Tips:无ruby环境的可到文章底部直接下载已生成的证书与授权文件导入亦可
安装Gitlab
# 依赖包
yum install -y curl policycoreutils-python openssh-server
# 添加gitlab源
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
# 安装gitlab-ee
yum install -y gitlab-ee安装ruby
ruby版本需要2.3或以上
yum install -y ruby
# 安装gitlab-license库
gem install gitlab-license生成许可证
创建license.rb
require "openssl"
require "gitlab/license"
key_pair = OpenSSL::PKey::RSA.generate(2048)
File.open("license_key", "w") { |f| f.write(key_pair.to_pem) }
public_key = key_pair.public_key
File.open("license_key.pub", "w") { |f| f.write(public_key.to_pem) }
private_key = OpenSSL::PKey::RSA.new File.read("license_key")
Gitlab::License.encryption_key = private_key
license = Gitlab::License.new
license.licensee = {
"Name" => "GITLAB",
"Company" => "GITLAB.COM",
"Email" => "git@gitlab.com",
}
license.starts_at = Date.new(2000, 1, 1) # 开始时间
license.expires_at = Date.new(2099, 12, 31) # 结束时间
license.notify_admins_at = Date.new(2099, 12, 31)
license.notify_users_at = Date.new(2099, 12, 31)
license.block_changes_at = Date.new(2099, 12, 31)
license.restrictions = {
active_user_count: 100000,
previous_user_count: 11111,
plan: "ultimate",
id: 1,
subscription_id: 1,
}
puts "License:"
puts license
data = license.export
puts "Exported license:"
puts data
File.open("GitLabBV.gitlab-license", "w") { |f| f.write(data) }
public_key = OpenSSL::PKey::RSA.new File.read("license_key.pub")
Gitlab::License.encryption_key = public_key
data = File.read("GitLabBV.gitlab-license")
$license = Gitlab::License.import(data)
puts "Imported license:"
puts $license
unless $license
raise "The license is invalid."
end
if $license.restricted?(:active_user_count)
active_user_count = 10000
if active_user_count > $license.restrictions[:active_user_count]
raise "The active user count exceeds the allowed amount!"
end
end
if $license.notify_admins?
puts "The license is due to expire on #{$license.expires_at}."
end
if $license.notify_users?
puts "The license is due to expire on #{$license.expires_at}."
end
module Gitlab
class GitAccess
def check(cmd, changes = nil)
if $license.block_changes?
return build_status_object(false, "License expired")
end
end
end
end
puts "This instance of GitLab Enterprise Edition is licensed to:"
$license.licensee.each do |key, value|
puts "#{key}: #{value}"
end
if $license.expired?
puts "The license expired on #{$license.expires_at}"
elsif $license.will_expire?
puts "The license will expire on #{$license.expires_at}"
else
puts "The license will never expire."
end生成证书
ruby license.rb生成 GitLabBV.gitlab-license license_key license_key.pub 这三个文件。
使用许可证
替换默认公钥
cp -f license_key.pub /opt/gitlab/embedded/service/gitlab-rails/.license_encryption_key.pub重新配置gitlab
gitlab-ctl reconfigure
gitlab-ctl restart导入许可证
老版本:
登录gitlab后台,管理中心->许可证 (/admin/license),导入 GitLabBV.gitlab-license
新版本(>15.x):
登录gitlab后台,管理中心->设置->通用->添加许可证 (/admin/application_settings/general),选择“请输入许可证密钥”,输入GitLabBV.gitlab-license内容
Helm方式部署破解方法:
准备授权秘钥
如上先在服务器上手动生成公钥
license_key.pub和授权秘钥GitLabBV.gitlab-license或在文章底部下载
创建Configmap
以下假定gitlab-ee安装在gitlab命名空间
# 复制license_key.pub内容创建公钥证书文件.license_encryption_key.pub
vi .license_encryption_key.pub
# 创建configmap
kubectl -n gitlab create cm gitlab-license-key-pub --from-file .license_encryption_key.pub自定义values文件my_values.yaml,将公钥证书以extraVolumes方式挂载到容器
vim my_values.yamlmy_values.yaml内容如下:
gitlab:
gitaly:
extraVolumeMounts: |
- name: gitlab-license-key-pub
mountPath: /srv/gitlab/.license_encryption_key.pub
subPath: ".license_encryption_key.pub"
extraVolumes: |
- name: gitlab-license-key-pub
configMap:
name: gitlab-license-key-pub
migrations:
extraVolumeMounts: |
- name: gitlab-license-key-pub
mountPath: /srv/gitlab/.license_encryption_key.pub
subPath: ".license_encryption_key.pub"
extraVolumes: |
- name: gitlab-license-key-pub
configMap:
name: gitlab-license-key-pub
sidekiq:
extraVolumeMounts: |
- name: gitlab-license-key-pub
mountPath: /srv/gitlab/.license_encryption_key.pub
subPath: ".license_encryption_key.pub"
extraVolumes: |
- name: gitlab-license-key-pub
configMap:
name: gitlab-license-key-pub
toolbox:
extraVolumeMounts: |
- name: gitlab-license-key-pub
mountPath: /srv/gitlab/.license_encryption_key.pub
subPath: ".license_encryption_key.pub"
extraVolumes: |
- name: gitlab-license-key-pub
configMap:
name: gitlab-license-key-pub
webservice:
extraVolumeMounts: |
- name: gitlab-license-key-pub
mountPath: /srv/gitlab/.license_encryption_key.pub
subPath: ".license_encryption_key.pub"
extraVolumes: |
- name: gitlab-license-key-pub
configMap:
name: gitlab-license-key-pub以Helm方式安装或者升级gitlab
helm -n gitlab upgrade --install --create-namespace gitlab gitlab/gitlab -f my_value.yaml导入授权秘钥GitLabBV.gitlab-license
登录gitlab后台,管理中心->设置->通用->添加许可证 (/admin/application_settings/general),选择“请输入许可证密钥”,输入GitLabBV.gitlab-license内容