User Tools
инструмент_gitlab
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
инструмент_gitlab [2025/10/15 06:43] val [Управление пользователями] |
инструмент_gitlab [2025/12/15 10:29] (current) val [Клиент OpenID] |
||
|---|---|---|---|
| Line 35: | Line 35: | ||
| * [[Технология Docker]] | * [[Технология Docker]] | ||
| * [[Технология Docker#docker-compose]] | * [[Технология Docker#docker-compose]] | ||
| + | * [[#Включение TLS]] | ||
| <code> | <code> | ||
| # cat docker-compose.yml | # cat docker-compose.yml | ||
| </code><code> | </code><code> | ||
| - | #version: '3.6' | ||
| services: | services: | ||
| - | web: | + | gitlab: |
| - | # gitlab: | + | # image: 'gitlab/gitlab-ce:latest' |
| - | image: 'gitlab/gitlab-ce:latest' | + | image: 'gitlab/gitlab-ce:18.6.2-ce.0' |
| - | # image: 'gitlab/gitlab-ce:16.7.4-ce.0' | + | |
| # userns_mode: 'host' | # userns_mode: 'host' | ||
| + | # privileged: true | ||
| restart: always | restart: always | ||
| hostname: 'server.corpX.un' | hostname: 'server.corpX.un' | ||
| Line 57: | Line 57: | ||
| registry_external_url 'https://server.corpX.un:5000' | registry_external_url 'https://server.corpX.un:5000' | ||
| gitlab_rails['registry_port'] = "5050" | gitlab_rails['registry_port'] = "5050" | ||
| - | registry['registry_http_addr'] = "server.corpX.un:5050" | + | registry['registry_http_addr'] = "0.0.0.0:5050" |
| ports: | ports: | ||
| - '443:443' | - '443:443' | ||
| Line 64: | Line 64: | ||
| volumes: | volumes: | ||
| - '/etc/gitlab:/etc/gitlab' | - '/etc/gitlab:/etc/gitlab' | ||
| - | - '/srv/gitlab/logs:/var/log/gitlab' | + | - vol1:/var/opt/gitlab |
| - | - '/srv/gitlab/data:/var/opt/gitlab' | + | |
| shm_size: '256m' | shm_size: '256m' | ||
| - | logging: | + | volumes: |
| - | driver: "json-file" | + | vol1: |
| - | options: | + | |
| - | max-size: "2048m" | + | |
| </code><code> | </code><code> | ||
| # docker-compose up -d | # docker-compose up -d | ||
| Line 77: | Line 74: | ||
| ### docker-compose stop | ### docker-compose stop | ||
| - | ### rm -r /srv/gitlab/ /etc/gitlab/ | ||
| </code> | </code> | ||
| ==== Установка через Ansible Role ==== | ==== Установка через Ansible Role ==== | ||
| Line 116: | Line 112: | ||
| === REST API интерфейс === | === REST API интерфейс === | ||
| - | * Search or go to... -> Profile -> Access tokens -> Add new token -> api -> Create token | + | * Search or go to... -> Profile -> Personal access tokens -> Add new token -> api -> Create token |
| == Добавление пользователя == | == Добавление пользователя == | ||
| <code> | <code> | ||
| - | GITLAB_URL="https://server.corp13.un:4443" | + | kube1:~/gitlab# cat adduser.sh |
| - | PRIVATE_TOKEN="NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN" | + | </code><code> |
| + | GITLAB_URL="https://gitlab.corpX.un" | ||
| + | PRIVATE_TOKEN="NNNNNNNNNNNN" | ||
| - | USER_EMAIL="student@corp13.un" | + | USER_EMAIL="user1@corpX.un" |
| USER_PASSWORD="Pa\$\$w0rd" | USER_PASSWORD="Pa\$\$w0rd" | ||
| - | USER_USERNAME="student" | + | USER_USERNAME="user1" |
| USER_NAME="Your Name" | USER_NAME="Your Name" | ||
| Line 445: | Line 443: | ||
| * [[https://stackoverflow.com/questions/52169219/get-branch-name-in-gitlab-ci|Get Branch name in gitlab ci]] | * [[https://stackoverflow.com/questions/52169219/get-branch-name-in-gitlab-ci|Get Branch name in gitlab ci]] | ||
| + | <code> | ||
| + | Settings -> CI/CD -> Variables -> Add variable -> Masked and hidden ... ANS_V_SEC | ||
| + | |||
| + | снять Protect variable | ||
| + | ИЛИ | ||
| + | Settings -> Repository -> Protected Branches - Add Protected Branch -> test | ||
| + | </code> | ||
| <code> | <code> | ||
| Administrator@Ra-master ~/openvpn1 (test) | Administrator@Ra-master ~/openvpn1 (test) | ||
| Line 813: | Line 818: | ||
| gitlab_rails['omniauth_providers'] = [ | gitlab_rails['omniauth_providers'] = [ | ||
| { | { | ||
| - | name: "openid_connect", # do not change this parameter | + | name: "openid_connect", |
| - | label: "Keycloak", # optional label for login button, defaults to "Openid Connect" | + | label: "Keycloak", |
| args: { | args: { | ||
| name: "openid_connect", | name: "openid_connect", | ||
| scope: ["openid", "profile", "email"], | scope: ["openid", "profile", "email"], | ||
| response_type: "code", | response_type: "code", | ||
| - | # issuer: "https://keycloak.example.com/realms/myrealm", | ||
| issuer: "https://keycloak.corpX.un/realms/corpX", | issuer: "https://keycloak.corpX.un/realms/corpX", | ||
| client_auth_method: "query", | client_auth_method: "query", | ||
| Line 826: | Line 830: | ||
| pkce: true, | pkce: true, | ||
| client_options: { | client_options: { | ||
| - | # identifier: "<YOUR CLIENT ID>", | ||
| identifier: "any-client", | identifier: "any-client", | ||
| - | # secret: "<YOUR CLIENT SECRET>", | ||
| secret: "anystring", | secret: "anystring", | ||
| - | # redirect_uri: "https://gitlab.example.com/users/auth/openid_connect/callback" | + | # redirect_uri: "https://gitlab.corpX.un/users/auth/openid_connect/callback" |
| - | redirect_uri: "https://gate.corpX.un/users/auth/openid_connect/callback" | + | # redirect_uri: "https://gate.corpX.un/users/auth/openid_connect/callback" |
| } | } | ||
| } | } | ||
инструмент_gitlab.1760499788.txt.gz · Last modified: 2025/10/15 06:43 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
