1. 安装依赖包
yum install git mysql-server如果安装 mysql-server 的时候提示跟 MariaDB 冲突,则先卸载 MariaDB:
yum remove mariadb-devel yum remove mariadb-clien yum remove mariadb-commo2. 添加 git 用户
Gogs 默认以 git 用户运行(你应该也不会想一个能修改 ssh 配置的程序以 root 用户运行吧?)。创建 git 用户,并建立 .ssh 文件。为了安全,可以给 git 用户设置一个密码。
[10:48:19 ~][ROOT]# adduser -m git [10:48:57 ~][ROOT]# cd /home/git/ [10:49:00 git][ROOT]# mkdir .ssh修改密码有限期为无限,否则如果 git 密码过期后就无法使用 gogs 服务了:
sudo chage -M 999999 -m 0 -E -1 git3. 安装 Gogs
从官方网址 gogs 下载二进制安装包,放到放到 /home/git 目录下,更改包的用户为 git,权限为 755,然后解压。
【注意】
x86 Linux 要下载 amd64 类型的包。否则运行 gogs 时会提示:./gogs: error while loading shared libraries: libpam.so.0: cannot open shared object file: No such file or directory
[10:52:23 git][ROOT]# sudo chown git:git gogs_0.13.0_linux_amd64.tar.gz [10:52:48 git][ROOT]# chmod 755 gogs_0.13.0_linux_amd64.tar.gz [10:52:52 git][ROOT]# tar xf gogs_0.13.0_linux_amd64.tar.gz [10:54:04 git][ROOT]# ls gogs gogs LICENSE README.md README_ZH.md scripts4. 初始化 MySQL 服务
1、运行 MySQL 服务:
systemctl start mysqld.service2、初始化 MySQL 的 root 密码:
[11:12:41 share][ROOT]# mysql_secure_installation Securing the MySQL server deployment. Connecting to MySQL using a blank password. VALIDATE PASSWORD COMPONENT can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD component? Press y|Y for Yes, any other key for No: y There are three levels of password validation policy: LOW Length >= 8 MEDIUM Length >= 8, numeric, mixed case, and special characters STRONG Length >= 8, numeric, mixed case, special characters and dictionary file Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2 Please set the password for root here. New password: Re-enter new password: Estimated strength of the password: 100 Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : y Success. Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y Success. By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y - Dropping test database... Success. - Removing privileges on test database... Success. Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y Success. All done!5. 创建 MySQL 数据库
1、初始化数据库。
首先建立好数据库。Gogs 目录的 scripts/mysql.sql 文件是数据库初始化文件,执行 mysql -u root -p < scripts/mysql.sql(需要输入密码)即可初始化好数据库。
2、然后登录 MySQL 创建一个新用户 gogs,并将数据库 gogs 的所有权限都赋予该用户。
[11:18:11 gogs][ROOT]# mysql -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 12 Server version: 8.0.26 Source distribution Copyright (c) 2000, 2021, Oracle and/or its affiliates. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> create user 'gogs'@'localhost' identified by 'zhangsan123456789@'; Query OK, 0 rows affected (0.01 sec) mysql> grant all privileges on gogs.* to 'gogs'@'localhost'; Query OK, 0 rows affected (0.00 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> exit; Bye其中 zhangsan123456789@ 是设置的密码,根据实际情况设置。
6. 配置防火墙
gogs 使用 3000 端口提供服务,如果服务器配置了 iptables 防火墙,则需要打开 3000 端口。
1、vim /etc/sysconfig/iptables
2、在最后一条 INPUT 规则之后添加两条规则:
-A INPUT -p tcp --sport 3000 -j ACCEPT -A INPUT -p tcp --dport 3000 -j ACCEPT3、重启 iptables 服务:
systemctl restart iptables7. 首次登录网址进行配置
1、启动 git web
[git@A25383909 ~]$ pwd /home/git [git@A25383909 ~]$ cd gogs [git@A25383909 gogs]$ ./gogs web 2024/03/21 12:31:26 [ WARN] Custom config "/home/git/gogs/custom/conf/app.ini" not found. Ignore this warning if you're running for the first time 2024/03/21 12:31:26 [TRACE] Log mode: Console (Trace) 2024/03/21 12:31:26 [ INFO] Gogs 0.13.0 2024/03/21 12:31:26 [TRACE] Work directory: /home/git/gogs 2024/03/21 12:31:26 [TRACE] Custom path: /home/git/gogs/custom 2024/03/21 12:31:26 [TRACE] Custom config: /home/git/gogs/custom/conf/app.ini 2024/03/21 12:31:26 [TRACE] Log path: /home/git/gogs/log 2024/03/21 12:31:26 [TRACE] Build time: 2023-02-25 02:30:34 UTC 2024/03/21 12:31:26 [TRACE] Build commit: 8c21874c00b6100d46b662f65baeb40647442f42 2024/03/21 12:31:26 [ INFO] Run mode: Development 2024/03/21 12:31:26 [ INFO] Available on http://localhost:3000/ 2024/03/21 12:31:41 [TRACE] Session ID: 63f8c70c5faa90f8 ...上边的操作都可以在 root 用户下进行,但是启动 ./gogs web 这一步必须在 git 用户下进行。
