de:infrastructure:server:gitlab-server:installation-protocol
Dies ist eine alte Version des Dokuments!
Inhaltsverzeichnis
System auf Aktualität prüfen:
sudo apt-get update && sudo apt-get upgrade
NTP installieren:
sudo apt-get install ntp
GitLab installieren:
sudo apt update && sudo apt install -y curl openssh-server ca-certificates tzdata perl && sudo apt install -y postfix curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo sudo EXTERNAL_URL="https://gitlab.rafisa.test" apt-get install gitlab-ce=16.7.3-ce.0
Backup und Wiederherstellung:
Auf dem alten GitLab Server:
sudo gitlab-rake gitlab:backup:create sudo cp /etc/gitlab/gitlab.rb /var/opt/gitlab/backups/gitlab.rb sudo cp /etc/gitlab/gitlab-secrets.json /var/opt/gitlab/backups/gitlab-secrets.json sudo scp /var/opt/gitlab/backups/* sysadmin@172.16.56.125:/var/opt/gitlab/backups/
Auf dem neuen GitLab Server:
sudo chown git:git /var/opt/gitlab/backups/* sudo gitlab-ctl stop && sudo gitlab-backup restore BACKUP=1713526503_2024_04_19_16.7.3 && sudo gitlab-ctl start sudo cp /var/opt/gitlab/backups/gitlab.rb /etc/gitlab/ sudo cp /var/opt/gitlab/backups/gitlab-secrets.json /etc/gitlab/ sudo gitlab-ctl reconfigure
Überprüfen, ob GitLab korrekt funktioniert:
sudo gitlab-rake gitlab:check SANITIZE=true
SSL-Zertifikate erneut hinzufügen:
nano /etc/gitlab/ssl/gitlab.rafisa.test.crt && nano /etc/gitlab/ssl/gitlab.rafisa.test.key && sudo nano /etc/gitlab/gitlab.rb nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.rafisa.test.crt" nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.rafisa.test.key"
Azure Konfiguration:
gitlab_rails['omniauth_enabled'] = true gitlab_rails['omniauth_allow_single_sign_on'] = ['azure_activedirectory_v2'] gitlab_rails['omniauth_sync_profile_from_provider'] = ['azure_activedirectory_v2'] gitlab_rails['omniauth_block_auto_created_users'] = false gitlab_rails['omniauth_auto_link_user'] = ['azure_activedirectory_v2'] gitlab_rails['omniauth_providers'] = [ { "name" => "azure_activedirectory_v2", "label" => "Log in with Azure", "args" => { "client_id" => "***************", "client_secret" => "***************", "tenant_id" => "***********", } } ]
Registry aktivieren:
registry['enabled'] = true registry_external_url 'https://gitlab.rafisa.test:5050'
403 Handling:
nano /opt/gitlab/embedded/service/gitlab-rails/config/application.rb require '/opt/gitlab/embedded/service/gitlab-rails/lib/gitlab/middleware/redirect_if_not_authenticated' config.middleware.use Gitlab::Middleware::RedirectIfNotAuthenticated nano opt/gitlab/lib/gitlab/middleware/redirect_if_not_authenticated.rb module Gitlab module Middleware class RedirectIfNotAuthenticated def initialize(app) @app = app end def call(env) request = Rack::Request.new(env) # Ausnahmen für Pfade, die nicht Redirect werden sollen exceptions = ['/users/sign_in', '/users/password/new', '/users/password/edit', '/help'] if exceptions.none? { |path| request.path.start_with?(path) } && !user_signed_in?(env) [302, {'Location' => "/users/sign_in?redirect=#{URI.encode_www_form_component(request.fullpath)}"}, []] else @app.call(env) end end private def user_signed_in?(env) warden = env['warden'] warden && warden.authenticate(scope: :user).present? end end end end gitlab-ctl reconfigure gitlab-ctl restart
de/infrastructure/server/gitlab-server/installation-protocol.1713962981.txt.gz · Zuletzt geändert: 2024/04/24 14:49 von j.meyer