various fixes after testing [release 13.10.0-2mamba;Mon Mar 29 2021]

This commit is contained in:
Silvan Calarco 2024-01-05 23:04:32 +01:00
parent 56d1a0541e
commit 2557c5c2db
15 changed files with 799 additions and 0 deletions

View File

@ -1,2 +1,6 @@
# gitlab-foss
GitLab Community Edition (CE) is open source software to collaborate on code.
Create projects and repositories, manage access and do code reviews.
GitLab CE is on-premises software that you can install and use on your server(s).

View File

@ -0,0 +1,11 @@
--- gitlab-foss-13.10.0/Gemfile.orig 2021-03-28 22:15:03.398252822 +0200
+++ gitlab-foss-13.10.0/Gemfile 2021-03-28 22:15:17.792514825 +0200
@@ -277,7 +277,7 @@
gem 'charlock_holmes', '~> 0.7.7'
# Detect mime content type from content
-gem 'mimemagic', '~> 0.3.2'
+gem 'mimemagic', '0.3.5', git: 'https://github.com/mimemagicrb/mimemagic', ref: '01f92d8'
# Faster blank
gem 'fast_blank'

44
gitlab-apache-conf Normal file
View File

@ -0,0 +1,44 @@
#This configuration has been tested on GitLab 6.0.0 and GitLab 6.0.1
#Note this config assumes unicorn is listening on default port 8080.
#Module dependencies
# mod_rewrite
# mod_proxy
# mod_proxy_http
<VirtualHost *:80>
ServerName gitlab.example.com
ServerSignature Off
ProxyPreserveHost On
<Location />
# New authorization commands for apache 2.4 and up
# http://httpd.apache.org/docs/2.4/upgrading.html#access
Require all granted
ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse http://gitlab.openmamba.org/
</Location>
#apache equivalent of nginx try files
# http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
# http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA]
# needed for downloading attachments
DocumentRoot /var/lib/gitlab/www/public
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/gitlab.example.com_error.log
CustomLog /var/log/httpd/gitlab.example.com_forwarded.log common_forwarded
CustomLog /var/log/httpd/gitlab.example.com_access.log combined env=!dontlog
CustomLog /var/log/httpd/gitlab.example.com.log combined
</VirtualHost>

19
gitlab-backup.service Normal file
View File

@ -0,0 +1,19 @@
[Unit]
Description=GitLab Backup process
Requires=
After=network.target
[Service]
Type=oneshot
User=gitlab
Group=gitlab
SyslogIdentifier=gitlab-backup
WorkingDirectory=/usr/share/gitlab
EnvironmentFile=/usr/share/gitlab/environment
CapabilityBoundingSet=
PrivateTmp=true
PrivateDevices=true
ProtectSystem=full
ProtectHome=true
NoNewPrivileges=true
ExecStart=/usr/bin/bundle exec rake gitlab:backup:create

10
gitlab-backup.timer Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=Daily gitlab backup
[Timer]
OnCalendar=daily
AccuracySec=12h
Persistent=true
[Install]
WantedBy=timers.target

