rocky9 install gitlab
2026-01-14# Step 1:查看操作系统版本
$ cat /etc/redhat-release
CentOS Stream release 9
# Step 2:下载安装包
https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el9/Packages/g/
gitlab-ce-18.7.1-ce.0.el9.x86_64.rpm 1.3 GiB 2026-01-08 06:56
gitlab-ce-17.11.7-ce.0.el9.x86_64.rpm 1.3 GiB 2025-12-13 04:50
$ wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el9/gitlab-ce-17.11.2-ce.0.el9.x86_64.rpm
# Step 3:安装Gitlab
$ dnf install -y gitlab-ce-17.11.2-ce.0.el9.x86_64.rpm
# Step 4:创建ssl证书存放目录
$ mkdir -p /opt/ssl
# Step 5:复制证书到指定目录
$ cp /etc/letsencrypt/live/devopsming.love/fullchain.pem /opt/ssl/
$ cp /etc/letsencrypt/live/devopsming.love/privkey.pem /opt/ssl/
# Step 6:修改Gitlab配置文件
$ egrep -v "^(#|$)" /etc/gitlab/gitlab.rb
external_url 'https://gitlab.devopsming.love'
gitlab_rails['time_zone'] = 'Asia/Shanghai'
gitlab_rails['gitlab_shell_ssh_port'] = 22
nginx['enable'] = true
nginx['client_max_body_size'] = '250m'
nginx['redirect_http_to_https'] = true
nginx['redirect_http_to_https_port'] = 80
nginx['ssl_certificate'] = "/opt/ssl/fullchain.pem"
nginx['ssl_certificate_key'] = "/opt/ssl/privkey.pem"
nginx['ssl_ciphers'] = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
nginx['ssl_prefer_server_ciphers'] = "off"
nginx['ssl_protocols'] = "TLSv1.2 TLSv1.3"
nginx['ssl_session_cache'] = "shared:SSL:10m"
nginx['ssl_session_timeout'] = "1d"
nginx['gzip_enabled'] = true
prometheus['enable'] = false
alertmanager['enable'] = false
node_exporter['enable'] = false
redis_exporter['enable'] = false
postgres_exporter['enable'] = false
gitlab_exporter['enable'] = false
# Step 7:重新加载配置文件
$ gitlab-ctl reconfigure
# Step 8:启动服务
$ gitlab-ctl start
# Step 9:查看初始化密码
$ cat /etc/gitlab/initial_root_password