一、docker安装gitlab-ee
1.执行安装脚本
docker run -d --name gitlabee \
--restart always \
--privileged \
-e GITLAB_SKIP_UNMIGRATED_DATA_CHECK=true \
-p 40001:40001 \
-p 40002:40002 \
-p 40003:40003 \
-v /home/$USER/dockerfile/gitlabee/data/etc:/etc/gitlab \
-v /home/$USER/dockerfile/gitlabee/data/logs:/var/log/gitlab \
-v /home/$USER/dockerfile/gitlabee/data/data:/var/opt/gitlab \
gitlab/gitlab-ee:15.7.0-ee.0
2.获取root用户登录密码
docker exec gitlabee grep 'Password:' /etc/gitlab/initial_root_password
得到root用户密码:
Password: dwFJvE5IctiBAYiG8jzA0COgEqdu/KDxg8HmSl73rX8=
二、修改配置
修改 /etc/gitlab.rb
配置文件即可,以下为快速修改脚本命令。记得将IP地址192.168.0.100修改为自己服务器的实际IP
本攻略以 192.168.0.100
为例
- 1.修改http访问地址
sudo sed -i "s|# external_url 'GENERATED_EXTERNAL_URL'|external_url 'http://192.168.0.100:40002'|g" /home/$USER/dockerfile/gitlabee/data/etc/gitlab.rb
- 2.修改ssh请求地址
sudo sed -i "s|# gitlab_rails\['gitlab_ssh_host'\] = 'ssh.host_example.com'|gitlab_rails\['gitlab_ssh_host'\] = '192.168.0.100:40001'|g" /home/$USER/dockerfile/gitlabee/data/etc/gitlab.rb
- 3.重载配置
docker exec gitlabee gitlab-ctl reconfigure
三、破解gitlab-ee
1.使用docker运行ruby
docker run -it --rm ruby /bin/bash
或者本地安装ruby,需要2.3或以上
sudo apt-get install ruby
2.使用ruby生成许可证
gem install gitlab-license
注:
docker容器内执行该命令后不会自动结束并换行,按 Ctrl+C
结束
3.创建证书文件
- 1.创建license.rb文件,并输入脚本内容
cat > license.rb
注:
修改脚本中的开始和结束时间
require "openssl"
require "gitlab/license"
key_pair = OpenSSL::PKey::RSA.generate(2048)
File.open("license_key", "w") { |f| f.write(key_pair.to_pem) }
public_key = key_pair.public_key
File.open("license_key.pub", "w") { |f| f.write(public_key.to_pem) }
private_key = OpenSSL::PKey::RSA.new File.read("license_key")
Gitlab::License.encryption_key = private_key
license = Gitlab::License.new
license.licensee = {
"Name" => "Your Company",
"Company" => "Your Company",
"Email" => "example@test.com",
}
license.starts_at = Date.new(2023, 1, 1) # 开始时间
license.expires_at = Date.new(2053, 1, 1) # 结束时间
license.notify_admins_at = Date.new(2052, 12, 1)
license.notify_users_at = Date.new(2052, 12, 1)
license.block_changes_at = Date.new(2053, 1, 1)
license.restrictions = {
active_user_count: 10000,
}
puts "License:"
puts license
data = license.export
puts "Exported license:"
puts data
File.open("GitLabBV.gitlab-license", "w") { |f| f.write(data) }
public_key = OpenSSL::PKey::RSA.new File.read("license_key.pub")
Gitlab::License.encryption_key = public_key
data = File.read("GitLabBV.gitlab-license")
$license = Gitlab::License.import(data)
puts "Imported license:"
puts $license
unless $license
raise "The license is invalid."
end
if $license.restricted?(:active_user_count)
active_user_count = 10000
if active_user_count > $license.restrictions[:active_user_count]
raise "The active user count exceeds the allowed amount!"
end
end
if $license.notify_admins?
puts "The license is due to expire on #{$license.expires_at}."
end
if $license.notify_users?
puts "The license is due to expire on #{$license.expires_at}."
end
module Gitlab
class GitAccess
def check(cmd, changes = nil)
if $license.block_changes?
return build_status_object(false, "License expired")
end
end
end
end
puts "This instance of GitLab Enterprise Edition is licensed to:"
$license.licensee.each do |key, value|
puts "#{key}: #{value}"
end
if $license.expired?
puts "The license expired on #{$license.expires_at}"
elsif $license.will_expire?
puts "The license will expire on #{$license.expires_at}"
else
puts "The license will never expire."
