Gitlab EE安装与破解

Tips:无ruby环境的可到文章底部直接下载已生成的证书与授权文件导入亦可

安装Gitlab

# 依赖包
yum install -y curl policycoreutils-python openssh-server
# 添加gitlab源
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.rpm.sh | sudo bash
# 安装gitlab-ee
yum install -y gitlab-ee

安装ruby

ruby版本需要2.3或以上

yum install -y ruby
# 安装gitlab-license库
gem install gitlab-license

生成许可证

参考:https://www.rubydoc.info/gems/gitlab-license/

创建license.rb
require "openssl"
require "gitlab/license"

key_pair = OpenSSL::PKey::RSA.generate(2048)
File.open("license_key", "w") { |f| f.write(key_pair.to_pem) }

public_key = key_pair.public_key
File.open("license_key.pub", "w") { |f| f.write(public_key.to_pem) }

private_key = OpenSSL::PKey::RSA.new File.read("license_key")
Gitlab::License.encryption_key = private_key

license = Gitlab::License.new
license.licensee = {
  "Name" => "GITLAB",
  "Company" => "GITLAB.COM",
  "Email" => "git@gitlab.com",
}
license.starts_at = Date.new(2000, 1, 1) # 开始时间
license.expires_at = Date.new(2099, 12, 31) # 结束时间
license.notify_admins_at = Date.new(2099, 12, 31)
license.notify_users_at = Date.new(2099, 12, 31)
license.block_changes_at = Date.new(2099, 12, 31)
license.restrictions = {
  active_user_count: 100000,
  previous_user_count: 11111,
  plan: "ultimate",
  id: 1,
  subscription_id: 1,
}

puts "License:"
puts license

data = license.export
puts "Exported license:"
puts data
File.open("GitLabBV.gitlab-license", "w") { |f| f.write(data) }

public_key = OpenSSL::PKey::RSA.new File.read("license_key.pub")
Gitlab::License.encryption_key = public_key

data = File.read("GitLabBV.gitlab-license")
$license = Gitlab::License.import(data)

puts "Imported license:"
puts $license

unless $license
  raise "The license is invalid."
end

if $license.restricted?(:active_user_count)
  active_user_count = 10000
  if active_user_count > $license.restrictions[:active_user_count]
    raise "The active user count exceeds the allowed amount!"
  end
end

if $license.notify_admins?
  puts "The license is due to expire on #{$license.expires_at}."
end

if $license.notify_users?
  puts "The license is due to expire on #{$license.expires_at}."
end

module Gitlab
  class GitAccess
    def check(cmd, changes = nil)
      if $license.block_changes?
        return build_status_object(false, "License expired")
      end
    end
  end
end

puts "This instance of GitLab Enterprise Edition is licensed to:"
$license.licensee.each do |key, value|
  puts "#{key}: #{value}"
end

if $license.expired?
  puts "The license expired on #{$license.expires_at}"
elsif $license.will_expire?
  puts "The license will expire on #{$license.expires_at}"
else
  puts "The license will never expire."
end
生成证书
ruby license.rb

生成 GitLabBV.gitlab-license license_key license_key.pub 这三个文件。

使用许可证

替换默认公钥
cp -f license_key.pub /opt/gitlab/embedded/service/gitlab-rails/.license_encryption_key.pub
重新配置gitlab
gitlab-ctl reconfigure
gitlab-ctl restart
导入许可证

老版本:

登录gitlab后台,管理中心->许可证 (/admin/license),导入 GitLabBV.gitlab-license

新版本(>15.x):

登录gitlab后台,管理中心->设置->通用->添加许可证 (/admin/application_settings/general),选择“请输入许可证密钥”,输入GitLabBV.gitlab-license内容


Helm方式部署破解方法:

准备授权秘钥

如上先在服务器上手动生成公钥license_key.pub和授权秘钥GitLabBV.gitlab-license或在文章底部下载

创建Configmap

以下假定gitlab-ee安装在gitlab命名空间

# 复制license_key.pub内容创建公钥证书文件.license_encryption_key.pub
vi .license_encryption_key.pub

# 创建configmap
kubectl -n gitlab create cm gitlab-license-key-pub --from-file .license_encryption_key.pub
自定义values文件my_values.yaml,将公钥证书以extraVolumes方式挂载到容器
vim my_values.yaml

my_values.yaml内容如下:

gitlab:
  gitaly:
    extraVolumeMounts: |
      - name: gitlab-license-key-pub
        mountPath: /srv/gitlab/.license_encryption_key.pub
        subPath: ".license_encryption_key.pub"
    extraVolumes: |
      - name: gitlab-license-key-pub
        configMap:
          name: gitlab-license-key-pub
  migrations:
    extraVolumeMounts: |
      - name: gitlab-license-key-pub
        mountPath: /srv/gitlab/.license_encryption_key.pub
        subPath: ".license_encryption_key.pub"
    extraVolumes: |
      - name: gitlab-license-key-pub
        configMap:
          name: gitlab-license-key-pub
  sidekiq:
    extraVolumeMounts: |
      - name: gitlab-license-key-pub
        mountPath: /srv/gitlab/.license_encryption_key.pub
        subPath: ".license_encryption_key.pub"
    extraVolumes: |
      - name: gitlab-license-key-pub
        configMap:
          name: gitlab-license-key-pub
  toolbox:
    extraVolumeMounts: |
      - name: gitlab-license-key-pub
        mountPath: /srv/gitlab/.license_encryption_key.pub
        subPath: ".license_encryption_key.pub"
    extraVolumes: |
      - name: gitlab-license-key-pub
        configMap:
          name: gitlab-license-key-pub
  webservice:
    extraVolumeMounts: |
      - name: gitlab-license-key-pub
        mountPath: /srv/gitlab/.license_encryption_key.pub
        subPath: ".license_encryption_key.pub"
    extraVolumes: |
      - name: gitlab-license-key-pub
        configMap:
          name: gitlab-license-key-pub
以Helm方式安装或者升级gitlab
helm -n gitlab upgrade --install --create-namespace gitlab gitlab/gitlab -f my_value.yaml
导入授权秘钥GitLabBV.gitlab-license

登录gitlab后台,管理中心->设置->通用->添加许可证 (/admin/application_settings/general),选择“请输入许可证密钥”,输入GitLabBV.gitlab-license内容

授权文件下载:

gitlab-ee-license.zip

订阅
提醒
11 评论
在线反馈
查看全部评论