From 75bcb79ca6495cc9dd900fbb00210dbb351e7518 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Wed, 31 Jul 2013 14:59:21 +0300 Subject: [PATCH 01/41] Initial commit of new structure --- .../ReadMe-CentOS.md => init/sysvinit/centos/README.md | 0 {init.d => init/sysvinit/centos}/gitlab-centos | 0 install/archlinux/README.md | 0 install/{CentOS_6.md => centos/README.md} | 0 install/debian/README.md | 0 install/fedora/README.md | 0 install/gentoo/README.md | 0 install/{v4 => ubuntu}/README.md | 0 install/{v4 => ubuntu}/ubuntu_server_1204.sh | 0 nginx/ReadMe-CentOS.md | 9 --------- {apache => web-server/apache}/gitlab | 0 {lighttpd => web-server/lighttpd}/10-gitlab.conf | 0 {lighttpd => web-server/lighttpd}/README.md | 0 web-server/nginx/README.md | 10 ++++++++++ nginx/gitlab-https => web-server/nginx/gitlab-ssl | 0 15 files changed, 10 insertions(+), 9 deletions(-) rename init.d/ReadMe-CentOS.md => init/sysvinit/centos/README.md (100%) rename {init.d => init/sysvinit/centos}/gitlab-centos (100%) create mode 100644 install/archlinux/README.md rename install/{CentOS_6.md => centos/README.md} (100%) create mode 100644 install/debian/README.md create mode 100644 install/fedora/README.md create mode 100644 install/gentoo/README.md rename install/{v4 => ubuntu}/README.md (100%) rename install/{v4 => ubuntu}/ubuntu_server_1204.sh (100%) delete mode 100644 nginx/ReadMe-CentOS.md rename {apache => web-server/apache}/gitlab (100%) rename {lighttpd => web-server/lighttpd}/10-gitlab.conf (100%) rename {lighttpd => web-server/lighttpd}/README.md (100%) create mode 100644 web-server/nginx/README.md rename nginx/gitlab-https => web-server/nginx/gitlab-ssl (100%) diff --git a/init.d/ReadMe-CentOS.md b/init/sysvinit/centos/README.md similarity index 100% rename from init.d/ReadMe-CentOS.md rename to init/sysvinit/centos/README.md diff --git a/init.d/gitlab-centos b/init/sysvinit/centos/gitlab-centos similarity index 100% rename from init.d/gitlab-centos rename to init/sysvinit/centos/gitlab-centos diff --git a/install/archlinux/README.md b/install/archlinux/README.md new file mode 100644 index 0000000..e69de29 diff --git a/install/CentOS_6.md b/install/centos/README.md similarity index 100% rename from install/CentOS_6.md rename to install/centos/README.md diff --git a/install/debian/README.md b/install/debian/README.md new file mode 100644 index 0000000..e69de29 diff --git a/install/fedora/README.md b/install/fedora/README.md new file mode 100644 index 0000000..e69de29 diff --git a/install/gentoo/README.md b/install/gentoo/README.md new file mode 100644 index 0000000..e69de29 diff --git a/install/v4/README.md b/install/ubuntu/README.md similarity index 100% rename from install/v4/README.md rename to install/ubuntu/README.md diff --git a/install/v4/ubuntu_server_1204.sh b/install/ubuntu/ubuntu_server_1204.sh similarity index 100% rename from install/v4/ubuntu_server_1204.sh rename to install/ubuntu/ubuntu_server_1204.sh diff --git a/nginx/ReadMe-CentOS.md b/nginx/ReadMe-CentOS.md deleted file mode 100644 index 4f837bc..0000000 --- a/nginx/ReadMe-CentOS.md +++ /dev/null @@ -1,9 +0,0 @@ -# CentOS related Nginx notes - -If nginx installed through package manager, adjust sites in conf.d instead of sites-enabled. - -Set user gitlab in group root for user in nginx.conf: - - #user nginx; - user gitlab root; - diff --git a/apache/gitlab b/web-server/apache/gitlab similarity index 100% rename from apache/gitlab rename to web-server/apache/gitlab diff --git a/lighttpd/10-gitlab.conf b/web-server/lighttpd/10-gitlab.conf similarity index 100% rename from lighttpd/10-gitlab.conf rename to web-server/lighttpd/10-gitlab.conf diff --git a/lighttpd/README.md b/web-server/lighttpd/README.md similarity index 100% rename from lighttpd/README.md rename to web-server/lighttpd/README.md diff --git a/web-server/nginx/README.md b/web-server/nginx/README.md new file mode 100644 index 0000000..3952106 --- /dev/null +++ b/web-server/nginx/README.md @@ -0,0 +1,10 @@ +# CentOS related Nginx notes + +* If nginx is installed through the package manager, adjust sites in conf.d instead of sites-enabled. + +* Replace the default `nginx` user with `gitlab` in group `root`. + + In `/etc/nginx/nginx.conf`: + + #user nginx; + user gitlab root; diff --git a/nginx/gitlab-https b/web-server/nginx/gitlab-ssl similarity index 100% rename from nginx/gitlab-https rename to web-server/nginx/gitlab-ssl From 50e31298c49f26b3ac68149f0ba7343467bcd1ea Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Thu, 1 Aug 2013 01:11:14 +0300 Subject: [PATCH 02/41] Add initial readme for Gentoo/Archlinux --- install/archlinux/README.md | 14 ++++++++++++++ install/gentoo/README.md | 5 +++++ 2 files changed, 19 insertions(+) diff --git a/install/archlinux/README.md b/install/archlinux/README.md index e69de29..d3862eb 100644 --- a/install/archlinux/README.md +++ b/install/archlinux/README.md @@ -0,0 +1,14 @@ +Welcome to the Archlinux GitLab recipes. Here you will find installation scripts, +guides, how-tos and some useful links that will help you install GitLab on Archlinux. + + +## Useful links + +* [GitLab Wiki][] +* [GitLab PKGBUILD][] +* [gitlab-shell PKGBUILD][] + + +[GitLab Wiki]: https://wiki.archlinux.org/index.php/Gitlab +[GitLab PKGBUILD]: https://github.com/mtorromeo/archlinux-packages/tree/master/gitlab +[gitlab-shell PKGBUILD]: https://github.com/mtorromeo/archlinux-packages/tree/master/gitlab-shell diff --git a/install/gentoo/README.md b/install/gentoo/README.md index e69de29..ac09649 100644 --- a/install/gentoo/README.md +++ b/install/gentoo/README.md @@ -0,0 +1,5 @@ +## Links + +* http://wiki.gentoo.org/wiki/GitLab +* https://gist.github.com/int128/2360407 +* https://github.com/cvut/gentoo-overlay/tree/master/www-apps/gitlabhq From 86f65b50604b1ee053f7499e10674c5cdb7b0474 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Thu, 1 Aug 2013 09:28:51 +0300 Subject: [PATCH 03/41] Update general readme with instructions on Pull Requests --- README.md | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 96cb172..0824c3d 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,28 @@ gitlab-recipes ============== -GitLab recipes for setup on different platforms, update etc... +GitLab recipes for setup on different platforms, update etc. -### Every file should have section with maintainer name & gitlab version: +## Guidelines on community contributions + +Here you will find installation guides or automation scripts provided by the community, +for systems other than the officially supported (Debian/Ubuntu). + +Bare in mind that this repository is co-maintained by volunteers/contributors like you. + +### Accepting Pull Requests + +In each parent directory (install, init, web-server, etc.) you will find some conventions +you need to follow in order for your Pull Request to be accepted. + +Please stick as close as possible to the guidelines. That way we ensure quality guides +and easy to merge requests. + +Your Pull Request will be reviewed by one of our volunteers and you will be +asked to reformat it if needed. We don't bite and we will try to be as flexible +as possible, so don't get intimidated by the extent of the quidelines :) + + +- big versions +- Naming guidelines and General inforamtion is provided. - # GITLAB - # Maintainer: @randx - # App Version: 5.0 From e6f6f31ae249bde7d5ba6600326028db9aa7ed93 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Thu, 1 Aug 2013 09:29:40 +0300 Subject: [PATCH 04/41] Add readme for install guidelines --- install/README.md | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 install/README.md diff --git a/install/README.md b/install/README.md new file mode 100644 index 0000000..9961c53 --- /dev/null +++ b/install/README.md @@ -0,0 +1,41 @@ +## Naming guidelines + +- consists? >= 2 files: + +archlinux-gitlab + +## General information + +If you have an installation guide to provide, fill in the template and place it on top +of the guide or include it in your installation script (commented), again on top. + +### Template + +``` +Distribution : +GitLab version : +Web Server : +Init system : +Maintainer : +Additional Notes : +``` + +### Explanation + +|**Distribution:** | The official name and version of the platform/distribution, case sensitive. | +|**GitLab version** | GitLab version on which the guide/script was tested. | +|**Web Server** | The web server used to serve GitLab. May be two-fold, eg. apache with mod_passenger. | +|**Init system** | (Optional but recommended) The init system used by the platform if any. Examples: sysvinit, systemd, upstart, openrc, etc | +|**Maintainer** | Your github username (recommended in order to track you and give credits) or your real name or both. Example of the latter: thedude (Jeffrey Lebowski) | +|**Additional Notes** | Anything else you want to add. Any deviations form the official guide can be reported here. Eg. using different user than `git`, storing in different locations, etc.| + + +### Example + +``` +Distribution : Fedora 19 +GitLab version : 5.4 +Web Server : apache with mod_passenger +Maintainer : thedude +Additional Notes : the script installs `postgres` instead of `mysql` and user is `gitlab` instead of `git` +``` From f9bf3d166170bf00dcc223a330c99282393fe6f0 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Thu, 1 Aug 2013 09:34:35 +0300 Subject: [PATCH 05/41] Better wording --- install/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/README.md b/install/README.md index 9961c53..c8b112c 100644 --- a/install/README.md +++ b/install/README.md @@ -7,7 +7,7 @@ archlinux-gitlab ## General information If you have an installation guide to provide, fill in the template and place it on top -of the guide or include it in your installation script (commented), again on top. +of your guide or include it in your installation script (commented), again on top. ### Template From a9182174f75238a60d5216c6d02066464ad4f9ec Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Fri, 2 Aug 2013 10:55:45 +0300 Subject: [PATCH 06/41] Add opensuse --- install/opensuse/README.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 install/opensuse/README.md diff --git a/install/opensuse/README.md b/install/opensuse/README.md new file mode 100644 index 0000000..e69de29 From 91eafbb345e796ad55984b467934c14137a936e1 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Fri, 2 Aug 2013 11:05:40 +0300 Subject: [PATCH 07/41] Fix table --- install/README.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/install/README.md b/install/README.md index c8b112c..a67603b 100644 --- a/install/README.md +++ b/install/README.md @@ -22,12 +22,14 @@ Additional Notes : ### Explanation -|**Distribution:** | The official name and version of the platform/distribution, case sensitive. | -|**GitLab version** | GitLab version on which the guide/script was tested. | -|**Web Server** | The web server used to serve GitLab. May be two-fold, eg. apache with mod_passenger. | -|**Init system** | (Optional but recommended) The init system used by the platform if any. Examples: sysvinit, systemd, upstart, openrc, etc | -|**Maintainer** | Your github username (recommended in order to track you and give credits) or your real name or both. Example of the latter: thedude (Jeffrey Lebowski) | -|**Additional Notes** | Anything else you want to add. Any deviations form the official guide can be reported here. Eg. using different user than `git`, storing in different locations, etc.| +| Label | Explanation | +| ---------------- | ------------------------- | +| Distribution | The official name and version of the platform/distribution, case sensitive. | +| GitLab version | GitLab version on which the guide/script was tested. | +| Web Server | The web server used to serve GitLab. May be two-fold, eg. apache with mod_passenger. | +| Init system | (Optional but recommended) The init system used by the platform if any. Examples: sysvinit, systemd, upstart, openrc, etc | +| Maintainer | Your github username (recommended in order to track you and give credits) or your real name or both. Example of the latter: thedude (Jeffrey Lebowski) | +| Additional Notes | Anything else you want to add. Any deviations form the official guide can be reported here. Eg. using different user than `git`, storing in different locations, etc.