2018年11月25日 星期日

GitLab 相關服務的設定

GitLab 相關服務的設定

  • SMTP
  • HTTPS


1. SMTP


開啟 Gitlab 郵件功能,在用戶註冊、密碼重置、事件通知等等時,才會收到信

參考連結 : https://docs.gitlab.com/omnibus/settings/smtp.html


1-1. 修改設定檔


修改 /etc/gitlab/gitlab.rb 
sudo docker exec -it gitlab vi /etc/gitlab/gitlab.rb

Email settings
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = 'xxxx@example.com'
gitlab_rails['gitlab_email_display_name'] = 'you nickname'
gitlab_rails['gitlab_email_reply_to'] = 'xxxx@example.com'
gitlab_rails['gitlab_email_subject_suffix'] = ''

gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.example.com"
gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_user_name'] = "xxxx@example.com"
gitlab_rails['smtp_password'] = "you password"
gitlab_rails['smtp_domain'] = "example.com"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_tls'] = false


1-2. 重新載入設定檔


sudo docker exec -it gitlab gitlab-ctl reconfigure

1-3. 送測試信


sudo docker exec -it gitlab gitlab-rails console

Notify.test_email('destination_email@address.com', 'Message Subject', 'Message Body').deliver_now



2. HTTPS


參考連結 : https://docs.gitlab.com/omnibus/settings/ssl.html


2-1. 手動設定


非常不建議!未來如果使用 GitLab Runner 或是 Git client 時,都會遇到奇妙的問題
如果是純內部網路使用的話,請直接使用 SSH

Creating the SSL Certificate
sudo docker exec -it gitlab /bin/bash

openssl req -x509 -nodes \
  -days 3650 \
  -newkey rsa:2048 \
  -keyout /etc/gitlab/ssl/gitlab.example.com.key \
  -out /etc/gitlab/ssl/gitlab.example.com.crt
exit

修改 /etc/gitlab/gitlab.rb
sudo docker exec -it gitlab vi /etc/gitlab/gitlab.rb
開啟 HTTPS
external_url 'https://gitlab.example.com'

nginx['enable'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key"


2-2. Let's Encrypt


GitLab 新版本有整合 Let's Encrypt,設定也很容易,但有幾個先決條件:

  1. 要有 Domain Name,並且可以用這個 Domain Name 連到你的機器
  2. 需要同時打開 80、443 Port,不然 Let's Encrypt 驗證會失敗

參考連結 : https://gitlab.com/gitlab-org/gitlab-ce/issues/43719


修改 /etc/gitlab/gitlab.rb
sudo docker exec -it gitlab vi /etc/gitlab/gitlab.rb

開啟 Let's Encrypt
external_url "https://gitlab.example.com"

letsencrypt['enable'] = true

# (Optional) 當過期時,會寄信
letsencrypt['contact_emails'] = ['foo@email.com']

# (Optional) 每 7 天的 12:30,會自動更新
letsencrypt['auto_renew'] = true
letsencrypt['auto_renew_hour'] = "12"
letsencrypt['auto_renew_minute'] = "30"
letsencrypt['auto_renew_day_of_month'] = "*/7"

重新載入設定檔
sudo docker exec -it gitlab gitlab-ctl reconfigure

手動更新的方法
sudo docker exec -it gitlab gitlab-ctl reconfigure
# 或是
sudo docker exec -it gitlab gitlab-ctl renew-le-certs

標籤:

沒有留言:

張貼留言

訂閱: 張貼留言 (Atom)