1、GitLab 迁移和升级
在生产中升级往往伴随着服务器的迁移,比如从本地机房迁移到云环境中,而实现升级
迁移流程
- 在原GitLab主机上备份配置文件和数据
- 在目标主机上安装相同的版本的GitLab软件
- 还原配置和数据
- 本质上就是备份和恢复的过程
升级流程
- 不能直接跳过中间的版本直接升级,选择最近的大版本进行升级比如:12.1想升级到13.0,先升级到12.X最高版,再升级到13.0。
- 下载新版本的安装,直接安装包
- 安装包时可能会提示出错,原因是版本升级后有些配置项会过时,根据提示修改配置即可
- 重新配置:gitlab-ctl reconfigure
- 重启服务:gitlab-ctl restart
2、实现 Https
# 创建证书
[root@git01 ~]# mkdir -p /etc/gitlab/ssl; cd /etc/gitlab/ssl
[root@git01 ssl]# openssl genrsa -out gitlab.key 2048
Generating RSA private key, 2048 bit long modulus
.............................................................................................+++
...........................................................................................+++
e is 65537 (0x10001)
[root@git01 ssl]# openssl req -days 3650 -x509 -sha256 -nodes -newkey rsa:2048 -keyout gitlab.key -out gitlab.crt
Generating a 2048 bit RSA private key
.....................................................................................+++
.+++
writing new private key to 'gitlab.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:JiangSu
Locality Name (eg, city) [Default City]:ChangZhou
Organization Name (eg, company) [Default Company Ltd]:Git
Organizational Unit Name (eg, section) []:gitlab
Common Name (eg, your name or your server's hostname) []:gitlab
Email Address []:
[root@git01 ssl]# ll
total 8
-rw-r--r-- 1 root root 1310 Dec 18 20:07 gitlab.crt
-rw-r--r-- 1 root root 1704 Dec 18 20:07 gitlab.key[root@git01 ~]# vim /etc/gitlab/gitlab.rb
external_url "https://192.168.1.71" #此项必须修改为https
nginx['enable'] = true
nginx['client_max_body_size'] = '1000m'
nginx['redirect_http_to_https'] = true
nginx['redirect_http_to_https_port'] = 80 # 所有请求80的都跳转到443
nginx['ssl_certificate'] ="/etc/gitlab/ssl/gitlab.crt"
nginx['ssl_certificate_key'] ="/etc/gitlab/ssl/gitlab.key"
nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
nginx['ssl_prefer_server_ciphers'] = "on"
nginx['ssl_protocols'] = "TLSv1.2"
nginx['ssl_session_cache'] = "shared:SSL:10m"
nginx['ssl_session_timeout'] = "1440m"
# 重新初始化
[root@git01 ~]# gitlab-ctl reconfigure
[root@git01 ~]# gitlab-ctl status
# 还登录原来的URL,会自动跳转到 https![图片[1]-Gitlab 相关-李佳程的个人主页](http://www.lijiach.com/wp-content/uploads/2022/12/image-143.png)
![图片[2]-Gitlab 相关-李佳程的个人主页](http://www.lijiach.com/wp-content/uploads/2022/12/image-144.png)
3、找回 GitLab 忘记的密码
[root@git01 ~]# gitlab-rails console -e production
# 此步可能比较慢,需要等一段时间
--------------------------------------------------------------------------------
Ruby: ruby 2.7.6p219 (2022-04-12 revision c9c2245c0a) [x86_64-linux]
GitLab: 15.6.2 (2d7e4701985) FOSS
GitLab Shell: 14.13.0
PostgreSQL: 13.8
------------------------------------------------------------[ booted in 15.38s ]
Loading production environment (Rails 6.1.6.1)
# 输入下面指令
irb(main):001:0> user = User.where(id: 1).first
=> #<User id:1 @root>
# 更改密码并确认密码
irb(main):002:0> user.password="87654321"
=> "87654321"
irb(main):003:0> user.password_confirmation="87654321"
=> "87654321"
# 保存
irb(main):004:0> user.save
=> true
# 退出控制台
irb(main):005:0> quit
# 验证用新密码登录© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
