阿里云搭GitLab遇到的一些坑

工作室要搞些小项目,而且小伙伴们表示想要私有仓库,于是准备搭个 GitLab 玩。不料有独立IP的 Linux 服务器用完了…… 便贡献出我的一个阿里云服务器来搭 GitLab。

我的这个阿里云服务器就是当初免费送的那种,然后花了点钱加上代金券买了半年的1M带宽,配置算是最低的一款吧。

GitLab 用 Omnibus 方式装的话很简单,按照官网上一步步输命令就好,然而遇到个大麻烦——

curl -O https://downloads-packages.s3.amazonaws.com/centos-6.6/gitlab-7.9.2_omnibus-1.el6.x86_64.rpm
curl: (7) couldn't connect to host

AWS被墙了所以下载不了官方的RPM包,只好先在本机上挂代理下载了之后,再传到服务器上……
所以这里贴一个百度网盘的地址造福后人: gitlab-7.9.2_omnibus-1.el6.x86_64 密码:2ahr

然后装好了却发现经常出现 500 的问题:
500.jpg

尤其是进后台的时候,重启一下却又好了。去找日志看了看,日志默认位置是 /var/log/gitlab/gitlab-rails/production.log ,搜索 500 :

Started GET "/admin/logs" for 113.XXX.XXX.218 at 2015-04-09 17:04:17 +0800
Processing by Admin::LogsController#show as HTML 
Completed 500 Internal Server Error in 162ms

ActionView::Template::Error (Cannot allocate memory - tail):
    20:               Scroll down 
    21:         .file-content.logs
    22:           %ol  
    23:             - klass.read_latest.each do |line|
    24:               %li  
    25:                 %p= line 
  lib/gitlab/popen.rb:23:in `popen'
  lib/gitlab/logger.rb:18:in `read_latest'
  app/views/admin/logs/show.html.haml:23:in `block in _app_views_admin_logs_show_html_haml__3284402990994891962_38308260'
  app/views/admin/logs/show.html.haml:10:in `each'
  app/views/admin/logs/show.html.haml:10:in `_app_views_admin_logs_show_html_haml__3284402990994891962_38308260'

看起来像是内存不足,但是 GitLab 官方不是说最小 512M 内存就能跑吗……

Google 了下,原来 Swap 也是要的,然而阿里云创建服务器的时候并没有 Swap 分区…… Orz

摘抄一下官方具体 Memory 要求

Memory
You need at least 2GB of addressable memory (RAM + swap) to install and use GitLab! With less memory GitLab will give strange errors during the reconfigure run and 500 errors during usage.
512MB RAM + 1.5GB of swap is the absolute minimum but we strongly advise against this amount of memory. > See the unicorn worker section below for more advise.
1GB RAM + 1GB swap supports up to 100 users
2GB RAM is the recommended memory size and supports up to 500 users
4GB RAM supports up to 2,000 users
8GB RAM supports up to 5,000 users
16GB RAM supports up to 10,000 users
32GB RAM supports up to 20,000 users
64GB RAM supports up to 40,000 users
Notice: The 25 workers of Sidekiq will show up as separate processes in your process overview (such as top or htop) but they share the same RAM allocation since Sidekiq is a multithreaded application.

创建 Swap 分区或者 Swap 文件就不赘述了,挂载上 Swap 后刷新页面果然不再有 500 错误。

然而默认配置的话还有个坑:头像问题。

默认配置里头像是直接从 www.gravatar.com 获取的,然而由于大家都懂的原因,头像并不能正常显示。
而且如果直接上传头像图片的话地址可能会变成 http://gitlab.company.com/uploads/user/avatar/1/... 导致无法显示。

所以去 /etc/gitlab/gitlab.rb 改一下:

  • 第四行改成 external_url 'http://git.your.domain'
  • 任意处加上一行 gitlab_rails['gravatar_plain_url'] = 'http://gravatar.duoshuo.com/avatar/%{hash}?s=%{size}&d=identicon'

再更新配置&缓存:

sudo gitlab-ctl reconfigure 
sudo gitlab-rake cache:clear RAILS_ENV=production

还有发送邮件的配置……

网上(百度)的 GitLab 发送邮件配置大部分都是 6.x 版本的,而 7.x 版本的配置并不一样,贴个官方的 SMTP settings

If you would rather send application email via an SMTP server instead
of via Sendmail, add the following configuration information to
/etc/gitlab/gitlab.rb and run gitlab-ctl reconfigure.

gitlab_rails['smtp_enable'] = true gitlab_rails['smtp_address'] =
"smtp.server" gitlab_rails['smtp_port'] = 456
gitlab_rails['smtp_user_name'] = "smtp user"
gitlab_rails['smtp_password'] = "smtp password"
gitlab_rails['smtp_domain'] = "example.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_openssl_verify_mode'] = 'peer'

需要注意的是还要把默认邮箱改成自己的:

gitlab_rails['gitlab_email_from'] = 'your email'
user['git_user_email'] = "your email"

否则会出现 501 mail from address must be same as authorization user

可以在终端中执行 gitlab-ctl tail 来实时跟踪日志。
搞定。

参考文章:

阿里云建立swap的两种方法
解决Gitlab的Gravatar头像无法显示的问题
GitLab 配置通过 smtp.163.com 发送邮件


为您推荐了相关的技术文章:

  1. Oauth协议介绍与安全隐患
  2. 轻松组建分布式 pyspider 集群 - imlonghao
  3. ”安全线“大型目标渗透-01信息搜集|漏洞研究 - 安全技术社区
  4. OWASPCheckList
  5. 透过F5获取服务器真实内网IP - 勾陈安全实验室

原文链接: 0x0d.im