破解Gitlab EE

moonjerx
2023-01-04 / 8 评论 / 1,161 阅读 / 正在检测是否收录...

一、docker安装gitlab-ee

1.执行安装脚本

docker run -d --name gitlabee \
--restart always \
--privileged \
-e GITLAB_SKIP_UNMIGRATED_DATA_CHECK=true \
-p 40001:40001 \
-p 40002:40002 \
-p 40003:40003 \
-v /home/$USER/dockerfile/gitlabee/data/etc:/etc/gitlab \
-v /home/$USER/dockerfile/gitlabee/data/logs:/var/log/gitlab \
-v /home/$USER/dockerfile/gitlabee/data/data:/var/opt/gitlab \
gitlab/gitlab-ee:15.7.0-ee.0

2.获取root用户登录密码

docker exec gitlabee grep 'Password:' /etc/gitlab/initial_root_password

得到root用户密码:

Password: dwFJvE5IctiBAYiG8jzA0COgEqdu/KDxg8HmSl73rX8=

二、修改配置

修改 /etc/gitlab.rb 配置文件即可,以下为快速修改脚本命令。记得将IP地址192.168.0.100修改为自己服务器的实际IP
本攻略以 192.168.0.100 为例

  • 1.修改http访问地址
sudo sed -i "s|# external_url 'GENERATED_EXTERNAL_URL'|external_url 'http://192.168.0.100:40002'|g" /home/$USER/dockerfile/gitlabee/data/etc/gitlab.rb
  • 2.修改ssh请求地址
sudo sed -i "s|# gitlab_rails\['gitlab_ssh_host'\] = 'ssh.host_example.com'|gitlab_rails\['gitlab_ssh_host'\] = '192.168.0.100:40001'|g" /home/$USER/dockerfile/gitlabee/data/etc/gitlab.rb
  • 3.重载配置
docker exec gitlabee gitlab-ctl reconfigure

三、破解gitlab-ee

1.使用docker运行ruby

docker run -it --rm ruby /bin/bash

或者本地安装ruby,需要2.3或以上

sudo apt-get install ruby

2.使用ruby生成许可证

gem install gitlab-license

注: docker容器内执行该命令后不会自动结束并换行,按 Ctrl+C 结束

3.创建证书文件

  • 1.创建license.rb文件,并输入脚本内容
cat > license.rb

注: 修改脚本中的开始和结束时间

require "openssl"
require "gitlab/license"
key_pair = OpenSSL::PKey::RSA.generate(2048)
File.open("license_key", "w") { |f| f.write(key_pair.to_pem) }
public_key = key_pair.public_key
File.open("license_key.pub", "w") { |f| f.write(public_key.to_pem) }
private_key = OpenSSL::PKey::RSA.new File.read("license_key")
Gitlab::License.encryption_key = private_key
license = Gitlab::License.new
license.licensee = {
  "Name" => "Your Company",
  "Company" => "Your Company",
  "Email" => "example@test.com",
}
license.starts_at = Date.new(2023, 1, 1) # 开始时间
license.expires_at = Date.new(2053, 1, 1) # 结束时间
license.notify_admins_at = Date.new(2052, 12, 1)
license.notify_users_at = Date.new(2052, 12, 1)
license.block_changes_at = Date.new(2053, 1, 1)
license.restrictions = {
  active_user_count: 10000,
}
puts "License:"
puts license
data = license.export
puts "Exported license:"
puts data
File.open("GitLabBV.gitlab-license", "w") { |f| f.write(data) }
public_key = OpenSSL::PKey::RSA.new File.read("license_key.pub")
Gitlab::License.encryption_key = public_key
data = File.read("GitLabBV.gitlab-license")
$license = Gitlab::License.import(data)
puts "Imported license:"
puts $license
unless $license
  raise "The license is invalid."
end
if $license.restricted?(:active_user_count)
  active_user_count = 10000
  if active_user_count > $license.restrictions[:active_user_count]
    raise "The active user count exceeds the allowed amount!"
  end
end
if $license.notify_admins?
  puts "The license is due to expire on #{$license.expires_at}."
end
if $license.notify_users?
  puts "The license is due to expire on #{$license.expires_at}."
end
module Gitlab
  class GitAccess
    def check(cmd, changes = nil)
      if $license.block_changes?
        return build_status_object(false, "License expired")
      end
    end
  end
end
puts "This instance of GitLab Enterprise Edition is licensed to:"
$license.licensee.each do |key, value|
  puts "#{key}: #{value}"
end
if $license.expired?
  puts "The license expired on #{$license.expires_at}"
elsif $license.will_expire?
  puts "The license will expire on #{$license.expires_at}"
else
  puts "The license will never expire."
end

