gitlab

#!/usr/bin/env bash

mkdir -p /data/gitlab
cd /data/gitlab
mkdir -p {etc,log,opt}

docker rm -f gitlab || true


docker run -d \
-p 8080:80 \
-p 8022:22 \
-v /data/gitlab/etc:/etc/gitlab \
-v /data/gitlab/log:/var/log/gitlab \
-v /data/gitlab/opt:/var/opt/gitlab \
--restart always \
--privileged \
--name gitlab \
gitlab/gitlab-ce:14.1.1-ce.0

gitlab-ctl status

gitlab-ctl status
run: alertmanager: (pid 307) 40957s; run: log: (pid 306) 40957s
run: gitaly: (pid 298) 40957s; run: log: (pid 296) 40957s
run: gitlab-exporter: (pid 303) 40957s; run: log: (pid 301) 40957s
run: gitlab-workhorse: (pid 290) 40957s; run: log: (pid 289) 40957s
run: grafana: (pid 309) 40957s; run: log: (pid 308) 40957s
run: logrotate: (pid 69062) 1356s; run: log: (pid 293) 40957s
run: nginx: (pid 316) 40957s; run: log: (pid 295) 40957s
run: postgres-exporter: (pid 313) 40957s; run: log: (pid 312) 40957s
run: postgresql: (pid 302) 40957s; run: log: (pid 300) 40957s
run: prometheus: (pid 315) 40957s; run: log: (pid 314) 40957s
run: puma: (pid 299) 40957s; run: log: (pid 297) 40957s
run: redis: (pid 305) 40957s; run: log: (pid 304) 40957s
run: redis-exporter: (pid 292) 40957s; run: log: (pid 291) 40957s
run: sidekiq: (pid 311) 40957s; run: log: (pid 310) 40957s
run: sshd: (pid 30) 40972s; run: log: (pid 29) 40972s

