# 搭建Gerrit代码审核服务器


# 准备工作

##Install LAMP

参考[Install LAMP environment](blog:linux_system_manage:lamp)


##Install git

`sudo apt-get install git`


##Install jdk

本站下载链接：{{ :blog:jdk-8u192-linux-x64.tar.gz | jdk}}

orace下载链接: [oracle javase8-archive-downloads](https://www.oracle.com/java/technologies/javase/javase8-archive-downloads.html)

>  解压后，设置环境变量如下
```
   JAVA_HOME=/opt/jdk1.8.0_192
   PATH=$PATH:$JAVA_HOME/bin
```

##Downalod gerrit package

本教程中使用的版本为 3.5.0.1

Download the gerrit install package from [gerritcodereview](https://www.gerritcodereview.com)

本站链接: {{ :blog:gerrit-3.5.0.1.war | gerrit}}


# Install Gerrit

	sudo java -jar gerrit-2.14.war init -d /home/gerrit/review

```
Using secure store: com.google.gerrit.server.securestore.DefaultSecureStore
[2018-06-03 12:46:14,878] [main] INFO  com.google.gerrit.server.config.GerritServerConfigProvider : No /home/gerrit/review/etc/gerrit.config; assuming defaults

*** Gerrit Code Review 2.14
*** 

Create '/home/gerrit/review'   [Y/n]? 

*** Git Repositories
*** 

Location of Git repositories   [git]: 

*** SQL Database
*** 

Database server type           [h2]: mysql

Gerrit Code Review is not shipped with MySQL Connector/J 5.1.41
**  This library is required for your configuration. **
Download and install it now [Y/n]? y
Downloading https://repo1.maven.org/maven2/mysql/mysql-connector-java/5.1.41/mysql-connector-java-5.1.41.jar ... OK
Checksum mysql-connector-java-5.1.41.jar OK
Server hostname                [localhost]: localhost
Server port                    [(mysql default)]: 
Database name                  [reviewdb]: gerritdb
Database username              [root]: gerrit
gerrit's password              : 
              confirm password : 

*** Index
*** 

Type                           [LUCENE/?]: 

*** User Authentication
*** 

Authentication method          [OPENID/?]: http
Get username from custom HTTP header [y/N]? N
SSO logout URL                 : 
Enable signed push support     [y/N]? N

*** Review Labels
*** 

Install Verified label         [y/N]? y

*** Email Delivery
*** 

SMTP server hostname           [localhost]: mail.linuxtoy.cn
SMTP server port               [(default)]: 465
SMTP encryption                [NONE/?]: ssl
SMTP username                  [root]: gerrit@linuxtoy.cn
gerrit's password              : 
              confirm password : 

*** Container Process
*** 

Run as                         [root]: gerrit
Java runtime                   [/usr/lib/jvm/java-8-openjdk-amd64/jdk1.8.0_172/jre]: 
Copy gerrit-2.14.war to /home/gerrit/review/bin/gerrit.war [Y/n]? y
Copying gerrit-2.14.war to /home/gerrit/review/bin/gerrit.war

*** SSH Daemon
*** 

Listen on address              [*]: 
Listen on port                 [29418]: 
Generating SSH host key ... rsa... dsa... done

*** HTTP Daemon
*** 

Behind reverse proxy           [y/N]? y
Proxy uses SSL (https://)      [y/N]? 
Subdirectory on proxy server   [/]: 
Listen on address              [*]: 
Listen on port                 [8081]: 8081
Canonical URL                  [http://localhost/]: http://review.linuxtoy.cn:8081

*** Cache
*** 


*** Plugins
*** 

Installing plugins.
Install plugin commit-message-length-validator version v2.14 [y/N]? y
Installed commit-message-length-validator v2.14
Install plugin download-commands version v2.14 [y/N]? y
Installed download-commands v2.14
Install plugin hooks version v2.14 [y/N]? y
Installed hooks v2.14
Install plugin replication version v2.14 [y/N]? y
Installed replication v2.14
Install plugin reviewnotes version v2.14 [y/N]? y
Installed reviewnotes v2.14
Install plugin singleusergroup version v2.14 [y/N]? y
Installed singleusergroup v2.14
Initializing plugins.
```

