置

centos7为例

yum install mod_ssl(装好之后模块一般是自动启用的,/etc/httpd/conf.modules.d/这个文件夹下有没有00-ssl.conf)

编辑 /etc/httpd/conf

加入SSLStrictSNIVHostCheck on

编辑vhost

加入

SSLEngine on
#strong encryption ciphers only
#see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
SSLProtocol all -SSLv2
SSLHonorCipherOrder on
SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
SSLCompression Off
SSLCertificateFile /etc/证书
SSLCertificateKeyFile /etc/密钥
SSLCACertificateFile /etc/发布商证书

 

 

虽然SNI协议是现代浏览器出来之后的事情,当时ssl并不支持多站点多证书的配置。

后来mod_gnutls的出现改变了这些

但是现在这玩意已经落伍了

mod_ssl带着SNI协议重出江湖

请不要再使用老掉牙的mod_gnutls啦

tar命令

x ~]# tar -cvf /tmp/etc.tar /etc <==仅打包,不压缩!
[root@linux ~]# tar -zcvf /tmp/etc.tar.gz /etc <==打包后,以 gzip 压缩
[root@linux ~]# tar -jcvf /tmp/etc.tar.bz2 /etc <==打包后,以 bzip2 压缩

当zabbix 2.4/2.5 搭配php7 出现 always_populate_raw_post_data 报警无法安装的解决办法

当zabbix 2.4/2.5 搭配php7 出现 always_populate_raw_post_data 报警无法安装的解决办法

when you install zabbix 2.4/2,5 with php7 ,you will meet the alert of  always_populate_raw_post_data xxxx.In fact php 7 already removed this function.So we need to make some modify to slove this problem.

本方法适用于YUM安装的

This solution is suit for yun/rpm installion.

打开/usr/share/zabbix/include/classes/setup/CFrontendSetup.php

open /usr/share/zabbix/include/classes/setup/CFrontendSetup.php

找到这一段

// check for deprecated PHP 5.6.0 option 'always_populate_raw_post_data'
               if (version_compare(PHP_VERSION, '5.6', '>=')) {

修改成这样

  if (version_compare(PHP_VERSION, '5.6', '>=') && version_compare(PHP_VERSION, '7.0.0alpha2', '<')) {
                        $result[] = $this->checkPhpAlwaysPopulateRawPostData();
                }
                $result[] = $this->checkPhpSockets();

就可以了

https://support.zabbix.com/browse/ZBX-9659

RVM 安装

RVM 安装

$ curl -L get.rvm.io | bash -s stable
$ source ~/.bashrc
$ source ~/.bash_profile

 

 

multicraft 配置 smtp 发信 multicraft configure send email with smtp

multicraft默认使用的php函数发信,被很多邮件商当作垃圾信件给处理掉了。

Because default send mail method of  multicraft is php mail (),So our confirm and restpassword email always be treated as junk mail by the most of email services.

所以我们亟需配置一下SMTP发现。

So our immediate requirement is change our send mail method from PHP to SMTP.

首先你得有一个邮箱,QQ,网易,新浪啥的都行。记得开启SMTP功能!

Firstly you need a email :D,such like Google or any other else.Remember open the SMTP!

然后来到面板/protected/config/internal/application.php 编辑打开大约在第138行

that go to ~panel~/protected/config/internal/application.php and edit about at line 138.

'mail'=>array(
            'class'=>'ext.yii-mail.YiiMail',
            'logging'=>false,
                        'transportType'=>'php',

改成

        'mail'=>array(
            'class'=>'ext.yii-mail.YiiMail',
            'logging'=>true,
                        'transportType'=>'smtp',
                'transportOptions'=>array(
                'host'=>'smtp.qq.com',
                'username'=>'minet@mqq.com',
                'password'=>'qqqqq',
                'port'=>465,
                'encryption'=>'tls',
        ),

然后好像是PHP版本大于等于5.5的话

Some guys and me me a problem.if you php version is higher than 5.4

会显示

the rest password page would be shown:

Undefined property: Swift_Transport_StreamBuffer::$_sequence

那你就在

面板//protected/extensions/yii-mail/vendors/swiftMailer/classes/Swift/Transport/StreamBuffer.php中大约第163行

So you go to panel~/protected/extensions/yii-mail/vendors/swiftMailer/classes/Swift/Transport/StreamBuffer.php

about at line 163

  public function readLine($sequence)
  {
    if (isset($this->_out) && !feof($this->_out))
    {
      $line = fgets($this->_out);
      return $line;
    }
  }
  private $_sequence;  //(加入这条)(insertraline)

If you feel this is helpful to you please leave a comment.thank~

看贴不回贴,立马就怀孕!

