# gitlab ```bash #!/usr/bin/env bash mkdir -p /data/gitlab cd /data/gitlab mkdir -p {etc,log,opt} docker rm -f gitlab || true docker run -d \ -p 8080:80 \ -p 8022:22 \ -v /data/gitlab/etc:/etc/gitlab \ -v /data/gitlab/log:/var/log/gitlab \ -v /data/gitlab/opt:/var/opt/gitlab \ --restart always \ --privileged \ --name gitlab \ gitlab/gitlab-ce:14.1.1-ce.0 ``` ## gitlab-ctl status ```bash gitlab-ctl status run: alertmanager: (pid 307) 40957s; run: log: (pid 306) 40957s run: gitaly: (pid 298) 40957s; run: log: (pid 296) 40957s run: gitlab-exporter: (pid 303) 40957s; run: log: (pid 301) 40957s run: gitlab-workhorse: (pid 290) 40957s; run: log: (pid 289) 40957s run: grafana: (pid 309) 40957s; run: log: (pid 308) 40957s run: logrotate: (pid 69062) 1356s; run: log: (pid 293) 40957s run: nginx: (pid 316) 40957s; run: log: (pid 295) 40957s run: postgres-exporter: (pid 313) 40957s; run: log: (pid 312) 40957s run: postgresql: (pid 302) 40957s; run: log: (pid 300) 40957s run: prometheus: (pid 315) 40957s; run: log: (pid 314) 40957s run: puma: (pid 299) 40957s; run: log: (pid 297) 40957s run: redis: (pid 305) 40957s; run: log: (pid 304) 40957s run: redis-exporter: (pid 292) 40957s; run: log: (pid 291) 40957s run: sidekiq: (pid 311) 40957s; run: log: (pid 310) 40957s run: sshd: (pid 30) 40972s; run: log: (pid 29) 40972s ``` ## pstree ```bash root@8488f0757fb3:/# pstree -lspan wrapper,1 /assets/wrapper ├─runsvdir,22 -P /opt/gitlab/service log: ........................................................................................................................................................................................................................................................................................................................................................................................................... │ ├─runsv,28 sshd │ │ ├─svlogd,29 -tt /var/log/gitlab/sshd │ │ └─sshd,30 │ ├─runsv,275 gitlab-workhorse │ │ ├─svlogd,289 /var/log/gitlab/gitlab-workhorse │ │ └─gitlab-workhors,290 -listenNetwork unix -listenUmask 0 -listenAddr /var/opt/gitlab/gitlab-workhorse/sockets/socket -authBackend http://localhost:8080 -authSocket /var/opt/gitlab/gitlab-rails/sockets/gitlab.socket -documentRoot /opt/gitlab/embedded/service/gitlab-rails/public -pprofListenAddr -prometheusListenAddr localhost:9229 -secretPath /opt/gitlab/embedded/service/gitlab-rails/.gitlab_workhorse_secret -logFormat json -config config.toml │ │ ├─{gitlab-workhors},318 │ │ ├─{gitlab-workhors},319 │ │ ├─{gitlab-workhors},320 │ │ ├─{gitlab-workhors},327 │ │ ├─{gitlab-workhors},348 │ │ ├─{gitlab-workhors},389 │ │ ├─{gitlab-workhors},728 │ │ └─{gitlab-workhors},1348 │ ├─runsv,276 redis-exporter │ │ ├─svlogd,291 -tt /var/log/gitlab/redis-exporter │ │ └─redis_exporter,292 --web.listen-address=localhost:9121 --redis.addr=unix:///var/opt/gitlab/redis/redis.socket │ │ ├─{redis_exporter},331 │ │ ├─{redis_exporter},334 │ │ ├─{redis_exporter},335 │ │ ├─{redis_exporter},342 │ │ └─{redis_exporter},553 │ ├─runsv,277 prometheus │ │ ├─svlogd,314 -tt /var/log/gitlab/prometheus │ │ └─prometheus,315 --web.listen-address=localhost:9090 --storage.tsdb.path=/var/opt/gitlab/prometheus/data --config.file=/var/opt/gitlab/prometheus/prometheus.yml │ │ ├─{prometheus},373 │ │ ├─{prometheus},374 │ │ ├─{prometheus},375 │ │ ├─{prometheus},376 │ │ ├─{prometheus},377 │ │ ├─{prometheus},390 │ │ └─{prometheus},391 │ ├─runsv,278 grafana │ │ ├─svlogd,308 -tt /var/log/gitlab/grafana │ │ └─grafana-server,309 -config /var/opt/gitlab/grafana/grafana.ini │ │ ├─{grafana-server},370 │ │ ├─{grafana-server},371 │ │ ├─{grafana-server},372 │ │ ├─{grafana-server},378 │ │ ├─{grafana-server},381 │ │ ├─{grafana-server},388 │ │ ├─{grafana-server},394 │ │ └─{grafana-server},25597 │ ├─runsv,279 gitlab-exporter │ │ ├─svlogd,301 -tt /var/log/gitlab/gitlab-exporter │ │ └─gitlab-exporter,303 /opt/gitlab/embedded/bin/gitlab-exporter web -c /var/opt/gitlab/gitlab-exporter/gitlab-exporter.yml │ │ ├─{gitlab-exporter},484 │ │ ├─{gitlab-exporter},485 │ │ ├─{gitlab-exporter},487 │ │ └─{gitlab-exporter},490 │ ├─runsv,280 puma │ │ ├─svlogd,297 -tt /var/log/gitlab/puma │ │ └─bundle,299 │ │ ├─{bundle},493 │ │ ├─{bundle},616 │ │ ├─{bundle},617 │ │ ├─{bundle},618 │ │ ├─bundle,619 │ │ │ ├─{bundle},620 │ │ │ ├─{bundle},627 │ │ │ ├─{bundle},628 │ │ │ ├─{bundle},629 │ │ │ ├─{bundle},630 │ │ │ ├─{bundle},631 │ │ │ ├─{bundle},632 │ │ │ ├─{bundle},633 │ │ │ ├─{bundle},634 │ │ │ ├─{bundle},635 │ │ │ ├─{bundle},636 │ │ │ ├─{bundle},637 │ │ │ ├─{bundle},638 │ │ │ ├─{bundle},1284 │ │ │ ├─{bundle},1285 │ │ │ ├─{bundle},1286 │ │ │ ├─{bundle},1287 │ │ │ ├─{bundle},1288 │ │ │ ├─{bundle},1292 │ │ │ └─{bundle},71576 │ │ └─bundle,621 │ │ ├─{bundle},622 │ │ ├─{bundle},641 │ │ ├─{bundle},642 │ │ ├─{bundle},643 │ │ ├─{bundle},644 │ │ ├─{bundle},645 │ │ ├─{bundle},646 │ │ ├─{bundle},647 │ │ ├─{bundle},648 │ │ ├─{bundle},649 │ │ ├─{bundle},650 │ │ ├─{bundle},651 │ │ ├─{bundle},652 │ │ └─{bundle},71199 │ ├─runsv,281 logrotate │ │ ├─svlogd,293 -tt /var/log/gitlab/logrotate │ │ └─gitlab-logrotat,69062 /opt/gitlab/embedded/bin/gitlab-logrotate-wrapper │ │ └─sleep,70095 3000 │ ├─runsv,282 redis │ │ ├─svlogd,304 -tt /var/log/gitlab/redis │ │ └─redis-server,305 │ │ ├─{redis-server},336 │ │ ├─{redis-server},337 │ │ ├─{redis-server},338 │ │ └─{redis-server},339 │ ├─runsv,283 nginx │ │ ├─svlogd,295 -tt /var/log/gitlab/nginx │ │ └─nginx,316 │ │ ├─nginx,356 │ │ ├─nginx,357 │ │ └─nginx,358 │ ├─runsv,284 alertmanager │ │ ├─svlogd,306 -tt /var/log/gitlab/alertmanager │ │ └─alertmanager,307 --web.listen-address=localhost:9093 --storage.path=/var/opt/gitlab/alertmanager/data --config.file=/var/opt/gitlab/alertmanager/alertmanager.yml │ │ ├─{alertmanager},346 │ │ ├─{alertmanager},349 │ │ ├─{alertmanager},350 │ │ ├─{alertmanager},351 │ │ ├─{alertmanager},355 │ │ ├─{alertmanager},392 │ │ └─{alertmanager},3643 │ ├─runsv,285 gitaly │ │ ├─svlogd,296 /var/log/gitlab/gitaly │ │ └─gitaly-wrapper,298 /opt/gitlab/embedded/bin/gitaly /var/opt/gitlab/gitaly/config.toml │ │ ├─{gitaly-wrapper},330 │ │ ├─{gitaly-wrapper},332 │ │ ├─{gitaly-wrapper},333 │ │ ├─{gitaly-wrapper},347 │ │ ├─gitaly,353 /var/opt/gitlab/gitaly/config.toml │ │ │ ├─{gitaly},366 │ │ │ ├─{gitaly},367 │ │ │ ├─{gitaly},368 │ │ │ ├─{gitaly},369 │ │ │ ├─{gitaly},379 │ │ │ ├─{gitaly},395 │ │ │ ├─{gitaly},396 │ │ │ ├─ruby,400 /opt/gitlab/embedded/service/gitaly-ruby/bin/gitaly-ruby 353 /var/opt/gitlab/gitaly/internal_sockets/ruby.1 │ │ │ │ ├─{ruby},406 │ │ │ │ ├─{ruby},407 │ │ │ │ ├─{ruby},411 │ │ │ │ ├─{ruby},412 │ │ │ │ ├─{ruby},413 │ │ │ │ ├─{ruby},414 │ │ │ │ ├─{ruby},415 │ │ │ │ ├─{ruby},416 │ │ │ │ ├─{ruby},420 │ │ │ │ ├─{ruby},421 │ │ │ │ ├─{ruby},422 │ │ │ │ ├─{ruby},423 │ │ │ │ ├─{ruby},424 │ │ │ │ ├─{ruby},425 │ │ │ │ ├─{ruby},426 │ │ │ │ ├─{ruby},427 │ │ │ │ ├─{ruby},428 │ │ │ │ ├─{ruby},429 │ │ │ │ ├─{ruby},430 │ │ │ │ ├─{ruby},431 │ │ │ │ ├─{ruby},432 │ │ │ │ ├─{ruby},433 │ │ │ │ ├─{ruby},434 │ │ │ │ ├─{ruby},435 │ │ │ │ ├─{ruby},436 │ │ │ │ ├─{ruby},437 │ │ │ │ ├─{ruby},438 │ │ │ │ ├─{ruby},439 │ │ │ │ ├─{ruby},440 │ │ │ │ ├─{ruby},441 │ │ │ │ ├─{ruby},442 │ │ │ │ ├─{ruby},443 │ │ │ │ ├─{ruby},444 │ │ │ │ ├─{ruby},445 │ │ │ │ ├─{ruby},446 │ │ │ │ ├─{ruby},447 │ │ │ │ ├─{ruby},448 │ │ │ │ └─{ruby},449 │ │ │ ├─ruby,401 /opt/gitlab/embedded/service/gitaly-ruby/bin/gitaly-ruby 353 /var/opt/gitlab/gitaly/internal_sockets/ruby.0 │ │ │ │ ├─{ruby},404 │ │ │ │ ├─{ruby},405 │ │ │ │ ├─{ruby},408 │ │ │ │ ├─{ruby},409 │ │ │ │ ├─{ruby},410 │ │ │ │ ├─{ruby},417 │ │ │ │ ├─{ruby},418 │ │ │ │ ├─{ruby},419 │ │ │ │ ├─{ruby},450 │ │ │ │ ├─{ruby},451 │ │ │ │ ├─{ruby},452 │ │ │ │ ├─{ruby},453 │ │ │ │ ├─{ruby},454 │ │ │ │ ├─{ruby},455 │ │ │ │ ├─{ruby},456 │ │ │ │ ├─{ruby},457 │ │ │ │ ├─{ruby},458 │ │ │ │ ├─{ruby},459 │ │ │ │ ├─{ruby},460 │ │ │ │ ├─{ruby},461 │ │ │ │ ├─{ruby},462 │ │ │ │ ├─{ruby},463 │ │ │ │ ├─{ruby},464 │ │ │ │ ├─{ruby},465 │ │ │ │ ├─{ruby},466 │ │ │ │ ├─{ruby},467 │ │ │ │ ├─{ruby},468 │ │ │ │ ├─{ruby},469 │ │ │ │ ├─{ruby},470 │ │ │ │ ├─{ruby},471 │ │ │ │ ├─{ruby},472 │ │ │ │ ├─{ruby},473 │ │ │ │ ├─{ruby},474 │ │ │ │ ├─{ruby},475 │ │ │ │ ├─{ruby},476 │ │ │ │ ├─{ruby},477 │ │ │ │ ├─{ruby},478 │ │ │ │ └─{ruby},479 │ │ │ ├─{gitaly},402 │ │ │ ├─{gitaly},887 │ │ │ └─{gitaly},43187 │ │ ├─{gitaly-wrapper},360 │ │ ├─{gitaly-wrapper},361 │ │ ├─{gitaly-wrapper},362 │ │ ├─{gitaly-wrapper},363 │ │ ├─{gitaly-wrapper},364 │ │ └─{gitaly-wrapper},365 │ ├─runsv,286 postgresql │ │ ├─svlogd,300 -tt /var/log/gitlab/postgresql │ │ └─postgres,302 -D /var/opt/gitlab/postgresql/data │ │ ├─postgres,382 │ │ ├─postgres,383 │ │ ├─postgres,384 │ │ ├─postgres,385 │ │ ├─postgres,386 │ │ ├─postgres,387 │ │ ├─postgres,480 │ │ ├─postgres,492 │ │ ├─postgres,68074 │ │ ├─postgres,68081 │ │ ├─postgres,69544 │ │ ├─postgres,69656 │ │ ├─postgres,70969 │ │ └─postgres,71001 │ ├─runsv,287 postgres-exporter │ │ ├─svlogd,312 -tt /var/log/gitlab/postgres-exporter │ │ └─postgres_export,313 --web.listen-address=localhost:9187 --extend.query-path=/var/opt/gitlab/postgres-exporter/queries.yaml │ │ ├─{postgres_export},343 │ │ ├─{postgres_export},344 │ │ ├─{postgres_export},345 │ │ ├─{postgres_export},352 │ │ └─{postgres_export},354 │ └─runsv,288 sidekiq │ ├─svlogd,310 /var/log/gitlab/sidekiq │ └─ruby,311 /opt/gitlab/embedded/service/gitlab-rails/bin/sidekiq-cluster -e production -r /opt/gitlab/embedded/service/gitlab-rails -m 50 --timeout 25 * │ ├─bundle,398 │ │ ├─{bundle},494 │ │ ├─{bundle},500 │ │ ├─{bundle},501 │ │ ├─{bundle},502 │ │ ├─{bundle},510 │ │ ├─{bundle},511 │ │ ├─{bundle},554 │ │ ├─{bundle},555 │ │ ├─{bundle},556 │ │ ├─{bundle},557 │ │ ├─{bundle},558 │ │ ├─{bundle},559 │ │ ├─{bundle},560 │ │ ├─{bundle},561 │ │ ├─{bundle},562 │ │ ├─{bundle},563 │ │ ├─{bundle},564 │ │ ├─{bundle},565 │ │ ├─{bundle},566 │ │ ├─{bundle},567 │ │ ├─{bundle},568 │ │ ├─{bundle},569 │ │ ├─{bundle},570 │ │ ├─{bundle},571 │ │ ├─{bundle},572 │ │ ├─{bundle},573 │ │ ├─{bundle},574 │ │ ├─{bundle},575 │ │ ├─{bundle},576 │ │ ├─{bundle},577 │ │ ├─{bundle},578 │ │ ├─{bundle},579 │ │ ├─{bundle},580 │ │ ├─{bundle},581 │ │ ├─{bundle},582 │ │ ├─{bundle},583 │ │ ├─{bundle},584 │ │ ├─{bundle},585 │ │ ├─{bundle},586 │ │ ├─{bundle},587 │ │ ├─{bundle},588 │ │ ├─{bundle},589 │ │ ├─{bundle},590 │ │ ├─{bundle},591 │ │ ├─{bundle},592 │ │ ├─{bundle},593 │ │ ├─{bundle},594 │ │ ├─{bundle},595 │ │ ├─{bundle},596 │ │ ├─{bundle},597 │ │ ├─{bundle},598 │ │ ├─{bundle},599 │ │ ├─{bundle},600 │ │ ├─{bundle},601 │ │ ├─{bundle},602 │ │ ├─{bundle},603 │ │ ├─{bundle},604 │ │ ├─{bundle},605 │ │ ├─{bundle},606 │ │ ├─{bundle},607 │ │ ├─{bundle},608 │ │ ├─{bundle},612 │ │ ├─{bundle},613 │ │ ├─{bundle},1594 │ │ ├─{bundle},1595 │ │ ├─{bundle},1597 │ │ ├─{bundle},1598 │ │ ├─{bundle},1599 │ │ ├─{bundle},1600 │ │ ├─{bundle},71602 │ │ ├─{bundle},71603 │ │ └─{bundle},71604 │ └─{ruby},399 └─gitlab-ctl,532 /opt/gitlab/bin/gitlab-ctl tail └─omnibus-ctl,533 /opt/gitlab/embedded/bin/omnibus-ctl gitlab /opt/gitlab/embedded/service/omnibus-ctl* tail └─sh,536 -c find -L /var/log/gitlab -type f -not -path '*/sasl/*' | grep -E -v '(config|lock|@|gzip|tgz|gz)' | xargs tail --follow=name --retry └─xargs,539 tail --follow=name --retry └─tail,540 --follow=name --retry /var/log/gitlab/gitlab-workhorse/current /var/log/gitlab/redis-exporter/current /var/log/gitlab/prometheus/current /var/log/gitlab/grafana/current /var/log/gitlab/gitlab-exporter/current /var/log/gitlab/puma/puma_stderr.log /var/log/gitlab/puma/puma_stdout.log /var/log/gitlab/puma/current /var/log/gitlab/logrotate/current /var/log/gitlab/redis/current /var/log/gitlab/sshd/current /var/log/gitlab/nginx/gitlab_error.log /var/log/gitlab/nginx/gitlab_access.log /var/log/gitlab/nginx/current /var/log/gitlab/nginx/access.log /var/log/gitlab/nginx/error.log /var/log/gitlab/gitlab-rails/auth.log /var/log/gitlab/gitlab-rails/application_json.log /var/log/gitlab/gitlab-rails/production.log /var/log/gitlab/gitlab-rails/exceptions_json.log /var/log/gitlab/gitlab-rails/grpc.log /var/log/gitlab/gitlab-rails/application.log /var/log/gitlab/gitlab-rails/api_json.log /var/log/gitlab/gitlab-rails/production_json.log /var/log/gitlab/gitlab-rails/service_measurement.log /var/log/gitlab/gitlab-rails/sidekiq_client.log /var/log/gitlab/gitlab-rails/gitlab-rails-db-migrate-2021-07-31-14-09-40.log /var/log/gitlab/alertmanager/current /var/log/gitlab/gitaly/gitaly_ruby_json.log /var/log/gitlab/gitaly/current /var/log/gitlab/postgresql/current /var/log/gitlab/postgres-exporter/current /var/log/gitlab/sidekiq/current ``` ## service ```bash ls -l /opt/gitlab/service/ total 0 lrwxrwxrwx 1 root root 27 Jul 31 14:09 alertmanager -> /opt/gitlab/sv/alertmanager lrwxrwxrwx 1 root root 21 Jul 31 14:09 gitaly -> /opt/gitlab/sv/gitaly lrwxrwxrwx 1 root root 30 Jul 31 14:09 gitlab-exporter -> /opt/gitlab/sv/gitlab-exporter lrwxrwxrwx 1 root root 31 Jul 31 14:09 gitlab-workhorse -> /opt/gitlab/sv/gitlab-workhorse lrwxrwxrwx 1 root root 22 Jul 31 14:09 grafana -> /opt/gitlab/sv/grafana lrwxrwxrwx 1 root root 24 Jul 31 14:09 logrotate -> /opt/gitlab/sv/logrotate lrwxrwxrwx 1 root root 20 Jul 31 14:09 nginx -> /opt/gitlab/sv/nginx lrwxrwxrwx 1 root root 32 Jul 31 14:09 postgres-exporter -> /opt/gitlab/sv/postgres-exporter lrwxrwxrwx 1 root root 25 Jul 31 14:09 postgresql -> /opt/gitlab/sv/postgresql lrwxrwxrwx 1 root root 25 Jul 31 14:09 prometheus -> /opt/gitlab/sv/prometheus lrwxrwxrwx 1 root root 19 Jul 31 14:09 puma -> /opt/gitlab/sv/puma lrwxrwxrwx 1 root root 20 Jul 31 14:09 redis -> /opt/gitlab/sv/redis lrwxrwxrwx 1 root root 29 Jul 31 14:09 redis-exporter -> /opt/gitlab/sv/redis-exporter lrwxrwxrwx 1 root root 22 Jul 31 14:09 sidekiq -> /opt/gitlab/sv/sidekiq lrwxrwxrwx 1 root root 19 Jul 31 14:09 sshd -> /opt/gitlab/sv/sshd ``` ## 端口 ```bash root@8488f0757fb3:/# ss -tunlp Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process udp UNCONN 0 0 *:9094 *:* users:(("alertmanager",pid=307,fd=7)) tcp LISTEN 0 4096 127.0.0.1:9229 0.0.0.0:* users:(("gitlab-workhors",pid=290,fd=7)) tcp LISTEN 0 1024 127.0.0.1:8080 0.0.0.0:* users:(("bundle",pid=621,fd=19),("bundle",pid=619,fd=19),("bundle",pid=299,fd=19)) tcp LISTEN 0 4096 127.0.0.1:9168 0.0.0.0:* users:(("gitlab-exporter",pid=303,fd=5)) tcp LISTEN 0 511 0.0.0.0:80 0.0.0.0:* users:(("nginx",pid=357,fd=7),("nginx",pid=356,fd=7),("nginx",pid=316,fd=7)) tcp LISTEN 0 4096 127.0.0.1:8082 0.0.0.0:* users:(("bundle",pid=398,fd=24)) tcp LISTEN 0 4096 127.0.0.1:9236 0.0.0.0:* users:(("gitaly",pid=353,fd=12),("gitaly",pid=353,fd=11)) tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=30,fd=3)) tcp LISTEN 0 4096 127.0.0.1:3000 0.0.0.0:* users:(("grafana-server",pid=309,fd=7)) tcp LISTEN 0 511 0.0.0.0:8060 0.0.0.0:* users:(("nginx",pid=357,fd=8),("nginx",pid=356,fd=8),("nginx",pid=316,fd=8)) tcp