| ### Example From 25e7fd224288be3a6416423569aa00d8b9b5b106 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Fri, 2 Aug 2013 11:25:06 +0300 Subject: [PATCH 08/41] Replace maintainer with contributor, add init in example --- install/README.md | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/install/README.md b/install/README.md index a67603b..a7164c8 100644 --- a/install/README.md +++ b/install/README.md @@ -15,9 +15,9 @@ of your guide or include it in your installation script (commented), again on to Distribution : GitLab version : Web Server : -Init system : -Maintainer : -Additional Notes : +Init system : +Contributor : +Additional Notes : ``` ### Explanation @@ -27,8 +27,8 @@ Additional Notes : | Distribution | The official name and version of the platform/distribution, case sensitive. | | GitLab version | GitLab version on which the guide/script was tested. | | Web Server | The web server used to serve GitLab. May be two-fold, eg. apache with mod_passenger. | -| Init system | (Optional but recommended) The init system used by the platform if any. Examples: sysvinit, systemd, upstart, openrc, etc | -| Maintainer | Your github username (recommended in order to track you and give credits) or your real name or both. Example of the latter: thedude (Jeffrey Lebowski) | +| Init system | (Optional but recommended) The init system used by the platform if any. Examples: **sysvinit**, **systemd**, **upstart**, **openrc**, etc | +| Contributor | Your github username (recommended in order to track you and give credits) or your real name or both. Example of the latter: **thedude (Jeffrey Lebowski)** | | Additional Notes | Anything else you want to add. Any deviations form the official guide can be reported here. Eg. using different user than `git`, storing in different locations, etc.| @@ -38,6 +38,7 @@ Additional Notes : Distribution : Fedora 19 GitLab version : 5.4 Web Server : apache with mod_passenger -Maintainer : thedude +Init system : systemd +Contributor : thedude Additional Notes : the script installs `postgres` instead of `mysql` and user is `gitlab` instead of `git` ``` From d38bd03c69ba6e61bd43e833de670cb8ea433201 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Fri, 2 Aug 2013 11:26:28 +0300 Subject: [PATCH 09/41] Clean up readme --- README.md | 5 ----- 1 file changed, 5 deletions(-) diff --git a/README.md b/README.md index 0824c3d..70a51d4 100644 --- a/README.md +++ b/README.md @@ -21,8 +21,3 @@ and easy to merge requests. Your Pull Request will be reviewed by one of our volunteers and you will be asked to reformat it if needed. We don't bite and we will try to be as flexible as possible, so don't get intimidated by the extent of the quidelines :) - - -- big versions -- Naming guidelines and General inforamtion is provided. - From c139f0ef5de4025e76009c944a9ae756b6b8e3e7 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Fri, 2 Aug 2013 12:21:36 +0300 Subject: [PATCH 10/41] Add dummy readme files --- web-server/README.md | 1 + web-server/apache/README.md | 0 2 files changed, 1 insertion(+) create mode 100644 web-server/README.md create mode 100644 web-server/apache/README.md diff --git a/web-server/README.md b/web-server/README.md new file mode 100644 index 0000000..026e526 --- /dev/null +++ b/web-server/README.md @@ -0,0 +1 @@ +In this section there are provided additional configuration files for various web servers. diff --git a/web-server/apache/README.md b/web-server/apache/README.md new file mode 100644 index 0000000..e69de29 From 2e804834a1c20f2f36d792dbfaaa13b50bd2ba58 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Sun, 4 Aug 2013 11:19:24 +0300 Subject: [PATCH 11/41] Refine install guidelines --- install/README.md | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/install/README.md b/install/README.md index a7164c8..d5c5e73 100644 --- a/install/README.md +++ b/install/README.md @@ -1,8 +1,16 @@ ## Naming guidelines -- consists? >= 2 files: +For better maintainance and clarity, some naming guidelines should be followed. -archlinux-gitlab +* Guides should be provided in README files so that they render first when viewing the repository. +* Installation scripts reside in a `scripts/` directory inside every platform folder. + +### Scripts + +TODO: How to name multiple scripts doing similar things? + +? Scripts should be named after the following scheme: platform-platform_version +Example: `ubuntu-server-12.04.sh` ## General information @@ -29,7 +37,7 @@ Additional Notes : | Web Server | The web server used to serve GitLab. May be two-fold, eg. apache with mod_passenger. | | Init system | (Optional but recommended) The init system used by the platform if any. Examples: **sysvinit**, **systemd**, **upstart**, **openrc**, etc | | Contributor | Your github username (recommended in order to track you and give credits) or your real name or both. Example of the latter: **thedude (Jeffrey Lebowski)** | -| Additional Notes | Anything else you want to add. Any deviations form the official guide can be reported here. Eg. using different user than `git`, storing in different locations, etc.| +| Additional Notes | Anything else you want to add. Any deviations form the official guide can be reported here. Eg. using rvm for ruby install, storing in different locations, etc.| ### Example @@ -40,5 +48,11 @@ GitLab version : 5.4 Web Server : apache with mod_passenger Init system : systemd Contributor : thedude -Additional Notes : the script installs `postgres` instead of `mysql` and user is `gitlab` instead of `git` +Additional Notes : the script installs `postgres` instead of `mysql` and uses rvm to install ruby ``` + +## Notes + +* We try to test everything before accepting PRs, in a clean, newly installed platform. +* You should read the script and understand what it does prior to running it. +* If something goes wrong during installation and you think the guide/script needs fixing, file a bug report or a Pull Request. From a480d062d1699504ec0797b16216347addbae5c5 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Sun, 4 Aug 2013 11:36:52 +0300 Subject: [PATCH 12/41] Add database info --- install/README.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/install/README.md b/install/README.md index d5c5e73..08a925a 100644 --- a/install/README.md +++ b/install/README.md @@ -24,6 +24,7 @@ Distribution : GitLab version : Web Server : Init system : +Database : Contributor : Additional Notes : ``` @@ -35,7 +36,8 @@ Additional Notes : | Distribution | The official name and version of the platform/distribution, case sensitive. | | GitLab version | GitLab version on which the guide/script was tested. | | Web Server | The web server used to serve GitLab. May be two-fold, eg. apache with mod_passenger. | -| Init system | (Optional but recommended) The init system used by the platform if any. Examples: **sysvinit**, **systemd**, **upstart**, **openrc**, etc | +| Init system | (Optional but recommended) The init system used by the platform if any. Examples: `sysvinit`, `systemd`, `upstart`, `openrc`, etc | +| Database | The database used for installation. Examples: `mysql`, `postrgres`, `mariadb`. | Contributor | Your github username (recommended in order to track you and give credits) or your real name or both. Example of the latter: **thedude (Jeffrey Lebowski)** | | Additional Notes | Anything else you want to add. Any deviations form the official guide can be reported here. Eg. using rvm for ruby install, storing in different locations, etc.| @@ -47,8 +49,9 @@ Distribution : Fedora 19 GitLab version : 5.4 Web Server : apache with mod_passenger Init system : systemd +Database : mariadb Contributor : thedude -Additional Notes : the script installs `postgres` instead of `mysql` and uses rvm to install ruby +Additional Notes : the script uses rvm to install ruby ``` ## Notes From 04eb1865835fd0f1c4d8d62079d57e90e4cb34f8 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Mon, 5 Aug 2013 11:05:20 +0300 Subject: [PATCH 13/41] Add alternative CentOS nginx setup. Implement #31 --- web-server/nginx/README.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/web-server/nginx/README.md b/web-server/nginx/README.md index 3952106..0d4b9e8 100644 --- a/web-server/nginx/README.md +++ b/web-server/nginx/README.md @@ -1,10 +1,13 @@ # CentOS related Nginx notes -* If nginx is installed through the package manager, adjust sites in conf.d instead of sites-enabled. +* If nginx is installed through the package manager, adjust sites in `/etc/nginx/conf.d/` instead of `/etc/nginx/sites-available/`. -* Replace the default `nginx` user with `gitlab` in group `root`. +* Replace the default `nginx` user with `git` and group `root` in `/etc/nginx/nginx.conf`: - In `/etc/nginx/nginx.conf`: + #user nginx; + user git root; - #user nginx; - user gitlab root; + or add `nginx` user to `git` group. + + sudo usermod -a -G git nginx + sudo chmod g+rx /home/git/ From fabeb6ab749b176508bd4c46288a08bd721de925 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Mon, 5 Aug 2013 14:15:25 +0300 Subject: [PATCH 14/41] Enhance existing apache config. Implement #50 and #79 Beware that adding `ProxyPass /uploads !` would be a security issue, since uploads are publicly available without any authentification by default. See: https://github.com/gitlabhq/gitlabhq/issues/348#issuecomment-21682402 --- web-server/apache/gitlab | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) diff --git a/web-server/apache/gitlab b/web-server/apache/gitlab index 3e4bbe3..b2cd452 100644 --- a/web-server/apache/gitlab +++ b/web-server/apache/gitlab @@ -1,20 +1,36 @@ -# require apache module mod_proxy and mod_proxy_http +# Requires apache modules: mod_proxy and mod_proxy_http +# In Debian based distros enable with: sudo a2enmod mod_proxy mod_proxy_http +# Change ServerName to your fqdn + ServerName gitlab.example.com #ServerAlias git.example.com - # Uncomment if you want redirect from HTTP to HTTPS + # Uncomment the following 3 lines if you want to redirect HTTP to HTTPS + #RewriteEngine on #RewriteCond %{SERVER_PORT} ^80$ #RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R] + ProxyPass /uploads ! + ProxyPass /error ! ProxyPass / http://127.0.0.1:3000/ ProxyPassReverse / http://127.0.0.1:3000/ ProxyPreserveHost On CustomLog /var/log/apache2/gitlab/access.log combined ErrorLog /var/log/apache2/gitlab/error.log + + # Modify path to your needs (needed for downloading attachments) + DocumentRoot /home/git/gitlab/public + + + Order allow,deny + Allow from all + + + ServerName gitlab.example.com ServerAdmin gitlab@example.com @@ -22,15 +38,22 @@ SSLEngine On SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key - #SSLCertificateChainFile /etc/apache2/ssl/cacert.pem - - # Uncomment the following line to prevent redirects to http on https only vhosts - #RequestHeader set X-Forwarded-Proto "https" + ProxyPass /uploads ! + ProxyPass /error ! ProxyPass / http://127.0.0.1:3000/ ProxyPassReverse / http://127.0.0.1:3000/ ProxyPreserveHost On CustomLog /var/log/apache2/gitlab/access.log combined ErrorLog /var/log/apache2/gitlab/error.log + + # Modify path to your needs (needed for downloading attachments) + DocumentRoot /home/git/gitlab/public + + + Order allow,deny + Allow from all + + From 2afea0df60116a03471b30aa24bea11ffbf8ac1f Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Mon, 5 Aug 2013 16:08:32 +0300 Subject: [PATCH 15/41] Refine nginx config for ssl connections. Implements #67 and #92 --- web-server/nginx/gitlab-ssl | 52 +++++++++++++++++++++---------------- 1 file changed, 30 insertions(+), 22 deletions(-) diff --git a/web-server/nginx/gitlab-ssl b/web-server/nginx/gitlab-ssl index b2b1cd1..c6a56e9 100644 --- a/web-server/nginx/gitlab-ssl +++ b/web-server/nginx/gitlab-ssl @@ -1,36 +1,44 @@ # GITLAB -# Maintainer: @yin8086 -# App Version: 4.1 +# Contributors: yin8086, sashkab, orkoden, axilleas +# App Version: 5.4 - 6.0 # Modified from nginx http version # Modified from http://blog.phusion.nl/2012/04/21/tutorial-setting-up-gitlab-on-debian-6/ -# You need from run openssl to generate the ssl certificate. -# $ sudo openssl req -new -x509 -nodes -days 3560 -out gitlab.crt -keyout gitlab.key -# $ sudo chmod o-r gitlab.key +# You need to run openssl to generate a self-signed ssl certificate. +# cd /etc/nginx/ +# sudo openssl req -new -x509 -nodes -days 3560 -out gitlab.crt -keyout gitlab.key +# sudo chmod o-r gitlab.key upstream gitlab { - server unix:/home/gitlab/gitlab/tmp/sockets/gitlab.socket; + + ## Uncomment if you have set up puma/unicorn to listen on a unix socket (recommended). + server unix:/home/git/gitlab/tmp/sockets/gitlab.socket; + + ## Uncomment if puma/unicorn are configured to listen on a tcp port. + ## Check the port number in /home/git/gitlab/config/{puma.rb/unicorn.rb} + # server 127.0.0.1:9292; } # This is a normal HTTP host which redirects all traffic to the HTTPS host. +# Replace git.example.com with your FQDN. server { - listen 80; - server_name Domain_NAME; + listen *:80; + server_name git.example.com; server_tokens off; - root /nowhere; - rewrite ^ https://gitlab.stardrad.com$request_uri permanent; + root /nowhere; # this doesn't have to be a valid path since we are redirecting, you don't have to change it. + rewrite ^ https://$server_name$request_uri permanent; } server { listen 443; - server_name Domain_NAME; + server_name git.example.com; server_tokens off; - root /home/gitlab/gitlab/public; + root /home/git/gitlab/public; ssl on; - ssl_certificate gitlab.crt; - ssl_certificate_key gitlab.key; - ssl_protocols SSLv3 TLSv1 TLSv2; + ssl_certificate /etc/nginx/gitlab.crt; + ssl_certificate_key /etc/nginx/gitlab.key; + ssl_protocols SSLv3 TLSv1 TLSv1.2; ssl_ciphers AES:HIGH:!ADH:!MD5; ssl_prefer_server_ciphers on; @@ -47,15 +55,15 @@ server { # if a file, which is not found in the root folder is requested, # then the proxy pass the request to the upsteam (gitlab unicorn) location @gitlab { - proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 + proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 - proxy_redirect off; + proxy_redirect off; - proxy_set_header X-Forwarded-Proto https; - proxy_set_header X-Forwarded-Ssl on; - proxy_set_header Host $http_host; - proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header X-Forwarded-Ssl on; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; proxy_pass http://gitlab; } -} \ No newline at end of file +} From be95bd4f9bd3244641a4c7e55eb75fcc29129ffd Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Mon, 5 Aug 2013 14:15:25 +0300 Subject: [PATCH 16/41] Enhance existing apache config. Implement #50, #79, #93. Fix #10 Beware that adding `ProxyPass /uploads !