前情提示

阿里、tx、西数centOS6.4,6系列均可cat /etc/redhat-release

gogs0.11.91(0.13会有重大变化,持续更新)

Git 最新稳定版本;

Mysql8 最新稳定版本;

更新说明

  1. 去除普通图片截图,保留部分核心截图;详细截图可参考:https://blog.csdn.net/qq_31708763/article/details/104814669

软件准备

软件下载,官网下载或云盘下载。步骤略。

将下载好的软件上传到服务器。

1
2
3
mkdir -p /server/backup/gs
scp -P 22000 -r -v /server/backup/gs/* root@211.149.239.182:/server/backup/gs
scp -P 22 -r -v /server/backup/gs/* root@59.110.21.159:/server/backup/gs

MySQL安装

1
2
3
4
5
6
7
8
9
10
rpm -qa|grep mysql
# 如果有,卸载
yum remove mysql mysql-server mysql-libs compat-mysql51
rm -rf /var/lib/mysql
##可能cannot remove ‘/etc/my.cnf’: No such file or directory
rm /etc/my.cnf
rpm -e mysql-community-client-8.0.20-1.el6.x86_64 --nodeps
rpm -e mysql-community-libs-8.0.20-1.el6.x86_64 --nodeps
rpm -e mysql-community-server-8.0.20-1.el6.x86_64 --nodeps
rpm -e mysql-community-common-8.0.20-1.el6.x86_64 --nodeps

安装依赖

1
yum -y install wget gcc-c++ ncurses ncurses-devel cmake make perl bison openssl openssl-devel gcc* libxml2 libxml2-devel curl-devel libjpeg* libpng* freetype* make gcc-c++ cmake bison-devel ncurses-devel bison perl perl-devel perl perl-devel net-tools* numactl* 

安装MySQL

1
2
3
4
5
cd /server/backup/gs/
rpm -ivh mysql-community-common-8.0.20-1.el6.x86_64.rpm --nodeps --force
rpm -ivh mysql-community-libs-8.0.20-1.el6.x86_64.rpm --nodeps --force
rpm -ivh mysql-community-client-8.0.20-1.el6.x86_64.rpm --nodeps --force
rpm -ivh mysql-community-server-8.0.20-1.el6.x86_64.rpm --nodeps --force

在这里插入图片描述

配置/etc/my.cnf,添加如下:

1
2
lower_case_table_names=1
sql_mode='STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION'

完整内容:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/8.0/en/server-configuration-defaults.html

[mysqld]
#
# Remove leading # and set to the amount of RAM for the most important data
# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%.
# innodb_buffer_pool_size = 128M
#
# Remove the leading "# " to disable binary logging
# Binary logging captures changes between backups and is enabled by
# default. It's default setting is log_bin=binlog
# disable_log_bin
#
# Remove leading # to set options mainly useful for reporting servers.
# The server defaults are faster for transactions and fast SELECTs.
# Adjust sizes as needed, experiment to find the optimal values.
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M
#
# Remove leading # to revert to previous value for default_authentication_plugin,
# this will increase compatibility with older clients. For background, see:
# https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_default_authentication_plugin
# default-authentication-plugin=mysql_native_password

datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock

log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

lower_case_table_names=1
sql_mode='STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION'

启动:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
groupadd mysql
useradd -g mysql mysql
mkdir -p /var/lib/mysql


mysqld --initialize --user=mysql
chown -R mysql:mysql /var/lib/mysql
chmod -R 777 /var/lib/mysql

centOS6:
service mysqld start
查看启动状态
service mysqld status
设置开机启动(可不用,安装完,默认自启)
chkconfig mysqld on
1
2
3
4
5
6
7
8
9
10
11
12
以下为备份内容,并未执行:
如果以root用户身份登录CentOS 6.8服务器,可以执行如下命令。
mysqld --initialize --user=mysql
mysqld --initialize-insecure --user=mysql
如果以mysql用户身份登录CentOS 6.8服务器,可以执行如下命令。
mysqld --initialize
mysqld --initialize-insecure
因为我这里使用的是root账户登录CentOS 6.8服务器,所以,初始化数据库时,我执行的是如下命令。
mkdir -p /usr/local/mysql
chown -R mysql.mysql /usr/local/mysql
mysqld --initialize --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data
注意:这里,我在执行mysqld --initialize命令时,指定了MySQL的安装目录。 在MySQL的安装过程中,建议指定MySQL的安装目录。当/usr/local/mysql目录下存在data目录时,会初始化失败,必须确保/usr/local/mysql下没有data目录。

