当尝试使用root和使用安装GitLab使用Docker群模式方法设置的初始密码登录时,我得到以下错误。有什么建议如何解决这个问题吗?错误是一个401 Unauthorized,但正如您在下面看到的,root确实是用提供的密码文件创建的。
==> /var/log/gitlab/gitlab-rails/production.log <==,
Started POST "/users/sign_in" for 10.0.0.2 at 2021-02-13 02:27:11 +0000,
Processing by SessionsController#create as HTML,
Parameters: {"utf8"=>"✓", "authenticity_token"=>"[FILTERED]", "user"=>{"login"=>"root", "password"=>"[FILTERED]", "remember_me"=>"1"}},
Completed 401 Unauthorized in 202ms (ActiveRecord: 32.0ms | Elasticsearch: 0.0ms | Allocations: 42688),
,
==> /var/log/gitlab/gitlab-rails/production_json.log <==,
{"method":"POST","path":"/users/sign_in","format":"html","controller":"SessionsController","action":"create","status":0,"time":"2021-02-13T02:27:11.355Z","params":[{"key":"utf8","value":"✓"},{"key":"authenticity_token","value":"[FILTERED]"},{"key":"user","value":{"login":"root","password":"[FILTERED]","remember_me":"1"}}],"remote_ip":"10.0.0.2","user_id":null,"username":null,"ua":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36","correlation_id":"01EYCKD94QJ7K2FV14BE28WF58","meta.caller_id":"SessionsController#create","meta.remote_ip":"10.0.0.2","meta.feature_category":"authentication_and_authorization","redis_calls":8,"redis_duration_s":0.003663,"redis_read_bytes":1441,"redis_write_bytes":552,"redis_cache_calls":7,"redis_cache_duration_s":0.002813,"redis_cache_read_bytes":1337,"redis_cache_write_bytes":382,"redis_shared_state_calls":1,"redis_shared_state_duration_s":0.00085,"redis_shared_state_read_bytes":104,"redis_shared_state_write_bytes":170,"db_count":12,"db_write_count":2,"db_cached_count":1,"queue_duration_s":0.019457,"cpu_s":0.19,"db_duration_s":0.03197,"view_duration_s":0.0,"duration_s":0.20219},
,
==> /var/log/gitlab/gitlab-rails/production.log <==,
Processing by SessionsController#new as HTML,
Parameters: {"utf8"=>"✓", "authenticity_token"=>"[FILTERED]", "user"=>{"login"=>"root", "password"=>"[FILTERED]", "remember_me"=>"1"}},
,
==> /var/log/gitlab/gitlab-rails/application.log <==,
2021-02-13T02:27:11.449Z: Failed Login: username=root ip=10.0.0.2,
,
==> /var/log/gitlab/gitlab-rails/application_json.log <==,
{"severity":"INFO","time":"2021-02-13T02:27:11.450Z","correlation_id":"01EYCKD94QJ7K2FV14BE28WF58","message":"Failed Login: username=root ip=10.0.0.2"},
,
==> /var/log/gitlab/gitlab-rails/production.log <==,
Completed 200 OK in 91ms (Views: 22.6ms | ActiveRecord: 2.8ms | Elasticsearch: 0.0ms | Allocations: 12783),
,
==> /var/log/gitlab/gitlab-rails/production_json.log <==,
{"method":"POST","path":"/users/sign_in","format":"html","controller":"SessionsController","action":"new","status":200,"time":"2021-02-13T02:27:11.451Z","params":[{"key":"utf8","value":"✓"},{"key":"authenticity_token","value":"[FILTERED]"},{"key":"user","value":{"login":"root","password":"[FILTERED]","remember_me":"1"}}],"remote_ip":"10.0.0.2","user_id":null,"username":null,"ua":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36","correlation_id":"01EYCKD94QJ7K2FV14BE28WF58","meta.caller_id":"SessionsController#new","meta.remote_ip":"10.0.0.2","meta.feature_category":"authentication_and_authorization","redis_calls":11,"redis_duration_s":0.004477,"redis_read_bytes":1679,"redis_write_bytes":826,"redis_cache_calls":10,"redis_cache_duration_s":0.003627,"redis_cache_read_bytes":1573,"redis_cache_write_bytes":535,"redis_shared_state_calls":1,"redis_shared_state_duration_s":0.00085,"redis_shared_state_read_bytes":106,"redis_shared_state_write_bytes":291,"db_count":18,"db_write_count":2,"db_cached_count":3,"queue_duration_s":0.019457,"cpu_s":0.29,"db_duration_s":0.00281,"view_duration_s":0.02265,"duration_s":0.09165},
,
==> /var/log/gitlab/gitlab-workhorse/current <==,
{"content_type":"text/html; charset=utf-8","correlation_id":"01EYCKD94QJ7K2FV14BE28WF58","duration_ms":326,"host":"192.168.1.225:8778","level":"info","method":"POST","msg":"access","proto":"HTTP/1.1","referrer":"http://192.168.1.225:8778/users/sign_in","remote_addr":"127.0.0.1:0","remote_ip":"127.0.0.1","route":"","status":200,"system":"http","time":"2021-02-13T02:27:11Z","ttfb_ms":326,"uri":"/users/sign_in","user_agent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36","written_bytes":54237},
,
==> /var/log/gitlab/nginx/gitlab_access.log <==,
10.0.0.2 - - [13/Feb/2021:02:27:11 +0000] "POST /users/sign_in HTTP/1.1" 200 14901 "http://192.168.1.225:8778/users/sign_in" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.150 Safari/537.36" 3.64
root用户被创建:
* runit_service[gitlab-kas] action disable,
* ruby_block[disable gitlab-kas] action run (skipped due to only_if),
(up to date),
Recipe: gitlab::database_migrations,
* bash[migrate gitlab-rails database] action run,
[execute] psql:/opt/gitlab/embedded/service/gitlab-rails/db/structure.sql:9: NOTICE: extension "btree_gist" already exists, skipping,
psql:/opt/gitlab/embedded/service/gitlab-rails/db/structure.sql:11: NOTICE: extension "pg_trgm" already exists, skipping,
WARNING: Active Record does not support composite primary key.,
,
user_interacted_projects has composite primary key. Composite primary key is ignored.,
WARNING: Active Record does not support composite primary key.,
,
project_authorizations has composite primary key. Composite primary key is ignored.,
,
== Seed from /opt/gitlab/embedded/service/gitlab-rails/db/fixtures/production/001_application_settings.rb,
Creating the default ApplicationSetting record.,
,
== Seed from /opt/gitlab/embedded/service/gitlab-rails/db/fixtures/production/002_admin.rb,
Administrator account created:,
,
login: root,
password: password1234,
,
,
== Seed from /opt/gitlab/embedded/service/gitlab-rails/db/fixtures/production/010_settings.rb,
Saved CI JWT signing key,
,
== Seed from /opt/gitlab/embedded/service/gitlab-rails/db/fixtures/production/998_gitlab_instance_administration_project.rb,
/opt/gitlab/embedded/lib/ruby/gems/2.7.0/gems/validate_url-1.0.8/lib/validate_url.rb:23: warning: URI.escape is obsolete,
Successfully created self monitoring project.,
,
== Seed from /opt/gitlab/embedded/service/gitlab-rails/db/fixtures/production/999_common_metrics.rb,
- execute "bash" "/tmp/chef-script20210213-32-1kam03j",
这是我的docker-compose.yml:
version: "3.7"
services:
gitlab:
image: gitlab/gitlab-ce:13.8.3-ce.0
depends_on:
- smtpserver
ports:
- "8778:8778"
- "8722:22"
volumes:
- type: volume
source: gitlab_data
target: /var/opt/gitlab
- type: volume
source: gitlab_log
target: /var/log/gitlab
- type: volume
source: gitlab_config
target: /etc/gitlab
environment:
GITLAB_OMNIBUS_CONFIG: "from_file('/omnibus_config.rb')"
configs:
- source: gitlab
target: /omnibus_config.rb
secrets:
- gitlab_root_password
networks:
- dev_net
gitlab-runner:
image: gitlab/gitlab-runner:alpine-v13.8.0
depends_on:
- gitlab
deploy:
mode: replicated
replicas: 1
volumes:
- type: volume
source: gitlab_runner_config
target: /etc/gitlab-runner
- type: bind
source: /var/run/docker.sock
target: /var/run/docker.sock
networks:
- dev_net
smtpserver:
image: devture/exim-relay:4.93-r1
user: 100:101
restart: always
hostname: ...
environment:
- SMARTHOST=...
- SMTP_USERNAME=...
- SMTP_PASSWORD=...
networks:
- dev_net
volumes:
gitlab_data:
gitlab_log:
gitlab_config:
gitlab_runner_config:
networks:
dev_net:
configs:
gitlab:
file: ./gitlab.rb
secrets:
gitlab_root_password:
file: ./root_password.txt
And./gitlab.rb:
external_url 'http://192.168.1.225:8778'
registry_external_url 'http://192.168.1.225:8081'
gitlab_rails['initial_root_password'] = File.read('/run/secrets/gitlab_root_password')
gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = 'devops@mydomain'
gitlab_rails['gitlab_email_display_name'] = 'Git'
gitlab_rails['gitlab_email_reply_to'] = 'devops@mydomain'
gitlab_rails['gitlab_email_subject_suffix'] = '[Git] '
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = 'smtpserver'
#gitlab_rails['smtp_address'] = ''
gitlab_rails['smtp_port'] = 8025
#gitlab_rails['smtp_port'] = 25
gitlab_rails['smtp_domain'] = 'mydomain'
gitlab_rails['smtp_tls'] = true
gitlab_rails['smtp_openssl_verify_mode'] = 'none'
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_ssl'] = false
gitlab_rails['smtp_force_ssl'] = false
gitlab_rails['gitlab_shell_ssh_port'] = 8722
gitlab_rails['time_zone'] = 'America/New_York'
nginx['client_max_body_size'] = '1g'
Androot_password.txt:
password1234
我也有同样的问题,为了解决这个问题,我不得不解锁用户(它被锁定是因为密码不起作用):
https://docs.gitlab.com/ee/security/unlock_user.html
然后我重置root密码:
https://docs.gitlab.com/ee/security/reset_user_password.html
我能够进入传送门。
我不明白为什么会发生这种情况,但至少我能够按照这些步骤使用gitlab。
我睡了几个小时,直到我发现最后一个.strip解决了这个问题。
正确的格式:
gitlab_rails['initial_root_password'] = File.read('/run/secrets/gitlab_root_password').strip
我的问题是类似的,但配置中提供的根密码无效(太短)。
== Seed from /opt/gitlab/embedded/service/gitlab-rails/db/fixtures/production/002_admin.rb
Could not create the default administrator account:
--> Password is too short (minimum is 8 characters)
在root_password.txt中提供有效密码后,我重置了所有数据和群堆栈,然后再次执行,它按预期工作。