This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
инструмент_gitlab [2022/06/20 12:50] val [GitLab CI/CD] |
инструмент_gitlab [2022/06/26 18:55] val |
||
---|---|---|---|
Line 8: | Line 8: | ||
* [[https://about.gitlab.com/install/|Install self-managed GitLab]] | * [[https://about.gitlab.com/install/|Install self-managed GitLab]] | ||
* Доступно из РФ: [[https://packages.gitlab.com/gitlab/gitlab-ce]] | * Доступно из РФ: [[https://packages.gitlab.com/gitlab/gitlab-ce]] | ||
+ | |||
+ | <code> | ||
+ | # cat /etc/gitlab/initial_root_password | ||
+ | </code> | ||
* [[https://www.techbeatly.com/configure-custom-ssl-to-secure-gitlab-server/|Configure Custom SSL to Secure GitLab Server]] | * [[https://www.techbeatly.com/configure-custom-ssl-to-secure-gitlab-server/|Configure Custom SSL to Secure GitLab Server]] | ||
Line 13: | Line 17: | ||
===== Настройка ===== | ===== Настройка ===== | ||
+ | ==== Файл конфигурации ==== | ||
<code> | <code> | ||
# cat /etc/gitlab/gitlab.rb | # cat /etc/gitlab/gitlab.rb | ||
+ | </code><code> | ||
+ | # gitlab-ctl reconfigure | ||
+ | </code> | ||
+ | |||
+ | ==== GitLab Docker Registry ==== | ||
+ | <code> | ||
+ | # cat /etc/gitlab/gitlab.rb | ||
+ | </code><code> | ||
+ | ... | ||
+ | registry_external_url 'http://server.corpX.un' | ||
+ | ... | ||
+ | gitlab_rails['registry_enabled'] = true | ||
+ | ... | ||
+ | gitlab_rails['registry_host'] = "server.corpX.un" | ||
+ | ... | ||
+ | registry['registry_http_addr'] = "server.corpX.un:5000" | ||
+ | ... | ||
+ | </code> | ||
+ | |||
+ | ==== GitLab Grafana ==== | ||
+ | <code> | ||
+ | # cat /etc/gitlab/gitlab.rb | ||
+ | </code><code> | ||
+ | ... | ||
+ | grafana['http_addr'] = '0.0.0.0' | ||
+ | ... | ||
+ | </code> | ||
+ | ==== Управление пользователями ==== | ||
+ | |||
+ | === Использование LDAP === | ||
+ | |||
+ | * [[https://docs.gitlab.com/ee/administration/auth/ldap/index.html|Integrate LDAP with GitLab]] | ||
+ | * [[Установка и настройка OpenLDAP]] | ||
+ | * [[Хранение учетных записей UNIX в LDAP]] !!! с атрибутом почты и паролем | ||
+ | |||
+ | <code> | ||
+ | # cat /etc/gitlab/gitlab.rb | ||
+ | </code><code> | ||
+ | ... | ||
+ | gitlab_rails['ldap_enabled'] = true | ||
+ | |||
+ | gitlab_rails['ldap_servers'] = YAML.load <<-'EOS' | ||
+ | main: | ||
+ | label: 'LDAP' | ||
+ | host: 'server.corpX.un' | ||
+ | port: 389 | ||
+ | # port: 636 | ||
+ | uid: 'uid' | ||
+ | bind_dn: 'cn=admin,dc=corpX,dc=un' | ||
+ | password: 'secret' | ||
+ | encryption: 'plain' | ||
+ | # encryption: 'simple_tls' | ||
+ | active_directory: false | ||
+ | base: 'ou=People,dc=corpX,dc=un' | ||
+ | ... | ||
</code> | </code> | ||
- | ==== GitLab Runner ==== | + | ===== GitLab Runner ===== |
* [[https://docs.gitlab.com/runner/install/linux-manually.html|Install GitLab Runner manually on GNU/Linux]] | * [[https://docs.gitlab.com/runner/install/linux-manually.html|Install GitLab Runner manually on GNU/Linux]] | ||
Line 27: | Line 87: | ||
<code> | <code> | ||