2、登录 http://10.xxx.xx.113:3000/install 网址进行首次配置。
在配置页面选择数据库为 MySQL,密码为刚才数据库用户 gogs 的密码 zhangsan123456789@,其它保持默认就行。点击安装,安装完毕后网页失效。再次使用需要重新打开网址 http://10.xxx.xx.113:3000。
8. 更改配置文件的域名
首次进行配置后会在 /home/git/gogs/custom/conf/app.ini 中生成一个配置文件,其中域名默认显示的是 localhost,需要更改配置文件,把 localhost 改为真实的 ip 地址:
原始配置:
[server] DOMAIN = localhost HTTP_PORT = 3000 EXTERNAL_URL = http://localhost:3000/ DISABLE_SSH = false SSH_PORT = 22 START_SSH_SERVER = false OFFLINE_MODE = false把其中的 localhost 更改为真实的 ip 地址:
[server] DOMAIN = 10.xxx.xx.113 HTTP_PORT = 3000 EXTERNAL_URL = http://10.xxx.xx.113:3000/ DISABLE_SSH = false SSH_PORT = 22 START_SSH_SERVER = false OFFLINE_MODE = false9. 配置 gogs web 服务开机自启动
1、关闭刚才临时启动的 ./gogs web 进程。
2、systemctl 控制自启:
[root@A25383909 git]# cp gogs/scripts/systemd/gogs.service /usr/lib/systemd/system [root@A25383909 git]# systemctl enable gogs.service Created symlink /etc/systemd/system/multi-user.target.wants/gogs.service → /usr/lib/systemd/system/gogs.service. [root@A25383909 git]# systemctl start gogs.service至此,我们已经用 systemctl 的方式启动了 gogs 服务,并设置了开机自启。
10. 使用 nginx 反向代理
上边的操作没有使用 nginx 做反向代理,也是可以访问 gogs 服务的。但是每次需要在 ip 后边输入:3000 端口号才行。通过 nginx,我们可以不用输入端口号,直接输入 ip 就能访问 gogs 服务,而且使用 nginx 还能实现负载均衡。
1、安装 nginx:
yum install nginx2、在《配置防火墙》章节中,我们添加的是 3000 端口,把它改为 80 端口:
-A INPUT -p tcp --sport 80 -j ACCEPT -A INPUT -p tcp --dport 80 -j ACCEPT不用在里边添加 3000 端口。因为通过 nginx 做代理后,直接访问 ip 默认用的是 80 端口,所以要放行 80 端口。
3、在 nginx 的配置目录 /etc/nginx/conf.d 中添加一个配置文件 gogs.conf,内容如下:
server { listen 80; server_name 10.xxx.xx.113; location / { proxy_pass http://localhost:3000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }4、重启 nginx 服务,并允许开机自启:
systemctl restart nginx.service systemctl enable nginx.service5、现在通过http://10.xxx.xx.113就能访问 gogs 服务了。
6、查看 nginx 日志:
# 查看请求日志 tail -f /var/log/nginx/access.log # 查看错误日志 tail -f /var/log/nginx/error.log7、更改 nginx 工作线程。
nginx 的 worker_processes 默认配置的是 auto,通常等于可用的 CPU 核心数。如果部署在服务器上可能会启动大量的 nginx 线程,但是针对小型团队,我们并没有那么高的访问量,可以更改这个值,降低工作线程数。
vim /etc/nginx/nginx.conf,把其中的 worker_processes auto 改为 worker_processes 16,即只启动 16 个 nginx 线程用于响应用户请求。
11. 常见问题
● 如果发现 gogs 服务无法启动,可通过日志 /home/git/gogs/log 定位。
目前遇到过的一个问题就是 mysql 服务在服务器关机重启后没有启动,导致 gogs 服务也跟着无法启动。通过查看日志发现打开数据库失败,猜测可能是 mysql 没启动,然后正确启动 mysql 后 gogo 就可以起来了:
[git@A25383909 log]$ cat gogs.log 2024/03/28 11:14:44 [ INFO] Gogs 0.13.0 2024/03/28 11:14:44 [FATAL] [...o/gogs/internal/route/install.go:75 GlobalInit()] Failed to initialize ORM engine: open database: dial tcp 127.0.0.1:3306: connect: connection refused [git@A25383909 log]$ cat gorm.log 2024/03/28 11:14:44 gogs.io/gogs/internal/dbutil/dsn.go:115 [error] failed to initialize database, got error dial tcp 127.0.0.1:3306: connect: connection refused● 服务器重启后 gogs 服务总是开机自启失败。
1、首先确保 gogo 开启了开机自启:
systemctl enable gogs.service2、修改 /usr/lib/systemd/system/gogs.service,设置 gogo 服务尝试重启的策略,在 [Service] 的 Restart=always 添加如下内容:
RestartSec=600 StartLimitInterval=0含义:
- RestartSec=600: 重启间隔,比如某次异常后,等待 600(s) 再进行启动,默认值 0.1(s)
- StartLimitInterval: 无限次重启,默认是 10 秒内如果重启超过 5 次则不再重启,设置为 0 表示不限次数重启
● WARNING: Your password has expired. fatal: 无法读取远程仓库。
错误提示:
WARNING: Your password has expired. Password change required but no TTY available. fatal: 无法读取远程仓库。这是因为 gogs 服务对应的 git 账户的密码过期了,修改密码有限期为无限即可:
sudo chage -M 999999 -m 0 -E -1 git和setattr()的用法)
