/
RHEL/CentOS 6์— gitlab ์„ค์น˜

RHEL/CentOS 6์— gitlab ์„ค์น˜

์˜ค๋ž˜๋œ ๋ฌธ์„œ์ด๋‹ˆ ๋Œ€์‹  ๋„์ปค๋กœ ๊นƒ๋žฉ ์„ค์น˜ํ•˜๊ธฐ(install gitlab using docker) ๋ฅผ ์ฐธ๊ณ ํ•˜์„ธ์š”.


๊ฐœ์š”

giblab ์€ ruby on rail framework ๊ธฐ๋ฐ˜์œผ๋กœ ๊ฐœ๋ฐœ๋œ githubย ์™€ ๋น„์Šทํ•œย Web Base git repository management system์ด๋‹ค.

github ์™€ ๋‹ฌ๋ฆฌ community edition์ด ์žˆ๊ณ  ๋ผ์ด์„ ์Šค๋Š”ย MIT์ด๋ฏ€๋กœ ๊ธฐ์—…๋‚ด์—์„œ ์ƒ์—…์  ์šฉ๋„๋กœ ์‚ฌ์šฉ๊ฐ€๋Šฅํ•˜๋‹ค.

github Enterprise ๊ฐ€ ๊ณ ๊ฐ€๋ผ ์‚ฌ๊ธฐ ๋ฒ„๊ฑฐ์šด ์Šคํƒ€ํŠธ์—…์ด๋‚˜ ์†Œ๊ทœ๋ชจ ๊ธฐ์—…์—์„œ ์ข‹์€ ์†”๋ฃจ์…˜์ด ๋  ์ˆ˜ ์žˆ๋‹ค.

gitlab ์•„ํ‚คํ…์ฒ˜

gitlab ๊ตฌ์„ฑ

ย  ย  |-- home

ย  ย  ย  ย  | |-- git
ย  ย  ย  ย  ย  ย  ย  | |-- .ssh
ย  ย  ย  ย  ย  ย  ย  | |-- gitlab
ย  ย  ย  ย  ย  ย  ย  | |-- gitlab-satellites
ย  ย  ย  ย  ย  ย  ย  | |-- gitlab-shell
ย  ย  ย  ย  ย  ย  ย  | |-- repositories

  • .ssh - openssh ๊ฐ€ ์‚ฌ์šฉํ•˜๋Š” ๊ฐœ์ธํ‚ค์™€ ๊ณต๊ฐœํ‚ค, ๊ทธ๋ฆฌ๊ณ  ์‹ ๋ขฐํ•˜๋Š” ํ˜ธ์ŠคํŠธ์˜ ๊ณต๊ฐœํ‚ค ๋ชฉ๋ก์ด ๋‹ด๊ธดย authorized_keys ์ด ์žˆ๋Š” ๋””๋ ‰ํ„ฐ๋ฆฌ์ด๋‹ค.ย authorized_keys ย ์€ gitlab-shell ์ด ์‚ฌ์šฉํ•œ๋‹ค.
  • gitlab - gitlab ์˜ ํ•ต์‹ฌ ์†Œํ”„ํŠธ์›จ์–ด๊ฐ€ ์กด์žฌํ•œ๋‹ค.
  • gitlab-satellites - Web UI ์—์„œ ํŒŒ์ผ ํŽธ์ง‘๊ณผ Merge request ์ฒ˜๋ฆฌ๋ฅผ ์œ„ํ•ด ์ €์žฅ์†Œ๋ฅผ ์ฒดํฌ์•„์›ƒํ•œ๋‹ค. ์ž‘์—…์€ ์ž„์‹œ ํŒŒ์ผ ๋””๋ ‰ํ„ฐ๋ฆฌ์—์„œ ์ด๋ฃจ์–ด ์ง„๋‹ค.
  • gitlab-shell - gitlab ์˜ ํ•ต์‹ฌ ์ปดํฌ๋„ŒํŠธ๋กœ SSH ๊ธฐ๋ฐ˜์˜ git ๋ณต์ œ์™€ ๋‹ค๋ฅธ git ๋ช…๋ น์–ด๋ฅผ ์ฒ˜๋ฆฌํ•œ๋‹ค.
  • repositories - ๋„ค์ž„์ŠคํŽ˜์ด์Šค๋กœ ๊ตฌ์กฐํ™”๋œ ์‹ค์ œ git ์ €์žฅ์†Œ๊ฐ€ ์กด์žฌํ•˜๋Š” ๋””๋ ‰ํ„ฐ๋ฆฌ์ด๋‹ค. ์ €์žฅ์†Œ์— push/pull ์ด ๋ฐœ์ƒํ• ๋•Œ ์ด ๋””๋ ‰ํ„ฐ๋ฆฌ์—์„œ ์ด๋ฃจ์–ด ์ง„๋‹ค. git์˜ ๋ชจ๋“  ์ด๋ ฅ์„ ๋‹ด๊ณ  ์žˆ๋Š” ๊ฐ€์žฅ ๋ฏผ๊ฐํ•œ ๋ฐ์ดํƒ€์ด๋ฏ€๋กœ ๋ฐ˜๋“œ์‹œ ๋ฐฑ์—…ํ•ด์•ผ ํ•œ๋‹ค.