` would be a security issue, since uploads are publicly available without any authentification by default. See: https://github.com/gitlabhq/gitlabhq/issues/348#issuecomment-21682402 --- web-server/apache/gitlab | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) diff --git a/web-server/apache/gitlab b/web-server/apache/gitlab index 3e4bbe3..b2cd452 100644 --- a/web-server/apache/gitlab +++ b/web-server/apache/gitlab @@ -1,20 +1,36 @@ -# require apache module mod_proxy and mod_proxy_http +# Requires apache modules: mod_proxy and mod_proxy_http +# In Debian based distros enable with: sudo a2enmod mod_proxy mod_proxy_http +# Change ServerName to your fqdn + ServerName gitlab.example.com #ServerAlias git.example.com - # Uncomment if you want redirect from HTTP to HTTPS + # Uncomment the following 3 lines if you want to redirect HTTP to HTTPS + #RewriteEngine on #RewriteCond %{SERVER_PORT} ^80$ #RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R] + ProxyPass /uploads ! + ProxyPass /error ! ProxyPass / http://127.0.0.1:3000/ ProxyPassReverse / http://127.0.0.1:3000/ ProxyPreserveHost On CustomLog /var/log/apache2/gitlab/access.log combined ErrorLog /var/log/apache2/gitlab/error.log + + # Modify path to your needs (needed for downloading attachments) + DocumentRoot /home/git/gitlab/public + + + Order allow,deny + Allow from all + + + ServerName gitlab.example.com ServerAdmin gitlab@example.com @@ -22,15 +38,22 @@ SSLEngine On SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key - #SSLCertificateChainFile /etc/apache2/ssl/cacert.pem - - # Uncomment the following line to prevent redirects to http on https only vhosts - #RequestHeader set X-Forwarded-Proto "https" + ProxyPass /uploads ! + ProxyPass /error ! ProxyPass / http://127.0.0.1:3000/ ProxyPassReverse / http://127.0.0.1:3000/ ProxyPreserveHost On CustomLog /var/log/apache2/gitlab/access.log combined ErrorLog /var/log/apache2/gitlab/error.log + + # Modify path to your needs (needed for downloading attachments) + DocumentRoot /home/git/gitlab/public + + + Order allow,deny + Allow from all + + From 7e3bdebfae9e03384f372ba7d896aa30b006ffee Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Mon, 5 Aug 2013 16:08:32 +0300 Subject: [PATCH 17/41] Refine nginx config for ssl connections. Implements #67 and #92 --- web-server/nginx/gitlab-ssl | 52 +++++++++++++++++++++---------------- 1 file changed, 30 insertions(+), 22 deletions(-) diff --git a/web-server/nginx/gitlab-ssl b/web-server/nginx/gitlab-ssl index b2b1cd1..c6a56e9 100644 --- a/web-server/nginx/gitlab-ssl +++ b/web-server/nginx/gitlab-ssl @@ -1,36 +1,44 @@ # GITLAB -# Maintainer: @yin8086 -# App Version: 4.1 +# Contributors: yin8086, sashkab, orkoden, axilleas +# App Version: 5.4 - 6.0 # Modified from nginx http version # Modified from http://blog.phusion.nl/2012/04/21/tutorial-setting-up-gitlab-on-debian-6/ -# You need from run openssl to generate the ssl certificate. -# $ sudo openssl req -new -x509 -nodes -days 3560 -out gitlab.crt -keyout gitlab.key -# $ sudo chmod o-r gitlab.key +# You need to run openssl to generate a self-signed ssl certificate. +# cd /etc/nginx/ +# sudo openssl req -new -x509 -nodes -days 3560 -out gitlab.crt -keyout gitlab.key +# sudo chmod o-r gitlab.key upstream gitlab { - server unix:/home/gitlab/gitlab/tmp/sockets/gitlab.socket; + + ## Uncomment if you have set up puma/unicorn to listen on a unix socket (recommended). + server unix:/home/git/gitlab/tmp/sockets/gitlab.socket; + + ## Uncomment if puma/unicorn are configured to listen on a tcp port. + ## Check the port number in /home/git/gitlab/config/{puma.rb/unicorn.rb} + # server 127.0.0.1:9292; } # This is a normal HTTP host which redirects all traffic to the HTTPS host. +# Replace git.example.com with your FQDN. server { - listen 80; - server_name Domain_NAME; + listen *:80; + server_name git.example.com; server_tokens off; - root /nowhere; - rewrite ^ https://gitlab.stardrad.com$request_uri permanent; + root /nowhere; # this doesn't have to be a valid path since we are redirecting, you don't have to change it. + rewrite ^ https://$server_name$request_uri permanent; } server { listen 443; - server_name Domain_NAME; + server_name git.example.com; server_tokens off; - root /home/gitlab/gitlab/public; + root /home/git/gitlab/public; ssl on; - ssl_certificate gitlab.crt; - ssl_certificate_key gitlab.key; - ssl_protocols SSLv3 TLSv1 TLSv2; + ssl_certificate /etc/nginx/gitlab.crt; + ssl_certificate_key /etc/nginx/gitlab.key; + ssl_protocols SSLv3 TLSv1 TLSv1.2; ssl_ciphers AES:HIGH:!ADH:!MD5; ssl_prefer_server_ciphers on; @@ -47,15 +55,15 @@ server { # if a file, which is not found in the root folder is requested, # then the proxy pass the request to the upsteam (gitlab unicorn) location @gitlab { - proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 + proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 - proxy_redirect off; + proxy_redirect off; - proxy_set_header X-Forwarded-Proto https; - proxy_set_header X-Forwarded-Ssl on; - proxy_set_header Host $http_host; - proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header X-Forwarded-Ssl on; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; proxy_pass http://gitlab; } -} \ No newline at end of file +} From 9eabc93c1a07e56ece9f8897dbbdac0419d929d1 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Tue, 6 Aug 2013 00:52:45 +0300 Subject: [PATCH 18/41] Implement #58 #96 #99 --- init/sysvinit/centos/gitlab-centos | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/init/sysvinit/centos/gitlab-centos b/init/sysvinit/centos/gitlab-centos index aa9536c..3a6e98e 100644 --- a/init/sysvinit/centos/gitlab-centos +++ b/init/sysvinit/centos/gitlab-centos @@ -1,8 +1,8 @@ #!/bin/bash # # GitLab -# Maintainer: @elvanja, @troyanov, @eiyaya, @foyo23, @nielsbasjes -# App Version: 5.1.0 +# Contributors : @elvanja, @troyanov, @eiyaya, @foyo23, @nielsbasjes, @relip, @JasonMing, @andronat +# App Version : 5.x # chkconfig: 2345 82 55 # processname: puma @@ -13,9 +13,17 @@ # https://github.com/gitlabhq/gitlabhq/issues/1049#issuecomment-8386882 # https://gist.github.com/3062860 +# Save original $PATH +# /etc/rc.d/init.d/functions resets $PATH to default(/sbin:/usr/sbin:/bin:/usr/bin). +# Consequently, rvm and compiled ruby with custom path (which isn't /usr/bin) cannot be executed. +ORIGINAL_PATH=$PATH + # Include RedHat function library . /etc/rc.d/init.d/functions +# Restore original $PATH +PATH=$ORIGINAL_PATH + # The name of the service NAME=git @@ -33,7 +41,8 @@ SLOCK=/var/lock/subsys/sidekiq OPTS="-C $APP_PATH/config/puma.rb -e production" # Ruby related path update -RUBY_PATH_PATCH="PATH=$PATH:/usr/local/bin:/usr/local/lib:/home/git/bin && export PATH && " +RVM_PATH="/usr/local/rvm/bin" +RUBY_PATH_PATCH="PATH=/usr/local/bin:/usr/local/lib:/home/git/bin:$RVM_PATH:$PATH && export PATH && " start() { cd $APP_PATH From c8cd324246895ea61c6c211729d0b701b4a46d3d Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Tue, 6 Aug 2013 01:11:14 +0300 Subject: [PATCH 19/41] New init url. Fix #109 --- install/centos/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/centos/README.md b/install/centos/README.md index 2ba08a5..70b5e54 100644 --- a/install/centos/README.md +++ b/install/centos/README.md @@ -446,7 +446,7 @@ Download the init script (will be /etc/init.d/gitlab) **Double check the url for this next one!!** - curl https://raw.github.com/gitlabhq/gitlab-recipes/5-2-stable/init.d/gitlab-centos > /etc/init.d/gitlab + curl https://raw.github.com/gitlabhq/gitlab-recipes/master/init/sysvinit/centos/gitlab-centos > /etc/init.d/gitlab chmod +x /etc/init.d/gitlab chkconfig --add gitlab From 2b552fb89b4746d00c2d46e614a73622411694b2 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Fri, 9 Aug 2013 12:41:27 +0300 Subject: [PATCH 20/41] First rewrite attempt of CentOS guide --- install/centos/README.md | 47 ++++++++++++++++++---------------------- 1 file changed, 21 insertions(+), 26 deletions(-) diff --git a/install/centos/README.md b/install/centos/README.md index 70b5e54..9cc6ee9 100644 --- a/install/centos/README.md +++ b/install/centos/README.md @@ -1,42 +1,42 @@ -# GITLAB -# Maintainer: @nielsbasjes -# App Version: 5.2 - -**This installation guide was created for CentOS 6.4 in combination with gitlab 5.2 and tested on it.** -We also tried this on RHEL 6.3 and found that there are subtle differences that we so far have only documented in part. +``` +Distribution : CentOS 6.4 +GitLab version : 5.4 +Web Server : Apache +Init system : sysvinit +Database : mysql +Contributors : @nielsbasjes, @axilleas +Additional Notes : Selinux is not disabled but properly configured. + We have also tried this on RHEL 6.3 and found that there + are subtle differences which are documented in part. + Look for the **RHEL Notes** note. +``` + +## Overview Please read `doc/install/requirements.md` for hardware and platform requirements. -## Overview ## -This guide installs gitlab on a bare system from scratch using MySQL as the database. All Postgress installation steps are absent as they have not been tested yet. +This guide installs gitlab on a bare system from scratch using MySQL as the database. +All Postgress installation steps are absent as they have not been tested yet. + +### Important Notes -**Important Note:** The following steps have been known to work. If you deviate from this guide, do it with caution and make sure you don't violate any assumptions GitLab makes about its environment. -**Important Note:** +#### If you find a bug + If you find a bug/error in this guide please submit an issue or pull request following the contribution guide (see `CONTRIBUTING.md`). -**Note about accounts:** -In most cases you are required to run commands as the 'root' user. -When it is required you should be either the 'git' or 'root' user it will be indicated with a line like this - -*logged in as **git*** - -The best way to become that user is by logging in as root and typing - - su - git +#### Security -**Note about security:** Many setup guides of Linux software simply state: "disable selinux and firewall". The original gitlab installation for ubuntu disables StrictHostKeyChecking completely. This guide does not disable any of them, we simply configure them as they were intended. - - - -# Overview The GitLab installation consists of setting up the following components: @@ -469,8 +469,3 @@ The setup has created an admin account for you. You can use it to log in: admin@local.host 5iveL!fe -**Important Note:** -Please go over to your profile page and immediately change the password, so -nobody can access your GitLab by using this login information later on. - -**Enjoy!