码迷,mamicode.com
首页 > 其他好文 > 详细

搭建gerrit服务详细步骤

时间:2017-10-24 16:20:34      阅读:657      评论:0      收藏:0      [点我收藏+]

标签:debian下搭建gerrit服务的详细步骤

搭建gerrit+openldap服务

作者:赵亮

归档:学习笔记

2017/9/4

搭建ldap

下载gerrit-2.12.3.war

配置好下载源

# apt-get update

下载gerrit安装依赖包

#apt-get install default-jre daemon apache2-utils  git

下载apache2

#apt-get install apache2

下载mysql数据库

#apt-get install mysql-server

创建数据库

Mysql>create database gerrit;

Mysql>grant all on gerrit.* to ‘FxFT‘@‘localhost‘ identified by ‘FoxitFT‘;

Mysql>flush privileges;

重启mysql

#/etc/init.d/mysql restart

 

安装gerrit

java -jar gerrit-2.12.3.war init -d /srv/gerrit/

// /srv/gerrit/是安装目录路径

步骤如下:

root@debian:~#java -jar gerrit-2.12.3.war init -d /srv/gerrit/

*** Gerrit Code Review 2.12.3

***

 

Create ‘/srv/gerrit‘           [Y/n]? y

 

*** Git Repositories

***

 

Location of Git repositories   [git]:

 

*** SQL Database

***

 

Database server type           [h2]: mysql

 

Gerrit Code Review is not shipped with MySQL Connector/J 5.1.21

**  This library is required for your configuration. **

Download and install it now [Y/n]? y

Downloading http://repo2.maven.org/maven2/mysql/mysql-connector-java/5.1.21/mysql-connector-java-5.1.21.jar ... OK

Checksum mysql-connector-java-5.1.21.jar OK

Server hostname                [localhost]:

Server port                    [(mysql default)]:

Database name                  [reviewdb]: gerrit

Database username              [root]: FxFT

gerrituser‘s password          :

              confirm password :

 

*** User Authentication

***

 

Authentication method          [OPENID/?]: http

Get username from custom HTTP header [y/N]? n

SSO logout URL                 :

 

*** Email Delivery

***

SMTP server hostname           [localhost]: smtp.163.com

SMTP server port               [(default)]: 587

SMTP encryption                [NONE/?]: tls

SMTP username                  [root]: liang_mailbox@163.com

liang_mailbox@163.com‘s password :

              confirm password :

 

*** Container Process

***

 

Run as                         [root]:

Java runtime                   [/usr/lib/jvm/java-7-openjdk-amd64/jre]:

Copy gerrit-2.8.war to /srv/gerrit/bin/gerrit.war [Y/n]? y

Copying gerrit-2.8.war to /srv/gerrit/bin/gerrit.war

 

*** SSH Daemon

***

 

Listen on address              [*]:

Listen on port                 [29418]:

 

Gerrit Code Review is not shipped with Bouncy Castle Crypto v144

  If available, Gerrit can take advantage of features

  in the library, but will also function without it.

Download and install it now [Y/n]? y

Downloading http://www.bouncycastle.org/download/bcprov-jdk16-144.jar ... !! FAIL !!

 

 

error: http://www.bouncycastle.org/download/bcprov-jdk16-144.jar: 302 Found

Please download:

 

  http://www.bouncycastle.org/download/bcprov-jdk16-144.jar

 

and save as:

 

  /srv/gerrit/lib/bcprov-jdk16-144.jar

 

Press enter to continue

Continue without this library  [Y/n]? y

Generating SSH host key ... rsa(simple)... done

*** HTTP Daemon

***

 

Behind reverse proxy           [y/N]? y

Proxy uses SSL (https://)      [y/N]? n

Subdirectory on proxy server   [/]:

Listen on address              [*]:

Listen on port                 [8081]: 8081

Canonical URL                  [http://debian.localhost/]:

 

*** Plugins

***

 

Install plugin reviewnotes version v2.8 [y/N]? y

Install plugin download-commands version v2.8 [y/N]? y

Install plugin replication version v2.8 [y/N]? y

Install plugin commit-message-length-validator version v2.8 [y/N]? y

 

Initialized /srv/gerrit

Executing /srv/gerrit/bin/gerrit.sh start

Starting Gerrit Code Review: OK

Waiting for server on debian.localhost:80 ... OK

Opening http://debian.localhost/#/admin/projects/ ...FAILED

Open Gerrit with a JavaScript capable browser:

  http://debian.localhost/#/admin/projects/

 

Gerrit启动脚本

#cp /srv/gerrit/bin/gerrit.sh /etc/init.d/gerrit

# vim /etc/init.d/gerrit

大概在47写入GERRIT_SITE=跟路径

GERRIT_SITE=/srv/gerrit/


重启gerrit服务

#/etc/init.d/gerrit restart


Gerrit配置

#vi /srv/gerrit/etc/gerrit.config

[gerrit]

        basePath = git

        canonicalWebUrl = http://10.104.128.161/r/

[database]

        type = mysql

        hostname = localhost

        database = gerrit

        username = FxFT

[index]

type = LUCENE

[auth]

        type = LDAP

[ldap]

        server = ldap://10.104.128.163:389        //这是搭建好ldapip地址

        accountBase = dc=foxitsoftware,dc=com

        accountFullName = ${cn}

        groupBase = dc=foxitsoftware,dc=com

[sendemail]

        smtpServer = smtp.163.com

        smtpServerPort = 587

        smtpEncryption = TLS

        smtpUser = liang_mailbox@163.com

[container]

        #user = root

user = www-data     //www-data运行,不然Apache调用的时候会报权限问题

        javaHome = /usr/lib/jvm/java-7-openjdk-amd64/jre

[sshd]

        listenAddress = *:29418

[httpd]

        listenUrl = proxy-http://*:8081/r/

listenUrl = proxy-https://*:8081/r/

        requestLog = true

[cache]

        directory = cache

[user]

        anonymousCoward = Unregistered User

[change]

        submitWholeTopic = true

[receive]

        enableSignedPush = false

 

设置主和组的权限

# chown -R www-data:www-data /srv/gerrit

配置web

#vi /etc/apache2/sites-available/gerrit.conf

<VirtualHost *:80>

        ServerName 10.104.128.161

        ProxyRequests Off

        ProxyVia Off

        ProxyPreserveHost On

ErrorLog /var/log/apache2/testlink_foxitsoftware_com_error.log

CustomLog /var/log/apache2/testlink_foxitsoftware_com_access.log combined

        <Proxy *:80>

                Order deny,allow

                Allow from all

        </Proxy>

 

        <Location "/login/">

                AuthType Basic

                AuthName "Gerrit

                Require valid-user

                AuthUserFile /srv/gerrit/etc/password

        </Location>

        AllowEncodedSlashes On

        ProxyPass / http://127.0.0.1:8082/ nocanon

</VirtualHost>

设置一个gerrit授权用户的账号和密码

#htpasswd -c /srv/gerrit/etc/password gerrit kevinstar

配置默认网站路径index.html

vi /var/www/index.html

<html>

<head>

<script type="text/javascript">

window.location.href=‘/r/‘;

</script>

</head>

<body><h1>It works!</h1>

<p>This is the default web page for this server.</p>

<p>The web server software is running but no content has been added, yet.</p>

</body></html>

 

 

加载proxy模块

#a2enmod proxy

软连接

#/cd /etc/apache2/mods-enabled

# ln -s ../mods-available/proxy_http.load proxy_http.load

重启apache2gerrit服务

#/etc/init.d/gerrit restart

#/etc/init.d/apache2 restart

现在就可以登陆web界面做测试了

 

启用443端口配置:

#apt-get install ssl-cert

# make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/ssl/private/apache2.pem

#openssl req -x509 -newkey rsa:1024 -keyout /etc/ssl/private/apache2.pem -out /etc/ssl/private/apache2.pem -nodes -days 999

Generating a 1024 bit RSA private key

..............++++++

.........................++++++

writing new private key to ‘/etc/ssl/private/apache2.pem‘

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter ‘.‘, the field will be left blank.