ํ™˜๊ฒฝ

github์— ์žˆ๋Š” ์„ค์น˜ ๋ฌธ์„œ์™€ ๋‹ค๋ฅด๊ฒŒ DB๋Š” MySQL๋งŒ ์‚ฌ์šฉํ•˜๊ณ  Web Server๋Š” apache httpd ๋งŒ ์‚ฌ์šฉํ•˜๊ฒŒ ๋ฌธ์„œ ์ˆ˜์ •ํ•จ

OSCentOS 6.x
ruby2.0.0p451
gitlab6.7-stable
gitlab-shell1.9.4
DBMSMySQL 5.1
Web Serverapache httpd 2.2.15(CentOS ๋‚ด์žฅ)


์‚ฌ์ „ ์ค€๋น„ ์‚ฌํ•ญ

Red Hat Enterprise Linux 6 / CentOS 6 ์ด ์„ค์น˜๋˜์–ด ์žˆ์–ด์•ผ ํ•œ๋‹ค.

EPEL repository ๋“ฑ๋ก

fedora ์˜ repository ์ธ EPEL ์ด ๋“ฑ๋ก๋˜์–ด ์žˆ์–ด์•ผ ํ•œ๋‹ค. ๋‹ค์Œ ๋ช…๋ น์–ด๋กœ ๋“ฑ๋กํ•˜์ž.

sudo rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

ย ์ž์„ธํ•œ ๋‚ด์šฉ์€ย RHEL/CentOS 5,6 ์— EPEL ๊ณผ Remi/WebTatic Repository ์„ค์น˜ํ•˜๊ธฐ ์„ ์ฐธ๊ณ 

Git 1.8

ย git 1.8 ์ด ํ•„์š”ํ•˜๋‚˜ CentOS6 ์—๋Š” 1.7 ์ด ํƒ‘์žฌ๋˜์–ด ์žˆ๋‹ค. ๋‹ค์Œ ๋ช…๋ น์–ด๋กœย 1.7 ์ด ์„ค์น˜๋˜์—ˆ๋‹ค๋ฉด ์‚ญ์ œํ•˜๊ณ  1.8์„ ์„ค์น˜ํ•˜์ž.

yum -y remove git
wget http://springdale.math.ias.edu/data/puias/computational/6/x86_64/git-1.8.3.1-1.sdl6.x86_64.rpm
wget http://springdale.math.ias.edu/data/puias/computational/6/x86_64/perl-Git-1.8.3.1-1.sdl6.noarch.rpm
yum localinstall git-*.rpm perl-Git-*.noarch.rpm


์„ค์น˜

ํ•„์š” ํŒจํ‚ค์ง€ ์„ค์น˜

  1. gitlab ์„ ์„ค์น˜ํ•˜๋Š” ๋ฐ ํ•„์š”ํ•œ ์ปดํŒŒ์ผ๋Ÿฌ์™€ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋ฅผ ์„ค์น˜ํ•œ๋‹ค. ๋จผ์ € ์‹œ์Šคํ…œ์„ ์—…๋ฐ์ดํŠธ ํ•˜์ž.

    yum -y update

    ย 

  2. ์ปดํŒŒ์ผ๋Ÿฌ์™€ ๋ง์ปค๋“ฑ์˜ ๊ฐœ๋ฐœ ํŒจํ‚ค์ง€ ๊ทธ๋ฃน์„ ์„ค์น˜ํ•œ๋‹ค.

    yum -y groupinstall 'Development Tools'

    ย 

  3. redis์™€ ์—๋””ํ„ฐ, compile ์— ํ•„์š”ํ•œ library ๋ฅผ ์„ค์น˜ํ•œ๋‹ค.

    yum -y install vim-enhanced readline readline-devel ncurses-devel gdbm-devel glibc-devel tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc sqlite-devel gcc-c++ libyaml libyaml-devel libffi libffi-devel libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel system-config-firewall-tui redis sudo crontabs logwatch logrotate perl-Time-HiRes patch

Configure redis

Key/Value store ์ธ redis ๋ฅผ ์„ค์ •ํ•ด์•ผ ํ•œ๋‹ค. OS ๋ถ€ํŒ…์‹œ redis ๋„ ๊ตฌ๋™๋˜๊ฒŒ run level ์„ ์กฐ์ •ํ•œ๋‹ค.

chkconfig redis on
service redis restart

Mail server ์„ค์น˜

gitlab ์‚ฌ์šฉ์‹œ ์ด๋ฉ”์ผ๋กœ ๊ณต์ง€๋ฅผ ๋ฐ›์œผ๋ ค๋ฉด ๋ฉ”์ผ ์„œ๋ฒ„๋ฅผ ์„ค์น˜ํ•ด์•ผ ํ•œ๋‹ค. RHEL 6 ๋ถ€ํ„ฐ๋Š” postfix ๊ฐ€ ๊ธฐ๋ณธ smtp ์„œ๋ฒ„์ด๋‹ค