** From 433fac4964b70f45bddcee38be004cfb6d610fa2 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Sat, 17 Aug 2013 10:22:03 +0300 Subject: [PATCH 21/41] Move guidelines to main README, add info for epel repo in CentOS guide --- README.md | 74 +++++++++++++++++++++++++++++++++++----- install/README.md | 63 ++-------------------------------- install/centos/README.md | 63 +++++++++++++++++++++++++++------- 3 files changed, 119 insertions(+), 81 deletions(-) diff --git a/README.md b/README.md index 70a51d4..abcefbb 100644 --- a/README.md +++ b/README.md @@ -1,19 +1,71 @@ gitlab-recipes ============== -GitLab recipes for setup on different platforms, update etc. +Unofficial guides for using GitLab with different software (operating systems, webservers, etc.) +provided by the community, for systems other than the officially supported (Debian/Ubuntu). -## Guidelines on community contributions +Bare in mind that this repository is co-maintained by volunteers/contributors like you. -Here you will find installation guides or automation scripts provided by the community, -for systems other than the officially supported (Debian/Ubuntu). +# Contributing -Bare in mind that this repository is co-maintained by volunteers/contributors like you. +## Naming guidelines -### Accepting Pull Requests +For better maintainance and clarity, some naming guidelines should be followed. + +* Installation guides should be provided in README files so that they render first when viewing the repository. + +* Installation scripts reside in a `scripts/` directory inside every platform folder. + +### Scripts + +There are scripts doing similar things + +? Scripts should be named after the following scheme: platform-platform_version +Example: `ubuntu-server-12.04.sh` + +## Install information + +If you have an installation guide to provide, fill in the template and place it on top +of your guide or include it in your installation script (commented), again on top. -In each parent directory (install, init, web-server, etc.) you will find some conventions -you need to follow in order for your Pull Request to be accepted. +### Template + +``` +Distribution : +GitLab version : +Web Server : +Init system : +Database : +Contributor : +Additional Notes : +``` + +### Explanation + +| Label | Explanation | +| ---------------- | ------------------------- | +| Distribution | The official name and version of the platform/distribution, case sensitive. | +| GitLab version | GitLab version on which the guide/script was tested. | +| Web Server | The web server used to serve GitLab. May be two-fold, eg. apache with mod_passenger. | +| Init system | (Optional but recommended) The init system used by the platform if any. Examples: `sysvinit`, `systemd`, `upstart`, `openrc`, etc | +| Database | The database used for installation. Examples: `mysql`, `postrgres`, `mariadb`. +| Contributor | Your github username (recommended in order to track you and give credits) or your real name or both. Example of the latter: **thedude (Jeffrey Lebowski)** | +| Additional Notes | Anything else you want to add. Any deviations form the official guide can be reported here. Eg. using rvm for ruby install, storing in different locations, etc.| + + +### Example + +``` +Distribution : Fedora 19 +GitLab version : 5.4 +Web Server : apache with mod_passenger +Init system : systemd +Database : mariadb +Contributor : thedude +Additional Notes : the script uses rvm to install ruby +``` + +### Accepting Pull Requests Please stick as close as possible to the guidelines. That way we ensure quality guides and easy to merge requests. @@ -21,3 +73,9 @@ and easy to merge requests. Your Pull Request will be reviewed by one of our volunteers and you will be asked to reformat it if needed. We don't bite and we will try to be as flexible as possible, so don't get intimidated by the extent of the quidelines :) + +## Notes + +* We try to test everything before accepting PRs, in a clean, newly installed platform. +* You should read a script and understand what it does prior to running it. +* If something goes wrong during installation and you think the guide/script needs fixing, file a bug report or a Pull Request. diff --git a/install/README.md b/install/README.md index 08a925a..dff4a42 100644 --- a/install/README.md +++ b/install/README.md @@ -1,61 +1,2 @@ -## Naming guidelines - -For better maintainance and clarity, some naming guidelines should be followed. - -* Guides should be provided in README files so that they render first when viewing the repository. -* Installation scripts reside in a `scripts/` directory inside every platform folder. - -### Scripts - -TODO: How to name multiple scripts doing similar things? - -? Scripts should be named after the following scheme: platform-platform_version -Example: `ubuntu-server-12.04.sh` - -## General information - -If you have an installation guide to provide, fill in the template and place it on top -of your guide or include it in your installation script (commented), again on top. - -### Template - -``` -Distribution : -GitLab version : -Web Server : -Init system : -Database : -Contributor : -Additional Notes : -``` - -### Explanation - -| Label | Explanation | -| ---------------- | ------------------------- | -| Distribution | The official name and version of the platform/distribution, case sensitive. | -| GitLab version | GitLab version on which the guide/script was tested. | -| Web Server | The web server used to serve GitLab. May be two-fold, eg. apache with mod_passenger. | -| Init system | (Optional but recommended) The init system used by the platform if any. Examples: `sysvinit`, `systemd`, `upstart`, `openrc`, etc | -| Database | The database used for installation. Examples: `mysql`, `postrgres`, `mariadb`. -| Contributor | Your github username (recommended in order to track you and give credits) or your real name or both. Example of the latter: **thedude (Jeffrey Lebowski)** | -| Additional Notes | Anything else you want to add. Any deviations form the official guide can be reported here. Eg. using rvm for ruby install, storing in different locations, etc.| - - -### Example - -``` -Distribution : Fedora 19 -GitLab version : 5.4 -Web Server : apache with mod_passenger -Init system : systemd -Database : mariadb -Contributor : thedude -Additional Notes : the script uses rvm to install ruby -``` - -## Notes - -* We try to test everything before accepting PRs, in a clean, newly installed platform. -* You should read the script and understand what it does prior to running it. -* If something goes wrong during installation and you think the guide/script needs fixing, file a bug report or a Pull Request. +In this directory you will find installation guides and scripts for various platforms. +If you have something to contribute please read the [contributing guidelines](../README.md#Contributing). diff --git a/install/centos/README.md b/install/centos/README.md index 9cc6ee9..8f45bd8 100644 --- a/install/centos/README.md +++ b/install/centos/README.md @@ -15,8 +15,8 @@ Additional Notes : Selinux is not disabled but properly configured. Please read `doc/install/requirements.md` for hardware and platform requirements. -This guide installs gitlab on a bare system from scratch using MySQL as the database. -All Postgress installation steps are absent as they have not been tested yet. +This guide installs GitLab on a bare system from scratch, using MySQL as the database. +All Postgres installation steps are absent as they have not been tested yet. ### Important Notes @@ -27,12 +27,12 @@ violate any assumptions GitLab makes about its environment. #### If you find a bug If you find a bug/error in this guide please submit an issue or pull request -following the contribution guide (see `CONTRIBUTING.md`). +following the contribution guide (see `install/README.md`). #### Security Many setup guides of Linux software simply state: "disable selinux and firewall". -The original gitlab installation for ubuntu disables StrictHostKeyChecking completely. +The original GitLab installation for Ubuntu disables StrictHostKeyChecking completely. This guide does not disable any of them, we simply configure them as they were intended. - - - @@ -51,28 +51,65 @@ The GitLab installation consists of setting up the following components: # 1. Installing the operating system (CentOS 6.4 Minimal) -We start with a completely clean CentOS 6.4 "minimal" installation which can be accomplished by downloading the appropriate installation iso file. Just boot the system of the iso file and install the system. +We start with a completely clean CentOS 6.4 "minimal" installation which can be +accomplished by downloading the appropriate installation iso file. Just boot the +system of the iso file and install the system. + +Note that during the installation you use the *"Configure Network"* option (it's a +button in the same screen where you specify the hostname) to enable the *"Connect automatically"* +option for the network interface and hand (usually eth0). -Note that during the installation you use the *"Configure Network"* option (it's a button in the same screen where you specify the hostname) to enable the *"Connect automatically"* option for the network interface and hand (usually eth0). **If you forget this option the network will NOT start at boot.** The end result is a bare minimum CentOS installation that effectively only has network connectivity and (almost) no services at all. ## Updating and adding basic software and services + ### Add EPEL repository -*logged in as **root*** +[EPEL][] is a volunteer-based community effort from the Fedora project to create +a repository of high-quality add-on packages that complement the Fedora-based +Red Hat Enterprise Linux (RHEL) and its compatible spinoffs, such as CentOS and Scientific Linux. - rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm +As part of the Fedora packaging community, EPEL packages are 100% free/libre open source software (FLOSS). -### Install the required tools for gitlab +Download the GPG key for EPEL repository from [fedoraproject][keys] and install it on your system: -*logged in as **root*** + sudo wget -O /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 https://fedoraproject.org/static/0608B895.txt + sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 + +Verify that the key got installed successfully: + + sudo rpm -qa gpg* + gpg-pubkey-0608b895-4bd22942 + +Now install the `epel-release-6-8.noarch` package, which will enable EPEL repository on your system: + + sudo rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm + +**Note:** Don't mind the `x86_64`, if you install on a i686 system you can use the same commands. + +Verify that the EPEL repository is enabled as shown below. Now, you’ll see epel +repository (apart from the standard base, updates and extras repositories): + + sudo yum repolist + repo id repo name status + base CentOS-6 - Base 4,802 + epel Extra Packages for Enterprise Linux 6 - x86_64 7,879 + extras CentOS-6 - Extras 12 + updates CentOS-6 - Updates 814 + repolist: 13,507 + +If you can't see it listed use the folowing command to enable it: + + sudo yum-config-manager --enable epel + +### Install the required tools for GitLab - yum -y groupinstall 'Development Tools' + sudo yum -y groupinstall 'Development Tools' ### 'Additional Development' - yum -y install vim-enhanced httpd readline readline-devel ncurses-devel gdbm-devel glibc-devel \ + sudo yum -y install vim-enhanced httpd readline readline-devel ncurses-devel gdbm-devel glibc-devel \ tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc \ sqlite-devel gcc-c++ libyaml libyaml-devel libffi libffi-devel \ libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel \ @@ -469,3 +506,5 @@ The setup has created an admin account for you. You can use it to log in: admin@local.host 5iveL!fe +[EPEL]: https://fedoraproject.org/wiki/EPEL +[keys]: https://fedoraproject.org/keys From 9d4aaa95dc37057bbf5ccc5f249b75d38fbcd667 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Sat, 17 Aug 2013 12:35:54 +0300 Subject: [PATCH 22/41] Cleanup guide, add instructions of git update. Implement #102, Fix #62 --- install/centos/README.md | 262 ++++++++++++++++++++------------------- 1 file changed, 132 insertions(+), 130 deletions(-) diff --git a/install/centos/README.md b/install/centos/README.md index 8f45bd8..fd2469f 100644 --- a/install/centos/README.md +++ b/install/centos/README.md @@ -4,11 +4,8 @@ GitLab version : 5.4 Web Server : Apache Init system : sysvinit Database : mysql -Contributors : @nielsbasjes, @axilleas -Additional Notes : Selinux is not disabled but properly configured. - We have also tried this on RHEL 6.3 and found that there - are subtle differences which are documented in part. - Look for the **RHEL Notes** note. +Contributors : @nielsbasjes, @axilleas, @mairin +Additional Notes : In order to get the latest git version we build it from source ``` ## Overview @@ -17,39 +14,40 @@ Please read `doc/install/requirements.md` for hardware and platform requirements This guide installs GitLab on a bare system from scratch, using MySQL as the database. All Postgres installation steps are absent as they have not been tested yet. +Pull requests with tested Postgres are welcome! ### Important Notes -The following steps have been known to work. -If you deviate from this guide, do it with caution and make sure you don't -violate any assumptions GitLab makes about its environment. +The following steps have been known to work. If you deviate from this guide, do +it with caution and make sure you don't violate any assumptions GitLab makes about +its environment. We have also tried this on RHEL 6.3 and found that there are subtle +differences which are documented in part. Look for the **RHEL Notes** note. #### If you find a bug If you find a bug/error in this guide please submit an issue or pull request -following the contribution guide (see `install/README.md`). +following the contribution guide (see `../../contributing.md`). #### Security Many setup guides of Linux software simply state: "disable selinux and firewall". -The original GitLab installation for Ubuntu disables StrictHostKeyChecking completely. This guide does not disable any of them, we simply configure them as they were intended. - - - - The GitLab installation consists of setting up the following components: 1. Installing the base operating system (CentOS 6.4 Minimal) and Packages / Dependencies 2. Ruby 3. System Users 4. GitLab shell +5. Database 5. GitLab - +6. Web server ---------- -# 1. Installing the operating system (CentOS 6.4 Minimal) +## 1. Installing the operating system (CentOS 6.4 Minimal) We start with a completely clean CentOS 6.4 "minimal" installation which can be accomplished by downloading the appropriate installation iso file. Just boot the @@ -61,7 +59,8 @@ option for the network interface and hand (usually eth0). **If you forget this option the network will NOT start at boot.