查看临时生成的密码:

1
cat /var/log/mysqld.log | grep password

修改初始密码:

1
2
3
4
5
mysql -u root -p
>e.)g:qlr6eB
# 高版本数据库使用强密码规则,密码设置尽可能麻烦,大写+小写+数字+符号
ALTER USER 'root'@'localhost' IDENTIFIED BY 'CNMpgz123!';
exit;

创建远程账号:

1
2
3
4
5
6
mysql -u root -p
CNMpgz123!
CREATE USER 'remote'@'%' IDENTIFIED BY 'CNMpgz123!';
GRANT ALL PRIVILEGES ON *.* TO 'remote'@'%'WITH GRANT OPTION;
FLUSH PRIVILEGES;
exit;

配置防火墙

vi /etc/sysconfig/iptables

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22000 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3000 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 4000 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 9527 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

修改完成后,重启防火墙:service iptables restart,如果有必要,请登录云安全组开放端口。

rpm方式安装mysql默认位置:

1
2
3
4
5
6
7
8
1、数据库目录
/var/lib/mysql/
2、配置文件
/usr/share/mysql(mysql.server命令及配置文件)
3、相关命令
/usr/bin(mysqladmin mysqldump等命令)
4、启动脚本
/etc/rc.d/init.d/(启动脚本文件mysql的目录)

Git安装

卸载旧版本:

1
2
3
4
5
查看源版本信息:
yum info git
git --version
如果安装了,卸载:
yum remove git

安装依赖:

1
yum install -y asciidoc docbook2X xmlto texinfo sgml2xml autoconf openjade curl-devel expat-devel gettext-devel openssl-devel zlib-devel gcc perl-ExtUtils-MakeMaker

上传git安装包,并解压:

1
2
3
4
5
6
7
8
cd /server/backup/gs/
tar -zxvf git-2.26.2.tar.gz
cd git-2.26.2
make configure
./configure --prefix=/usr/local/git
make && make install
sudo echo "export PATH=$PATH:/usr/local/git/bin" >> /etc/profile
source /etc/profile

验证Git是否安装成功:

1
输入git --version试试安装成功。

Gogs安装

创建git用户:

1
sudo useradd git

上传文件并解压。

1
2
3
4
5
6
cd /server/backup/gs/
mv /server/backup/gs/gogs_0.11.91_linux_amd64.tar /home/git/
cd /home/git/
su git
tar -xvf gogs_0.11.91_linux_amd64.tar
cd /home/git/gogs/

创建gogs,mysql用户密码,专门用于gogs本地访问:

1
2
3
4
5
6
7
8
9
mysql -u root -p
CNMpgz123!
CREATE USER 'gogs'@'localhost' IDENTIFIED BY 'CNMpgz123!';
GRANT ALL PRIVILEGES ON *.* TO 'gogs'@'localhost'WITH GRANT OPTION;
FLUSH PRIVILEGES;
# 高版本建库或者导入gogs.mysql.sql都会报错,建议手动建
#SET GLOBAL innodb_file_per_table = ON,innodb_file_format = Barracuda,innodb_large_prefix = ON;
# DROP DATABASE IF EXISTS gogs;
# CREATE DATABASE IF NOT EXISTS gogs CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;

手动创建数据库(导入gogs自带sql文件报错,0.13版本修复):

1
新建数据库,这里建议直接新建数据库,设置好编码格式utf8mb4,上面我们不是用navicate测试远程链接了吗,最好使用客户端进行直接新建数据库gogs,

安装:

1
2
3
4
cd /home/git/gogs/
./gogs web
211.149.239.182:3000
59.110.21.159:3000

安装完成:根据页面填写参数:(0.13部分参数废弃)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
APP_NAME = Gogs
RUN_USER = git
RUN_MODE = prod

[database]
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = gogs
USER = gogs
PASSWD = CNMpgz123!
SSL_MODE = disable
PATH = data/gogs.db

[repository]
ROOT = /home/git/gogs-repositories

[server]
DOMAIN = localhost
HTTP_PORT = 3000
ROOT_URL = http://localhost:3000/
DISABLE_SSH = false
SSH_PORT = 22
START_SSH_SERVER = false
OFFLINE_MODE = false

[mailer]
ENABLED = true
HOST = smtp.163.com:465
FROM = 123@163.com
USER = fasong@163.com
PASSWD = fasongmima

[service]
REGISTER_EMAIL_CONFIRM = true
ENABLE_NOTIFY_MAIL = true
DISABLE_REGISTRATION = false
ENABLE_CAPTCHA = true
REQUIRE_SIGNIN_VIEW = true

[picture]
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = false

[session]
PROVIDER = file

[log]
MODE = file
LEVEL = Info
ROOT_PATH = /home/git/gogs/log

[security]
INSTALL_LOCK = true
SECRET_KEY = Y81DPGiSppsWRED


加入开机启动:

1
2
3
4
5
6
7
ln -s /usr/local/git/bin/git /bin/git
ln -s /usr/local/git/bin/git-upload-pack /bin/git-upload-pack
ln -s /usr/local/git/bin/git-cvsserver /bin/git-cvsserver
ln -s /usr/local/git/bin/gitk /bin/gitk
ln -s /usr/local/git/bin/git-receive-pack /bin/git-receive-pack
ln -s /usr/local/git/bin/git-shell /bin/git-shell
ln -s /usr/local/git/bin/git-upload-archive /bin/git-upload-archive
1
2
3
4
5
6
7
8
9
10
centOS6:
su root
cp /home/git/gogs/scripts/init/centos/gogs /etc/rc.d/init.d/
chmod a+x /etc/rc.d/init.d/gogs
chkconfig gogs on
service gogs start #启动服务
service gogs stop #停止服务
service gogs restart #重启服务
## 另一种临时启动可以进入安装目录~/gogs,执行:
./gogs web 不过这是关闭窗口就随之关闭

Nginx安装

下载上传文件。

安装依赖:

1
yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel
1
2
3
# 如果已经安装,卸载原来的Nginx
find -name nginx
yum remove nginx

解压安装:

1
2
3
4
5
6
7
8
# 解压
cd /server/backup/gs/
tar -vxf nginx-1.18.0.tar.gz
cd nginx-1.18.0
# 指定位置安装并且开启ssl
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install
whereis nginx

配置环境变量:

1
2
3
4
5
6
7
8
9
10
11
12
13
vim /etc/profile
##### nginx #####
export NGINX_HOME=/usr/local/nginx
export PATH=$NGINX_HOME/sbin:$PATH
# 使配置立即生效
source /etc/profile

# 测试是否生效
echo $PATH
/usr/local/nginx/sbin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
nginx -s reload
nginx -v
nginx -t

开机启动:

1
2
3
4
5
6
7
# 加入开机自启
vi /etc/rc.local
/usr/local/nginx/sbin/nginx
chmod 755 /etc/rc.local

# 测试配置文件
/usr/local/nginx/sbin/nginx -t

Nginx配置SSL

获取证书,上传服务器。

配置Nginx.cnf:/usr/local/nginx/conf

1
2
3
4
 server_name  west.shidongvr.com;

ssl_certificate /usr/local/nginx/cert/_.shidongvr.com_chain.crt;
ssl_certificate_key /usr/local/nginx/cert/_.shidongvr.com_key.key;
1
2
INSTALL_LOCK = true
SECRET_KEY = Y81DPGiSppsWRED

Nginx配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200

#user nobody;
worker_processes 1;

#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;

#pid logs/nginx.pid;


events {
worker_connections 1024;
}


http {
include mime.types;
default_type application/octet-stream;

#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';

#access_log logs/access.log main;

sendfile on;
#tcp_nopush on;

#keepalive_timeout 0;
keepalive_timeout 65;

#gzip on;
client_max_body_size 1024M;
client_body_buffer_size 10M;
server {
listen 443 ssl;
server_name west.shidongvr.com;

ssl_certificate /usr/local/nginx/cert/_.shidongvr.com_chain.crt;
ssl_certificate_key /usr/local/nginx/cert/_.shidongvr.com_key.key;

ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;

ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

location / {
proxy_set_header Host $host:3000;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass https://127.0.0.1:3000;
}
location /zhds {
alias /home/zhds/1;
index index.html;
}
}


server {
listen 80;
server_name west.shidongvr.com;

#charset koi8-r;

#access_log logs/host.access.log main;