上述安装过程中的配置可以在/home/gerrit/review/etc/gerrit.config中修改
cat /home/gerrit/review/etc/gerrit.config

```
[gerrit]
    basePath = git
    serverId = c93e379b-1e8b-4117-860c-ca7fb2818897
    canonicalWebUrl = http://review.linuxtoy.cn:8081/
[database]
    type = mysql
    hostname = localhost
    database = gerritdb
    username = gerrit
[index]
    type = LUCENE
[auth]
    type = HTTP
[receive]
    enableSignedPush = false
[sendemail]
    smtpServer = mail.linuxtoy.cn
    smtpServerPort = 465
    smtpEncryption = SSL
    smtpUser = gerrit@linuxtoy.cn
[container]
    user = gerrit
    javaHome = /usr/lib/jvm/java-8-openjdk-amd64/jdk1.8.0_172/jre
[sshd]
    listenAddress = *:29418
[httpd]
    listenUrl = proxy-http://*:8081/
[cache]
    directory = cache
```

sudo chown -R gerrit:gerrit /home/gerrit/review

# Configure Apache2

enable the proxy, ssl, socache_shmcb module

/etc/apache2/mods-enabled/
```
proxy_balancer.conf -> ../mods-available/proxy_balancer.conf
proxy_balancer.load -> ../mods-available/proxy_balancer.load
proxy.conf -> ../mods-available/proxy.conf
proxy_http.load -> ../mods-available/proxy_http.load
proxy.load -> ../mods-available/proxy.load

ssl.conf -> ../mods-available/ssl.conf
ssl.load -> ../mods-available/ssl.load

socache_shmcb.load -> ../mods-available/socache_shmcb.load
slotmem_shm.load -> ../mods-available/slotmem_shm.load
```

在/etc/apache2/sites-enabled 下添加gerrit的配置文件
```
<VirtualHost review.linuxtoy.cn:80>
	ServerAdmin caodan@linuxtoy.cn
	ServerName  review.linuxtoy.cn

	ProxyRequests Off
	ProxyVia Off
	ProxyPreserveHost On

	<Proxy *>
		Order deny,allow
		Allow from all
	</Proxy>

	<Location /login/>
		AuthType Basic
		AuthName "Welcome to Gerrit Code Review Site!"
		Require valid-user
		AuthBasicProvider file
		AuthUserFile /home/gerrit/review/etc/passwords
	</Location>

	AllowEncodedSlashes On
	ProxyPass / http://review.linuxtoy.cn:8081/

	# The ProxyPass 8081 must be same with the review_site/etc/gerrit.config
	# When access the http://xxxx:80   Apache2 will lead you to http://xxxxx:8081
</VirtualHost>
```

在上述配置中有一个文件 /home/gerrit/review/etc/passwords
Apache2配置中存在一个AuthUserFile路径,用于执行http认证方式的
在安装gerrit时Authentication method参数设定为http方式，所以需要创建对应的auth file

这个文件用于保存gerrit用户数据,包括用户名和密码,密码使用了MD5加密方式保存
第一个用户将会成为gerrit系统管理员账户,创建用户时使用如下命令
	cd /home/gerrit/review/etc
	sudo touch passwords
	sudo htpasswd -b passwords USER_NAME PASSWORD
	
htpasswd在apache2-utils软件包中


# Start gerrit

	sudo -u gerrit ./gerrit.sh restart
	
# FAQ

## gerrit start failed without any error log

	./gerrit.sh start
	Starting Gerrit Code Review: 
    FAILED
    启动gerrit fail, 但是log里面又没有任何的记录
    并且gerrit的进程创建成功：
    ps -elf | grep gerit
    "GerritCodeReview -jar /home/gerrit/review/bin/gerrit.war daemon -d /home/gerrit/review --run-id=1533356869.2161"
    
    The problem might be lack of entropy. Gerrit reads from /dev/random,
	and on a headless server the entropy might be exhausted before Gerrit has had time to start up.

    A fix could be to install the haveged package. Since you're on ubuntu, the required commands would be:
	sudo apt-get install haveged

    After doing this, Gerrit should start relatively quickly.
	
	上面的解决方法来自于：
	https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged