Try   HackMD

GitLab + Server 架設

要求

  • Gitlab Docker
  • Jenkins Docker
  • Multi-dockerized wbds on a single Host
  • http redirect to https

環境

Ubuntu Server 20.04

設定 server 網路

$sudo vim /etc/netplan/{config}.yaml

network: version: 2 renderer: networkd ethernets: eth0: addresses: - 140.124.183.78/24 gateway4: 10.10.10.1 nameservers: search: [mydomain, otherdomain] addresses: [10.10.10.1, 1.1.1.1]

gateway 140.124.183.254
網路卡 DNS 140.124.13.1, 140.124.13.2
Gitlab server DNS: css-gitlab.csie.ntut.edu.tw
Jenkins DNS: css-lab.csie.ntut.edu.tw

sudo netplan apply

啟動 ssh

https://phoenixnap.com/kb/ssh-to-connect-to-remote-server-linux-or-windows

Docker

https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository

CA 問題

  1. 執行 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
    時會遇到 x509, unknown authorit 的問題
  2. apt update 會有 CA 的問題

Download CA

# 首先把對方網站的 certification 抓下來 $ echo -n | openssl s_client -connect download.docker.com:443 -showcerts | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > docker.crt # 利用抓到的 certification 去抓取 docker 的 gpg $ curl -fsSL --cacert docker.crt https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - # 安裝 certification 在自己電腦上 之後才可以 apt update $ cp docker.crt /usr/local/share/ca-certificates/ $ apt update ca-certificates

Gitlab Docker

$ echo "export GITLAB_HOME=/srv/gitlab" >> ~/.bashrc
https://docs.gitlab.com/omnibus/docker/

Jenkins Docker

https://github.com/jenkinsci/docker/blob/master/README.md

Multi-dockerized wbds on a single Host

https://blog.programster.org/hosting-multiple-dockerized-websites-on-a-single-host

HTTP redirects to HTTPs + CA

https://ssl-gitlab.csie.ntut.edu.tw/software-system-lab/https_setting
Note: the setting of nginx is wrong. See Nginx Setting below.

https://github.com/nginx-proxy/docker-letsencrypt-nginx-proxy-companion

Nginx Setting

Modify site-available/default instead of conf
https://coderrocketfuel.com/article/default-nginx-configuration-file-inside-sites-available-default