LISTEN 0 4096 127.0.0.1:9121 0.0.0.0:* users:(("redis_exporter",pid=292,fd=3)) tcp LISTEN 0 4096 127.0.0.1:9090 0.0.0.0:* users:(("prometheus",pid=315,fd=8)) tcp LISTEN 0 4096 127.0.0.1:9187 0.0.0.0:* users:(("postgres_export",pid=313,fd=3)) tcp LISTEN 0 4096 127.0.0.1:9093 0.0.0.0:* users:(("alertmanager",pid=307,fd=8)) tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=30,fd=4)) tcp LISTEN 0 4096 *:9094 *:* users:(("alertmanager",pid=307,fd=3)) ``` | 组件 | 端口 | 说明 | |-----------------|------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | redis | /var/opt/gitlab/redis/redis.socket | | | postgres | /var/opt/gitlab/postgresql/.s.PGSQL.5432 | | | nginx | 80 443 8086 | | | sshd | 22 | | | gitlab-workhors | 9229 | | | puma(ruby) | 8080 | Puma is a simple, fast, multi-threaded, and highly concurrent HTTP 1.1 server for Ruby applications. It’s the default GitLab web server since GitLab 13.0 and has replaced Unicorn. From GitLab 14.0, Unicorn is no longer supported. | | Sidekiq(ruby) | 8082 | Sidekiq is the background job processor GitLab uses to asynchronously run tasks. | | gitaly | 9236 | Gitaly provides high-level RPC access to Git repositories. It is used by GitLab to read and write Git data. | | alertmanager | 9093 9094 | | | gitlab-exporter | 9168 | | | redis_exporter | 9121 | | | postgres_export | 9187 | | | grafana-server | 3000 | | | prometheus | 9090 | | ## 默认用户名密码 ```bash 默认用户:root 默认密码:cat /etc/gitlab/initial_root_password ``` ```bash # WARNING: This value is valid only in the following conditions # 1. If provided manually (either via `GITLAB_ROOT_PASSWORD` environment variable or via `gitlab_rails['initial_root_password']` setting in `gitlab.rb`, it was provided before database was seeded for the first time (usually, the first reconfigure run). # 2. Password hasn't been changed manually, either via UI or via command line. # # If the password shown here doesn't work, you must reset the admin password following https://docs.gitlab.com/ee/security/reset_user_password.html#reset-your-root-password. Password: hMVCj4y/FlqGYRjrU8MK4hUi18XhLwinnx5qMYwAcYk= # NOTE: This file will be automatically deleted in the first reconfigure run after 24 hours. ``` ## 查看log ```bash root@8488f0757fb3:~# ls -l /var/log/gitlab/ total 72 drwx------ 2 gitlab-prometheus root 4096 Jul 31 14:11 alertmanager drwx------ 2 git root 4096 Aug 1 00:19 gitaly drwx------ 2 git root 4096 Jul 31 14:10 gitlab-exporter drwx------ 2 git root 4096 Aug 1 01:30 gitlab-rails drwx------ 2 git root 4096 Jul 31 14:09 gitlab-shell drwx------ 2 git root 4096 Jul 31 14:10 gitlab-workhorse drwx------ 2 gitlab-prometheus root 4096 Jul 31 14:12 grafana drwx------ 2 root root 4096 Jul 31 14:09 logrotate drwxr-x--- 2 root gitlab-www 4096 Aug 1 00:19 nginx drwx------ 2 gitlab-psql root 4096 Jul 31 14:11 postgres-exporter drwx------ 2 gitlab-psql root 4096 Jul 31 14:09 postgresql drwx------ 2 gitlab-prometheus root 4096 Jul 31 14:11 prometheus drwx------ 2 git root 4096 Aug 1 00:19 puma drwxr-xr-x 2 root root 4096 Aug 1 02:37 reconfigure drwx------ 2 gitlab-redis root 4096 Jul 31 14:09 redis drwx------ 2 gitlab-redis root 4096 Jul 31 14:11 redis-exporter drwx------ 2 git root 4096 Jul 31 14:10 sidekiq drwxr-xr-x 2 root root 4096 Jul 31 14:09 sshd ``` ## 配置文件 ```bash /etc/gitlab /opt/gitlab/etc /opt/gitlab/init /var/opt/gitlab/nginx/conf /var/opt/gitlab/gitlab-workhorse/config.toml /var/opt/gitlab/redis/redis.conf /var/opt/gitlab/postgresql/data/postgresql.conf /var/opt/gitlab/gitaly/config.toml /var/opt/gitlab/gitlab-rails/etc/ /opt/gitlab/embedded/service/gitlab-rails/config ``` ```bash root@8488f0757fb3:/var/opt/gitlab/nginx/conf# cat * |grep -E "proxy" proxy_cache off; proxy_pass http://gitlab-workhorse; proxy_cache off; proxy_pass http://gitlab-workhorse; proxy_cache off; proxy_pass http://gitlab-workhorse; proxy_hide_header Referrer-Policy; proxy_read_timeout 3600; proxy_connect_timeout 300; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Host $http_host_with_default; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Forwarded-Proto http; proxy_cache off; proxy_pass http://gitlab-workhorse; proxy_request_buffering off; proxy_pass http://localhost:3000/; proxy_cache off; proxy_pass http://gitlab-workhorse; proxy_cache gitlab; proxy_pass http://gitlab-workhorse; proxy_cache off; proxy_pass http://gitlab-workhorse/-/metrics; proxy_cache_path proxy_cache keys_zone=gitlab:10m max_size=1g levels=1:2; proxy_cache gitlab; root@8488f0757fb3:/var/opt/gitlab/nginx/conf# cat * |grep -A5 -E "upstream" upstream gitlab-workhorse { server unix:/var/opt/gitlab/gitlab-workhorse/sockets/socket; } root@8488f0757fb3:/var/opt/gitlab/nginx/conf# cat * |grep -A5 -B1 "listen" server { listen *:80; server_name 8488f0757fb3; server_tokens off; ## Don't show the nginx version number, a security best practice -- server { listen *:8060; server_name localhost; location /nginx_status { stub_status; server_tokens off; access_log off; ``` ## users ```bash root@8488f0757fb3:# cat /etc/passwd root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin proxy:x:13:13:proxy:/bin:/usr/sbin/nologin www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin backup:x:34:34:backup:/var/backups:/usr/sbin/nologin list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin _apt:x:100:65534::/nonexistent:/usr/sbin/nologin sshd:x:101:65534::/run/sshd:/usr/sbin/nologin git:x:998:998::/var/opt/gitlab:/bin/sh gitlab-www:x:999:999::/var/opt/gitlab/nginx:/bin/false gitlab-redis:x:997:997::/var/opt/gitlab/redis:/bin/false gitlab-psql:x:996:996::/var/opt/gitlab/postgresql:/bin/sh mattermost:x:994:994::/var/opt/gitlab/mattermost:/bin/sh registry:x:993:993::/var/opt/gitlab/registry:/bin/sh gitlab-prometheus:x:992:992::/var/opt/gitlab/prometheus:/bin/sh gitlab-consul:x:991:991::/var/opt/gitlab/consul:/bin/sh ``` ## ref -