进入容器
docker exec -it gitlab-gitlab-1 bash进入到容器,然后切换到目录
cd /opt/gitlab/embedded/service/gitlab-rails/config编辑文件
vi gitlab.ymlhost就是克隆http的时候的地址,例如www.baicu.com
ssh_host就是ssh的地址,和上面一样,不要端口
编辑好之后重启
gitlab-ctl restart测试邮箱
邮箱配置
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qq.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "QQ邮箱@qq.com"
gitlab_rails['smtp_password'] = "*****授权码"
gitlab_rails['smtp_domain'] = "qq.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = true
# 以下的配置是优化性能的,看自己的需求修改
# Terraform
gitlab_rails['terraform_state_enabled'] = false
# Usage Statistics
gitlab_rails['usage_ping_enabled'] = false
gitlab_rails['sentry_enabled'] = false
grafana['reporting_enabled'] = false
# 关闭容器仓库功能
gitlab_rails['gitlab_default_projects_features_container_registry'] = false
gitlab_rails['registry_enabled'] = false
registry['enable'] = false
registry_nginx['enable'] = false
# 包仓库
gitlab_rails['packages_enabled'] = false
gitlab_rails['dependency_proxy_enabled'] = false
# GitLab KAS
gitlab_kas['enable'] = false
gitlab_rails['gitlab_kas_enabled'] = false
# Mattermost
mattermost['enable'] = false
mattermost_nginx['enable'] = false
# Kerberos
gitlab_rails['kerberos_enabled'] = false
sentinel['enable'] = false
# GitLab Pages
gitlab_pages['enable'] = false
pages_nginx['enable'] = false
# 禁用 PUMA 集群模式
puma['worker_processes'] = 0
puma['min_threads'] = 1
puma['max_threads'] = 2
# 降低后台守护进程并发数
sidekiq['concurrency'] = 5
gitlab_ci['gitlab_ci_all_broken_builds'] = false
gitlab_ci['gitlab_ci_add_pusher'] = false
# 关闭监控
prometheus_monitoring['enable'] = false
alertmanager['enable'] = false
node_exporter['enable'] = false
redis_exporter['enable'] = false
postgres_exporter['enable'] = false
pgbouncer_exporter['enable'] = false
gitlab_exporter['enable'] = false
grafana['enable'] = false
sidekiq['metrics_enabled'] = false初始密码位置:
/etc/gitlab/initial_root_password修改gitlab.rd
文件之后,使用一下命令重启
gitlab-ctl reconfigure还可以进入到创建的gitlab 容器内
docker exec -it gitlab bash去执行
gitlab-rails consoleNotify.test_email('收件人邮箱地址', '邮箱主题', '邮箱内容').deliver_now去测试发送邮箱
问题汇总
权限问题:
保存信息:
Unable to access log file. Please ensure that /opt/gitlab/embedded/service/gitlab-rails/log/production.log exists and is writable (i.e. make it writable for user and group: chmod 0664 /opt/gitlab/embedded/service/gitlab-rails/log/production.log). The log level has been raised to WARN and the output directed to STDERR until the problem is fixed.尝试使用命令解决,先运行容器,然后使用命令:
sudo docker exec gitlab update-permissions
sudo docker restart gitlabgitlab-runner搭建
version: '3.3'
services:
gitlab-runner:
container_name: gitlab-runner
restart: always
volumes:
- './config:/etc/gitlab-runner'
- './ssh:/ssh'
- '/temp:/temp'
- '/var/run/docker.sock:/var/run/docker.sock'
image: gitlab/gitlab-runner注册
进入到容器内部
docker exec -it gitlab-runner base在gitlab上创建一个作业
在容器里面输入这些注册
gitlab-runner register --url http://172.16.1.50:84 --token glrt-2AKySoNaWBdeBDjVD2HB
取消注册
gitlab-runner unregister --url https://gitlab.org/ --token {TOKEN}破解gitlab-ee
破解
等待gitlab运行起来后,进入docker容器
sudo docker exec -it gitlab /bin/bash安装依赖
· ruby>=2.7.0 · gitlab-license
sudo apt install ruby sudo gem install gitlab-license创建文件vi license.rb
填入以下内容
require "openssl"
require "gitlab/license"
key_pair = OpenSSL::PKey::RSA.generate(2048)
File.open("license_key", "w") { |f| f.write(key_pair.to_pem) }
public_key = key_pair.public_key
File.open("license_key.pub", "w") { |f| f.write(public_key.to_pem) }
private_key = OpenSSL::PKey::RSA.new File.read("license_key")
Gitlab::License.encryption_key = private_key
license = Gitlab::License.new
license.licensee = {
"Name" => "用户名",
"Company" => "公司",
"Email" => "邮箱",
}
license.starts_at = Date.new(2024, 1, 1) # 开始时间
license.expires_at = Date.new(2099, 1, 1) # 结束时间
license.notify_admins_at = Date.new(2098, 12, 1)
license.notify_users_at = Date.new(2098, 12, 1)
license.block_changes_at = Date.new(2099, 1, 1)
license.restrictions = {
active_user_count: 100000,
}
puts "License:"
puts license
data = license.export
puts "Exported license:"
puts data
File.open("GitLabBV.gitlab-license", "w") { |f| f.write(data) }
public_key = OpenSSL::PKey::RSA.new File.read("license_key.pub")
Gitlab::License.encryption_key = public_key
data = File.read("GitLabBV.gitlab-license")
$license = Gitlab::License.import(data)
puts "Imported license:"
puts $license
unless $license
raise "The license is invalid."
end
if $license.restricted?(:active_user_count)
active_user_count = 100000
if active_user_count > $license.restrictions[:active_user_count]
raise "The active user count exceeds the allowed amount!"
end
end
if $license.notify_admins?
puts "The license is due to expire on #{$license.expires_at}."
end
if $license.notify_users?
puts "The license is due to expire on #{$license.expires_at}."
end
module Gitlab
class GitAccess
def check(cmd, changes = nil)
if $license.block_changes?
return build_status_object(false, "License expired")
end
end
end
end
puts "This instance of GitLab Enterprise Edition is licensed to:"
$license.licensee.each do |key, value|
puts "#{key}: #{value}"
end
if $license.expired?
puts "The license expired on #{$license.expires_at}"
elsif $license.will_expire?
puts "The license will expire on #{$license.expires_at}"
else
puts "The license will never expire."
end
生成证书
最好在映射出来的目录里面生成这个证书
ruby license.rb安装依赖到生成这一步可以在docker容器中进行也可以在宿主机上进行,在宿主机上进行的话需要将生成后的文件copy到容器中去。我这里演示是在容器中进行的。
替换默认公钥
最好把对应的目录映射出来,要不然以后系统重启之后又需要重新破解
volumes:
- ****
- ./config/license/license_key.pub:/opt/gitlab/embedded/service/gitlab-rails/.license_encryption_key.pub
- ./config/license/selflicense.rb:/opt/gitlab/embedded/service/gitlab-rails/ee/app/models/license.rbcp -f license_key.pub /opt/gitlab/embedded/service/gitlab-rails/.license_encryption_key.pub升级到 ULTIMATE 版本
修改文件 /opt/gitlab/embedded/service/gitlab-rails/ee/app/models/license.rb
--- /opt/gitlab/embedded/service/gitlab-rails/ee/app/models/license.rb
+++ /opt/gitlab/embedded/service/gitlab-rails/ee/app/models/license.rb
@@ -367,7 +367,7 @@
end
def plan
- restricted_attr(:plan).presence || STARTER_PLAN
+ restricted_attr(:plan).presence || ULTIMATE_PLAN
end
def edition
-表示删除,+表示添加
重启配置gitlab
gitlab-ctl reconfigure gitlab-ctl restart导入许可证
登录 gitlab 后台,管理中心 -> 通用 -> 许可证 (/admin/license),导入 GitLabBV.gitlab-license 可以选择 cat GitLabBV.gitlab-license 打印出文件内容后,把密钥复制后使用密钥文本,而不是上传文件
评论 (0)