参考

https://blog.csdn.net/qq_25231683/article/details/122620184

安装

curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.rpm.sh | sudo bash

yum install -y gitlab-ce

配置

常用信息

/etc/gitlab/gitlab.rb # 主配置文件
/var/log/gitlab/ # 日志目录
/var/opt/gitlab/ # 各个服务的主目录
/var/opt/gitlab/git-data/repositories # Git仓库数据目录

常用配置

# 修改gitlab 访问地址
vim /etc/gitlab/gitlab.rb
修改配置： external_url 'http://192.168.1.135'

# 应用配置
gitlab-ctl reconfigure

# 重启
gitlab-ctl restart

启用ssl

vim /etc/gitlab/gitlab.rb
external_url 'https://gitlab.jbritian.com'

#配置http自动跳转到https协议的地址;
nginx['redirect_http_to_https'] = true

#80端口是容器内的端口,如果不配置http://宿主IP:80/将不可访问;
nginx['redirect_http_to_https_port'] = 80

nginx['ssl_certificate'] = "/root/certs/gitlab.jbritian.com_bundle.crt"
nginx['ssl_certificate_key'] = "/root/certs/gitlab.jbritian.com.key"

#配置监听容器内的443端口,注意不是外面主机的443端口
nginx['listen_port'] = 443

nginx['proxy_set_headers'] = {
   "Host" => "$http_host_with_default",
   "X-Real-IP" => "$remote_addr",
   "X-Forwarded-For" => "$proxy_add_x_forwarded_for",
   "X-Forwarded-Proto" => "https",
   "X-Forwarded-Ssl" => "on",
   "Upgrade" => "$http_upgrade",
   "Connection" => "$connection_upgrade"
}

如果使用frp做内网穿透，则frpc.ini的配置为：

[common]
server_addr = xxxxxx
server_port = 7000
token = xxxxx

[gitlab_https2https]
type = https
custom_domains = gitlab.jbritian.com
plugin = https2https
plugin_local_addr = 127.0.0.1:443
# HTTPS 证书相关的配置
plugin_crt_path = /root/certs/gitlab.jbritian.com_bundle.crt
plugin_key_path = /root/certs/gitlab.jbritian.com.key

# 给ssh端口做穿透，不然无法使用ssh克隆
[port-22]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 22