pstree

root@8488f0757fb3:/# pstree -lspan
wrapper,1 /assets/wrapper
  ├─runsvdir,22 -P /opt/gitlab/service log: ...........................................................................................................................................................................................................................................................................................................................................................................................................
  │   ├─runsv,28 sshd
  │   │   ├─svlogd,29 -tt /var/log/gitlab/sshd
  │   │   └─sshd,30
  │   ├─runsv,275 gitlab-workhorse
  │   │   ├─svlogd,289 /var/log/gitlab/gitlab-workhorse
  │   │   └─gitlab-workhors,290 -listenNetwork unix -listenUmask 0 -listenAddr /var/opt/gitlab/gitlab-workhorse/sockets/socket -authBackend http://localhost:8080 -authSocket /var/opt/gitlab/gitlab-rails/sockets/gitlab.socket -documentRoot /opt/gitlab/embedded/service/gitlab-rails/public -pprofListenAddr  -prometheusListenAddr localhost:9229 -secretPath /opt/gitlab/embedded/service/gitlab-rails/.gitlab_workhorse_secret -logFormat json -config config.toml
  │   │       ├─{gitlab-workhors},318
  │   │       ├─{gitlab-workhors},319
  │   │       ├─{gitlab-workhors},320
  │   │       ├─{gitlab-workhors},327
  │   │       ├─{gitlab-workhors},348
  │   │       ├─{gitlab-workhors},389
  │   │       ├─{gitlab-workhors},728
  │   │       └─{gitlab-workhors},1348
  │   ├─runsv,276 redis-exporter
  │   │   ├─svlogd,291 -tt /var/log/gitlab/redis-exporter
  │   │   └─redis_exporter,292 --web.listen-address=localhost:9121 --redis.addr=unix:///var/opt/gitlab/redis/redis.socket
  │   │       ├─{redis_exporter},331
  │   │       ├─{redis_exporter},334
  │   │       ├─{redis_exporter},335
  │   │       ├─{redis_exporter},342
  │   │       └─{redis_exporter},553
  │   ├─runsv,277 prometheus
  │   │   ├─svlogd,314 -tt /var/log/gitlab/prometheus
  │   │   └─prometheus,315 --web.listen-address=localhost:9090 --storage.tsdb.path=/var/opt/gitlab/prometheus/data --config.file=/var/opt/gitlab/prometheus/prometheus.yml
  │   │       ├─{prometheus},373
  │   │       ├─{prometheus},374
  │   │       ├─{prometheus},375
  │   │       ├─{prometheus},376
  │   │       ├─{prometheus},377
  │   │       ├─{prometheus},390
  │   │       └─{prometheus},391
  │   ├─runsv,278 grafana
  │   │   ├─svlogd,308 -tt /var/log/gitlab/grafana
  │   │   └─grafana-server,309 -config /var/opt/gitlab/grafana/grafana.ini
  │   │       ├─{grafana-server},370
  │   │       ├─{grafana-server},371
  │   │       ├─{grafana-server},372
  │   │       ├─{grafana-server},378
  │   │       ├─{grafana-server},381
  │   │       ├─{grafana-server},388
  │   │       ├─{grafana-server},394
  │   │       └─{grafana-server},25597
  │   ├─runsv,279 gitlab-exporter
  │   │   ├─svlogd,301 -tt /var/log/gitlab/gitlab-exporter
  │   │   └─gitlab-exporter,303 /opt/gitlab/embedded/bin/gitlab-exporter web -c /var/opt/gitlab/gitlab-exporter/gitlab-exporter.yml
  │   │       ├─{gitlab-exporter},484
  │   │       ├─{gitlab-exporter},485
  │   │       ├─{gitlab-exporter},487
  │   │       └─{gitlab-exporter},490
  │   ├─runsv,280 puma
  │   │   ├─svlogd,297 -tt /var/log/gitlab/puma
  │   │   └─bundle,299   
  │   │       ├─{bundle},493
  │   │       ├─{bundle},616
  │   │       ├─{bundle},617
  │   │       ├─{bundle},618
  │   │       ├─bundle,619                                                                   
  │   │       │   ├─{bundle},620
  │   │       │   ├─{bundle},627
  │   │       │   ├─{bundle},628
  │   │       │   ├─{bundle},629
  │   │       │   ├─{bundle},630
  │   │       │   ├─{bundle},631
  │   │       │   ├─{bundle},632
  │   │       │   ├─{bundle},633
  │   │       │   ├─{bundle},634
  │   │       │   ├─{bundle},635
  │   │       │   ├─{bundle},636
  │   │       │   ├─{bundle},637
  │   │       │   ├─{bundle},638
  │   │       │   ├─{bundle},1284
  │   │       │   ├─{bundle},1285
  │   │       │   ├─{bundle},1286
  │   │       │   ├─{bundle},1287
  │   │       │   ├─{bundle},1288
  │   │       │   ├─{bundle},1292
  │   │       │   └─{bundle},71576
  │   │       └─bundle,621                                                                   
  │   │           ├─{bundle},622
  │   │           ├─{bundle},641
  │   │           ├─{bundle},642
  │   │           ├─{bundle},643
  │   │           ├─{bundle},644
  │   │           ├─{bundle},645
  │   │           ├─{bundle},646
  │   │           ├─{bundle},647
  │   │           ├─{bundle},648
  │   │           ├─{bundle},649
  │   │           ├─{bundle},650
  │   │           ├─{bundle},651
  │   │           ├─{bundle},652
  │   │           └─{bundle},71199
  │   ├─runsv,281 logrotate
  │   │   ├─svlogd,293 -tt /var/log/gitlab/logrotate
  │   │   └─gitlab-logrotat,69062 /opt/gitlab/embedded/bin/gitlab-logrotate-wrapper
  │   │       └─sleep,70095 3000
  │   ├─runsv,282 redis
  │   │   ├─svlogd,304 -tt /var/log/gitlab/redis
  │   │   └─redis-server,305                     
  │   │       ├─{redis-server},336
  │   │       ├─{redis-server},337
  │   │       ├─{redis-server},338
  │   │       └─{redis-server},339
  │   ├─runsv,283 nginx
  │   │   ├─svlogd,295 -tt /var/log/gitlab/nginx
  │   │   └─nginx,316
  │   │       ├─nginx,356                                   
  │   │       ├─nginx,357                                   
  │   │       └─nginx,358                            
  │   ├─runsv,284 alertmanager
  │   │   ├─svlogd,306 -tt /var/log/gitlab/alertmanager
  │   │   └─alertmanager,307 --web.listen-address=localhost:9093 --storage.path=/var/opt/gitlab/alertmanager/data --config.file=/var/opt/gitlab/alertmanager/alertmanager.yml
  │   │       ├─{alertmanager},346
  │   │       ├─{alertmanager},349
  │   │       ├─{alertmanager},350
  │   │       ├─{alertmanager},351
  │   │       ├─{alertmanager},355
  │   │       ├─{alertmanager},392
  │   │       └─{alertmanager},3643
  │   ├─runsv,285 gitaly
  │   │   ├─svlogd,296 /var/log/gitlab/gitaly
  │   │   └─gitaly-wrapper,298 /opt/gitlab/embedded/bin/gitaly /var/opt/gitlab/gitaly/config.toml
  │   │       ├─{gitaly-wrapper},330
  │   │       ├─{gitaly-wrapper},332
  │   │       ├─{gitaly-wrapper},333
  │   │       ├─{gitaly-wrapper},347
  │   │       ├─gitaly,353 /var/opt/gitlab/gitaly/config.toml
  │   │       │   ├─{gitaly},366
  │   │       │   ├─{gitaly},367
  │   │       │   ├─{gitaly},368
  │   │       │   ├─{gitaly},369
  │   │       │   ├─{gitaly},379
  │   │       │   ├─{gitaly},395
  │   │       │   ├─{gitaly},396
  │   │       │   ├─ruby,400 /opt/gitlab/embedded/service/gitaly-ruby/bin/gitaly-ruby 353 /var/opt/gitlab/gitaly/internal_sockets/ruby.1
  │   │       │   │   ├─{ruby},406
  │   │       │   │   ├─{ruby},407
  │   │       │   │   ├─{ruby},411
  │   │       │   │   ├─{ruby},412
  │   │       │   │   ├─{ruby},413
  │   │       │   │   ├─{ruby},414
  │   │       │   │   ├─{ruby},415
  │   │       │   │   ├─{ruby},416
  │   │       │   │   ├─{ruby},420
  │   │       │   │   ├─{ruby},421
  │   │       │   │   ├─{ruby},422
  │   │       │   │   ├─{ruby},423
  │   │       │   │   ├─{ruby},424
  │   │       │   │   ├─{ruby},425
  │   │       │   │   ├─{ruby},426
  │   │       │   │   ├─{ruby},427
  │   │       │   │   ├─{ruby},428
  │   │       │   │   ├─{ruby},429
  │   │       │   │   ├─{ruby},430
  │   │       │   │   ├─{ruby},431
  │   │       │   │   ├─{ruby},432
  │   │       │   │   ├─{ruby},433
  │   │       │   │   ├─{ruby},434
  │   │       │   │   ├─{ruby},435
  │   │       │   │   ├─{ruby},436
  │   │       │   │   ├─{ruby},437
  │   │       │   │   ├─{ruby},438
  │   │       │   │   ├─{ruby},439
  │   │       │   │   ├─{ruby},440
  │   │       │   │   ├─{ruby},441
  │   │       │   │   ├─{ruby},442
  │   │       │   │   ├─{ruby},443