# location / {
# proxy_pass http://127.0.0.1:3000;
# }

# 强制跳转https
rewrite ^(.*) https://$server_name$1 permanent;


error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}

# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}


server {
listen 80;
server_name nb.nogit.top;

#charset koi8-r;

#access_log logs/host.access.log main;

location / {
# proxy_pass http://127.0.0.1:3000;
root /home/myblog/public;
index index.html;
}

# 强制跳转https
rewrite ^(.*) https://$server_name$1 permanent;


error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}

# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}


# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;

# location / {
# root html;
# index index.html index.htm;
# }
#}


# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;

# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;

# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;

# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;

# location / {
# root html;
# index index.html index.htm;
# }
#}


}

Gogs配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
# 应用名称,可以改为你组织或者公司名称
APP_NAME = Git
# 运行用户
RUN_USER = git
RUN_MODE = prod

[database]
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = gogs
USER = gogs
PASSWD = CNMpgz123!
SSL_MODE = disable
PATH = data/gogs.db
[admin]
# 禁用普通用户创建组织
DISABLE_REGULAR_ORG_CREATION = true

[repository]
ROOT = /home/git/gogs-repositories
# 全局默认的每个用户可创建创建仓库上限,-1 表示无限制
MAX_CREATION_LIMIT = 1
ENABLE_LOCAL_PATH_MIGRATION = true
# 强制所有仓库私有
FORCE_PRIVATE = false
# 禁用http,只能通过ssh协议操作
DISABLE_HTTP_GIT = false

[server]
PROTOCOL=https
DOMAIN = west.shidongvr.com
HTTP_PORT = 3000
# 公开完整路径
ROOT_URL = https://west.shidongvr.com/
DISABLE_SSH = false
SSH_PORT = 22
START_SSH_SERVER = false
# 激活该选项来禁止从 CDN 获取静态资源,同时 Gravatar 服务也将被自动禁用
OFFLINE_MODE = false
ENABLE_GZIP = true
LANDING_PAGE=false
CERT_FILE=/usr/local/nginx/cert/_.shidongvr.com_chain.crt
KEY_FILE=/usr/local/nginx/cert/_.shidongvr.com_key.key

[mailer]
ENABLED = false

[service]
# 注册必须邮箱验证
REGISTER_EMAIL_CONFIRM = false
# 发送邮件通知
ENABLE_NOTIFY_MAIL = false
# 禁止用户注册,只能管理员创建
DISABLE_REGISTRATION = true
# 注册时输入验证码
ENABLE_CAPTCHA = false
# 必须登录才能浏览
REQUIRE_SIGNIN_VIEW = true

[picture]
# 使用本地头像
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = false

[session]
PROVIDER = file

[log]
MODE = file
LEVEL = Info
ROOT_PATH = /home/git/gogs/log

[security]
INSTALL_LOCK = true
SECRET_KEY = Y81DPGiSppsWRED
# 记录登录天数
LOGIN_REMEMBER_DAYS = true
COOKIE_USERNAME = true
COOKIE_REMEMBER_NAME = true
REVERSE_PROXY_AUTHENTICATION_USER = true

[webhook]
TYPES = gogs
DELIVER_TIMEOUT = 300
SKIP_TLS_VERIFY = true
PAGING_NUM = true

[cron]
ENABLED = true

[other]
SHOW_FOOTER_BRANDING = false
SHOW_FOOTER_VERSION = false

swap创建

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
sudo dd if=/dev/zero of=/swapfile count=2048 bs=1M
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
free -m
history | grep 'swap'
删除
1. 停止正在使用的swap分区
$ swapoff /root/swap

2. 删除swap分区文件
$ rm /root/swap

3. 删除或注释在/etc/fstab文件中的以下开机自动挂载内容:
$ vim /etc/fstab 在该文件中删除如下内容

额外

卸载jdk(如果需要)

1
2
3
rpm -e --nodeps java_cup-0.10k-5.el6.x86_64
rpm -e --nodeps java-1.5.0-gcj-1.5.0.0-29.1.el6.x86_64
rpm -e --nodeps gcc-java-4.4.7-23.el6.x86_64

配置gogs首页模板

tips:简单配置,0.13后会移除首页footer部分。目前测试自定义模板暂时不管用,可采用直接更改源码,尽量微改动。

/home/git/gogs/templates/base