end
然后 Ctrl + C
退出输入
- 2.生成许可证和公钥文件
ruby license.rb
执行命令后会在当前目录下生成 三个文件
GitLabBV.gitlab-license
、 license_key
、 license_key.pub
4.使用许可证
- 1.读取公钥和许可证密钥
读取公钥:
cat license_key.pub
得到一串公钥
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMq1zZocqfF3M2g4ReXJ
UYgQ5QOCeLVGrvUpqfcAU7xCmA6lMOH5XqzuT/5hntMWYtQin26BL1n0nvDV1Mkz
obAVNms9bK9KLRHaihLugjOWUh3aiF2vgXU+5Hq1+pXKiePDNNKf/l0xBGsuYBLG
c/d+AjqmUJueHJYjtRUQsEpIF3jpjEQFkp5pJCOViGkU3MXbUGtFi5GCyS3WEYEY
GMoz+joGiVjIJVA3uPIAZnkNouccHNrNZY6Ryh/KrPqTmBC/brVYbgqsuY7O89Mb
2xBcm84u9rdfm1WnsRQeNGhQTjz5Y8V3XvFiYi6FKl+PCx4Ppw88VCpQynGejB2Q
vwIDAQAB
-----END PUBLIC KEY-----
读取许可证密钥:
cat GitLabBV.gitlab-license
得到一串密钥
eyJkYXRhIjoiR1BESmQ3SzFTTmVXTmRGR3RkMUZRSjY2ajRrdkZPbGIrak14
R1dpRTF0TS9PdTBZSWs5OFRRK2VsenpVXG40bTlmWFB1MXlPdDFCNFc4L2lh
ZExRcTVUMDhCeEE2QndIOUMwTHVqSEJuaHhidTVqY0twSHlpUnBUUlhcblBP
MVZBYzBJR0RRQWlOTFdXRXE2a0RTaGRLU0F5TllacnFlT3BlNWxKUzBLSXRC
Z3NlaW80NklSTUpDVFxudHFnMitpS250d1hTRW5IWnVKVmlPak8xRDh1ODd6
cFVZSU91VDlWNWdFOVRZbnpzM1lpOWxQSlpwU0xyXG5OMVVhRTdaK05NTklI
RkNxZEFDWDNGN1ltZ2hjWUdNYU1zMk1iVFdSWkx2STk3QVk4SVNwdGdxalRD
Y25cblpnV0I1SllDUHdRSzdRVkVFQ2xRL0IzSnNibzY2Z3hoSjJndkxMakZ1
SWlJWlBDeXg5Qy9hQmg5UmZJa1xuTERZanJQQ21XTDBkYjhFVFFQK0tPMVpp
SFhQZzFqaXI2VmJQelhwblIyYnBpczE5MmkrTG5wQ3F0ZXVMXG56UmlIMGpQ
OWZqcG5WUjl5SVNpTEI5VEwzSGNETUZMemxmWDQ5cktuLzZzejVYZ0ZWejd4
U3JqQk9KMVdcbnNHanl0bGNMNjVjbTVUZCtrZlRoL1ZESER0ajgvaU9mVkZJ
Z000eE1NSUtXczdKb2tkK3V2V2t0WDlUNVxuM0JpWExxNGk2azFRR2JVa0Jj
UFFCaGRjRWpPbUo5Sk9UTGJVZ1BMT0ZlcGNna0Z5dC85alpQaFNRR0JCXG43
cDFIdmpyZnQzTzNyenNsU2tqTGdkMjhpYlFNTytUU3ozOGh0cExUd1JTbzVH
VVpvWURoWU9tSlNzSlBcbm13PT1cbiIsImtleSI6IklST1p2YTNoRUx1QW8x
UkdrVGNoWm1WTmoyR3NUS0xGRkV5ZWp6dS93UnczS1VLRDZ1WjBlS1IzY0NB
V1xub2VINHVtOGtGcEJQaGZtc2tqcVg0QWxOTVRNT3pWbE5FeEZrZzFBbFcv
Zm5MVytlTHBKakk2NTZDUjNoXG5JWDRKcTBQVUlFeW5ydkQ0RmswQnZmaVBS
bVI0Ky9nVS9wY1NwKzR5UllVdDluM0c5aUFzbnFpd3NreGdcbk12ek5zbG02
eEFDbXU5RmIwaWs3OTJCdWlXeFloU2cxdUpyelBXNDd2M2t5M1lGVzU3UXRQ
eldyZUp5TFxuSnNRRXc1U3I5YzlFRHh5ZDNXUVdvUnErYWdRckhmNmJla2xt
REovQ2trdGQyVU9MNC94VmgwSjF0SHloXG45SlVSRlZQRWFUL3VQWHc1N3ZG
eW1hQ2NoeTEvY1grRnJMc29qV2VwcEE9PVxuIiwiaXYiOiJmdTY4WU1neFha
LzJJWnRDMU1RTDNBPT1cbiJ9
- 2.替换
gitlab-ee
公钥内容
docker exec -it gitlabee /bin/sh
vi /opt/gitlab/embedded/service/gitlab-rails/.license_encryption_key.pub
vi打开文本后非编辑状态下,先清空旧文本,再输入上一步公钥内容
清空文本命令
:%d
- 3.重启gitlab-ee
docker exec gitlabee gitlab-ctl restart
- 4.上传许可证,激活订阅
先打开浏览器,登录root账户。
http://192.168.0.100:40002
然后转到许可证上传界面
http://192.168.0.100:40002/admin/application_settings/general
填入许可证,激活订阅
激活成功后
四、其他问题
从url导入项目提示错误:Url is blocked: Requests to the local network are not allowed
摘自:
https://www.lizhiqiang.name/archives/2190.html
https://www.cnblogs.com/guoapeng/p/16816476.html
怎么收藏这篇文章?
大大,为什么我输入许可证报500呢??
我装过好几次了,按照这个版本和流程来装,直接就成功激活订阅
大大,这个问题我解决了,在替换 gitlab-ee 公钥内容时,非root用户启动的gitlab-ee,需要授权该文件。我直接chomd 777 给它,就可以了
恭喜了
访问史诗会有问题吗?我这个创建史诗之后,不能再打开了
史诗?啥玩意
确定是15.7.0版本的?