學科:Git/Setup gitlab on ubuntu

後續配置參考

編輯

使用gmail發送通知郵件

編輯

config/gitlab.yml默認使用sendmail發送郵件,地址默認為notify@localhost。

以下步驟不改gitlab配置,而是修改postfix配置使notify@localhost可用。

先停止sendmail服務:

sudo /etc/init.d/postfix stop

備份配置文件

sudo cp /etc/postfix/main.cf /etc/postfix/main.cf.bak

修改main.cf的內容,參考配置:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no
myhostname = mobos2
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost, gmail.com, mobos2, localhost.localdomain
relayhost = 
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

# my config
unknown_local_recipient_reject_code = 550
home_mailbox = Mail/
disable_vrfy_command = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions =
 permit_mynetworks
 reject_unauth_destination
 reject_unauth_pipelining
 reject_invalid_hostname
 reject_non_fqdn_sender
 reject_unknown_sender_domain
 reject_non_fqdn_recipient
 reject_unknown_recipient_domain
 reject_rbl_client dnsbl.njabl.org
 reject_rbl_client dnsbl.sorbs.net
 reject_rbl_client bl.spamcop.net
 permit

## TLS Settings
#
# For no logs set = 0
smtp_tls_loglevel = 1
# 
# smtp_enforce_tls = yes
# Above is commented because doing it site by site below
smtp_tls_per_site = hash:/etc/postfix/tls_per_site
#
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom

##  SASL Settings
# This is going in to THIS server
smtpd_sasl_auth_enable = no
# We need this
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtpd_sasl_local_domain = $myhostname
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtpd_sasl_application_name = smtpd 

## Gmail Relay
relayhost = [smtp.gmail.com]:587
 
## Good for Testing
# sender_bcc_maps = hash:/etc/postfix/bcc_table

# Disable DNS Lookups
disable_dns_lookups = yes

# Great New feature Address Mapping 
smtp_generic_maps = hash:/etc/postfix/generic
transport_maps = hash:/etc/postfix/transport

創建/etc/postfix/sasl_passwd,內容參考:

[smtp.gmail.com]:587       your_gmail_address@gmail.com:password

創建/etc/postfix/transport,內容參考:

# This sends mail to Gmail
gmail.com               smtp:[smtp.gmail.com]:587

創建/etc/postfix/tls_per_site,內容參考:

# Contents of /etc/postfix/tls_per_site
smtp.gmail.com         MUST

創建/etc/postfix/generic,內容參考:

# Contents of /etc/postfix/generic 
# local mail user           real user to send mail as
notify@localhost         your_gmail_address@gmail.com

然後,執行以下命令應用配置:

sudo postmap generic
sudo postmap tls_per_site
sudo postmap transport
sudo postmap sasl_passwd

編輯/etc/postfix/master.cf,將其中:

smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5

替換為:

smtp      unix  -       -       n       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       n       -       -       smtp
        -o smtp_generic_maps=
#       -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=

以上配置修改完畢。之後可以開啟服務:

sudo /etc/init.d/postfix start

(可選)使用mail驗證配置是否成功

echo "testing sending mail" | mail -s "send mail using gmail" your_gmail_address@gmail.com

參考:

配置Web伺服器

編輯

官方安裝文檔結尾有很簡短的Nginx,Unicorn配置說明,除了這兩個,使用Apache也是可以的。

使用Apache

編輯

先安裝passenger,讓Apache支持Rack應用,參考命令:

 sudo gem install passenger
 sudo passenger-install-apache2-module

然後該Apache的配置文件,參考:

 <VirtualHost *:80>
     ServerName your.server.name
     # 需要指向gitlab的public目录
     DocumentRoot /home/gitlab/gitlab/public
     <Directory /home/gitlab/gitlab/public>
        # This relaxes Apache security settings.
        AllowOverride all
        # MultiViews must be turned off.
        Options -MultiViews
     </Directory>
  </VirtualHost>

使用Unicorn

編輯

Unicorn是一個輕量Rack HTTP server,

參考:

疑難解答

編輯

執行bundle命令時提示:Could not locate Gemfile

編輯

cd到gitlab安裝目錄再執行bundle命令

代碼pull到倉庫但Web頁面沒更新/沒有Resque Worker在工作

編輯

使用管理員身份登錄到gitlab,到Admin area查看Resque的工作情況。

如果沒有Workers在工作,請檢查Resque的工作情況,有可能Resque沒在工作。

使用 sudo -u gitlab bundle exec rake environment resque:work QUEUE=* RAILS_ENV=production BACKGROUND=yes 可以手動啟動Resque。

執行app:status檢查時報告post-receive檢查失敗

編輯

先確認一下post-receive文件是否存在,如果存在應該是權限問題,可參考下列命令修復:

sudo chmod g+rwx /home/git/.gitolite
sudo usermod -g git gitlab

參考:

unicorn無法自動啟動 / 啟動腳本不工作

編輯

去檢查一下unicorn的日誌,如果有像這樣的權限錯誤

/home/gitlab/gitlab/vendor/bundle/ruby/1.9.1/gems/unicorn-4.3.1/lib/unicorn/socket_helper.rb:147:in `initialize': Permission denied - bind(2) (Errno::EACCES)

去修改init.d里的gitlab啟動腳本,讓其以root權限執行

if [ `whoami` = root ]; then
    sudo -H sh -l -c "$CD_TO_APP_DIR && $START_DAEMON_PROCESS && $START_RESQUE_PROCESS"
else

參考

編輯