** -The end result is a bare minimum CentOS installation that effectively only has network connectivity and (almost) no services at all. +The end result is a bare minimum CentOS installation that effectively only has +network connectivity and (almost) no services at all. ## Updating and adding basic software and services @@ -100,111 +99,66 @@ repository (apart from the standard base, updates and extras repositories): updates CentOS-6 - Updates 814 repolist: 13,507 -If you can't see it listed use the folowing command to enable it: +If you can't see it listed, use the folowing command to enable it: sudo yum-config-manager --enable epel ### Install the required tools for GitLab - - sudo yum -y groupinstall 'Development Tools' - - ### 'Additional Development' - sudo yum -y install vim-enhanced httpd readline readline-devel ncurses-devel gdbm-devel glibc-devel \ - tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc \ - sqlite-devel gcc-c++ libyaml libyaml-devel libffi libffi-devel \ - libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel \ - system-config-firewall-tui python-devel redis sudo mysql-server wget \ - mysql-devel crontabs logwatch logrotate sendmail-cf qtwebkit qtwebkit-devel \ - perl-Time-HiRes - -**IMPORTANT NOTE About Redhat EL 6** - -During an installation on an official RHEL 6.3 we found that some packages (in our case gdbm-devel, libffi-devel and libicu-devel) were NOT installed. You MUST make sure that all the packages are installed. Someone told me that you can get these "packages direct from RHEL by enabling the “RHEL Server Optional” Channel in RHN.". I haven't tried this yet. - -### Update CentOS to the latest set of patches - -*logged in as **root*** - + + ::bash + su - yum -y update + yum -y groupinstall 'Development Tools' -## Git -For some reason gitlab has been written in such a way that it will only work correctly with git version 1.8.x or newer. At the time of writing [this commit](https://github.com/gitlabhq/gitlabhq/commit/b1a8fdd84d5a7cdbdb5ef3829b59a73db0f4d2dd) was the culprit that enforced this requirement. -In case this has not been resolved when you read this you must either update your git to > 1.8.x or revert the above mentioned change manually. - -Have a look at [this HowTo](http://www.pickysysadmin.ca/2013/05/21/commit-comments-not-appearing-in-gitlab-on-centos/) on one possible way of updating the git version. - -## Configure redis -Just make sure it is started at the next reboot - -*logged in as **root*** - - chkconfig redis on - -## Configure mysql -Make sure it is started at the next reboot and start it immediately so we can configure it. - -*logged in as **root*** - - chkconfig mysqld on - service mysqld start - -Secure MySQL by entering a root password and say "Yes" to all questions with the next command - - /usr/bin/mysql_secure_installation + ### 'Additional Development' + yum -y install vim-enhanced readline readline-devel ncurses-devel gdbm-devel glibc-devel tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc sqlite-devel gcc-c++ libyaml libyaml-devel libffi libffi-devel libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel system-config-firewall-tui python-devel redis sudo wget crontabs logwatch logrotate perl-Time-HiRes -## Configure httpd +**RHEL Notes** -We use Apache HTTPD in front of gitlab -Just make sure it is started at the next reboot +If some packages (eg. gdbm-devel, libffi-devel and libicu-devel) are NOT installed, +add the rhel6 optional packages repo to your server to get those packages: - chkconfig httpd on + yum-config-manager --enable rhel-6-server-optional-rpms -We want to be able to reach gitlab using the normal http ports (i.e. not the :9292 thing) -So we create a file called **/etc/httpd/conf.d/gitlab.conf** with this content (replace the git.example.org with your hostname!!). +Tip taken from [here](https://github.com/gitlabhq/gitlab-recipes/issues/62). - - ServerName git.example.org - ProxyRequests Off - - Order deny,allow - Allow from all - - ProxyPreserveHost On - ProxyPass / http://localhost:9292/ - ProxyPassReverse / http://localhost:9292/ - +### Git -OPTIONAL: If you want to run other websites on the same system you'll need to enable in **/etc/httpd/conf/httpd.conf** the setting +GitLab will only work correctly with git version 1.8.x or newer. The problem is +that the available rpms for CentOS stop at git 1.7.1 which is too old for GitLab. +In order to update, you have to build git from source as it is not yet in any repository: - NameVirtualHost *:80 + ::bash + su - + cd /tmp + yum -y install git perl-ExtUtils-MakeMaker + git clone git://github.com/git/git.git + cd /tmp/git/ + git checkout v1.8.3.4 + autoconf + ./configure --prefix=/usr/local + make && make install + rm -rf /tmp/git/ + yum erase git -Poke a selinux hole for httpd so it can httpd can be in front of gitlab +Logout and login again for the `$PATH` to take effect. Check that git is properly +installed with: - setsebool -P httpd_can_network_connect on + which git + # /usr/local/bin/git + git --version + # git version 1.8.3.4 -## Configure firewall +### Configure redis +Make sure redis is started on boot: -Poke an iptables hole so uses can access the httpd (http and https ports) and ssh. -The quick way is to put this in the file called **/etc/sysconfig/iptables** + ::bash + sudo chkconfig redis on - # Firewall configuration written by system-config-firewall - # Manual customization of this file is not recommended. - *filter - :INPUT ACCEPT [0:0] - :FORWARD ACCEPT [0:0] - :OUTPUT ACCEPT [0:0] - -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT - -A INPUT -p icmp -j ACCEPT - -A INPUT -i lo -j ACCEPT - -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT - -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT - -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT - -A INPUT -j REJECT --reject-with icmp-host-prohibited - -A FORWARD -j REJECT --reject-with icmp-host-prohibited - COMMIT - -## Configure email +### Configure sendmail + su - + yum -y install sendmail-cf cd /etc/mail vim /etc/mail/sendmail.mc @@ -212,54 +166,44 @@ Add a line with the smtp gateway hostname define(`SMART_HOST', `smtp.example.com')dnl -Then comment out this line +Then replace this line: EXPOSED_USER(`root')dnl -by putting 'dnl ' in front of it like this +with: dnl EXPOSED_USER(`root')dnl -Now enable these settings +Now enable these settings: make chkconfig sendmail on - -## Reboot -Now that we have the basics right we reboot the system to load the new kernel and everything. -After the reboot all of the so far installed services will startup automatically. - - reboot +Alternatively you can install `postfix`. ---------- # 2. Ruby Download and compile it: -*logged in as **root*** - + su - mkdir /tmp/ruby && cd /tmp/ruby - wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p392.tar.gz - tar xfvz ruby-1.9.3-p392.tar.gz - cd ruby-1.9.3-p392 - ./configure - make - make install + curl --progress ftp://ftp.ruby-lang.org/pub/ruby/2.0/ruby-2.0.0-p247.tar.gz | tar xz + cd ruby-2.0.0-p247 + ./configure --prefix=/usr/local/ + make && make install Install the Bundler Gem: -*logged in as **root*** - - gem install bundler + sudo gem install bundler ---------- # 3. System Users ## Create user for Git -*logged in as **root*** + su - adduser \ --system \ --shell /bin/bash \ @@ -272,10 +216,9 @@ We do NOT set the password so this user cannot login. ## Forwarding all emails -Now we want all logging of the system to be forwarded to a central email address - -*logged in as **root*** +Now we want all logging of the system to be forwarded to a central email address: + su - echo adminlogs@example.com > /root/.forward chown root /root/.forward chmod 600 /root/.forward @@ -286,14 +229,21 @@ Now we want all logging of the system to be forwarded to a central email address chmod 600 /home/git/.forward restorecon /home/git/.forward -## Database user +### Configure mysql +Install and enable the `mysqld` service to start on boot: -*logged in as **root*** + ::bash + su - + yum install -y mysql-server mysql-devel + chkconfig mysqld on + service mysqld start - su - git +Secure MySQL by entering a root password and say "Yes" to all questions: -*logged in as **git*** + /usr/bin/mysql_secure_installation + +Create a new user and database for GitLab: # Login to MySQL mysql -u root -p @@ -310,9 +260,11 @@ Now we want all logging of the system to be forwarded to a central email address # Quit the database session \q -Try connecting to the new database with the new user +Try connecting to the new database with the new user: mysql -u gitlab -p -D gitlabhq_production + # Quit the database session + \q ---------- @@ -497,8 +449,52 @@ Start your GitLab instance: # or /etc/init.d/gitlab start +### Configure the web server + +For nginx: + + sudo yum -y install nginx + + +For Apache: + + sudo yum -y install httpd + sudo chkconfig httpd on + sudo wget -O /etc/httpd/conf.d/gitlab.conf https://raw.github.com/gitlabhq/gitlab-recipes/web-server/apache/gitlab + +Open `/etc/httpd/conf.d/gitlab.conf` with your editor and replace `git.example.org` with your FQDN. + +**OPTIONAL:** If you want to run other websites on the same system you'll need to +add in `/etc/httpd/conf/httpd.conf`: + + NameVirtualHost *:80 + +Poke a selinux hole for httpd so it can be in front of GitLab: -# Done! + setsebool -P httpd_can_network_connect on + +### Configure firewall + +Poke an iptables hole so uses can access the httpd (http and https ports) and ssh. +The quick way is to put this in the file called **/etc/sysconfig/iptables** + + # Firewall configuration written by system-config-firewall + # Manual customization of this file is not recommended. + *filter + :INPUT ACCEPT [0:0] + :FORWARD ACCEPT [0:0] + :OUTPUT ACCEPT [0:0] + -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT + -A INPUT -p icmp -j ACCEPT + -A INPUT -i lo -j ACCEPT + -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT + -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT + -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT + -A INPUT -j REJECT --reject-with icmp-host-prohibited + -A FORWARD -j REJECT --reject-with icmp-host-prohibited + COMMIT + +## Done! Visit YOUR_SERVER for your first GitLab login. The setup has created an admin account for you. You can use it to log in: @@ -506,5 +502,11 @@ The setup has created an admin account for you. You can use it to log in: admin@local.host 5iveL!fe +## Links used in this guide + +- [EPEL information](http://www.thegeekstuff.com/2012/06/enable-epel-repository/) +- [git update to 1.8.x](http://www.pickysysadmin.ca/2013/05/21/commit-comments-not-appearing-in-gitlab-on-centos/) + + [EPEL]: https://fedoraproject.org/wiki/EPEL [keys]: https://fedoraproject.org/keys From 88569019c97350321add0d9a108d42dbe423fb0e Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Sun, 18 Aug 2013 13:27:45 +0300 Subject: [PATCH 23/41] Rewrite info about nginx on CentOS --- web-server/nginx/README.md | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) diff --git a/web-server/nginx/README.md b/web-server/nginx/README.md index 0d4b9e8..569af81 100644 --- a/web-server/nginx/README.md +++ b/web-server/nginx/README.md @@ -1,13 +1,27 @@ -# CentOS related Nginx notes +## CentOS related Nginx notes -* If nginx is installed through the package manager, adjust sites in `/etc/nginx/conf.d/` instead of `/etc/nginx/sites-available/`. +### Different conf directories -* Replace the default `nginx` user with `git` and group `root` in `/etc/nginx/nginx.conf`: +If nginx is installed through the package manager, adjust sites in `/etc/nginx/conf.d/` +instead of `/etc/nginx/sites-available/` or create those directories and tell `nginx` +to monitor them: - #user nginx; - user git root; + sudo mkdir /etc/nginx/sites-{available,enabled} - or add `nginx` user to `git` group. +Then edit `/etc/nginx/nginx.conf` and replace `include /etc/nginx/conf.d/*.conf;` +with `/etc/nginx/sites-enabled/*;` - sudo usermod -a -G git nginx - sudo chmod g+rx /home/git/ +### Give nginx access to git group + +In order for GitLab to display properly you have to make either one of the changes +below. The first one is recommended. + +Add `nginx` user to `git` group: + + sudo usermod -a -G git nginx + sudo chmod g+rx /home/git/ + +or replace the default `nginx` user with `git` and group `root` in `/etc/nginx/nginx.conf`: + + #user nginx; + user git root; From d874d1c4737bfa72b7ea8e773a657f3d85af589c Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Sun, 18 Aug 2013 13:29:32 +0300 Subject: [PATCH 24/41] Add sysvinit configs for puma and unicorn --- .../centos/{gitlab-centos => gitlab-puma} | 2 +- init/sysvinit/centos/gitlab-unicorn | 126 ++++++++++++++++++ 2 files changed, 127 insertions(+), 1 deletion(-) rename init/sysvinit/centos/{gitlab-centos => gitlab-puma} (99%) create mode 100644 init/sysvinit/centos/gitlab-unicorn diff --git a/init/sysvinit/centos/gitlab-centos b/init/sysvinit/centos/gitlab-puma similarity index 99% rename from init/sysvinit/centos/gitlab-centos rename to init/sysvinit/centos/gitlab-puma index 3a6e98e..02af468 100644 --- a/init/sysvinit/centos/gitlab-centos +++ b/init/sysvinit/centos/gitlab-puma @@ -2,7 +2,7 @@ # # GitLab # Contributors : @elvanja, @troyanov, @eiyaya, @foyo23, @nielsbasjes, @relip, @JasonMing, @andronat -# App Version : 5.x +# App Version : 6.x # chkconfig: 2345 82 55 # processname: puma diff --git a/init/sysvinit/centos/gitlab-unicorn b/init/sysvinit/centos/gitlab-unicorn new file mode 100644 index 0000000..106d143 --- /dev/null +++ b/init/sysvinit/centos/gitlab-unicorn @@ -0,0 +1,126 @@ +#!/bin/bash +# +# GitLab +# Contributors : @elvanja, @troyanov, @eiyaya, @foyo23, @nielsbasjes, @relip, @JasonMing, @andronat +# App Version : 6.x + +# chkconfig: 2345 82 55 +# processname: unicorn +# processname: sidekiq +# description: Runs unicorn and sidekiq for nginx integration. + +# Related (kudos @4sak3n0ne): +# https://github.com/gitlabhq/gitlabhq/issues/1049#issuecomment-8386882 +# https://gist.github.com/3062860 + +# Save original $PATH +# /etc/rc.d/init.d/functions resets $PATH to default(/sbin:/usr/sbin:/bin:/usr/bin). +# Consequently, rvm and compiled ruby with custom path (which isn't /usr/bin) cannot be executed. +ORIGINAL_PATH=$PATH + +# Include RedHat function library +. /etc/rc.d/init.d/functions + +# Restore original $PATH +PATH=$ORIGINAL_PATH + +# The name of the service +NAME=git + +# The username and path to the gitlab source +USER=git +APP_PATH=/home/$USER/gitlab + +# The PID and LOCK files used by unicorn and sidekiq +UPID=$APP_PATH/tmp/pids/unicorn.pid +ULOCK=/var/lock/subsys/unicorn +SPID=$APP_PATH/tmp/pids/sidekiq.pid +SLOCK=/var/lock/subsys/sidekiq + +# The options to use when running unicorn +OPTS="-c $APP_PATH/config/unicorn.rb -D -E production" + +# Ruby related path update +RVM_PATH="/usr/local/rvm/bin" +RUBY_PATH_PATCH="PATH=/usr/local/bin:/usr/local/lib:/home/git/bin:$RVM_PATH:$PATH && export PATH && " + +start() { + cd $APP_PATH + + # Start unicorn + echo -n $"Starting unicorn: " + daemon --pidfile=$UPID --user=$USER "$RUBY_PATH_PATCH RAILS_ENV=production bundle exec unicorn_rails $OPTS" + unicorn=$? + [ $unicorn -eq 0 ] && touch $ULOCK + echo + + # Start sidekiq + echo -n $"Starting sidekiq: " + daemon --pidfile=$SPID --user=$USER "$RUBY_PATH_PATCH RAILS_ENV=production bundle exec rake sidekiq:start" + sidekiq=$? + [ $sidekiq -eq 0 ] && touch $SLOCK + echo + + retval=$unicorn || $sidekiq + return $retval +} + +stop() { + cd $APP_PATH + + # Stop unicorn + echo -n $"Stopping unicorn: " + killproc -p $UPID + unicorn=$? + [ $unicorn -eq 0 ] && rm -f $ULOCK + echo + + # Stop sidekiq + echo -n $"Stopping sidekiq: " + killproc -p $SPID + sidekiq=$? + [ $sidekiq -eq 0 ] && rm -f $SLOCK + echo + + retval=$unicorn || $sidekiq + return $retval +} + +restart() { + stop + start +} + +get_status() { + status -p $UPID unicorn + status -p $SPID sidekiq +} + +query_status() { + get_status >/dev/null 2>&1 +} + +case "$1" in + start) + query_status && exit 0 + start + ;; + stop) + query_status || exit 0 + stop + ;; + restart) + restart + ;; + status) + get_status + ;; + *) + N=/etc/init.d/$NAME + echo "Usage: $N {start|stop|restart|status}" >&2 + exit 1 + ;; +esac + +exit 0 + From 9833fc52a73b20252b8e292140a6c76ae5a4b35b Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Sun, 18 Aug 2013 16:09:47 +0300 Subject: [PATCH 25/41] Use unicorn by default. Add info for puma use, implement #87 --- web-server/apache/README.md | 25 +++++++++++++++++++++++ web-server/apache/{gitlab => gitlab.conf} | 19 +++++++++++------ 2 files changed, 38 insertions(+), 6 deletions(-) rename web-server/apache/{gitlab => gitlab.conf} (68%) diff --git a/web-server/apache/README.md b/web-server/apache/README.md index e69de29..6c63097 100644 --- a/web-server/apache/README.md +++ b/web-server/apache/README.md @@ -0,0 +1,25 @@ +## CentOS notes + +In CentOS the apache logs are under `/var/log/httpd` so you have to either replace +`apache` with `httpd` in `gitlab.conf` or create the `/var/log/apache2` directory. + +## Puma or unicorn + +### unicorn + +Make sure that `/home/git/gitlab/config/unicorn.rb` exists +The default server is unicorn, so `gitlab.conf` is configured to listen on port `8080`. + +### puma + +Info taken from [PR #87](https://github.com/gitlabhq/gitlab-recipes/pull/87). + +As apache's mod_proxy [doesn't support][sock] sockets, we have to configure the +proxy URL to use tcp instead of unix sockets. First make sure that `/home/git/gitlab/config/puma.rb` exists. +Then you have to make 2 changes: + +1. In `gitlab.conf` replace `http://127.0.0.1:8080/ ` with `http://0.0.0.0:9292/` +2. Edit `puma.rb`: comment out `bind 'tcp://0.0.0.0:9292'` and comment `bind "unix://#{application_path}/tmp/sockets/gitlab.socket"` + + +[sock]: http://httpd.apache.org/docs/2.2/mod/mod_proxy.html diff --git a/web-server/apache/gitlab b/web-server/apache/gitlab.conf similarity index 68% rename from web-server/apache/gitlab rename to web-server/apache/gitlab.conf index b2cd452..da65516 100644 --- a/web-server/apache/gitlab +++ b/web-server/apache/gitlab.conf @@ -1,6 +1,11 @@ # Requires apache modules: mod_proxy and mod_proxy_http # In Debian based distros enable with: sudo a2enmod mod_proxy mod_proxy_http # Change ServerName to your fqdn +# +# You need to run openssl to generate a self-signed ssl certificate: +# cd /etc/apache2 (or /etc/httpd) +# sudo openssl req -new -x509 -nodes -days 3560 -out gitlab.crt -keyout gitlab.key +# sudo chmod o-r gitlab.key ServerName gitlab.example.com @@ -14,8 +19,10 @@ ProxyPass /uploads ! ProxyPass /error ! - ProxyPass / http://127.0.0.1:3000/ - ProxyPassReverse / http://127.0.0.1:3000/ + + # If you use puma, see https://github.com/gitlabhq/gitlab-recipes/blob/master/web-server/apache/README.md + ProxyPass / http://127.0.0.1:8080/ + ProxyPassReverse / http://127.0.0.1:8080/ ProxyPreserveHost On CustomLog /var/log/apache2/gitlab/access.log combined @@ -36,13 +43,13 @@ ServerAdmin gitlab@example.com SSLEngine On - SSLCertificateFile /etc/apache2/ssl/server.crt - SSLCertificateKeyFile /etc/apache2/ssl/server.key + SSLCertificateFile /etc/apache2/gitlab.crt + SSLCertificateKeyFile /etc/apache2/gitlab.key ProxyPass /uploads ! ProxyPass /error ! - ProxyPass / http://127.0.0.1:3000/ - ProxyPassReverse / http://127.0.0.1:3000/ + ProxyPass / http://127.0.0.1:8080/ + ProxyPassReverse / http://127.0.0.1:8080/ ProxyPreserveHost On CustomLog /var/log/apache2/gitlab/access.log combined From 9b750abb13e1ebb30441e4610ade2fe43a15b791 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Sun, 18 Aug 2013 16:25:52 +0300 Subject: [PATCH 26/41] Finish CentOS installation guide --- install/centos/README.md | 419 +++++++++++++++++++++------------------ 1 file changed, 231 insertions(+), 188 deletions(-) diff --git a/install/centos/README.md b/install/centos/README.md index fd2469f..c4a9432 100644 --- a/install/centos/README.md +++ b/install/centos/README.md @@ -1,7 +1,7 @@ ``` Distribution : CentOS 6.4 -GitLab version : 5.4 -Web Server : Apache +GitLab version : 6.0 +Web Server : Apache, Nginx Init system : sysvinit Database : mysql Contributors : @nielsbasjes, @axilleas, @mairin @@ -18,10 +18,11 @@ Pull requests with tested Postgres are welcome! ### Important Notes -The following steps have been known to work. If you deviate from this guide, do -it with caution and make sure you don't violate any assumptions GitLab makes about -its environment. We have also tried this on RHEL 6.3 and found that there are subtle -differences which are documented in part. Look for the **RHEL Notes** note. +The following steps have been known to work and should be followed from up to bottom. +If you deviate from this guide, do it with caution and make sure you don't violate +any assumptions GitLab makes about its environment. We have also tried this on +RHEL 6.3 and found that there are subtle differences which are documented in part. +Look for the **RHEL Notes** note. #### If you find a bug @@ -37,13 +38,14 @@ This guide does not disable any of them, we simply configure them as they were i The GitLab installation consists of setting up the following components: -1. Installing the base operating system (CentOS 6.4 Minimal) and Packages / Dependencies +1. Install the base operating system (CentOS 6.4 Minimal) and Packages / Dependencies 2. Ruby 3. System Users 4. GitLab shell 5. Database -5. GitLab -6. Web server +6. GitLab +7. Web server +8. Firewall ---------- @@ -183,7 +185,7 @@ Alternatively you can install `postfix`. ---------- -# 2. Ruby +## 2. Ruby Download and compile it: su - @@ -193,28 +195,34 @@ Download and compile it: ./configure --prefix=/usr/local/ make && make install +Logout and login again for the `$PATH` to take effect. Check that ruby is properly +installed with: + + which ruby + # /usr/local/bin/ruby + ruby -v + # ruby 2.0.0p247 (2013-06-27 revision 41674) [x86_64-linux] + Install the Bundler Gem: - sudo gem install bundler + sudo gem install bundler --no-ri --no-rdoc + +**NOTE:** If you get an error like `sudo: gem: command not found`, it is because +CentOS has sudo built with the `--with-secure-path` flag. See this post on [stackoverflow][sudo] +on how to deal with it. Alternatively, login as root and run the command. ---------- -# 3. System Users +## 3. System Users -## Create user for Git +### Create user for Git su - - adduser \ - --system \ - --shell /bin/bash \ - --comment 'Git Version Control' \ - --create-home \ - --home-dir /home/git \ - git + adduser --system --shell /bin/bash --comment 'GitLab' --create-home --home-dir /home/git/ git We do NOT set the password so this user cannot login. -## Forwarding all emails +### Forwarding all emails Now we want all logging of the system to be forwarded to a central email address: @@ -229,9 +237,37 @@ Now we want all logging of the system to be forwarded to a central email address chmod 600 /home/git/.forward restorecon /home/git/.forward -### Configure mysql +---------- + +# 4. GitLab shell + +GitLab Shell is a ssh access and repository management software developed specially for GitLab. + +``` +# First login as root +su - + +# Login as git +su - git -Install and enable the `mysqld` service to start on boot: +# Clone gitlab shell +git clone https://github.com/gitlabhq/gitlab-shell.git +cd gitlab-shell + +# Switch to right version +git checkout v1.7.0 +cp config.yml.example config.yml + +# Edit config and replace gitlab_url with something like 'http://domain.com/' + +# Do setup +./bin/install +``` +---------- + +## 5. Database + +Install `mysql` and enable the `mysqld` service to start on boot: ::bash su - @@ -247,7 +283,7 @@ Create a new user and database for GitLab: # Login to MySQL mysql -u root -p - + # Type the database root password # Create a user for GitLab. (change supersecret to a real password) CREATE USER 'gitlab'@'localhost' IDENTIFIED BY 'supersecret'; @@ -263,236 +299,240 @@ Create a new user and database for GitLab: Try connecting to the new database with the new user: mysql -u gitlab -p -D gitlabhq_production + # Type the password you replaced supersecret with earlier # Quit the database session \q ---------- +## 6. GitLab -# 4. GitLab shell - -GitLab Shell is a ssh access and repository management software developed specially for GitLab. - - # Login as git +We'll install GitLab into home directory of the user `git`: + su - su - git -*logged in as **git*** - - # Go to home directory - cd /home/git - - # Clone gitlab shell - git clone https://github.com/gitlabhq/gitlab-shell.git - cd gitlab-shell - - # switch to right version - git checkout v1.4.0 - - cp config.yml.example config.yml - - # Edit config and replace gitlab_url - # with something like 'http://domain.com/' - vim config.yml - - # Do setup - ./bin/install - - ----------- -# 5. GitLab - -*logged in as **git*** - - # We'll install GitLab into home directory of the user "git" - cd /home/git - -## Clone the Source +### Clone the Source # Clone GitLab repository git clone https://github.com/gitlabhq/gitlabhq.git gitlab - # Go to gitlab dir + # Go to gitlab directory cd /home/git/gitlab # Checkout to stable release - git checkout 5-2-stable + git checkout 6-0-stable **Note:** -You can change `5-2-stable` to `master` if you want the *bleeding edge* version, but +You can change `6-0-stable` to `master` if you want the *bleeding edge* version, but do so with caution! -## Configure it - -Copy the example GitLab config - - cp /home/git/gitlab/config/gitlab.yml{.example,} - -Edit the gitlab config to make sure to change "localhost" to the fully-qualified domain name of your host serving GitLab where necessary. Also review the other settings to match your setup. - - vim /home/git/gitlab/config/gitlab.yml - -*logged in as **root*** - - # Make sure GitLab can write to the log/ and tmp/ directories - chown -R git /home/git/gitlab/log/ - chown -R git /home/git/gitlab/tmp/ - chmod -R u+rwX /home/git/gitlab/log/ - chmod -R u+rwX /home/git/gitlab/tmp/ - -*logged in as **git*** - - # Create directory for satellites - mkdir /home/git/gitlab-satellites - - # Create directories for sockets/pids and make sure GitLab can write to them - mkdir /home/git/gitlab/tmp/pids/ - mkdir /home/git/gitlab/tmp/sockets/ - chmod -R u+rwX /home/git/gitlab/tmp/pids/ - chmod -R u+rwX /home/git/gitlab/tmp/sockets/ - - # Create public/uploads directory otherwise backup will fail - mkdir /home/git/gitlab/public/uploads - chmod -R u+rwX /home/git/gitlab/public/uploads +### Configure it - # Copy the example Puma config - cp /home/git/gitlab/config/puma.rb{.example,} - - # Configure Git global settings for git user, useful when editing via web - # Edit user.email according to what is set in gitlab.yml - git config --global user.name "GitLab" - git config --global user.email "gitlab@localhost" - - -**Important Note:** -Make sure to edit both `gitlab.yml` and `puma.rb` to match your setup. +``` +# Copy the example GitLab config +cp config/gitlab.yml.example config/gitlab.yml + +# Make sure to change "localhost" to the fully-qualified domain name of your +# host serving GitLab where necessary +sed -i 's|localhost|your_domain_name|g' config/gitlab.yml + +# Change git's path to point to /usr/local/bin/git +sed -i 's|/usr/bin/git|/usr/local/bin/git|' config/gitlab.yml + +# Make sure GitLab can write to the log/ and tmp/ directories +chown -R git log/ +chown -R git tmp/ +chmod -R u+rwX log/ +chmod -R u+rwX tmp/ + +# Create directory for satellites +mkdir /home/git/gitlab-satellites + +# Create directories for sockets/pids and make sure GitLab can write to them +mkdir tmp/pids/ +mkdir tmp/sockets/ +chmod -R u+rwX tmp/pids/ +chmod -R u+rwX tmp/sockets/ + +# Create public/uploads directory otherwise backup will fail +mkdir public/uploads +chmod -R u+rwX public/uploads + +# Copy the example Unicorn config +cp config/unicorn.rb.example config/unicorn.rb + +# Enable cluster mode if you expect to have a high load instance +# E.g. change amount of workers to 3 for 2GB RAM server +editor config/unicorn.rb + +# Configure Git global settings for git user, useful when editing via web +# Edit user.email according to what is set in gitlab.yml +git config --global user.name "GitLab" +git config --global user.email "gitlab@your_domain_name" +git config --global core.autocrlf input +``` -Specifically for our setup behind Apache edit the puma config +**Important:** Make sure to edit both `gitlab.yml` and `unicorn.rb` to match your setup. - vim /home/git/gitlab/config/puma.rb +### Configure GitLab DB settings -Change the bind parameter so that it reads: + # MySQL + cp config/database.yml{.mysql,} - bind 'tcp://127.0.0.1:9292' +Make sure to update username/password in `config/database.yml`. +You only need to adapt the production settings (first part). +If you followed the database guide then please do as follows: +Change `root` to `gitlab`. +Change `secure password` with the value you have given to supersecret. +You can keep the double quotes around the password. -## Configure GitLab DB settings + editor config/database.yml - # MySQL - cp /home/git/gitlab/config/database.yml{.mysql,} +Make config/database.yml readable to git only -Edit the database config and set the correct username/password + chmod o-rwx config/database.yml - vim /home/git/gitlab/config/database.yml +### Install Gems -The config should look something like this (where *supersecret* is replaced with your real password): + su - + gem install charlock_holmes --version '0.6.9.4' + exit - production: - adapter: mysql2 - encoding: utf8 - reconnect: false - database: gitlabhq_production - pool: 5 - username: gitlab - password: supersecret - # host: localhost - # socket: /tmp/mysql.sock +For MySQL (note, the option says "without ... postgres"): -## Install Gems -*logged in as **git*** + cd /home/git/gitlab/ + bundle install --deployment --without development test postgres puma aws - logout -*logged in as **root*** +### Initialize Database and Activate Advanced Features cd /home/git/gitlab + bundle exec rake gitlab:setup RAILS_ENV=production + +Type 'yes' to create the database. +When done you see 'Administrator account created:' - gem install charlock_holmes --version '0.6.9.4' - - su - git +### Install Init Script -*logged in as **git*** +Download the init script (will be /etc/init.d/gitlab): - cd /home/git/gitlab + su - + wget -O /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlab-recipes/master/init/sysvinit/centos/gitlab-centos + chmod +x /etc/init.d/gitlab + chkconfig --add gitlab - # For mysql db - bundle install --deployment --without development test postgres +Make GitLab start on boot: + chkconfig gitlab on -## Initialize Database and Activate Advanced Features +### Check Application Status -*logged in as **git*** +Check if GitLab and its environment are configured correctly: - cd /home/git/gitlab - bundle exec rake gitlab:setup RAILS_ENV=production + su - git + cd gitlab/ + bundle exec rake gitlab:env:info RAILS_ENV=production + exit -## Install Init Script +### Start your GitLab instance: -Download the init script (will be /etc/init.d/gitlab) + service gitlab start -*logged in as **git*** +### Double-check Application Status - logout +To make sure you didn't miss anything run a more thorough check with: -*logged in as **root*** + su - git + cd gitlab/ + bundle exec rake gitlab:check RAILS_ENV=production -**Double check the url for this next one!!** +If all items are green, then congratulations on successfully installing GitLab! +However there are still a few steps left. - curl https://raw.github.com/gitlabhq/gitlab-recipes/master/init/sysvinit/centos/gitlab-centos > /etc/init.d/gitlab - chmod +x /etc/init.d/gitlab - chkconfig --add gitlab +## 7. Configure the web server -Make GitLab start on boot: +### Nginx - chkconfig gitlab on +``` +su - +yum -y install nginx +chkconfig nginx on +mkdir /etc/nginx/sites-{available,enabled} +wget -O /etc/nginx/sites-available/gitlab https://raw.github.com/gitlabhq/gitlab-recipes/master/web-server/nginx/gitlab-ssl +ln -sf /etc/nginx/sites-available/gitlab /etc/nginx/sites-enabled/gitlab +``` -Start your GitLab instance: +Edit `/etc/nginx/nginx.conf` and replace `include /etc/nginx/conf.d/*.conf;` +with `/etc/nginx/sites-enabled/*;` - service gitlab start - # or - /etc/init.d/gitlab start +Add `nginx` user to `git` group. -### Configure the web server + usermod -a -G git nginx + chmod g+rx /home/git/ -For nginx: +Finally start nginx with: - sudo yum -y install nginx + service nginx start +### Apache -For Apache: - - sudo yum -y install httpd - sudo chkconfig httpd on - sudo wget -O /etc/httpd/conf.d/gitlab.conf https://raw.github.com/gitlabhq/gitlab-recipes/web-server/apache/gitlab - +We will configure apache with module `mod_proxy` which is loaded by default when +installing apache: +``` +su - +yum -y install httpd mod_ssl +chkconfig httpd on +wget -O /etc/httpd/conf.d/gitlab.conf https://raw.github.com/gitlabhq/gitlab-recipes/master/web-server/apache/gitlab.conf +``` Open `/etc/httpd/conf.d/gitlab.conf` with your editor and replace `git.example.org` with your FQDN. -**OPTIONAL:** If you want to run other websites on the same system you'll need to -add in `/etc/httpd/conf/httpd.conf`: +Add `LoadModule ssl_module /etc/httpd/modules/mod_ssl.so` in `/etc/httpd/conf/httpd.conf` - NameVirtualHost *:80 +If you want to run other websites on the same system, you'll need to add in `/etc/httpd/conf/httpd.conf`: +``` +NameVirtualHost *:80 + + # If you add NameVirtualHost *:443 here, you will also have to change + # the VirtualHost statement in /etc/httpd/conf.d/gitlab.conf + # to + NameVirtualHost *:443 + Listen 443 + +``` Poke a selinux hole for httpd so it can be in front of GitLab: setsebool -P httpd_can_network_connect on + +Start apache: + + service httpd start + +## 8. Configure the firewall -### Configure firewall - -Poke an iptables hole so uses can access the httpd (http and https ports) and ssh. -The quick way is to put this in the file called **/etc/sysconfig/iptables** - - # Firewall configuration written by system-config-firewall - # Manual customization of this file is not recommended. - *filter - :INPUT ACCEPT [0:0] - :FORWARD ACCEPT [0:0] - :OUTPUT ACCEPT [0:0] - -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT - -A INPUT -p icmp -j ACCEPT - -A INPUT -i lo -j ACCEPT - -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT - -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT - -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT - -A INPUT -j REJECT --reject-with icmp-host-prohibited - -A FORWARD -j REJECT --reject-with icmp-host-prohibited - COMMIT +Poke an iptables hole so users can access the httpd (http and https ports) and ssh. +The quick way is to put this in the file called `/etc/sysconfig/iptables`: + +``` +# Firewall configuration written by system-config-firewall +# Manual customization of this file is not recommended. +*filter +:INPUT ACCEPT [0:0] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT +-A INPUT -p icmp -j ACCEPT +-A INPUT -i lo -j ACCEPT +-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT +-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT +-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT +-A INPUT -j REJECT --reject-with icmp-host-prohibited +-A FORWARD -j REJECT --reject-with icmp-host-prohibited +COMMIT +``` + +Restart the service for the changes to take effect: + + service iptables restart ## Done! @@ -502,6 +542,8 @@ The setup has created an admin account for you. You can use it to log in: admin@local.host 5iveL!fe +You will then be redirected to change the default admin password. + ## Links used in this guide - [EPEL information](http://www.thegeekstuff.com/2012/06/enable-epel-repository/) @@ -510,3 +552,4 @@ The setup has created an admin account for you. You can use it to log in: [EPEL]: https://fedoraproject.org/wiki/EPEL [keys]: https://fedoraproject.org/keys +[sudo]: http://stackoverflow.com/questions/257616/sudo-changes-path-why From a474bb1de23d01a56f358c9394590708372433b1 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Sun, 18 Aug 2013 16:38:30 +0300 Subject: [PATCH 27/41] Minor fixes --- install/centos/README.md | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/install/centos/README.md b/install/centos/README.md index c4a9432..fcdcd7e 100644 --- a/install/centos/README.md +++ b/install/centos/README.md @@ -107,7 +107,6 @@ If you can't see it listed, use the folowing command to enable it: ### Install the required tools for GitLab - ::bash su - yum -y update yum -y groupinstall 'Development Tools' @@ -130,7 +129,6 @@ GitLab will only work correctly with git version 1.8.x or newer. The problem is that the available rpms for CentOS stop at git 1.7.1 which is too old for GitLab. In order to update, you have to build git