319
gitlab-configs.patch Normal file
View File

@ -0,0 +1,319 @@
commit 3e313894380af46476b8ef5859bcd653defba3c4
Author: Anatol Pomozov <anatol.pomozov@gmail.com>
Date: Tue May 26 00:01:38 2020 -0700
Patch config files with Arch Linux specific locations
Arch uses upstream's default config files as a base for its configs.
But directory structure at Arch is completely different from the default
one specified by gitlab project.
We used to have a lot of seds expressions to adjust the files but as
complexity of configs grew 'sed' makes it easy to miss a changed/added
option.
Track set of diffs as a patch. If upstream modifies config file then it
will cause a conflict that needs to be reviewed manually.
diff --git a/config/database.yml.postgresql b/config/database.yml.postgresql
index ca1ff4db1b4..7c6dbbf0a12 100644
--- a/config/database.yml.postgresql
+++ b/config/database.yml.postgresql
@@ -5,7 +5,7 @@ production:
adapter: postgresql
encoding: unicode
database: gitlabhq_production
- username: git
+ username: gitlab
password: "secure password"
host: localhost
# load_balancing:
@@ -38,7 +38,7 @@ staging:
adapter: postgresql
encoding: unicode
database: gitlabhq_staging
- username: git
+ username: gitlab
password: "secure password"
host: localhost
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 57ece521301..c3725baccdf 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -85,7 +85,7 @@ production: &base
#- 2001:0db8::/32
# Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
- # user: git
+ user: gitlab
## Date & Time settings
# Uncomment and customize if you want to change the default time zone of GitLab application.
@@ -105,15 +105,15 @@ production: &base
# enabled: false
# S/MIME private key file in PEM format, unencrypted
# Default is '.gitlab_smime_key' relative to Rails.root (i.e. root of the GitLab app).
- # key_file: /home/git/gitlab/.gitlab_smime_key
+ # key_file: /var/lib/gitlab/.gitlab_smime_key
# S/MIME public certificate key in PEM format, will be attached to signed messages
# Default is '.gitlab_smime_cert' relative to Rails.root (i.e. root of the GitLab app).
- # cert_file: /home/git/gitlab/.gitlab_smime_cert
+ # cert_file: /var/lib/gitlab/.gitlab_smime_cert
# S/MIME extra CA public certificates in PEM format, will be attached to signed messages
# Optional
- # ca_certs_file: /home/git/gitlab/.gitlab_smime_ca_certs
+ # ca_certs_file: /var/lib/gitlab/.gitlab_smime_ca_certs
- # Email server smtp settings are in config/initializers/smtp_settings.rb.sample
+ # Email server smtp settings are in /etc/gitlab/smtp_settings.rb
# default_can_create_group: false # default: true
# username_changing_enabled: false # default: true - User can change their username/namespace
@@ -159,7 +159,7 @@ production: &base
## Repository downloads directory
# When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory.
# The default is 'shared/cache/archive/' relative to the root of the Rails app.
- # repository_downloads_path: shared/cache/archive/
+ repository_downloads_path: /var/lib/gitlab/shared/cache/archive
## Impersonation settings
impersonation_enabled: true
@@ -205,7 +205,7 @@ production: &base
# Since `mail_room` is run independently of Rails, an absolute path is preferred.
# The default is 'log/mail_room_json.log' relative to the root of the Rails app.
#
- # log_path: log/mail_room_json.log
+ log_path: /var/log/gitlab/mail_room_json.log
# Whether to expunge (permanently remove) messages from the mailbox when they are deleted after delivery
expunge_deleted: false
@@ -244,7 +244,7 @@ production: &base
artifacts:
enabled: true
# The location where build artifacts are stored (default: shared/artifacts).
- # path: shared/artifacts
+ path: /var/lib/gitlab/shared/artifacts
# object_store:
# enabled: false
# remote_directory: artifacts # The bucket name
@@ -264,7 +264,7 @@ production: &base
# be stored on disk, or in object storage
enabled: false
# The location where external diffs are stored (default: shared/lfs-external-diffs).
- # storage_path: shared/external-diffs
+ storage_path: /var/lib/gitlab/shared/external-diffs
# object_store:
# enabled: false
# remote_directory: external-diffs
@@ -280,7 +280,7 @@ production: &base
lfs:
enabled: true
# The location where LFS objects are stored (default: shared/lfs-objects).
- # storage_path: shared/lfs-objects
+ storage_path: /var/lib/gitlab/shared/lfs-objects
object_store:
enabled: false
remote_directory: lfs-objects # Bucket name
@@ -324,7 +324,7 @@ production: &base
enabled: true
dpkg_deb_path: /usr/bin/dpkg-deb
# The location where build packages are stored (default: shared/packages).
- # storage_path: shared/packages
+ storage_path: /var/lib/gitlab/shared/packages
object_store:
enabled: false
remote_directory: packages # The bucket name
@@ -345,7 +345,7 @@ production: &base
dependency_proxy:
enabled: true
# The location where build packages are stored (default: shared/dependency_proxy).
- # storage_path: shared/dependency_proxy
+ storage_path: /var/lib/gitlab/shared/dependency_proxy
object_store:
enabled: false
remote_directory: dependency_proxy # The bucket name
@@ -366,7 +366,7 @@ production: &base
terraform_state:
enabled: true
# The location where Terraform state files are stored (default: shared/terraform_state).
- # storage_path: shared/terraform_state
+ storage_path: /var/lib/gitlab/shared/terraform_state
object_store:
enabled: false
remote_directory: terraform # The bucket name
@@ -385,7 +385,7 @@ production: &base
enabled: false
access_control: false
# The location where pages are stored (default: shared/pages).
- # path: shared/pages
+ path: /var/lib/gitlab/shared/pages
# The domain under which the pages are served:
# http://group.example.com/project
@@ -399,7 +399,7 @@ production: &base
# File that contains the shared secret key for verifying access for gitlab-pages.
# Default is '.gitlab_pages_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_pages_secret
+ secret_file: /var/lib/gitlab/.gitlab_pages_secret
object_store:
enabled: false
remote_directory: pages # The bucket name
@@ -557,7 +557,7 @@ production: &base
# port: 5005
# api_url: http://localhost:5000/ # internal address to the registry, will be used by GitLab to directly communicate with API
# key: config/registry.key
- # path: shared/registry
+ path: /var/lib/gitlab/shared/registry
# issuer: gitlab-issuer
# notification_secret: '' # only set it when you use Geo replication feature without built-in Registry
@@ -614,7 +614,7 @@ production: &base
# add_pusher: true
# The location where build traces are stored (default: builds/). Relative paths are relative to Rails.root
- # builds_path: builds/
+ builds_path: /var/lib/gitlab/builds
#
# 3. Auth settings
@@ -1064,7 +1064,7 @@ production: &base
# Shared file storage settings
shared:
- # path: /mnt/gitlab # Default: shared
+ path: /var/lib/gitlab/shared # Default: shared
# Encrypted Settings configuration
encrypted_settings:
@@ -1073,7 +1073,7 @@ production: &base
# Gitaly settings
gitaly:
# Path to the directory containing Gitaly client executables.
- client_path: /home/git/gitaly
+ client_path: /usr/bin
# Default Gitaly authentication token. Can be overridden per storage. Can
# be left blank when Gitaly is running locally on a Unix socket, which
# is the normal way to deploy Gitaly.
@@ -1091,13 +1091,13 @@ production: &base
# real path not the symlink.
storages: # You must have at least a `default` storage path.
default:
- path: /home/git/repositories/
- gitaly_address: unix:/home/git/gitlab/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port).
+ path: /var/lib/gitlab/repositories
+ gitaly_address: unix:/run/gitlab/gitlab-gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port).
# gitaly_token: 'special token' # Optional: override global gitaly.token for this storage.
## Backup settings
backup:
- path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/)
+ path: "/var/lib/gitlab/backups" # Relative paths are relative to Rails.root (default: tmp/backups/)
# archive_permissions: 0640 # Permissions for the resulting backup.tar file (default: 0600)
# keep_time: 604800 # default: 0 (forever) (in seconds)
# pg_schema: public # default: nil, it means that all schemas will be backed up
@@ -1138,12 +1138,12 @@ production: &base
## GitLab Shell settings
gitlab_shell:
- path: /home/git/gitlab-shell/
- authorized_keys_file: /home/git/.ssh/authorized_keys
+ path: /usr/share/gitlab-shell
+ authorized_keys_file: /var/lib/gitlab/.ssh/authorized_keys
# File that contains the secret key for verifying access for gitlab-shell.
# Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_shell_secret
+ # secret_file: /var/lib/gitlab/.gitlab_shell_secret
# Git over HTTP
upload_pack: true
@@ -1158,13 +1158,13 @@ production: &base
workhorse:
# File that contains the secret key for verifying access for gitlab-workhorse.
# Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_workhorse_secret
+ # secret_file: /var/lib/gitlab/.gitlab_workhorse_secret
gitlab_kas:
# enabled: true
# File that contains the secret key for verifying access for gitlab-kas.
# Default is '.gitlab_kas_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_kas_secret
+ # secret_file: /var/lib/gitlab/.gitlab_kas_secret
# The URL to the external KAS API (used by the Kubernetes agents)
# external_url: wss://kas.example.com
@@ -1174,7 +1174,7 @@ production: &base
## GitLab Elasticsearch settings
elasticsearch:
- indexer_path: /home/git/gitlab-elasticsearch-indexer/
+ indexer_path: /var/lib/gitlab/elasticsearch-indexer
## Git settings
# CAUTION!
diff --git a/config/initializers/smtp_settings.rb.sample b/config/initializers/smtp_settings.rb.sample
index bd37080b1c8..f956e786071 100644
--- a/config/initializers/smtp_settings.rb.sample
+++ b/config/initializers/smtp_settings.rb.sample
@@ -1,13 +1,6 @@
-# To enable smtp email delivery for your GitLab instance do the following:
-# 1. Rename this file to smtp_settings.rb
-# 2. Edit settings inside this file
-# 3. Restart GitLab instance
-#
# For full list of options and their values see http://api.rubyonrails.org/classes/ActionMailer/Base.html
-#
-# If you change this file in a Merge Request, please also create a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
-if Rails.env.production?
+if false # To enable SMTP please replace 'false' with 'Rails.env.production?'
Rails.application.config.action_mailer.delivery_method = :smtp
ActionMailer::Base.delivery_method = :smtp
diff --git a/config/puma.rb.example b/config/puma.rb.example
index 9fc354a8fe8..e665079117e 100644
--- a/config/puma.rb.example
+++ b/config/puma.rb.example
@@ -5,11 +5,11 @@
# The default is "config.ru".
#
rackup 'config.ru'
-pidfile '/home/git/gitlab/tmp/pids/puma.pid'
-state_path '/home/git/gitlab/tmp/pids/puma.state'
+pidfile '/run/gitlab/puma.pid'
+state_path '/run/gitlab/puma.state'
-stdout_redirect '/home/git/gitlab/log/puma.stdout.log',
- '/home/git/gitlab/log/puma.stderr.log',
+stdout_redirect '/var/log/gitlab/puma.stdout.log',
+ '/var/log/gitlab/puma.stderr.log',
true
# Configure "min" to be the minimum number of threads to use to answer
@@ -31,12 +31,12 @@ queue_requests false
# Bind the server to "url". "tcp://", "unix://" and "ssl://" are the only
# accepted protocols.
-bind 'unix:///home/git/gitlab/tmp/sockets/gitlab.socket'
+bind 'unix:///run/gitlab/gitlab.socket'
workers 3
-require_relative "/home/git/gitlab/lib/gitlab/cluster/lifecycle_events"
-require_relative "/home/git/gitlab/lib/gitlab/cluster/puma_worker_killer_initializer"
+require_relative "/usr/share/gitlab/lib/gitlab/cluster/lifecycle_events"
+require_relative "/usr/share/gitlab/lib/gitlab/cluster/puma_worker_killer_initializer"
on_restart do
# Signal application hooks that we're about to restart
@@ -80,7 +80,7 @@ if defined?(nakayoshi_fork)
end
# Use json formatter
-require_relative "/home/git/gitlab/lib/gitlab/puma_logging/json_formatter"
+require_relative "/usr/share/gitlab/lib/gitlab/puma_logging/json_formatter"
json_formatter = Gitlab::PumaLogging::JSONFormatter.new
log_formatter do |str|

3
gitlab-environment Normal file
View File

@ -0,0 +1,3 @@
RAILS_ENV=production
EXECJS_RUNTIME=Disabled
RUBYOPT='-W:no-deprecated'

266
gitlab-foss.spec Normal file
View File

@ -0,0 +1,266 @@
# Based on Arch Linux PKGBUILD for 13.10.0
%define gitlab_uid 65434
%define gitlab_gid 65434
%define _use_internal_dependency_generator 0
Name: gitlab-foss
Version: 13.10.0
Release: 2mamba
Summary: A Web interface to create projects and repositories, manage access and do code reviews
Group: Applications/Web
Vendor: openmamba
Distribution: openmamba
Packager: Silvan Calarco <silvan.calarco@mambasoft.it>
URL: https://www.gitlab.com/gitlab-foss/
Source: https://gitlab.com/gitlab-org/gitlab-foss.git/v%{version}/gitlab-foss-%{version}.tar.bz2
#Source: https://gitlab.com/gitlab-org/gitlab-ce.git/v%{version}/gitlab-ce-%{version}.tar.bz2
License: MIT
Source1: gitlab.target
Source2: gitlab-sidekiq.service
Source3: gitlab-unicorn.service
Source4: gitlab.logrotate
Source5: gitlab.tmpfiles.d
Source6: gitlab-apache-conf
Source7: gitlab-environment
Source8: gitlab-backup.service
Source9: gitlab-backup.timer
Source10: gitlab-mailroom.service
Source11: gitlab-puma.service
Patch0: gitlab-configs.patch
Patch1: gitlab-13.10.0-Gemfile-mimemagic-fix.patch
## AUTOBUILDREQ-BEGIN
BuildRequires: glibc-devel
BuildRequires: libassuan-devel
BuildRequires: libffi-devel
BuildRequires: libgcc
BuildRequires: libgpg-error-devel
BuildRequires: libgpgme-devel
BuildRequires: libicu-devel
BuildRequires: liblzma-devel
BuildRequires: libopenssl-devel
BuildRequires: libperl
BuildRequires: libpostgresql-devel
BuildRequires: libre2-devel
BuildRequires: libruby-devel
BuildRequires: libssh2-devel
BuildRequires: libstdc++6-devel
BuildRequires: libz-devel
BuildRequires: perl-File-Find-Rule
BuildRequires: perl-IPC-Run3
BuildRequires: perl-devel
BuildRequires: perl-Parallel-Runner
## AUTOBUILDREQ-END
BuildRequires: ruby
BuildRequires: yarn
BuildRequires: go
BuildRequires: nodejs
Requires: ruby >= 1:2.7
Requires: ruby < 1:2.8
Requires: redis
Requires: postgresql
#Requires: apache
Requires: git
Requires(pre): gitlab-shell >= 13.17.0
Requires: gitlab-gitaly
Requires: gitlab-workhorse
Provides: gitlab
Obsoletes: gitlab < 13.10.0
Obsoletes: gitlab-ce < 13.10.0
%description
GitLab Community Edition (CE) is open source software to collaborate on code.
Create projects and repositories, manage access and do code reviews.
GitLab CE is on-premises software that you can install and use on your server(s).
%debug_package
%prep
%setup -q -n gitlab-foss-%{version} -D -T
:<< _EOF
%global __requires_exclude_from ^%{_datadir}/gitlab/vendor/.*$
%patch0 -p1
%patch1 -p1
cp config/gitlab.yml.example config/gitlab.yml
cp config/database.yml.postgresql config/database.yml
cp config/puma.rb.example config/puma.rb
cp config/resque.yml.example config/resque.yml
cp config/secrets.yml.example config/secrets.yml
cp config/initializers/smtp_settings.rb.sample config/initializers/smtp_settings.rb
# https://github.com/bundler/bundler/issues/6882
sed -e '/BUNDLED WITH/,+1d' -i Gemfile.lock
bundle lock --update=bundler-audit
# 'lock' adds 'BUNDLED WITH' back. Remove it again.
sed -e '/BUNDLED WITH/,+1d' -i Gemfile.lock
%build
:<< _EOF
echo "Fetching bundled gems..."
# Gems will be installed into vendor/bundle
bundle config build.gpgme --use-system-libraries
bundle config force_ruby_platform true
bundle install --jobs=$(nproc) --no-cache --deployment --without development test aws kerberos
yarn install --production --pure-lockfile
bundle exec rake gitlab:assets:compile RAILS_ENV=production NODE_ENV=production NODE_OPTIONS="--max_old_space_size=4096"
bundle exec rake gettext:compile RAILS_ENV=production
%install
[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
%define homedir %{_localstatedir}/lib/gitlab
install -d %{buildroot}%{_datadir}/gitlab
cp -r * %{buildroot}%{_datadir}/gitlab/
cp -r .[a-zA-Z0-9]* %{buildroot}%{_datadir}/gitlab/
# Remove unneeded directories: node_modules is only needed during build
rm -r %{buildroot}%{_datadir}/gitlab/node_modules
for dir in spec qa rubocop app/assets vendor/assets; do
rm -r %{buildroot}%{_datadir}/gitlab/${dir}
done
rm -r %{buildroot}%{_datadir}/gitlab/{builds,tmp,log,shared}
install -d \
%{buildroot}%{_datadir}/gitlab \
%{buildroot}%{homedir}/shared/{artifacts,lfs-objects} \
%{buildroot}%{homedir}/builds \
%{buildroot}%{homedir}/uploads \
%{buildroot}%{homedir}/backups \
%{buildroot}%{_sysconfdir}/gitlab \
%{buildroot}%{_localstatedir}/log/gitlab \
%{buildroot}%{_docdir}/gitlab \
# Rails app hardcodes/configures by default that data is stored under $_appdir
# Create symlinks that point to data directories under /var
ln -fs %{_localstatedir}/log/gitlab %{buildroot}%{_datadir}/gitlab/log
ln -fs ../../..%{homedir}/builds %{buildroot}%{_datadir}/gitlab/builds
ln -fs ../../..%{homedir}/tmp %{buildroot}%{_datadir}/gitlab/tmp
mkdir -p %{buildroot}%{homedir}/tmp/backups
ln -fs ../../../..%{homedir}/uploads %{buildroot}%{_datadir}/gitlab/public/uploads
ln -fs ../../..%{homedir}/shared %{buildroot}%{_datadir}/gitlab/shared
# TODO: workhorse and shell secret files are the application data and should be stored under /var/lib/gitlab
ln -fs ../../..%{_sysconfdir}/gitlab/gitlab_workhorse_secret %{buildroot}%{_datadir}/gitlab/.gitlab_workhorse_secret
ln -fs ../../..%{_sysconfdir}/gitlab/gitlab-shell-secret %{buildroot}%{_datadir}/gitlab/.gitlab_shell_secret
# Install config files
for config_file in gitlab.yml database.yml puma.rb resque.yml secrets.yml; do
cp config/${config_file} %{buildroot}%{_sysconfdir}/gitlab/
# TODO: configure rails app to use configs right from /etc
ln -fs ../../../..%{_sysconfdir}/gitlab/${config_file} %{buildroot}%{_datadir}/gitlab/config/
done
cp config/initializers/smtp_settings.rb %{buildroot}%{_sysconfdir}/gitlab/
ln -fs ../../../../..%{_sysconfdir}/gitlab/smtp_settings.rb %{buildroot}%{_datadir}/gitlab/config/initializers/smtp_settings.rb
# Install secrets symlink
# TODO: ruby uses _appdir to load config files. Figure out if we can load files directly from /etc
ln -fs ../../../..%{_sysconfdir}/gitlab/secrets.yml %{buildroot}%{_datadir}/gitlab/config/secrets.yml
install -Dm644 %{SOURCE7} %{buildroot}%{_datadir}/gitlab/environment
# Install systemd service files
install -D -m0644 %{S:1} %{buildroot}%{_unitdir}/gitlab.target
install -D -m0644 %{S:2} %{buildroot}%{_unitdir}/gitlab-sidekiq.service
install -D -m0644 %{S:3} %{buildroot}%{_unitdir}/gitlab-unicorn.service
install -D -m0644 %{S:8} %{buildroot}%{_unitdir}/gitlab-backup.service
install -D -m0644 %{S:9} %{buildroot}%{_unitdir}/gitlab-backup.timer
install -D -m0644 %{S:10} %{buildroot}%{_unitdir}/gitlab-mailroom.service
install -D -m0644 %{S:11} %{buildroot}%{_unitdir}/gitlab-puma.service
install -D -m0644 %{S:4} %{buildroot}%{_sysconfdir}/logrotate.d/gitlab.logrotate
install -D -m0644 %{S:5} %{buildroot}%{_tmpfilesdir}/gitlab.conf
install -D -m0644 %{S:6} %{buildroot}%{_sysconfdir}/httpd/httpd.d/gitlab.conf.example
# Fix weird shebang causing weird require
sed -i "s|#!/this/.*|#!/usr/bin/ruby|" %{buildroot}%{_datadir}/gitlab/vendor/bundle/ruby/*/gems/unicorn-*/bin/unicorn*
%clean
[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
%preun
%systemd_preun gitlab.target
:
%post
%systemd_post gitlab.target
if [ $1 -eq 1 ]; then
echo "Configure your /etc/gitlab/gitlab.yml"
echo "Set up your redis to run on /run/redis/redis.sock or configure gitlab to use redis TCP"
echo "Put a secret bytestring to /etc/gitlab/secret"
echo "Configure /etc/webapps/gitlab/secrets.yml"
echo "Setup the database:"
echo "$ (cd /usr/share/gitlab && sudo -u gitlab \$(cat environment | xargs) bundle exec rake gitlab:setup)"
echo "Finally run the following commands to check your installation:"
echo "$ (cd /usr/share/gitlab && sudo -u gitlab \$(cat environment | xargs) bundle exec rake gitlab:env:info)"
echo "$ (cd /usr/share/gitlab && sudo -u gitlab \$(cat environment | xargs) bundle exec rake gitlab:check)"
#sudo -u gitlab -H git config --global user.name "GitLab"
#sudo -u gitlab -H git config --global user.email "gitlab@localhost"
#sudo -u gitlab -H git config --global core.autocrlf input
#echo "Create and configure database in /etc/gitlab/database.yml"
#echo "Then run 'sudo -u gitlab bundle exec rake gitlab:setup RAILS_ENV=production'"
#echo
fi
if [ $1 -gt 1 ]; then
echo "You should upgrade your database:"
echo "$ (cd /usr/share/gitlab && sudo -u gitlab \$(cat environment | xargs) bundle exec rake db:migrate)"
echo "Afterwards, restart gitlab-related services:"
echo "# systemctl daemon-reload"
echo "# systemctl restart gitlab-sidekiq gitlab-puma gitlab-workhorse gitlab-gitaly"
fi
:
%postun
%systemd_postun_with_restart gitlab.target
:
%files
%defattr(-,root,root)
%dir %{_sysconfdir}/gitlab
%config(noreplace) %{_sysconfdir}/gitlab/database.yml
%config(noreplace) %{_sysconfdir}/gitlab/gitlab.yml
%config(noreplace) %{_sysconfdir}/gitlab/puma.rb
%config(noreplace) %{_sysconfdir}/gitlab/resque.yml
%config(noreplace) %{_sysconfdir}/gitlab/secrets.yml
%config(noreplace) %{_sysconfdir}/gitlab/smtp_settings.rb
%{_sysconfdir}/httpd/httpd.d/gitlab.conf.example
%{_sysconfdir}/logrotate.d/gitlab.logrotate
%{_unitdir}/gitlab-backup.service
%{_unitdir}/gitlab-backup.timer
%{_unitdir}/gitlab-mailroom.service
%{_unitdir}/gitlab-puma.service
%{_unitdir}/gitlab-sidekiq.service
%{_unitdir}/gitlab-unicorn.service
%{_unitdir}/gitlab.target
%{_tmpfilesdir}/gitlab.conf
%{_datadir}/gitlab
%dir %attr(0750,gitlab,gitlab) %{homedir}/builds
%dir %attr(0700,gitlab,gitlab) %{homedir}/uploads
%dir %attr(0750,gitlab,gitlab) %{homedir}/shared
%dir %attr(0750,gitlab,gitlab) %{homedir}/shared/artifacts
%dir %attr(0750,gitlab,gitlab) %{homedir}/shared/lfs-objects
%dir %attr(0750,gitlab,gitlab) %{homedir}/tmp
%dir %attr(0750,gitlab,gitlab) %{homedir}/tmp/backups
%doc LICENSE
%changelog
* Mon Mar 29 2021 Silvan Calarco <silvan.calarco@mambasoft.it> 13.10.0-2mamba
- various fixes after testing
* Sun Mar 28 2021 Silvan Calarco <silvan.calarco@mambasoft.it> 13.10.0-1mamba
- update to 13.10.0
* Sat Nov 21 2015 Silvan Calarco <silvan.calarco@mambasoft.it> 8.1.4-1mamba
- update to 8.1.4
* Tue Jul 08 2014 Silvan Calarco <silvan.calarco@mambasoft.it> 6.9.2-1mamba
- update to 6.9.2
* Sun May 25 2014 Silvan Calarco <silvan.calarco@mambasoft.it> 6.9.0-1mamba
- package created using the webbuild interface

21
gitlab-mailroom.service Normal file
View File

@ -0,0 +1,21 @@
[Unit]
Description=Gitlab Mailroom Worker
Requires=gitlab-puma.service
Wants=gitlab-puma.service
After=gitlab-puma.service
StartLimitIntervalSec=100s
[Service]
User=gitlab
Group=gitlab
WorkingDirectory=/usr/share/gitlab
EnvironmentFile=/usr/share/gitlab/environment
SyslogIdentifier=gitlab-mailroom
PIDFile=/run/gitlab/mailroom.pid
ExecStart=/usr/bin/bundle exec mail_room -q -c /usr/share/gitlab/config/mail_room.yml
ExecStop=/usr/bin/kill -QUIT $MAINPID
Restart=on-failure
RestartSec=1
[Install]
WantedBy=multi-user.target

34
gitlab-puma.service Normal file
View File

@ -0,0 +1,34 @@
[Unit]
Description=GitLab Puma Server
Requires=redis.service
Wants=postgresql.service
After=redis.service postgresql.service network.target
StartLimitIntervalSec=100s
[Service]
User=gitlab
Group=gitlab
WorkingDirectory=/usr/share/gitlab
EnvironmentFile=/usr/share/gitlab/environment
SyslogIdentifier=gitlab-puma
PIDFile=/run/gitlab/puma.pid
RuntimeDirectory=gitlab
RuntimeDirectoryPreserve=yes
RuntimeDirectoryMode=775
PrivateTmp=true
PrivateDevices=true
ProtectSystem=full
ProtectHome=true
# These options break Gitlab's email delivery if you
# use postfix' sendmail wrapper. If you use an SMTP server
# instead you can safely enable these security features.
#NoNewPrivileges=true
#CapabilityBoundingSet=
ExecStart=/usr/bin/bundle exec puma -C /usr/share/gitlab/config/puma.rb -e production
ExecStop=/usr/bin/kill -QUIT $MAINPID
ExecReload=/usr/bin/kill -USR2 $MAINPID
Restart=on-failure
RestartSec=1
[Install]
WantedBy=multi-user.target

30
gitlab-sidekiq.service Normal file
View File

@ -0,0 +1,30 @@
[Unit]
Description=GitLab Sidekiq Worker
Requires=redis.service gitlab-puma.service
Wants=postgresql.service
After=redis.service postgresql.service network.target gitlab-puma.service
JoinsNamespaceOf=gitlab-puma.service
StartLimitIntervalSec=100s
[Service]
User=gitlab
Group=gitlab
WorkingDirectory=/usr/share/gitlab
EnvironmentFile=/usr/share/gitlab/environment
SyslogIdentifier=gitlab-sidekiq
PIDFile=/run/gitlab/sidekiq.pid
PrivateTmp=true
ProtectSystem=full
ProtectHome=true
# These options break Gitlab's email delivery if you
# use postfix' sendmail wrapper. If you use an SMTP server
# instead you can safely enable these security features.
#NoNewPrivileges=true
#CapabilityBoundingSet=
ExecStart=/usr/bin/bundle exec sidekiq -C /usr/share/gitlab/config/sidekiq_queues.yml -e production
ExecStop=/usr/bin/bundle exec sidekiqctl stop /run/gitlab/sidekiq.pid
Restart=on-failure
RestartSec=1
[Install]
WantedBy=multi-user.target

24
gitlab-unicorn.service Normal file
View File

@ -0,0 +1,24 @@
#####################################################
#
# GitLab version : 5.x - 6.x
# Contributors : davispuh, mtorromeo, axilleas, boeserwolf91
# Downloaded from : https://github.com/gitlabhq/gitlab-recipes/tree/master/init/systemd
#
####################################################
[Unit]
Description=GitLab Unicorn Server
[Service]
User=gitlab
WorkingDirectory=/var/lib/gitlab
Environment=RAILS_ENV=production
SyslogIdentifier=gitlab-unicorn
PIDFile=/var/lib/gitlab/pids/unicorn.pid
ExecStart=/var/lib/gitlab/bin/bundle exec "unicorn_rails -c /var/lib/gitlab/config/unicorn.rb -E production"
ExecStop=kill -QUIT $MAINPID
ExecReload=kill -USR2 $MAINPID
[Install]
WantedBy=gitlab.target

6
gitlab.logrotate Normal file
View File

@ -0,0 +1,6 @@
/var/log/gitlab/*.log {
missingok
compress
notifempty
copytruncate
}

7
gitlab.target Normal file
View File

@ -0,0 +1,7 @@
[Unit]
Description=GitLab - Self Hosted Git Management
Requires=gitlab-puma.service gitlab-workhorse.service
Wants=gitlab-sidekiq.service gitlab-backup.timer gitlab-gitaly.service gitlab-mailroom.service
[Install]
WantedBy=multi-user.target

1
gitlab.tmpfiles.d Normal file
View File

@ -0,0 +1 @@
d /run/gitlab 0755 gitlab gitlab -