yum -y install postfix

Ruby ์„ค์น˜

gitlab ์€ ruby on rails ํ”„๋ ˆ์ž„์› ๊ธฐ๋ฐ˜์ด๋ฏ€๋กœ ruby ๋Š” ๊ฐ€์žฅ ์ค‘์š”ํ•œ ์š”์†Œ์ค‘ ํ•˜๋‚˜์ด๋‹ค. .CentOS6 ์— ๊ธฐ๋ณธ ํƒ‘์žฌ๋œ ruby ๋Š” 1.8.x ๋Œ€์ด๋ฏ€๋กœ gitlab ์„ ๊ตฌ๋™ํ•˜์ง€ ๋ชปํ•˜๋ฏ€๋กœ ์‚ญ์ œํ•ด์•ผ ํ•œ๋‹ค. gitlab ์€ rvm, rbenv,ย chruby ๊ฐ™์€ ruby manager ๋ฅผ ๊ถŒ์žฅํ•˜์ง€ ์•Š๋Š”๋‹ค. gcc ๋กœ ruby ๋ฅผ ์†Œ์Šค์—์„œ ๋นŒ๋“œํ•ด์„œ ์‚ฌ์šฉํ•˜๊ฑฐ๋‚˜ย ๋‚˜ย rpm ์œผ๋กœ ๋งŒ๋“ ํ›„์— ์„ค์น˜ํ•  ์ˆ˜ ์žˆ๋‹ค. (rpm ์„ค์น˜ ์ถ”์ฒœ)

rpm ์œผ๋กœ ๋นŒ๋“œํ›„ ์„ค์น˜

  1. ruby 2.0, 2.1 ์„ rpmbuild ํ•ด์„œ yum ์œผ๋กœ ์„ค์น˜ํ•˜๊ธฐ ์„ ์ฐธ๊ณ ํ•˜์—ฌ rpm ์„ ๋นŒ๋“œ


ํŒจํ‚ค์ง€๋กœ ์„ค์น˜

ย ๋ฏธ๋ฆฌ ๋นŒ๋“œ๋œ rpm ์„ ๋‹ค์šด๋ฐ›์•„ ์„ค์น˜ํ•œ๋‹ค.

wget https://github.com/lesstif/ruby-rpm/releases/download/v0.1/ruby-2.0.0p451-1.el6.x86_64.rpm
yum localinstall ruby*


Source ์—์„œ ๋นŒ๋“œํ•ด์„œ ์„ค์น˜

  1. ๋จผ์ € ๊ธฐ๋ณธ ํƒ‘์žฌ๋œ ruby ๊ฐ€ ์žˆ๋‹ค๋ฉด ์‚ญ์ œํ•œ๋‹ค.

    yum remove ruby
  2. ruby ๋ฅผ ์†Œ์Šค์—์„œ ๋นŒ๋“œํ•œ๋‹ค

    wget http://cache.ruby-lang.org/pub/ruby/2.0/ruby-2.0.0-p451.tar.gz
    tar zxvf ruby-2.0.0-p451.tar.gz
    cd ruby-2.0.0-p451
    CFLAGS=-O ./configure --disable-install-rdoc
    make install
  3. gem ์œผ๋กœ Ruby Dependency Management ์ธ bundlerย ์„ค์น˜

    gem install bundler --no-ri --no-rdoc

System User ์ƒ์„ฑ

git ์‚ฌ์šฉ์ž ์ƒ์„ฑ. ์„œ๋น„์Šค ๊ตฌ๋™์šฉ ์ „์šฉ์ด๋ฉฐ ๋ณด์•ˆ๋•Œ๋ฌธ์—ย login ์€ ์•ˆ ๋˜๊ฒŒ ์„ค์ •ํ•œ๋‹ค.

adduser --system --shell /sbin/nologin --comment 'GitLab' --create-home --home-dir /home/git/ git
usermod -s /bin/bash git

ruby ๋ฐ ๊ธฐํƒ€ ์œ ํ‹ธ์ด /usr/loca/bin ์— ์žˆ์œผ๋ฉด PATH ์— ์ถ”๊ฐ€ํ•ด์•ผ ํ•œ๋‹ค. git ๊ณ„์ •์€ ๋กœ๊ทธ์ธ ๋ถˆ๊ฐ€์ด๋ฏ€๋กœ /etc/sudoers ํŒŒ์ผ์„ ์ฐพ์•„์„œ secure_path ์— /usr/local/bin ์„ ์ถ”๊ฐ€ํ•˜์ž.

Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin


gitlab shell

gitlab shell ์€ ssh ์ ‘๊ทผ ๋ฐ ์ €์žฅ์†Œ ๊ด€๋ฆฌ๋ฅผ ํ•˜๋Š” ์œ ํ‹ธ๋ฆฌํ‹ฐ์ด๋‹ค. gitlab ์—์„œ ์†Œ์Šค๋ฅผ clone ํ•ด์„œ ์„ค์น˜ํ•˜๋ฉด ๋œ๋‹ค.

  1. Go to home directory

    cd /home/git
  2. clone gitlab shellย 

    sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-shell.git -b v1.9.4
  3. gitlab shell ์„ค์ •

    cd gitlab-shell
    sudo -u git -H cp config.yml.example config.yml
  4. ์—๋””ํ„ฐ๋กœ config.yml ์„ ์—ด์–ด์„œ url์„ ์„ค์ •ํ•ด ์ค€๋‹ค. gitlab์˜ API ํ˜ธ์ถœ URL ๋กœ gitlab ๊ธฐ๋ณธ ์„ค์ •์ด http ๋กœ ๋“ค์–ด์˜จ ๊ฒฝ์šฐ https ๋กœ ํฌ์›Œ๋”ฉํ•˜๋ฏ€๋กœ https ๋กœ ์„ค์ •ํ•˜๋Š”๊ฒŒ ์ข‹๋‹ค.

    gitlab_url: "https://gitlab.example.com/"

    HTTPS ๋ฅผ ์‚ฌ์šฉํ•  ๊ฒฝ์šฐ ์‹ ๋ขฐํ•˜๋Š” ์ธ์ฆ๊ธฐ๊ด€์—์„œ ๋ฐœ๊ธ‰๋ฐ›์€ SSL ์ธ์ฆ์„œ๊ฐ€ ์•„๋‹ˆ๋ผ๋ฉด self_signed_cert : ์„ค์ •์„ true ๋กœ ํ•ด์•ผ ๊ฒ€์ฆ ์—๋Ÿฌ๊ฐ€ ๋ฐœ์ƒํ•˜์ง€ ์•Š๋Š”๋‹ค.

  5. gitlab-shell ์„ค์น˜๋ฅผ ์ง„ํ–‰ํ•œ๋‹ค

    sudo -u git -H ruby ./bin/install
  6. ์™ธ๋ถ€์—์„œ git ์ž‘์—…์‹œ(clone/push/[ull ๋“ฑ) ssh ๋ฅผ ์‚ฌ์šฉํ•˜๋ฏ€๋กœ ํ™ˆ๋””๋ ‰ํ„ฐ๋ฆฌ์˜ .ssh ํด๋”๋ฅผ ssh ๋ฐ๋ชฌ ํ”„๋กœ์„ธ์Šค๊ฐ€ ์ฝ์„ ์ˆ˜ ์žˆ๊ฒŒ SELinux context ๋ฅผ ์„ค์ •ํ•œ๋‹ค.

    SELinux context ๊ฐ€ ๋ถ€์—ฌ๋˜์ง€ ์•Š์„ ๊ฒฝ์šฐ ssh ๋ฐ๋ชฌ์ด /home/git/.ssh ๋ฅผ ์ฝ์ง€ ๋ชปํ•ด์„œ ์•„๋ž˜ ๋ช…๋ น์ด ์‹คํ–‰๋˜์ง€ ์•Š์„ ๊ฒฝ์šฐ "'repository/project.git'ย does not appear to be a git repository" ์—๋Ÿฌ๊ฐ€ ๋ฐœ์ƒํ•˜๊ฒŒ ๋œ๋‹ค.

    restorecon -Rv /home/git/.ssh

    ์ •์ƒ ์„ค์ • ์—ฌ๋ถ€๋Š” ls -lZ /home/git/.ssh ๋ฅผ ์‹คํ–‰ํ•˜์—ฌย ssh_home_t ๊ฐ€ ๋ณด์ด๋ฉด ๋œ๋‹ค.

DataBase ์„ค์ •

gitlab์€ MySQL ๊ณผ PostreSQL ์„ ์ง€์›ํ•œ๋‹ค.

MySQLย 

  1. ๋จผ์ € MySQL์ด ์„ค์น˜๋˜์–ด ์žˆ๊ณ  ๊ตฌ๋™๋˜์–ด ์žˆ์–ด์•ผ ํ•œ๋‹ค. ์„ค์น˜๋˜์–ด ์žˆ์ง€ ์•Š๋‹ค๋ฉด yum ์œผ๋กœ ์„ค์น˜ํ•ด ์ค€๋‹ค.ย gitlab ์„ค์น˜์ค‘ ruby ์šฉ mysql driver ๋ฅผ compileย ํ•˜๋Š” ๋‹จ๊ณ„๊ฐ€ ์žˆ์œผ๋ฏ€๋กœ mysql-devel ์„ ๊ฐ™์ด ์„ค์น˜ํ•ด์•ผ ํ•œ๋‹ค.

    yum install mysql mysql-server mysql-libs mysql-devel -y
  2. /etc/my.cnf ์— character ์„ utf-8๋กœ ์„ค์ •ํ•ด ์ฃผ๊ณ  ์žฌ๊ตฌ๋™ํ•œ๋‹ค. (MySQL ๊ธฐ๋ณธ ์บ๋ฆญํ„ฐ ์…‹ ์„ค์ •ํ•˜๊ธฐ - RHEL/CentOS 6 ์ฐธ๊ณ )

    [mysqld]
    max_allowed_packet     = 32M
    default-character-set=utf8
    ย 
    [client]
    default-character-set=utf8
    
    [mysql]
    default-character-set=utf8
  3. MySQL root ๋กœ ์—ฐ๊ฒฐํ›„์— DB ์™€ ๊ณ„์ •์„ ์ƒ์„ฑํ•œ๋‹ค.

    # Create a user for GitLab. (change supersecret to a real password)
    CREATE USER 'git'@'localhost' IDENTIFIED BY 'supersecret';
    
    # Create the GitLab production database
    CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci`;
    # Grant the GitLab user necessary permissions on the table.
    GRANT SELECT, LOCK TABLES, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON `gitlabhq_production`.* TO 'git'@'localhost';
    
  4. ์ •์ƒ์ ์œผ๋กœ ์ƒ์„ฑ๋˜์—ˆ๋Š”์ง€ ํ™•์ธํ•œ๋‹ค.

    mysql -u git -psupersecret -D gitlabhq_production

GitLab ์„ค์น˜

Source Clone

  1. git home directory ๋กœ ์ด๋™

    cd /home/git
  2. Clone GitLab repository
    sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 6-7-stable gitlab


gitlab ์„ค์ •

  1. cd /home/git/gitlab
  2. gitlab ์˜ ์˜ˆ์ œ ์„ค์ • ํŒŒ์ผ์„ ๋ณต์‚ฌํ•˜์—ฌ ์„ค์ •์„ ์ˆ˜์ •ํ•  ์ˆ˜ ์žˆ๊ฒŒ ์ค€๋น„ํ•œ๋‹ค.

    sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml
  3. ์ด์ œ ์„ ํ˜ธํ•˜๋Š” ์—๋””ํ„ฐ๋กœ config/gitlab.yml ์„ ํŽธ์ง‘ํ•˜์—ฌ ํ™˜๊ฒฝ์„ ๊ตฌ์„ฑํ•  ์ˆ˜ ์žˆ๋‹ค. ์ˆ˜์ •ํ•ด์•ผํ•  ํ•ญ๋ชฉ์€ ๋งŽ์ง€ ์•Š์œผ๋ฉฐ gitlab ์ด ์‚ฌ์šฉํ•˜๋Š” ruby ๋กœ ๊ตฌํ˜„๋œ Unicorn ์ด๋ผ๋Š” ์›น์„œ๋ฒ„์˜ ํฌํŠธ(๊ธฐ๋ณธ๊ฐ’ 8080)์™€ ์ด๋ฉ”์ผ ์ „์†ก์‹œ ์ฃผ์†Œ ์ •๋„๋งŒ ์ˆ˜์ •ํ•˜๋ฉด ๋œ๋‹ค. ์œ ๋‹ˆ์ฝ˜ย ย ์›น์„œ๋ฒ„์˜ ํฌํŠธ๋Š” ํŠน๋ณ„ํ•œ ์ด์œ ๊ฐ€ ์—†๋‹ค๋ฉด ๊ธฐ๋ณธ ์„ค์ •์„ ์‚ฌ์šฉํ•˜๋Š”๊ฑธ ๊ถŒ์žฅํ•œ๋‹ค.ย 

    sudo -u git -H vim config/gitlab.yml
    gitlab:
      ## ๋„๋ฉ”์ธ ๋ช…์œผ๋กœ ์ˆ˜์ • (repository ์ƒ์„ฑ์‹œ git clone URL ์— ์‚ฌ์šฉ๋  ์ฃผ์†Œ์ด๋‹ˆ FQDN ์œผ๋กœ ์ง€์ •ํ•ด์•ผ ํ•œ๋‹ค)
      host: gitlab.exampl.ecom
      port: 443
      https: true
      ## gitlab ์ด ๊ณต์ง€์šฉ ์ด๋ฉ”์ผ์„ ๋ณด๋‚ผ๋•Œ From  ์— ๋“ค์–ด๊ฐˆ ์ฃผ์†Œ
      email_from : gitlab@example.com
      ## true ๋กœ ์„ค์ •ํ•˜๋ฉด ์‚ฌ์šฉ์ž๊ฐ€ ์ง์ ‘ ๊ณ„์ •์„ ๋“ฑ๋กํ•  ์ˆ˜ ์žˆ๋‹ค. ๊ธฐ๋ณธ๊ฐ’์€ false ์ด๋ฉฐ ๊ด€๋ฆฌ์ž๊ฐ€ ๊ณ„์ •์„ ๋“ฑ๋กํ•ด์•ผ ํ•œ๋‹ค.
      signup_enabled: true

    gitlab์˜ ๊ธฐ๋ณธ ์„ค์ •์ด https ๋ฅผ ์‚ฌ์šฉํ•˜๊ฒŒ ๋˜์–ด ์žˆ์œผ๋ฏ€๋กœ port ๋Š” 443, https ๋Š” true ๋กœ ์„ค์ •ํ•ด์•ผ ํ•œ๋‹ค. ์ด ์„ค์ • ๊ฐ’์€ git ํ”„๋กœ์ ํŠธ๋ฅผ ์ƒ์„ฑํ•˜๋ฉด ํ‘œ์‹œํ•˜๋Š” ์›Œํฌํ”Œ๋กœ์šฐ์—๋„ ์ถœ๋ ฅ๋˜๋ฏ€๋กœ ์ž˜ ์„ค์ •ํ•ด์•ผ ํ•œ๋‹ค.



  4. gitlab ๊ณ„์ •์œผ๋กœ ๋กœ๊ทธ์™€ ์ž„์‹œ ๋””๋ ‰ํ„ฐ๋ฆฌ์— ์“ธ ์ˆ˜ ์žˆ๊ฒŒ ๊ถŒํ•œ์„ ๋ถ€์—ฌํ•œ๋‹ค.

    chown -R git log/ tmp
    chmod -R u+rwX  log/ tmp
  5. satellites ๋ชจ๋“ˆ์„ ์œ„ํ•œ ๋””๋ ‰ํ„ฐ๋ฆฌ๋ฅผ ์ƒ์„ฑํ•œ๋‹ค.

    sudo -u git -H mkdir /home/git/gitlab-satellites
  6. sockets๊ณผ pids ๊ธฐ๋ก์„ ์œ„ํ•œ ๋””๋ ‰ํ„ฐ๋ฆฌ๋ฅผ ๋งŒ๋“ค๊ณ  gitlab ์ด ์“ธ์ˆ˜ ์žˆ๊ฒŒ ๊ถŒํ•œ์„ ๋ถ€์—ฌํ•œ๋‹ค.

    sudo -u git -H mkdir tmp/{pids,sockets}
    sudo chmod -R u+rwX  tmp/{pids,sockets}
  7. ๋ฐฑ์—…์„ ์œ„ํ•œ public/uploads ๋””๋ ‰ํ„ฐ๋ฆฌ๋ฅผ ์ƒ์„ฑํ•œ๋‹ค.

    sudo -u git -H mkdir public/uploads
    sudo chmod -R u+rwX  public/uploads
  8. ์œ ๋‹ˆ์ฝ˜ ์›น์„œ๋ฒ„ย ์„ค์ •์„ ์œ„ํ•ด ๊ธฐ๋ณธ ์„ค์ • ํŒŒ์ผ์„ ๋ณต์‚ฌํ•œ๋‹ค.

    sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb
  9. ์„ ํ˜ธํ•˜๋Š” ์—๋””ํ„ฐ๋กœ config/unicorn.rb ํŒŒ์ผ์„ ํŽธ์ง‘ํ•œ๋‹ค. ์ˆ˜์ •ํ•ด์•ผ ํ•  ๋ถ€๋ถ„์€ ๋‹ค์Œ๊ณผ ๊ฐ™๋‹ค.

    1. worker_processes 2 -> ๊ธฐ๋ณธ worker ๋Š” 2 ์ง€๋งŒ ๋งŽ์€ ๋ถ€ํ•˜๊ฐ€ ๊ฑธ๋ฆฌ๋Š” ์„œ๋ฒ„๋ผ๋ฉด 3 ๋˜๋Š” 4๋กœ ์ง€์ •ํ•œ๋‹ค. worker ๋ฅผ 3์œผ๋กœ ์ง€์ •์‹œ ์ตœ์†Œย ย 2GB ์ด์ƒ์˜ RAM ์ด ์žˆ์–ด์•ผ ํ•œ๋‹ค. 4GB ์ด์ƒ์ผ ๊ฒฝ์šฐ worker ๋ฅผ 4๋กœ ์ง€์ •ํ•œ๋‹ค.

    2. listen "127.0.0.1:8080" -> unicorn ์›น์„œ๋ฒ„๊ฐ€ ์‚ฌ์šฉํ•  ํฌํŠธ๋ฅผ ์ง€์ •ํ•œ๋‹ค. 8080์ด ์•„๋‹Œ ๋‹ค๋ฅธ ํฌํŠธ๋ฅผ ์‚ฌ์šฉํ•  ๊ฒฝ์šฐ SELinux ์„ค์ •๊ณผ apache httpd(gitlab-ssl.conf)ย ์„ค์ •๋„ ๊ฐ™์ด ๋ณ€๊ฒฝํ•ด์•ผ ํ•œ๋‹ค.
  10. Web ์„ ํ†ตํ•œ ์™ธ๋ถ€ ๊ณต๊ฒฉ์„ ๋ง‰๊ธฐ ์œ„ํ•œ ํ”„๋ ˆ์ž„์›Œํฌ์ธ Rack attack ์„ ์„ค์ •ํ•œ๋‹ค.ย 

    sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb
  11. git user๋ฅผ ์œ„ํ•œ git ย ์ „์—ญ ์„ค์ •์„ ํ•œ๋‹ค.

    sudo -u git -H git config --global user.name "GitLab"
    sudo -u git -H git config --global user.email "gitlab@localhost"
    sudo -u git -H git config --global core.autocrlf input

gitlab DB ์„ค์ •

  1. ์„ค์ • ํŒŒ์ผ ๋ณต์‚ฌ(MySQL)

    sudo -u git -H cp config/database.yml.mysql config/database.yml
  2. ์—๋””ํ„ฐ๋กœ database.yml ์„ ์—ด์–ด์„œ DB ๋ช…, id, pwd ๋ฅผ ํ™˜๊ฒฝ์— ๋งž๊ฒŒ ํŽธ์ง‘ํ•œ๋‹ค.


Install Gems

  1. cd /home/git/gitlab
  2. ruby ์šฉ ํŒจํ‚ค์ง€ ์˜์กด์„ฑ ๊ด€๋ฆฌ์ž์ธ bundle ์„ ์„ค์น˜ํ•œ๋‹ค.


    gem install bundle
  3. MySQL ์ผ ๊ฒฝ์šฐ ์‹คํ–‰(without postgres)

    sudo -u git -H bundle install --deployment --without development test postgres aws


Database ์ดˆ๊ธฐํ™” ๋ฐ advanced ๊ธฐ๋Šฅ ํ™œ์„ฑํ™”

๋‹ค์Œ ๋ช…๋ น์–ด ์ž…๋ ฅํ›„ yes ๋ฅผ ์ž…๋ ฅํ•˜๋ฉด database table ์ด ์ƒ์„ฑ๋œ๋‹ค.

sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production

์ •์ƒ์ ์œผ๋กœ ์™„๋ฃŒ๋˜๋ฉด 'Administrator account created:' ๋ฉ”์‹œ์ง€์™€ ์ดˆ๊ธฐ ๋กœ๊ทธ์ธ id/pwd๋ฅผ ๋ณผ ์ˆ˜ ์žˆ๋‹ค.