  │   │       │   │   ├─{ruby},444
  │   │       │   │   ├─{ruby},445
  │   │       │   │   ├─{ruby},446
  │   │       │   │   ├─{ruby},447
  │   │       │   │   ├─{ruby},448
  │   │       │   │   └─{ruby},449
  │   │       │   ├─ruby,401 /opt/gitlab/embedded/service/gitaly-ruby/bin/gitaly-ruby 353 /var/opt/gitlab/gitaly/internal_sockets/ruby.0
  │   │       │   │   ├─{ruby},404
  │   │       │   │   ├─{ruby},405
  │   │       │   │   ├─{ruby},408
  │   │       │   │   ├─{ruby},409
  │   │       │   │   ├─{ruby},410
  │   │       │   │   ├─{ruby},417
  │   │       │   │   ├─{ruby},418
  │   │       │   │   ├─{ruby},419
  │   │       │   │   ├─{ruby},450
  │   │       │   │   ├─{ruby},451
  │   │       │   │   ├─{ruby},452
  │   │       │   │   ├─{ruby},453
  │   │       │   │   ├─{ruby},454
  │   │       │   │   ├─{ruby},455
  │   │       │   │   ├─{ruby},456
  │   │       │   │   ├─{ruby},457
  │   │       │   │   ├─{ruby},458
  │   │       │   │   ├─{ruby},459
  │   │       │   │   ├─{ruby},460
  │   │       │   │   ├─{ruby},461
  │   │       │   │   ├─{ruby},462
  │   │       │   │   ├─{ruby},463
  │   │       │   │   ├─{ruby},464
  │   │       │   │   ├─{ruby},465
  │   │       │   │   ├─{ruby},466
  │   │       │   │   ├─{ruby},467
  │   │       │   │   ├─{ruby},468
  │   │       │   │   ├─{ruby},469
  │   │       │   │   ├─{ruby},470
  │   │       │   │   ├─{ruby},471
  │   │       │   │   ├─{ruby},472
  │   │       │   │   ├─{ruby},473
  │   │       │   │   ├─{ruby},474
  │   │       │   │   ├─{ruby},475
  │   │       │   │   ├─{ruby},476
  │   │       │   │   ├─{ruby},477
  │   │       │   │   ├─{ruby},478
  │   │       │   │   └─{ruby},479
  │   │       │   ├─{gitaly},402
  │   │       │   ├─{gitaly},887
  │   │       │   └─{gitaly},43187
  │   │       ├─{gitaly-wrapper},360
  │   │       ├─{gitaly-wrapper},361
  │   │       ├─{gitaly-wrapper},362
  │   │       ├─{gitaly-wrapper},363
  │   │       ├─{gitaly-wrapper},364
  │   │       └─{gitaly-wrapper},365
  │   ├─runsv,286 postgresql
  │   │   ├─svlogd,300 -tt /var/log/gitlab/postgresql
  │   │   └─postgres,302 -D /var/opt/gitlab/postgresql/data
  │   │       ├─postgres,382                                           
  │   │       ├─postgres,383                                      
  │   │       ├─postgres,384                                              
  │   │       ├─postgres,385                                    
  │   │       ├─postgres,386                                        
  │   │       ├─postgres,387                           
  │   │       ├─postgres,480              
  │   │       ├─postgres,492                   
  │   │       ├─postgres,68074                   
  │   │       ├─postgres,68081                   
  │   │       ├─postgres,69544                   
  │   │       ├─postgres,69656                   
  │   │       ├─postgres,70969                   
  │   │       └─postgres,71001                   
  │   ├─runsv,287 postgres-exporter
  │   │   ├─svlogd,312 -tt /var/log/gitlab/postgres-exporter
  │   │   └─postgres_export,313 --web.listen-address=localhost:9187 --extend.query-path=/var/opt/gitlab/postgres-exporter/queries.yaml
  │   │       ├─{postgres_export},343
  │   │       ├─{postgres_export},344
  │   │       ├─{postgres_export},345
  │   │       ├─{postgres_export},352
  │   │       └─{postgres_export},354
  │   └─runsv,288 sidekiq
  │       ├─svlogd,310 /var/log/gitlab/sidekiq
  │       └─ruby,311 /opt/gitlab/embedded/service/gitlab-rails/bin/sidekiq-cluster -e production -r /opt/gitlab/embedded/service/gitlab-rails -m 50 --timeout 25 *
  │           ├─bundle,398
  │           │   ├─{bundle},494
  │           │   ├─{bundle},500
  │           │   ├─{bundle},501
  │           │   ├─{bundle},502
  │           │   ├─{bundle},510
  │           │   ├─{bundle},511
  │           │   ├─{bundle},554
  │           │   ├─{bundle},555
  │           │   ├─{bundle},556
  │           │   ├─{bundle},557
  │           │   ├─{bundle},558
  │           │   ├─{bundle},559
  │           │   ├─{bundle},560
  │           │   ├─{bundle},561
  │           │   ├─{bundle},562
  │           │   ├─{bundle},563
  │           │   ├─{bundle},564
  │           │   ├─{bundle},565
  │           │   ├─{bundle},566
  │           │   ├─{bundle},567
  │           │   ├─{bundle},568
  │           │   ├─{bundle},569
  │           │   ├─{bundle},570
  │           │   ├─{bundle},571
  │           │   ├─{bundle},572
  │           │   ├─{bundle},573
  │           │   ├─{bundle},574
  │           │   ├─{bundle},575
  │           │   ├─{bundle},576
  │           │   ├─{bundle},577
  │           │   ├─{bundle},578
  │           │   ├─{bundle},579
  │           │   ├─{bundle},580
  │           │   ├─{bundle},581
  │           │   ├─{bundle},582
  │           │   ├─{bundle},583
  │           │   ├─{bundle},584
  │           │   ├─{bundle},585
  │           │   ├─{bundle},586
  │           │   ├─{bundle},587
  │           │   ├─{bundle},588
  │           │   ├─{bundle},589
  │           │   ├─{bundle},590
  │           │   ├─{bundle},591
  │           │   ├─{bundle},592
  │           │   ├─{bundle},593
  │           │   ├─{bundle},594
  │           │   ├─{bundle},595
  │           │   ├─{bundle},596
  │           │   ├─{bundle},597
  │           │   ├─{bundle},598
  │           │   ├─{bundle},599
  │           │   ├─{bundle},600
  │           │   ├─{bundle},601
  │           │   ├─{bundle},602
  │           │   ├─{bundle},603
  │           │   ├─{bundle},604
  │           │   ├─{bundle},605
  │           │   ├─{bundle},606
  │           │   ├─{bundle},607
  │           │   ├─{bundle},608
  │           │   ├─{bundle},612
  │           │   ├─{bundle},613
  │           │   ├─{bundle},1594
  │           │   ├─{bundle},1595
  │           │   ├─{bundle},1597
  │           │   ├─{bundle},1598
  │           │   ├─{bundle},1599
  │           │   ├─{bundle},1600
  │           │   ├─{bundle},71602
  │           │   ├─{bundle},71603
  │           │   └─{bundle},71604
  │           └─{ruby},399
  └─gitlab-ctl,532 /opt/gitlab/bin/gitlab-ctl tail
      └─omnibus-ctl,533 /opt/gitlab/embedded/bin/omnibus-ctl gitlab /opt/gitlab/embedded/service/omnibus-ctl* tail
          └─sh,536 -c find -L /var/log/gitlab -type f -not -path '*/sasl/*' | grep -E -v '(config|lock|@|gzip|tgz|gz)' | xargs tail --follow=name --retry
              └─xargs,539 tail --follow=name --retry
                  └─tail,540 --follow=name --retry /var/log/gitlab/gitlab-workhorse/current /var/log/gitlab/redis-exporter/current /var/log/gitlab/prometheus/current /var/log/gitlab/grafana/current /var/log/gitlab/gitlab-exporter/current /var/log/gitlab/puma/puma_stderr.log /var/log/gitlab/puma/puma_stdout.log /var/log/gitlab/puma/current /var/log/gitlab/logrotate/current /var/log/gitlab/redis/current /var/log/gitlab/sshd/current /var/log/gitlab/nginx/gitlab_error.log /var/log/gitlab/nginx/gitlab_access.log /var/log/gitlab/nginx/current /var/log/gitlab/nginx/access.log /var/log/gitlab/nginx/error.log /var/log/gitlab/gitlab-rails/auth.log /var/log/gitlab/gitlab-rails/application_json.log /var/log/gitlab/gitlab-rails/production.log /var/log/gitlab/gitlab-rails/exceptions_json.log /var/log/gitlab/gitlab-rails/grpc.log /var/log/gitlab/gitlab-rails/application.log /var/log/gitlab/gitlab-rails/api_json.log /var/log/gitlab/gitlab-rails/production_json.log /var/log/gitlab/gitlab-rails/service_measurement.log /var/log/gitlab/gitlab-rails/sidekiq_client.log /var/log/gitlab/gitlab-rails/gitlab-rails-db-migrate-2021-07-31-14-09-40.log /var/log/gitlab/alertmanager/current /var/log/gitlab/gitaly/gitaly_ruby_json.log /var/log/gitlab/gitaly/current /var/log/gitlab/postgresql/current /var/log/gitlab/postgres-exporter/current /var/log/gitlab/sidekiq/current

service

ls -l /opt/gitlab/service/
total 0
lrwxrwxrwx 1 root root 27 Jul 31 14:09 alertmanager -> /opt/gitlab/sv/alertmanager
lrwxrwxrwx 1 root root 21 Jul 31 14:09 gitaly -> /opt/gitlab/sv/gitaly
lrwxrwxrwx 1 root root 30 Jul 31 14:09 gitlab-exporter -> /opt/gitlab/sv/gitlab-exporter
lrwxrwxrwx 1 root root 31 Jul 31 14:09 gitlab-workhorse -> /opt/gitlab/sv/gitlab-workhorse
lrwxrwxrwx 1 root root 22 Jul 31 14:09 grafana -> /opt/gitlab/sv/grafana
lrwxrwxrwx 1 root root 24 Jul 31 14:09 logrotate -> /opt/gitlab/sv/logrotate
lrwxrwxrwx 1 root root 20 Jul 31 14:09 nginx -> /opt/gitlab/sv/nginx
lrwxrwxrwx 1 root root 32 Jul 31 14:09 postgres-exporter -> /opt/gitlab/sv/postgres-exporter
lrwxrwxrwx 1 root root 25 Jul 31 14:09 postgresql -> /opt/gitlab/sv/postgresql
lrwxrwxrwx 1 root root 25 Jul 31 14:09 prometheus -> /opt/gitlab/sv/prometheus
lrwxrwxrwx 1 root root 19 Jul 31 14:09 puma -> /opt/gitlab/sv/puma
lrwxrwxrwx 1 root root 20 Jul 31 14:09 redis -> /opt/gitlab/sv/redis
lrwxrwxrwx 1 root root 29 Jul 31 14:09 redis-exporter -> /opt/gitlab/sv/redis-exporter
lrwxrwxrwx 1 root root 22 Jul 31 14:09 sidekiq -> /opt/gitlab/sv/sidekiq
lrwxrwxrwx 1 root root 19 Jul 31 14:09 sshd -> /opt/gitlab/sv/sshd

端口

root@8488f0757fb3:/# ss -tunlp
Netid                   State                    Recv-Q                   Send-Q                                     Local Address:Port                                     Peer Address:Port                  Process                                                                                              
udp                     UNCONN                   0                        0                                                      *:9094                                                *:*                      users:(("alertmanager",pid=307,fd=7))                                                               
tcp                     LISTEN                   0                        4096                                           127.0.0.1:9229                                          0.0.0.0:*                      users:(("gitlab-workhors",pid=290,fd=7))                                                            
tcp                     LISTEN                   0                        1024                                           127.0.0.1:8080                                          0.0.0.0:*                      users:(("bundle",pid=621,fd=19),("bundle",pid=619,fd=19),("bundle",pid=299,fd=19))                  
tcp                     LISTEN                   0                        4096                                           127.0.0.1:9168                                          0.0.0.0:*                      users:(("gitlab-exporter",pid=303,fd=5))                                                            
tcp                     LISTEN                   0                        511                                              0.0.0.0:80                                            0.0.0.0:*                      users:(("nginx",pid=357,fd=7),("nginx",pid=356,fd=7),("nginx",pid=316,fd=7))                        
tcp                     LISTEN                   0                        4096                                           127.0.0.1:8082                                          0.0.0.0:*                      users:(("bundle",pid=398,fd=24))                                                                    
tcp                     LISTEN                   0                        4096                                           127.0.0.1:9236                                          0.0.0.0:*                      users:(("gitaly",pid=353,fd=12),("gitaly",pid=353,fd=11))                                           
tcp                     LISTEN                   0                        128                                              0.0.0.0:22                                            0.0.0.0:*                      users:(("sshd",pid=30,fd=3))                                                                        
tcp                     LISTEN                   0                        4096                                           127.0.0.1:3000                                          0.0.0.0:*                      users:(("grafana-server",pid=309,fd=7))                                                             
tcp                     LISTEN                   0                        511                                              0.0.0.0:8060                                          0.0.0.0:*                      users:(("nginx",pid=357,fd=8),("nginx",pid=356,fd=8),("nginx",pid=316,fd=8))                        
tcp                     LISTEN                   0                        4096                                           127.0.0.1:9121                                          0.0.0.0:*                      users:(("redis_exporter",pid=292,fd=3))                                                             
tcp                     LISTEN                   0                        4096                                           127.0.0.1:9090                                          0.0.0.0:*                      users:(("prometheus",pid=315,fd=8))                                                                 
tcp                     LISTEN                   0                        4096                                           127.0.0.1:9187                                          0.0.0.0:*                      users:(("postgres_export",pid=313,fd=3))                                                            
tcp                     LISTEN                   0                        4096                                           127.0.0.1:9093                                          0.0.0.0:*                      users:(("alertmanager",pid=307,fd=8))                                                               
tcp                     LISTEN                   0                        128                                                 [::]:22                                               [::]:*                      users:(("sshd",pid=30,fd=4))                                                                        
tcp                     LISTEN                   0                        4096                                                   *:9094                                                *:*                      users:(("alertmanager",pid=307,fd=3))
组件端口说明
redis/var/opt/gitlab/redis/redis.socket
postgres/var/opt/gitlab/postgresql/.s.PGSQL.5432
nginx80 443 8086
sshd22
gitlab-workhors9229
puma(ruby)8080Puma is a simple, fast, multi-threaded, and highly concurrent HTTP 1.1 server for Ruby applications. It’s the default GitLab web server since GitLab 13.0 and has replaced Unicorn. From GitLab 14.0, Unicorn is no longer supported.
Sidekiq(ruby)8082Sidekiq is the background job processor GitLab uses to asynchronously run tasks.
gitaly9236Gitaly provides high-level RPC access to Git repositories. It is used by GitLab to read and write Git data.
alertmanager9093 9094
gitlab-exporter9168
redis_exporter9121
postgres_export9187
grafana-server3000
prometheus9090

默认用户名密码

默认用户:root
默认密码:cat /etc/gitlab/initial_root_password

# WARNING: This value is valid only in the following conditions
#          1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run).
#          2. Password hasn't been changed manually, either via UI or via command line.
#
#          If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password.

Password: hMVCj4y/FlqGYRjrU8MK4hUi18XhLwinnx5qMYwAcYk=

# NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours.

查看log

root@8488f0757fb3:~# ls -l /var/log/gitlab/
total 72
drwx------ 2 gitlab-prometheus root       4096 Jul 31 14:11 alertmanager
drwx------ 2 git               root       4096 Aug  1 00:19 gitaly
drwx------ 2 git               root       4096 Jul 31 14:10 gitlab-exporter
drwx------ 2 git               root       4096 Aug  1 01:30 gitlab-rails
drwx------ 2 git               root       4096 Jul 31 14:09 gitlab-shell
drwx------ 2 git               root       4096 Jul 31 14:10 gitlab-workhorse
drwx------ 2 gitlab-prometheus root       4096 Jul 31 14:12 grafana
drwx------ 2 root              root       4096 Jul 31 14:09 logrotate
drwxr-x--- 2 root              gitlab-www 4096 Aug  1 00:19 nginx
drwx------ 2 gitlab-psql       root       4096 Jul 31 14:11 postgres-exporter
drwx------ 2 gitlab-psql       root       4096 Jul 31 14:09 postgresql
drwx------ 2 gitlab-prometheus root       4096 Jul 31 14:11 prometheus
drwx------ 2 git               root       4096 Aug  1 00:19 puma
drwxr-xr-x 2 root              root       4096 Aug  1 02:37 reconfigure
drwx------ 2 gitlab-redis      root       4096 Jul 31 14:09 redis
drwx------ 2 gitlab-redis      root       4096 Jul 31 14:11 redis-exporter
drwx------ 2 git               root       4096 Jul 31 14:10 sidekiq
drwxr-xr-x 2 root              root       4096 Jul 31 14:09 sshd

配置文件

/etc/gitlab
/opt/gitlab/etc
/opt/gitlab/init
/var/opt/gitlab/nginx/conf
/var/opt/gitlab/gitlab-workhorse/config.toml
/var/opt/gitlab/redis/redis.conf
/var/opt/gitlab/postgresql/data/postgresql.conf
/var/opt/gitlab/gitaly/config.toml
/var/opt/gitlab/gitlab-rails/etc/
/opt/gitlab/embedded/service/gitlab-rails/config

root@8488f0757fb3:/var/opt/gitlab/nginx/conf# cat * |grep -E "proxy"
  proxy_cache off;
  proxy_pass  http://gitlab-workhorse;
  proxy_cache off;
  proxy_pass  http://gitlab-workhorse;
  proxy_cache off;
  proxy_pass  http://gitlab-workhorse;
  proxy_hide_header Referrer-Policy;
  proxy_read_timeout      3600;
  proxy_connect_timeout   300;
  proxy_redirect          off;
  proxy_http_version 1.1;
  proxy_set_header Host $http_host_with_default;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection $connection_upgrade;
  proxy_set_header X-Forwarded-Proto http;
    proxy_cache off;
    proxy_pass http://gitlab-workhorse;
    proxy_request_buffering off;
    proxy_pass http://localhost:3000/;
    proxy_cache off;
    proxy_pass  http://gitlab-workhorse;
    proxy_cache gitlab;
    proxy_pass  http://gitlab-workhorse;
      proxy_cache off;
      proxy_pass  http://gitlab-workhorse/-/metrics;
  proxy_cache_path proxy_cache keys_zone=gitlab:10m max_size=1g levels=1:2;
  proxy_cache gitlab;

root@8488f0757fb3:/var/opt/gitlab/nginx/conf# cat * |grep -A5 -E "upstream"
  upstream gitlab-workhorse {
    server unix:/var/opt/gitlab/gitlab-workhorse/sockets/socket;
  }


root@8488f0757fb3:/var/opt/gitlab/nginx/conf# cat * |grep -A5 -B1 "listen"
server {
  listen *:80;


  server_name 8488f0757fb3;
  server_tokens off; ## Don't show the nginx version number, a security best practice

--
server  {
    listen *:8060;
    server_name localhost;
    location /nginx_status {
      stub_status;
      server_tokens off;
      access_log off;

users

root@8488f0757fb3:# cat /etc/passwd
root❌0:0:root:/root:/bin/bash
daemon❌1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin❌2:2:bin:/bin:/usr/sbin/nologin
sys❌3:3:sys:/dev:/usr/sbin/nologin
sync❌4:65534:sync:/bin:/bin/sync
games❌5:60:games:/usr/games:/usr/sbin/nologin
man❌6:12:man:/var/cache/man:/usr/sbin/nologin
lp❌7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail❌8:8:mail:/var/mail:/usr/sbin/nologin
news❌9:9:news:/var/spool/news:/usr/sbin/nologin
uucp❌10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy❌13:13:proxy:/bin:/usr/sbin/nologin
www-data❌33:33:www-data:/var/www:/usr/sbin/nologin
backup❌34:34:backup:/var/backups:/usr/sbin/nologin
list❌38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc❌39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats❌41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody❌65534:65534:nobody:/nonexistent:/usr/sbin/nologin
_apt❌100:65534::/nonexistent:/usr/sbin/nologin
sshd❌101:65534::/run/sshd:/usr/sbin/nologin
git❌998:998::/var/opt/gitlab:/bin/sh
gitlab-www❌999:999::/var/opt/gitlab/nginx:/bin/false
gitlab-redis❌997:997::/var/opt/gitlab/redis:/bin/false
gitlab-psql❌996:996::/var/opt/gitlab/postgresql:/bin/sh
mattermost❌994:994::/var/opt/gitlab/mattermost:/bin/sh
registry❌993:993::/var/opt/gitlab/registry:/bin/sh
gitlab-prometheus❌992:992::/var/opt/gitlab/prometheus:/bin/sh
gitlab-consul❌991:991::/var/opt/gitlab/consul:/bin/sh

ref