-----

Country Name (2 letter code) [AU]:CN

State or Province Name (full name) [Some-State]:BEIJING

Locality Name (eg, city) []:BEIJING

Organization Name (eg, company) [Internet Widgits Pty Ltd]:foxit

Organizational Unit Name (eg, section) []:it

Common Name (e.g. server FQDN or YOUR name) []:localhost

Email Address []:liang_mailbox@163.com

#openssl genrsa 1024 >server.key

#openssl req -new -key server.key > server.csr

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter ‘.‘, the field will be left blank.

-----

Country Name (2 letter code) [AU]:CN

State or Province Name (full name) [Some-State]:BEIJING

Locality Name (eg, city) []:BEIJING

Organization Name (eg, company) [Internet Widgits Pty Ltd]:foxit

Organizational Unit Name (eg, section) []:it

Common Name (e.g. server FQDN or YOUR name) []:localhost

Email Address []:liang_mailbox@163.com

 

Please enter the following ‘extra‘ attributes

to be sent with your certificate request

A challenge password []:kevinstar

An optional company name []:foxit

开启ssl模块

#a2enmod ssl

配置Apache站点配置:

# vi /etc/apache2/sites-availble/gerrit.conf

<VirtualHost *:80>

        ServerName 10.104.128.161

        ProxyRequests Off

        ProxyVia Off

        ProxyPreserveHost On

 

        <Proxy *:80>

                Order deny,allow

                Allow from all

        </Proxy>

 

        AllowEncodedSlashes On

        ProxyPass /r/ http://127.0.0.1:8081/r/ nocanon

</VirtualHost>

 

<VirtualHost *:443>

        SSLEngine on

        SSLProxyEngine on

        SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem

        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

 

        ServerName 10.104.128.161

 

        ProxyRequests Off

        ProxyVia Off

        ProxyPreserveHost On

 

        <Proxy *:443>

                Order deny,allow

                Allow from all

        </Proxy>

 

        <Location "/r/login/">

                AuthType Basic

                AuthName "Gerrit"

                Require valid-user

                AuthUserFile /etc/gerrit/etc/.password

        </Location>

 

<Location "/p/">

      AuthType Basic

      AuthName "Gerrit Code Review"

 </Location>

        AllowEncodedSlashes On

        ProxyPass /r/ http://127.0.0.1:8082/r/ nocanon

ProxyPass /p/ http://127.0.0.1:8082/p/ nocanon

 

</VirtualHost>

修改gerrit配置:

vi /etc/gerrit/etc/gerrit.config

[gerrit]

        basePath = git

        canonicalWebUrl = http://10.104.128.161/r/

[database]

        type = mysql

        hostname = localhost

        database = gerritdb

        username = gerrituser

[auth]

        type = LDAP

[ldap]

        server = ldap://10.104.128.163:389

        accountBase = dc=foxitsoftware,dc=com

        accountFullName = ${cn}

        groupBase = dc=foxitsoftware,dc=com

[sendemail]

        smtpServer = smtp.163.com

        smtpServerPort = 587

        smtpEncryption = TLS

        smtpUser = liang_mailbox@163.com

[container]

        user = root

        javaHome = /usr/lib/jvm/java-7-openjdk-amd64/jre

[sshd]

        listenAddress = *:29418

[httpd]

        listenUrl = proxy-http://*:8081/r/

        listenUrl = proxy-https://*:8082/r/

        requestLog = true

[cache]

        directory = cache

[user]

        anonymousCoward = Unregistered User

[change]

        submitWholeTopic = true

[receive]

        enableSignedPush = false

重启Apachegerrit

#/etc/init.d/apache restart

#/etc/init.d/gerrit restart

测试    !!!!!

搭建完成


本文出自 “12506531” 博客,转载请与作者联系!

搭建gerrit服务详细步骤

标签:debian下搭建gerrit服务的详细步骤

原文地址:http://12516531.blog.51cto.com/12506531/1975549

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!