乱炖 host 各种最新的GOOGLE FACEBOOK的HOST

http://levi.yii.so/hosts

Centos 添加SWAP

创建SWAP文件

我们准备在/(根目录)下创建一个SWAP分区

 

创建SWAP最简单也是最快的方法是用 fallocate。这个命令创建马上就能创建一个文件,根据你的指令决定它的大小

我们来创建一个4G大小的SWAP文件

dd if=/dev/zero of=/swapfile count=4096 bs=1MiB

我们来验证一下文件的正确性是不是4G

ls -lh /swapfile
-rw-r--r-- 1 root root 4.0G Oct 30 11:00 /swapfile

正如你想见文件已经被成功并且正确的创建了。

启用SWAP文件

现在SWAP文件已经被创建了,但是我们的系统还不知道这个文件应该被用来当作SWAP。我们需要告诉系统去格式化这个文件变成SWAP文件然后启用它。

 

在我们这这些之前我们应该先调整SWAP文件的权限让他不能被除了ROOT用户的其他人随便的读取。让其他用户可以读取或写入这个文件将会有巨大的风险。

我们用chmod命令

sudo chmod 600 /swapfile

这样就可以该文件的限制读取和写入权限,只有ROOT账户才有权限操作。

然后再执行一次 ls -lh

ls -lh /swapfile
-rw------- 1 root root 4.0G Oct 30 11:00 /swapfile

Now that our swap file is more secure, we can tell our system to set up the swap space for use by typing:

现在SWAP文件安全多了,我们可以告诉系统设置SWAP分区了

sudo mkswap /swapfile
Setting up swapspace version 1, size = 4194300 KiB
no label, UUID=b99230bb-21af-47bc-8c37-de41129c39bf

我们的SWAP文件现在已经准备作为SWAP空间了

输入以下指令启动SWAP分区

sudo swapon /swapfile

验证一下是否设置成功

swapon -s
Filename                Type        Size    Used    Priority
/swapfile               file        4194300 0     -1

This output confirms that we have a new swap file. We can use the free utility again to corroborate our findings:

free -m
             total       used       free     shared    buffers     cached
Mem:          3953        315       3637          8         11        107
-/+ buffers/cache:        196       3756
Swap:         4095          0       4095

Our swap has been set up successfully, and our operating system will begin to use it as needed.

Make the Swap File Permane设置SWAP分区永久生效

系统引导时自动启动

我们的SWAP文件已经启用了,但是当我们重启的时候系统并不会自动的加载它。我们需要更改fstab文件,这个一个管理文件系统的和分区的表。

VI nano vim 随便你们了

sudo nano /etc/fstab

 

在文件的顶部,你需要添加一行来告诉操作系统自动加载你创建的SWAP分区

/swapfile   swap    swap    sw  0   0

When you are finished adding the line, you can save and close the file. The server will check this file on each bootup, so the swap file will be ready for use from now on.

当你添加完了这行,你可以保存并且关闭文件,服务器每次启动的时候都会检查这个文件。

所以SWAP文件以后每次启动都会被准备好。

调整你的Swap设置(可选)妈个比懒得翻译了。下次再说系统默认的差不多了

 

There are a few options that you can configure that will have an impact on your system's performance when dealing with swap. These configurations are optional in most cases, and the changes that you make will depend on your application needs and your personal preference.

Swappiness

The swappiness parameter determines how often your system swaps data out of memory to the swap space. This is a value between 0 and 100 that represents the percentage of memory usage that will trigger the use of swap.

With values close to zero, the system will not swap data to the drive unless absolutely necessary. Remember, interactions with the swap file are "expensive" in that they are a lot slower than interactions with memory, and this difference in read and write speed can cause a significant reduction in an application's performance. Telling the system not to rely on the swap as much will generally make your system faster.

Values that are closer to 100 will try to put more data into swap in an effort to keep more memory free. Depending on your applications' memory profile, or what you are using your server for, this might be the better choice in some cases.

We can see the current swappiness value by reading the swappiness configuration file:

cat /proc/sys/vm/swappiness
30

CentOS 7 defaults to a swappiness setting of 30, which is a fair middle ground for most desktops and local servers. For a VPS system, we'd probably want to move it closer to 0.

We can set the swappiness to a different value by using the sysctl command. For instance, to set the swappiness to 10, we could type:

sudo sysctl vm.swappiness=10
vm.swappiness = 10

This setting will persist until the next reboot. To make the setting persist between reboots, we can add the outputted line to our sysctl configuration file:

sudo nano /etc/sysctl.conf

Add your swappiness setting to the bottom of the file:

vm.swappiness = 10

When you are finished adding the line, you can save and close the file. The server will now automatically set the swappiness to the value you declared on each bootup.

Cache Pressure

Another related value that you might want to modify is the vfs_cache_pressure. This setting affects the storage of special filesystem metadata entries. Constantly reading and refreshing this information is generally very costly, so storing it on the cache for longer is excellent for your system's performance.

You can see the current value of this cache pressure by querying the proc filesystem again:

cat /proc/sys/vm/vfs_cache_pressure
100

As it is currently configured, our system removes inode information from the cache far too quickly. We can set this to a more conservative setting, like 50, by using sysctl:

sudo sysctl vm.vfs_cache_pressure=50
vm.vfs_cache_pressure = 50

Again, this is only valid for our current session. We can change that by adding it to our configuration file, like we did with our swappiness setting:

sudo nano /etc/sysctl.conf

At the bottom, add the line that specifies your new value:

vm.vfs_cache_pressure = 50

When you are finished adding the line, you can save and close the file. The server will now automatically set the cache pressure to the value you declared on each bootup.

Conclusion

By following the steps in this guide, you will have given your server some breathing room in terms of memory usage. Swap space is incredibly useful in avoiding some common problems.

If you are running into OOM (out of memory) errors, or if you find that your system is unable to use the applications that you need, the best solution is to optimize your application configurations or upgrade your server. However, configuring swap space can give you more flexibility and can help buy you time on a less powerful server.

结语

以上只是一个过程,如果本身VPS没有SWAP叫唤分区的话,加上一个肯定是有好处的,比如阿里云;但是,本身若有SWAP,增加过多的SWAP感觉意义 就不大了,个人觉得SWAP不大于物理内存的2倍为宜。我也在很多VPS上遇到过,内存都用到SWAP去了以后,VPS就卡的很了。当然,上面这些还是我 个人肤浅的看法,也许是我没优化好的缘故吧。

在 centos7上安装 gitlab8 源码安装 配置 备份

0.添加一些必要的YUM源

EPEL啊 mariaDB啊 remi这些的

还要有RUBY版本管理器RVM

1. 依赖项

执行下面的几条命令

# run as root!
yum -y update
yum -y groupinstall 'Development Tools'
yum -y install readline readline-devel ncurses-devel gdbm-devel glibc-devel tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc sqlite-devel libyaml libyaml-devel libffi libffi-devel libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel system-config-firewall-tui redis sudo wget crontabs logwatch logrotate perl-Time-HiRes

然后把VIM作为默认的editor

# Install vim and set as default editor
yum install -y vim
sudo update-alternatives --set editor /usr/bin/vim.basic

再装一些编译用的

yum install -y build-essential zlib1g-dev libyaml-dev libssl-dev libgdbm-dev libreadline-dev libncurses5-dev libffi-dev curl openssh-server redis-server checkinstall libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev logrotate python-docutils pkg-config cmake nodejs

唔帮徒的看一下下面的

If you want to use Kerberos for user authentication, then install libkrb5-dev:

yum install libkrb5-dev

Note: If you don't know what Kerberos is, you can assume you don't need it.

centos7的git模板版本就够(泪啊,centos的默认包终于还算行了)

# Install Git
yum install -y git

# Make sure Git is version 1.7.10 or higher, for example 1.7.12 or 2.0.0
git --version

gitlab用postfix发email的

yum install -y postfix

Then select 'Internet Site' and press enter to confirm the hostname.

2. Ruby

安装ruby

yum install ruby 

yum install ruby-devel

接着安装 Bundler Gem:

sudo gem install bundler --no-ri --no-rdoc
(如果报错请看本站的添加RUBY源)

gem install rdoc-data; rdoc-data --install

 

3. Go

安装GO

yum install go 

4. System Users

添加GITLAB用户

adduser --system --shell /bin/bash --comment 'GitLab' --create-home --home-dir /home/git/ git

Important : Important: In order to include /usr/local/bin to git user's PATH, one way is to edit the sudoers file. As root run:

配置一下环境变量

1
2
3
4
5
6
7
8
# type an enter :
visudo
#search for the line and and append <b>/usr/local/bin</b> like so:
Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin
#like this ----->
Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin

save and exit

5. Database

数据库支持两种,1种mysql,1种postgresql

按以下步骤执行
# I安装
yum install -y postgresql postgresql-client postgresql-devel

# 登陆
sudo -u postgres psql -d template1

# 创建用户
# Do not type the 'template1=#', this is part of the prompt
template1=# CREATE USER git CREATEDB;

# 授权
template1=# CREATE DATABASE gitlabhq_production OWNER git;

# 退出
template1=# \q

# 测试
sudo -u git -H psql -d gitlabhq_production

# 退出
gitlabhq_production> \q
# 安装
yum install -y mysql-server mysql-client lmysql-devel

# Ensure you have MySQL version 5.5.14 or later
mysql --version
systemctl enable mysql
systemctl start mysql

# 初始化
sudo mysql_secure_installation

# 登陆
mysql -u root -p

# Type the MySQL root password

# 创建用户
# do not type the 'mysql>', this is part of the prompt
# change $password in the command below to a real password you pick
mysql> CREATE USER 'git'@'localhost' IDENTIFIED BY '$password';

# 选择储存引擎
# If this fails, check your MySQL config files (e.g. `/etc/mysql/*.cnf`, `/etc/mysql/conf.d/*`) for the setting "innodb = off"
mysql> SET storage_engine=INNODB;

# 创建数据库
mysql> CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci`;

# 授权
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, CREATE TEMPORARY TABLES, DROP, INDEX, ALTER, LOCK TABLES ON `gitlabhq_production`.* TO 'git'@'localhost';

# 退出
mysql> \q

# 测试
sudo -u git -H mysql -u git -p -D gitlabhq_production

# Type the password you replaced $password with earlier

# 查看权限
'mysql>' prompt

# 退出
mysql> \q

# You are done installing the database and can go back to the rest of the installation.

6. Redis

安装REDIS

Make sure redis is started on boot:

chkconfig redis on

配置接口

Configure redis to use sockets:

cp /etc/redis.conf /etc/redis.conf.orig

进制REDIS监听TCP端口,防止黑客

Disable Redis listening on TCP by setting 'port' to 0:

sed 's/^port .*/port 0/' /etc/redis.conf.orig |  tee /etc/redis.conf

Enable Redis socket for default CentOS path:

echo 'unixsocket /run/redis/redis.sock' | tee -a /etc/redis.conf
echo -e 'unixsocketperm 0770' | tee -a /etc/redis.conf

Create the directory which contains the socket

mkdir /var/run/redis
chown redis:redis /var/run/redis
chmod 755 /var/run/redis

导入接口

if [ -d /etc/tmpfiles.d ]; then
    echo 'd  /run/redis  0755  redis  redis  10d  -' |  tee -a /etc/tmpfiles.d/redis.conf
fi

重启生效一下

service redis restart
# 添加 git 进 redis 组
 usermod -aG redis git

7. GitLab

开始弄GIT啦

# 创建文件夹(如果没有的话)
cd /home/git

下载源代码(此处可以用screen)

# Clone GitLab repository
sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 8-0-stable gitlab

Note: You can change 8-0-stable to master if you want the bleeding edge version, but never install master on a production server!

你可以把stable换成master,但是在生产环境下不推荐这么做

----

配置

# Go to GitLab installation folder
cd /home/git/gitlab

# Copy the example GitLab config
sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml

# Update GitLab config file, follow the directions at top of file
sudo -u git -H editor config/gitlab.yml

# Copy the example secrets file
sudo -u git -H cp config/secrets.yml.example config/secrets.yml
sudo -u git -H chmod 0600 config/secrets.yml

# Make sure GitLab can write to the log/ and tmp/ directories
sudo chown -R git log/
sudo chown -R git tmp/
sudo chmod -R u+rwX,go-w log/
sudo chmod -R u+rwX tmp/

# Make sure GitLab can write to the tmp/pids/ and tmp/sockets/ directories
sudo chmod -R u+rwX tmp/pids/
sudo chmod -R u+rwX tmp/sockets/

# Make sure GitLab can write to the public/uploads/ directory
sudo chmod -R u+rwX  public/uploads

# Change the permissions of the directory where CI build traces are stored
sudo chmod -R u+rwX builds/

# Copy the example Unicorn config
sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb

# Find number of cores
nproc

# Enable cluster mode if you expect to have a high load instance
# Ex. change amount of workers to 3 for 2GB RAM server
# Set the number of workers to at least the number of cores
sudo -u git -H editor config/unicorn.rb