root@node2:~# gitlab-runner register | root@node2:~# gitlab-runner register | ||
- | shell | + | shell или docker |
root@node2:~# cat /etc/gitlab-runner/config.toml | root@node2:~# cat /etc/gitlab-runner/config.toml | ||
log_level = "debug" | log_level = "debug" | ||
... | ... | ||
- | </code> | + | </code><code> |
- | * Технология Docker [[Технология Docker#Предоставление прав непривилегированным пользователям]] | + | |
- | <code> | + | |
root@node2:~# systemctl start gitlab-runner | root@node2:~# systemctl start gitlab-runner | ||
</code> | </code> | ||
- | ==== GitLab CI/CD ==== | + | ===== GitLab CI/CD ===== |
* [[https://docs.gitlab.com/ee/ci/examples/#cicd-templates|CI/CD templates]] | * [[https://docs.gitlab.com/ee/ci/examples/#cicd-templates|CI/CD templates]] | ||
+ | |||
+ | ==== Пример shell make ==== | ||
<code> | <code> | ||
Line 61: | Line 121: | ||
- dhcpdeploy | - dhcpdeploy | ||
- | </code><code> | + | </code> |
+ | |||
+ | ==== Пример shell ansible ==== | ||
+ | |||
+ | <code> | ||
root@server:~/openvpn1# cat .gitlab-ci.yml | root@server:~/openvpn1# cat .gitlab-ci.yml | ||
+ | </code><code> | ||
deploy_test: | deploy_test: | ||
stage: deploy | stage: deploy | ||
Line 82: | Line 147: | ||
rules: | rules: | ||
- if: ($CI_COMMIT_BRANCH == "main" && $CI_COMMIT_REF_NAME == "main") | - if: ($CI_COMMIT_BRANCH == "main" && $CI_COMMIT_REF_NAME == "main") | ||
- | </code><code> | + | </code> |
+ | |||
+ | ==== Пример docker ==== | ||
+ | |||
+ | * Технология Docker [[Технология Docker#Предоставление прав непривилегированным пользователям]] | ||
+ | |||
+ | <code> | ||
vagrant@node1:~/project1$ cat .gitlab-ci.yml | vagrant@node1:~/project1$ cat .gitlab-ci.yml | ||
</code><code> | </code><code> | ||
Line 102: | Line 173: | ||
</code> | </code> | ||
- | ==== Управление пользователями ==== | + | ===== Сервер OAuth2 ===== |
- | + | ||
- | === Использование LDAP === | + | |
- | + | ||
- | * [[https://docs.gitlab.com/ee/administration/auth/ldap/index.html|Integrate LDAP with GitLab]] | + | |
- | * [[Установка и настройка OpenLDAP]] | + | |
- | * [[Хранение учетных записей UNIX в LDAP]] !!! с атрибутом почты и паролем | + | |
- | + | ||
- | <code> | + | |
- | # cat /etc/gitlab/gitlab.rb | + | |
- | </code><code> | + | |
- | ... | + | |
- | gitlab_rails['ldap_enabled'] = true | + | |
- | + | ||
- | gitlab_rails['ldap_servers'] = YAML.load <<-'EOS' | + | |
- | main: | + | |
- | label: 'LDAP' | + | |
- | host: 'server.corpX.un' | + | |
- | port: 389 | + | |
- | # port: 636 | + | |
- | uid: 'uid' | + | |
- | bind_dn: 'cn=admin,dc=corpX,dc=un' | + | |
- | password: 'secret' | + | |
- | encryption: 'plain' | + | |
- | # encryption: 'simple_tls' | + | |
- | active_directory: false | + | |
- | base: 'ou=People,dc=corpX,dc=un' | + | |
- | ... | + | |
- | </code><code> | + | |
- | # gitlab-ctl reconfigure | + | |
- | </code> | + | |
- | + | ||
- | ==== Сервер OAuth2 ==== | + | |
* !!! URL без финального "/" !!! | * !!! URL без финального "/" !!! |