ย 

Install Init Script

  1. init script ๋ฅผ ๋‹ค์šด๋กœ๋“œํ•œ๋‹ค. (/etc/init.d/gitlab ์œผ๋กœ ์ €์žฅ๋œ๋‹ค)

    wget -O /etc/init.d/gitlab https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/sysvinit/centos/gitlab-unicorn
  2. ์‹คํ–‰ ์†์„ฑ์„ ๋ถ€์—ฌํ•˜๊ณ  ๋ถ€ํŒ…์‹œ ์ž๋™์œผ๋กœ ๊ตฌ๋™๋˜๊ฒŒ run level ์„ ์กฐ์ •ํ•œ๋‹ค.

    chmod +x /etc/init.d/gitlab
    chkconfig --add gitlab
    chkconfig gitlab on

Set up logrotate

gitlab ์ด ์Œ“๋Š” ๋กœ๊ทธ๋ฅผ ์ฃผ๊ธฐ์ ์œผ๋กœ ์ž๋ฅด๊ธฐ ์œ„ํ•ด logrotate ๋ฅผ ์„ค์ •ํ•œ๋‹ค.

cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab

Check Application Status

sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production

Start your GitLab instance:

service gitlab start

Compile assets

asset ์„ ๋ฏธ๋ฆฌ ์ปดํŒŒ์ผํ•˜์ง€ ์•Š๊ณ  gitlab ์— ์ตœ์ดˆ ๋กœ๊ทธ์ธ์‹œ asset ์ปดํŒŒ์ผ์— ์‹œ๊ฐ„์ด ์˜ค๋ž˜ ๊ฑธ๋ ค์„œ timeout exception ์ด ๋ฐœ์ƒํ•ด ๋กœ๊ทธ์ธ์ด ๋ถˆ๊ฐ€๋Šฅํ•  ์ˆ˜ ์žˆ๋‹ค.

sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production


Apache httpd ์„ค์ •

  1. apache httpd ์™€ SSL์šฉ ๋ชจ๋“ˆ์ธ mod_ssl ์„ ์„ค์น˜ํ•œ๋‹ค.

    yum -y install httpd mod_ssl
    chkconfig httpd on
  2. apache httpd ์šฉ gitlab ์„ค์ •ํŒŒ์ผ์„ ๋‹ค์šด๋กœ๋“œ ํ•œ๋‹ค.

    wget -O /etc/httpd/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/web-server/apache/gitlab-ssl.conf
  3. gitlab ์„ค์ • ํŒŒ์ผ์€ ๋ชจ๋“  linux ์šฉ์ด๋ผ RHEL/CentOS ์˜ ํ‘œ์ค€ ๋””๋ ‰ํ„ฐ๋ฆฌ ๊ตฌ์กฐ๋ฅผ ๋”ฐ๋ฅด์ง€ ์•Š์œผ๋ฏ€๋กœ ์•ฝ๊ฐ„์˜ ์ˆ˜์ •์ด ํ•„์š”ํ•˜๋‹ค.

    ## log directory
    mkdir /var/log/httpd/logs/
    mkdir /etc/httpd/{ssl.crt,ssl.key}
    ## SSL ์„ค์ •. ์ด๋ฏธ ๊ฐœ์ธํ‚ค์™€ ์ธ์ฆ์„œ๊ฐ€ ์žˆ๋‹ค๋ฉด ๊ทธ๊ฑธ ์‚ฌ์šฉํ•˜๊ณ  ์—†์„ ๊ฒฝ์šฐ์—๋งŒ ์•„๋ž˜ ๋ช…๋ น์–ด ์‹คํ–‰
    cp /etc/pki/tls/certs/localhost.crt /etc/httpd/ssl.crt/gitlab.example.com.crt
    cp /etc/pki/tls/private/localhost.key /etc/httpd/ssl.key/gitlab.example.com.key
    cp /etc/pki/tls/certs/ca-bundle.crt /etc/httpd/ssl.crt/your-ca.crt
  4. gitlab-ssl.conf ํŒŒ์ผ๋‚ด ServerName ์„ ์›น์„œ๋ฒ„์˜ FQDN ์œผ๋กœ ๋ณ€๊ฒฝํ•˜๊ณ  unicorn ์ด 8080 ์ด ์•„๋‹Œ ํฌํŠธ๋ฅผ ์‚ฌ์šฉํ•  ๊ฒฝ์šฐ ์•„๋ž˜์ฒ˜๋Ÿผ ProxyPass,ProxyPassReverse ๋ฅผ ์ˆ˜์ •ํ•œ๋‹ค.
    gitlab-ssl.conf
    ServerName gitlab.example.com
    ProxyPass / http://localhost:8080/
    ProxyPassReverse / http://localhost:8080/
  5. ์•„ํŒŒ์น˜ ์›น์„œ๋ฒ„๋ฅผ ์žฌ๊ตฌ๋™ํ•œ๋‹ค.

    service httpd restart


iptable ๋ฐฉํ™”๋ฒฝ ์˜คํ”ˆ

80, 443 ๋ฐฉํ™”๋ฒฝ์ด ์—ด๋ฆฌ์ง€ ์•Š์•˜๋‹ค๋ฉด iptable ์„ค์ •์„ ๋ณ€๊ฒฝํ•œ๋‹ค.