然后 Ctrl + C 退出输入

  • 2.生成许可证和公钥文件
ruby license.rb

执行命令后会在当前目录下生成 三个文件
GitLabBV.gitlab-licenselicense_keylicense_key.pub

4.使用许可证

  • 1.读取公钥和许可证密钥

读取公钥:

cat license_key.pub

得到一串公钥

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMq1zZocqfF3M2g4ReXJ
UYgQ5QOCeLVGrvUpqfcAU7xCmA6lMOH5XqzuT/5hntMWYtQin26BL1n0nvDV1Mkz
obAVNms9bK9KLRHaihLugjOWUh3aiF2vgXU+5Hq1+pXKiePDNNKf/l0xBGsuYBLG
c/d+AjqmUJueHJYjtRUQsEpIF3jpjEQFkp5pJCOViGkU3MXbUGtFi5GCyS3WEYEY
GMoz+joGiVjIJVA3uPIAZnkNouccHNrNZY6Ryh/KrPqTmBC/brVYbgqsuY7O89Mb
2xBcm84u9rdfm1WnsRQeNGhQTjz5Y8V3XvFiYi6FKl+PCx4Ppw88VCpQynGejB2Q
vwIDAQAB
-----END PUBLIC KEY-----

读取许可证密钥:

cat GitLabBV.gitlab-license

得到一串密钥

eyJkYXRhIjoiR1BESmQ3SzFTTmVXTmRGR3RkMUZRSjY2ajRrdkZPbGIrak14
R1dpRTF0TS9PdTBZSWs5OFRRK2VsenpVXG40bTlmWFB1MXlPdDFCNFc4L2lh
ZExRcTVUMDhCeEE2QndIOUMwTHVqSEJuaHhidTVqY0twSHlpUnBUUlhcblBP
MVZBYzBJR0RRQWlOTFdXRXE2a0RTaGRLU0F5TllacnFlT3BlNWxKUzBLSXRC
Z3NlaW80NklSTUpDVFxudHFnMitpS250d1hTRW5IWnVKVmlPak8xRDh1ODd6
cFVZSU91VDlWNWdFOVRZbnpzM1lpOWxQSlpwU0xyXG5OMVVhRTdaK05NTklI
RkNxZEFDWDNGN1ltZ2hjWUdNYU1zMk1iVFdSWkx2STk3QVk4SVNwdGdxalRD
Y25cblpnV0I1SllDUHdRSzdRVkVFQ2xRL0IzSnNibzY2Z3hoSjJndkxMakZ1
SWlJWlBDeXg5Qy9hQmg5UmZJa1xuTERZanJQQ21XTDBkYjhFVFFQK0tPMVpp
SFhQZzFqaXI2VmJQelhwblIyYnBpczE5MmkrTG5wQ3F0ZXVMXG56UmlIMGpQ
OWZqcG5WUjl5SVNpTEI5VEwzSGNETUZMemxmWDQ5cktuLzZzejVYZ0ZWejd4
U3JqQk9KMVdcbnNHanl0bGNMNjVjbTVUZCtrZlRoL1ZESER0ajgvaU9mVkZJ
Z000eE1NSUtXczdKb2tkK3V2V2t0WDlUNVxuM0JpWExxNGk2azFRR2JVa0Jj
UFFCaGRjRWpPbUo5Sk9UTGJVZ1BMT0ZlcGNna0Z5dC85alpQaFNRR0JCXG43
cDFIdmpyZnQzTzNyenNsU2tqTGdkMjhpYlFNTytUU3ozOGh0cExUd1JTbzVH
VVpvWURoWU9tSlNzSlBcbm13PT1cbiIsImtleSI6IklST1p2YTNoRUx1QW8x
UkdrVGNoWm1WTmoyR3NUS0xGRkV5ZWp6dS93UnczS1VLRDZ1WjBlS1IzY0NB
V1xub2VINHVtOGtGcEJQaGZtc2tqcVg0QWxOTVRNT3pWbE5FeEZrZzFBbFcv
Zm5MVytlTHBKakk2NTZDUjNoXG5JWDRKcTBQVUlFeW5ydkQ0RmswQnZmaVBS
bVI0Ky9nVS9wY1NwKzR5UllVdDluM0c5aUFzbnFpd3NreGdcbk12ek5zbG02
eEFDbXU5RmIwaWs3OTJCdWlXeFloU2cxdUpyelBXNDd2M2t5M1lGVzU3UXRQ
eldyZUp5TFxuSnNRRXc1U3I5YzlFRHh5ZDNXUVdvUnErYWdRckhmNmJla2xt
REovQ2trdGQyVU9MNC94VmgwSjF0SHloXG45SlVSRlZQRWFUL3VQWHc1N3ZG
eW1hQ2NoeTEvY1grRnJMc29qV2VwcEE9PVxuIiwiaXYiOiJmdTY4WU1neFha
LzJJWnRDMU1RTDNBPT1cbiJ9
  • 2.替换 gitlab-ee 公钥内容
docker exec -it gitlabee /bin/sh
vi /opt/gitlab/embedded/service/gitlab-rails/.license_encryption_key.pub

vi打开文本后非编辑状态下,先清空旧文本,再输入上一步公钥内容
清空文本命令

:%d
  • 3.重启gitlab-ee
docker exec gitlabee gitlab-ctl restart
  • 4.上传许可证,激活订阅

先打开浏览器,登录root账户。

http://192.168.0.100:40002

然后转到许可证上传界面

http://192.168.0.100:40002/admin/application_settings/general

填入许可证,激活订阅
lchoxvj1.png
激活成功后
lchouvek.png

四、其他问题

从url导入项目提示错误:Url is blocked: Requests to the local network are not allowed

lcjcmtp0.png

摘自:
https://www.lizhiqiang.name/archives/2190.html
https://www.cnblogs.com/guoapeng/p/16816476.html

0

评论 (8)

取消
  1. 头像
    kmuvoqqqdk
    Windows 10 · Google Chrome

    怎么收藏这篇文章?

    回复
  2. 头像
    小小
    Windows 10 · Google Chrome

    大大,为什么我输入许可证报500呢??

    回复
    1. 头像
      moonjerx 作者
      Windows 10 · Google Chrome
      @ 小小

      我装过好几次了,按照这个版本和流程来装,直接就成功激活订阅

      回复
      1. 头像
        小小
        Windows 10 · Google Chrome
        @ moonjerx

        大大,这个问题我解决了,在替换 gitlab-ee 公钥内容时,非root用户启动的gitlab-ee,需要授权该文件。我直接chomd 777 给它,就可以了

        回复
        1. 头像
          moonjerx 作者
          Windows 10 · Google Chrome
          @ 小小

          恭喜了

          回复
      2. 头像
        渣渣
        Windows 10 · Google Chrome
        @ moonjerx

        访问史诗会有问题吗?我这个创建史诗之后,不能再打开了

        回复
        1. 头像
          moonjerx 作者
          Windows 10 · Google Chrome
          @ 渣渣

          史诗?啥玩意

          回复
      3. 头像
        杨杨
        Windows 10 · Google Chrome
        @ moonjerx

        确定是15.7.0版本的?

        回复

您的IP: