de:infrastructure:server:gitlab-server:installation-protocol
Dies ist eine alte Version des Dokuments!
Inhaltsverzeichnis
System auf Aktualität prüfen:
sudo apt-get update && sudo apt-get upgrade
NTP installieren:
sudo apt-get install ntp
GitLab installieren:
sudo apt update && sudo apt install -y curl openssh-server ca-certificates tzdata perl && sudo apt install -y postfix curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo sudo EXTERNAL_URL="https://gitlab.rafisa.test" apt-get install gitlab-ce=16.7.3-ce.0
Backup und Wiederherstellung:
Auf dem alten GitLab Server:
sudo gitlab-rake gitlab:backup:create sudo cp /etc/gitlab/gitlab.rb /var/opt/gitlab/backups/gitlab.rb sudo cp /etc/gitlab/gitlab-secrets.json /var/opt/gitlab/backups/gitlab-secrets.json sudo scp /var/opt/gitlab/backups/* sysadmin@172.16.56.125:/var/opt/gitlab/backups/
Auf dem neuen GitLab Server:
sudo chown git:git /var/opt/gitlab/backups/* sudo gitlab-ctl stop && sudo gitlab-backup restore BACKUP=1713526503_2024_04_19_16.7.3 && sudo gitlab-ctl start sudo cp /var/opt/gitlab/backups/gitlab.rb /etc/gitlab/ sudo cp /var/opt/gitlab/backups/gitlab-secrets.json /etc/gitlab/ sudo gitlab-ctl reconfigure
Überprüfen, ob GitLab korrekt funktioniert:
sudo gitlab-rake gitlab:check SANITIZE=true
SSL-Zertifikate erneut hinzufügen:
nano /etc/gitlab/ssl/gitlab.rafisa.test.crt && nano /etc/gitlab/ssl/gitlab.rafisa.test.key && sudo nano /etc/gitlab/gitlab.rb nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.rafisa.test.crt" nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.rafisa.test.key"
Azure Konfiguration:
gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['azure_activedirectory_v2']
gitlab_rails['omniauth_sync_profile_from_provider'] = ['azure_activedirectory_v2']
gitlab_rails['omniauth_block_auto_created_users'] = false
gitlab_rails['omniauth_auto_link_user'] = ['azure_activedirectory_v2']
gitlab_rails['omniauth_providers'] = [
{
"name" => "azure_activedirectory_v2",
"label" => "Log in with Azure",
"args" => {
"client_id" => "***************",
"client_secret" => "***************",
"tenant_id" => "***********",
}
}
]
Registry aktivieren:
registry['enabled'] = true registry_external_url 'https://gitlab.rafisa.test:5050'
403 Handling:
nano /opt/gitlab/embedded/service/gitlab-rails/config/application.rb
require '/opt/gitlab/embedded/service/gitlab-rails/lib/gitlab/middleware/redirect_if_not_authenticated'
config.middleware.use Gitlab::Middleware::RedirectIfNotAuthenticated
nano opt/gitlab/lib/gitlab/middleware/redirect_if_not_authenticated.rb
module Gitlab
module Middleware
class RedirectIfNotAuthenticated
def initialize(app)
@app = app
end
def call(env)
request = Rack::Request.new(env)
# Ausnahmen für Pfade, die nicht Redirect werden sollen
exceptions = ['/users/sign_in', '/users/password/new', '/users/password/edit', '/help']
if exceptions.none? { |path| request.path.start_with?(path) } && !user_signed_in?(env)
[302, {'Location' => "/users/sign_in?redirect=#{URI.encode_www_form_component(request.fullpath)}"}, []]
else
@app.call(env)
end
end
private
def user_signed_in?(env)
warden = env['warden']
warden && warden.authenticate(scope: :user).present?
end
end
end
end
gitlab-ctl reconfigure
gitlab-ctl restart
de/infrastructure/server/gitlab-server/installation-protocol.1713962981.txt.gz · Zuletzt geändert: 2024/04/24 14:49 von j.meyer