# Copy the example Rack attack config
sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb

# Configure Git global settings for git user, used when editing via web editor
sudo -u git -H git config --global core.autocrlf input

# Configure Redis connection settings
sudo -u git -H cp config/resque.yml.example config/resque.yml

# Change the Redis socket path if you are not using the default Debian / Ubuntu configuration
sudo -u git -H editor config/resque.yml

Important Note: Make sure to edit both gitlab.yml and unicorn.rb to match your setup.

一定要确认gitlab.yml和unicorn.rb是适合你的服务器的。

Note: If you want to use HTTPS, see Using HTTPS for the additional steps.

如果你想配置HTTPS请点上面那个HTTPS的超链接

配置GITLAB和数据库

# 用postgresql数据库的看这里
#PostgreSQL only:
sudo -u git cp config/database.yml.postgresql config/database.yml

# MySQL only:用Mysql mariadb的看这里
sudo -u git cp config/database.yml.mysql config/database.yml

# MySQL and remote PostgreSQL only:数据库不在本机的看这里
# Update username/password in config/database.yml.
# You only need to adapt the production settings (first part).
# If you followed the database guide then please do as follows:
# Change 'secure password' with the value you have given to $password
# You can keep the double quotes around the password
sudo -u git -H editor config/database.yml

# PostgreSQL and MySQL:
# Make config/database.yml readable to git only
sudo -u git -H chmod o-rwx config/database.yml

安装GEM

Note: As of bundler 1.5.2, you can invoke bundle install -jN (where N the number of your processor cores) and enjoy the parallel gems installation with measurable difference in completion time (~60% faster). Check the number of your cores with nproc. For more information check this post. First make sure you have bundler >= 1.5.2 (run bundle -v) as it addresses some issues that were fixed in 1.5.2.

# For PostgreSQL (note, the option says "without ... mysql")装postgresql的看这里
sudo -u git -H bundle install --deployment --without development test mysql aws kerberos

# Or if you use MySQL (note, the option says "without ... postgres")装MYSQL的看这里
sudo -u git -H bundle install --deployment --without development test postgres aws kerberos

Note: If you want to use Kerberos for user authentication, then omit kerberos in the --without option above.

安装GitLab Shell

GitLab Shell is an SSH access and repository management software developed specially for GitLab.

# Run the installation task for gitlab-shell (replace `REDIS_URL` if needed):
sudo -u git -H bundle exec rake gitlab:shell:install[v2.6.5] REDIS_URL=unix:/var/run/redis/redis.sock RAILS_ENV=production

# By default, the gitlab-shell config is generated from your main GitLab config.
# You can review (and modify) the gitlab-shell config as follows:
sudo -u git -H editor /home/git/gitlab-shell/config.yml

Note: If you want to use HTTPS, see Using HTTPS for the additional steps.

Note: Make sure your hostname can be resolved on the machine itself by either a proper DNS record or an additional line in /etc/hosts ("127.0.0.1 hostname"). This might be necessary for example if you set up gitlab behind a reverse proxy. If the hostname cannot be resolved, the final installation check will fail with "Check GitLab API access: FAILED. code: 401" and pushing commits will be rejected with "[remote rejected] master -> master (hook declined)".

安装gitlab http server

cd /home/git
sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-git-http-server.git
cd gitlab-git-http-server
sudo -u git -H make

初始化数据库和激活高级特性

cd /home/git/gitlab/

sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production

# Type 'yes' to create the database tables.

# When done you see 'Administrator account created:'

Note: You can set the Administrator/root password by supplying it in environmental variable GITLAB_ROOT_PASSWORD as seen below. If you don't set the password (and it is set to the default one) please wait with exposing GitLab to the public internet until the installation is done and you've logged into the server the first time. During the first login you'll be forced to change the default password.

sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=yourpassword

保护密码

Secure secrets.yml

The secrets.yml file stores encryption keys for sessions and secure variables. Backup secrets.yml someplace safe, but don't store it in the same place as your database backups. Otherwise your secrets are exposed if one of your backups is compromised.

安装计划表

Install schedules

# Setup schedules
sudo -u gitlab_ci -H bundle exec whenever -w RAILS_ENV=production

安装初始化脚本

Install Init Script

Download the init script (will be /etc/init.d/gitlab):

sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab

And if you are installing with a non-default folder or user copy and edit the defaults file:

sudo cp lib/support/init.d/gitlab.default.example /etc/default/gitlab

If you installed GitLab in another directory or as a user other than the default you should change these settings in /etc/default/gitlab. Do not edit/etc/init.d/gitlab as it will be changed on upgrade.

Make GitLab start on boot:

sudo update-rc.d gitlab defaults 21

安装 Logrotate

sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab

检查应用状态

Check if GitLab and its environment are configured correctly:

sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production

编译

sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production

启动GITLAB

sudo service gitlab start
# or
sudo /etc/init.d/gitlab restart

9. apache

Note: Nginx is the officially supported web server for GitLab. If you cannot or do not want to use Nginx as your web server, have a look at the GitLab recipes.

安装

yum install httpd

站点配置

Copy the example site config:

cd /etc/httpd/conf
wget https://gitlab.com/gitlab-org/gitlab-recipes/blob/8cee2936371f6d597990adc19f02f03338a8b8ed/web-server/apache/gitlab-8.0-apache2.4.conf

编辑一下httpd.conf

把这个vhost conf添加进去

vi http.conf

重启Apache

systemctl restart httpd

至此就完成了

再检测一下安装是否正确

sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production

初始化登陆

root
5iveL!fe

Important Note: On login you'll be prompted to change the password.

愉悦~!

Custom SSH Connection

If you are running SSH on a non-standard port, you must change the GitLab user's SSH config.

# Add to /home/git/.ssh/config
host localhost          # Give your setup a name (here: override localhost)
    user git            # Your remote git user
    port 2222           # Your port number
    hostname 127.0.0.1; # Your server name or IP

You also need to change the corresponding options (e.g. ssh_user, ssh_host, admin_uri) in the config\gitlab.yml file.

设置QQ邮箱发件GitLab SMTP

sudo mv /home/git/gitlab/config/initializers/smtp_settings.rb.example /home/git/gitlab/config/initializers/smtp_settings.rb 
$ sudo vim /home/git/gitlab/config/initializers/smtp_settings.rb 
# To enable smtp email delivery for your GitLab instance do the following: 
# 1. Rename this file to smtp_settings.rb 
# 2. Edit settings inside this file 
# 3. Restart GitLab instance # 
# For full list of options and their values see http://api.rubyonrails.org/classes/ActionMailer/Base.html #
 # If you change this file in a Merge Request, please also create a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests 
if Rails.env.production? Gitlab::Application.config.action_mailer.delivery_method = :smtp 
ActionMailer::Base.smtp_settings = { 
address: "smtp.qq.com", 
port: 25, 
user_name: "username@domainname", //
QQ企业邮箱账号 password: "password", 
domain: "smtp.qq.com", 
authentication: :plain, 
enable_starttls_auto: false, 
openssl_verify_mode: 'none' # See ActionMailer documentation for other possible options
} 
end 
$ sudo /home/git/gitlab/config/environments/production.rb 
... 
config.action_mailer.delivery_method = :smtp //这里修改为:smtp 
# Defaults to: 
# # config.action_mailer.sendmail_settings = { 
# # location: '/usr/sbin/sendmail', 
# # arguments: '-i -t' 
# # } ... 
$ sudo service gitlab restart && sudo service apache restart

Additional Markup Styles

Apart from the always supported markdown style there are other rich text files that GitLab can display. But you might have to install a dependency to do so. Please see the github-markup gem readme for more information.

Troubleshooting

如果使用的是apache但是提示NGINX错误什么的话,执行

bundle exec unicorn_rails -c config/unicorn.rb -E production -D

"You appear to have cloned an empty repository."

If you see this message when attempting to clone a repository hosted by GitLab, this is likely due to an outdated Nginx or Apache configuration, or a missing or misconfigured gitlab-git-http-server instance. Double-check that you've installed Go, installed gitlab-git-http-server, and correctly configured Nginx.

备份

# if you've installed GitLab from source
sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production

 

替换 ruby gem 源 RubyGems镜像

$ gem sources --add https://ruby.taobao.org/ --remove https://rubygems.org/
$ gem sources -l
*** CURRENT SOURCES ***

https://ruby.taobao.org
# 请确保只有 ruby.taobao.org
$ gem install rails

你可以用 Bundler 的 Gem 源代码镜像命令

bundle config mirror.https://rubygems.org https://ruby.taobao.org