lokkit -s http -s https -s ssh
service iptables restart



SELinux ๋ฌธ์ œ ํ•ด๊ฒฐ

  1. gitlib ์—๋Š” unicorn ์ด๋ผ๋Š” Web ์„œ๋ฒ„๊ฐ€ ๋‚ด์žฅ๋˜์–ด ์žˆ๋Š”๋ฐ ๊ธฐ๋ณธ ํฌํŠธ๊ฐ€ 8080 ์ž„
  2. SELinux ์—์„œ 8080 ์€ย http_cache_port_t context ์— ํ• ๋‹น๋˜์–ด ์žˆ๊ณ  ์ด ํฌํŠธ๋Š” http_port_t ์™€ ๋‹ค๋ฅด๋ฏ€๋กœ apache ๊ฐ€ ์—ฐ๊ฒฐ ๋ถˆ๊ฐ€

ํ•ด๊ฒฐ์ฑ…1(์ถ”์ฒœ)

8080์— ํ• ๋‹น๋œ OBJECT RECORD Name ์„ http_port_t ๋กœ ๋ณ€๊ฒฝ

semanage port -m -t http_port_t -p tcp 8080


ํ•ด๊ฒฐ์ฑ…2

apache httpd ๊ฐ€ ๋ชจ๋“  ๋„คํŠธ์› ํฌํŠธ์— ์—ฐ๊ฒฐ ๊ฐ€๋Šฅํ•˜๋„๋ก sebool ์„ค์ • (์ถ”์ฒœํ•˜์ง€ ์•Š์Œ)

setsebool -P httpd_can_network_connect 1

ํ•ด๊ฒฐ์ฑ…3

unicorn ์ด ์‚ฌ์šฉํ•˜๋Š” ํฌํŠธ๋ฅผ ๋ณ€๊ฒฝํ•˜๊ณ  ๋ณ€๊ฒฝ๋œ ํฌํŠธ ๋ฒˆํ˜ธ๋ฅผ SELinux ์˜ http_port_t ์— ์ถ”๊ฐ€

  1. su - gitlab
  2. cd gitlab
  3. vi config/unicorn.rb
    1. listen "127.0.0.1:8080" ์„ ์ฐพ์•„์„œ ์ ๋‹นํ•œ ํฌํŠธ ๋ฒˆํ˜ธ(Ex: 10000ย ์œผ๋กœ ๋ณ€๊ฒฝ)
  4. SELinux context ์ถ”๊ฐ€

    semanage port -a  -p tcp -t http_port_t 10000
  5. gitlab.conf ์˜ ํฌํŠธ ์ˆ˜์ •
    1. viย /etc/httpd/conf.d/gitlab.conf
    2. 8080 ์„ ์œ„์—์„œ ๋ณ€๊ฒฝํ•œ ํฌํŠธ(10000 ์œผ๋กœ ๋ณ€๊ฒฝ)
  6. service httpd restart

์ตœ์ดˆ ๋กœ๊ทธ์ธ ๋ฐย ๋™์ž‘ ํ™•์ธ

์›น๋ธŒ๋ผ์šฐ์ €๋กœ ์„ค์ •ํ•œ ์‚ฌ์ดํŠธ์— ์—ฐ๊ฒฐํ•˜์—ฌ ์ •์ƒ ์„ค์น˜ ์—ฌ๋ถ€๋ฅผ ํ…Œ์ŠคํŠธํ•œ๋‹ค. ย ๋กœ๊ทธ์ธ id/pwd ๋Š” ๋‹ค์Œ ๊ฐ’์„ ์‚ฌ์šฉํ•˜๊ณ  ๋กœ๊ทธ์ธํ›„ ๋ฐ”๋กœ ๋ณ€๊ฒฝํ•˜์ž.

admin@local.host
5iveL!fe

See Also

Ref



Related content

RHEL/CentOS 6 ์— gitlab ๋ฐ”์ด๋„ˆ๋ฆฌ ์„ค์น˜
RHEL/CentOS 6 ์— gitlab ๋ฐ”์ด๋„ˆ๋ฆฌ ์„ค์น˜
More like this
๋„์ปค๋กœ ๊นƒ๋žฉ ์„ค์น˜ํ•˜๊ธฐ(install gitlab using docker)
๋„์ปค๋กœ ๊นƒ๋žฉ ์„ค์น˜ํ•˜๊ธฐ(install gitlab using docker)
More like this
git bare repository ์„ค์ • ๋ฐ ๋‹ค๋ฅธ ํ”„๋กœํ† ์ฝœ(HTTP, SSH) ๊ณผ ์—ฐ๊ณ„
git bare repository ์„ค์ • ๋ฐ ๋‹ค๋ฅธ ํ”„๋กœํ† ์ฝœ(HTTP, SSH) ๊ณผ ์—ฐ๊ณ„
More like this
Windows ์—์„œ git ์„œ๋ฒ„ ๊ตฌ์ถ•ํ•˜๊ธฐ(Gitblit + Jetty)
Windows ์—์„œ git ์„œ๋ฒ„ ๊ตฌ์ถ•ํ•˜๊ธฐ(Gitblit + Jetty)
More like this
JIRA Server/Data Center์™€ gitlab ์—ฐ๋™
JIRA Server/Data Center์™€ gitlab ์—ฐ๋™
More like this
RHEL/CentOS ์— git 2 ์„ค์น˜ํ•˜๊ธฐ
RHEL/CentOS ์— git 2 ์„ค์น˜ํ•˜๊ธฐ
More like this