from source as it is not yet in any repository: - ::bash su - cd /tmp yum -y install git perl-ExtUtils-MakeMaker @@ -154,7 +152,7 @@ installed with: ### Configure redis Make sure redis is started on boot: - ::bash + sudo chkconfig redis on ### Configure sendmail @@ -239,7 +237,7 @@ Now we want all logging of the system to be forwarded to a central email address ---------- -# 4. GitLab shell +## 4. GitLab shell GitLab Shell is a ssh access and repository management software developed specially for GitLab. @@ -269,7 +267,6 @@ cp config.yml.example config.yml Install `mysql` and enable the `mysqld` service to start on boot: - ::bash su - yum install -y mysql-server mysql-devel chkconfig mysqld on @@ -307,6 +304,7 @@ Try connecting to the new database with the new user: ## 6. GitLab We'll install GitLab into home directory of the user `git`: + su - su - git @@ -331,8 +329,7 @@ do so with caution! # Copy the example GitLab config cp config/gitlab.yml.example config/gitlab.yml -# Make sure to change "localhost" to the fully-qualified domain name of your -# host serving GitLab where necessary +# Replace your_domain_name with the fully-qualified domain name of your host serving GitLab sed -i 's|localhost|your_domain_name|g' config/gitlab.yml # Change git's path to point to /usr/local/bin/git @@ -378,11 +375,12 @@ git config --global core.autocrlf input # MySQL cp config/database.yml{.mysql,} -Make sure to update username/password in `config/database.yml`. -You only need to adapt the production settings (first part). +Make sure to update username/password in `config/database.yml`. You only need to adapt the production settings (first part). + If you followed the database guide then please do as follows: -Change `root` to `gitlab`. -Change `secure password` with the value you have given to supersecret. +* Change `root` to `gitlab`. +* Change `secure password` with the value you have given to supersecret. + You can keep the double quotes around the password. editor config/database.yml @@ -416,7 +414,7 @@ When done you see 'Administrator account created:' Download the init script (will be /etc/init.d/gitlab): su - - wget -O /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlab-recipes/master/init/sysvinit/centos/gitlab-centos + wget -O /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlab-recipes/master/init/sysvinit/centos/gitlab-unicorn chmod +x /etc/init.d/gitlab chkconfig --add gitlab @@ -472,23 +470,26 @@ Add `nginx` user to `git` group. Finally start nginx with: service nginx start - + ### Apache We will configure apache with module `mod_proxy` which is loaded by default when installing apache: + ``` su - yum -y install httpd mod_ssl chkconfig httpd on wget -O /etc/httpd/conf.d/gitlab.conf https://raw.github.com/gitlabhq/gitlab-recipes/master/web-server/apache/gitlab.conf ``` + Open `/etc/httpd/conf.d/gitlab.conf` with your editor and replace `git.example.org` with your FQDN. Add `LoadModule ssl_module /etc/httpd/modules/mod_ssl.so` in `/etc/httpd/conf/httpd.conf` If you want to run other websites on the same system, you'll need to add in `/etc/httpd/conf/httpd.conf`: ``` + NameVirtualHost *:80 # If you add NameVirtualHost *:443 here, you will also have to change From 2f555a5ed45ff7970eee10f75655e81f75f4a05d Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Sun, 18 Aug 2013 16:39:38 +0300 Subject: [PATCH 28/41] Fix code block --- install/centos/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/centos/README.md b/install/centos/README.md index fcdcd7e..e6c9d8b 100644 --- a/install/centos/README.md +++ b/install/centos/README.md @@ -488,8 +488,8 @@ Open `/etc/httpd/conf.d/gitlab.conf` with your editor and replace `git.example.o Add `LoadModule ssl_module /etc/httpd/modules/mod_ssl.so` in `/etc/httpd/conf/httpd.conf` If you want to run other websites on the same system, you'll need to add in `/etc/httpd/conf/httpd.conf`: -``` +``` NameVirtualHost *:80 # If you add NameVirtualHost *:443 here, you will also have to change From 471ee5660e0e7dbba668e452279167e8756d1fe2 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Sun, 18 Aug 2013 23:48:23 +0300 Subject: [PATCH 29/41] Add first draft of systemd services. Fix #14 Implement #43 --- init/systemd/README.md | 43 +++++++++++++++++++++++++++++ init/systemd/gitlab-sidekiq.service | 19 +++++++++++++ init/systemd/gitlab-unicorn.service | 16 +++++++++++ init/systemd/gitlab.target | 5 ++++ 4 files changed, 83 insertions(+) create mode 100644 init/systemd/README.md create mode 100644 init/systemd/gitlab-sidekiq.service create mode 100644 init/systemd/gitlab-unicorn.service create mode 100644 init/systemd/gitlab.target diff --git a/init/systemd/README.md b/init/systemd/README.md new file mode 100644 index 0000000..6e45cb1 --- /dev/null +++ b/init/systemd/README.md @@ -0,0 +1,43 @@ +## GitLab startup services for systemd (Archlinux, Fedora, etc) + +GitLab requires a couple of services: +* Web server (apache, nginx, etc.) +* Redis server +* Mail server (postfix or other) +* GitLab Sidekiq service (`gitlab-sidekiq.service`) +* Unicorn (`gitlab-unicorn.service`) + + +## Setup GitLab Sidekiq service + +Copy files to `/etc/systemd/system/`: + +``` +su - +cd /etc/systemd/system/ +wget -O gitlab-sidekiq.service https://raw.github.com/gitlabhq/gitlab-recipes/master/init/systemd/gitlab-sidekiq.service +wget -O gitlab-unicorn.service https://raw.github.com/gitlabhq/gitlab-recipes/master/init/systemd/gitlab-unicorn.service +wget -O gitlab.target https://raw.github.com/gitlabhq/gitlab-recipes/master/init/systemd/gitlab.target +``` + +Reload systemd: + + sudo systemctl --system daemon-reload + +Start the services: + + sudo systemctl start gitlab-sidekiq gitlab-unicorn + +Enable them to start at boot: + + sudo systemctl enable gitlab-sidekiq gitlab-unicorn + +## Notes + +If you installed GitLab in other path than `/home/git/gitlab` change the service files accordingly. + +`/etc/systemd/system/` have a higher precedence over `/lib/systemd/system`. + +For older systemd versions you need to append `service` after the service name. For example: + + sudo systemctl start gitlab-sidekiq.service diff --git a/init/systemd/gitlab-sidekiq.service b/init/systemd/gitlab-sidekiq.service new file mode 100644 index 0000000..704840f --- /dev/null +++ b/init/systemd/gitlab-sidekiq.service @@ -0,0 +1,19 @@ +[Unit] +Description=GitLab Sidekiq Worker +Requires=redis.service +After=syslog.target network.target redis.service +Wants=mysqld.service + +[Service] +Type=forking +User=git +WorkingDirectory=/home/git/gitlab +Environment=RAILS_ENV=production +SyslogIdentifier=gitlab-sidekiq +PidFile=/home/git/gitlab/tmp/pids/sidekiq.pid + +ExecStart=/usr/bin/bundle exec rake sidekiq:start +ExecStop=/usr/bin/bundle exec rake sidekiq:stop + +[Install] +WantedBy=gitlab.target diff --git a/init/systemd/gitlab-unicorn.service b/init/systemd/gitlab-unicorn.service new file mode 100644 index 0000000..94df50f --- /dev/null +++ b/init/systemd/gitlab-unicorn.service @@ -0,0 +1,16 @@ +[Unit] +Description=GitLab Unicorn Server +Requires=redis.service +After=network.target mysqld.service redis.service + +[Service] +User=git +WorkingDirectory=/home/git/gitlab +Environment=RAILS_ENV=production +SyslogIdentifier=gitlab-unicorn +PidFile=/home/git/gitlab/tmp/pids/unicorn.pid + +ExecStart=/usr/bin/bundle exec "unicorn_rails -c /home/git/gitlab/config/unicorn.rb -E production" + +[Install] +WantedBy=gitlab.target diff --git a/init/systemd/gitlab.target b/init/systemd/gitlab.target new file mode 100644 index 0000000..9dfbb2f --- /dev/null +++ b/init/systemd/gitlab.target @@ -0,0 +1,5 @@ +[Unit] +Description=GitLab - Self Hosted Git Management + +[Install] +WantedBy=multi-user.target From a33410411f2fbf7c283906b99edf1e1de5a84c8c Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Mon, 19 Aug 2013 08:01:50 +0300 Subject: [PATCH 30/41] Add SELinux link --- install/centos/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/install/centos/README.md b/install/centos/README.md index e6c9d8b..33143e5 100644 --- a/install/centos/README.md +++ b/install/centos/README.md @@ -549,6 +549,7 @@ You will then be redirected to change the default admin password. - [EPEL information](http://www.thegeekstuff.com/2012/06/enable-epel-repository/) - [git update to 1.8.x](http://www.pickysysadmin.ca/2013/05/21/commit-comments-not-appearing-in-gitlab-on-centos/) +- [SELinux booleans](http://wiki.centos.org/TipsAndTricks/SelinuxBooleans) [EPEL]: https://fedoraproject.org/wiki/EPEL From fcd87ac82c1ad2452803ff8ffeff53286f5d9442 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Tue, 20 Aug 2013 02:29:27 +0300 Subject: [PATCH 31/41] Add puma relevant files --- app-server/README.md | 1 + app-server/puma.rb | 96 +++++++++++++++++++++ init/sysvinit/debian/README.md | 9 ++ init/sysvinit/debian/gitlab-puma | 140 +++++++++++++++++++++++++++++++ 4 files changed, 246 insertions(+) create mode 100644 app-server/README.md create mode 100644 app-server/puma.rb create mode 100644 init/sysvinit/debian/README.md create mode 100644 init/sysvinit/debian/gitlab-puma diff --git a/app-server/README.md b/app-server/README.md new file mode 100644 index 0000000..cd53f54 --- /dev/null +++ b/app-server/README.md @@ -0,0 +1 @@ +Alternative configuration file for the `puma` application server. Copy it under `/home/git/gitlab/config/` and rename it to `puma.rb`. diff --git a/app-server/puma.rb b/app-server/puma.rb new file mode 100644 index 0000000..8d7133f --- /dev/null +++ b/app-server/puma.rb @@ -0,0 +1,96 @@ +#!/usr/bin/env puma + +# Start Puma with next command: +# RAILS_ENV=production bundle exec puma -C ./config/puma.rb + +# uncomment and customize to run in non-root path +# note that config/gitlab.yml web path should also be changed +# ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab" + +application_path = '/home/git/gitlab' +directory application_path +environment 'production' +daemonize true +pidfile "#{application_path}/tmp/pids/puma.pid" +state_path "#{application_path}/tmp/pids/puma.state" +stdout_redirect "#{application_path}/log/puma.stdout.log", "#{application_path}/log/puma.stderr.log" + +# Configure “min” to be the minimum number of threads to use to answer +# requests and “max” the maximum. +# +# The default is “0, 16”. +# +# threads 0, 16 + +# Bind the server to “url”. “tcp://”, “unix://” and “ssl://” are the only +# accepted protocols. +# +# +# The default is “tcp://0.0.0.0:9292”. +# +# bind 'tcp://0.0.0.0:9292' +# bind 'unix:///var/run/puma.sock' +# bind 'unix:///var/run/puma.sock?umask=0777' +# bind 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert' +# +## Comment the next line if you use apache. +bind "unix://#{application_path}/tmp/sockets/gitlab.socket" + +# Instead of “bind 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert'” you +# can also use the “ssl_bind” option. +# +# ssl_bind '127.0.0.1', '9292', { key: path_to_key, cert: path_to_cert } + +# Code to run before doing a restart. This code should +# close log files, database connections, etc. +# +# This can be called multiple times to add code each time. +# +# on_restart do +# puts 'On restart...' +# end + +# Command to use to restart puma. This should be just how to +# load puma itself (ie. 'ruby -Ilib bin/puma'), not the arguments +# to puma, as those are the same as the original process. +# +# restart_command '/u/app/lolcat/bin/restart_puma' + +# === Cluster mode === + +# How many worker processes to run. +# +# The default is “0”. +# +# workers 2 + +# GitLab cluster mode recommendations +# If you have more than 1 GB RAM, uncomment one of the following lines: +# +# workers 2 # if you have at least 1.5 GB RAM +# workers 3 # if you have at least 2 GB RAM +# workers 4 # if you have at least 2.5 GB RAM + +# Code to run when a worker boots to setup the process before booting +# the app. +# +# This can be called multiple times to add hooks. +# +# on_worker_boot do +# puts 'On worker boot...' +# end + +# === Puma control rack application === + +# Start the puma control rack application on “url”. This application can +# be communicated with to control the main server. Additionally, you can +# provide an authentication token, so all requests to the control server +# will need to include that token as a query parameter. This allows for +# simple authentication. +# +# Check out https://github.com/puma/puma/blob/master/lib/puma/app/status.rb +# to see what the app has available. +# +# activate_control_app 'unix:///var/run/pumactl.sock' +# activate_control_app 'unix:///var/run/pumactl.sock', { auth_token: '12345' } +# activate_control_app 'unix:///var/run/pumactl.sock', { no_token: true } diff --git a/init/sysvinit/debian/README.md b/init/sysvinit/debian/README.md new file mode 100644 index 0000000..9413a60 --- /dev/null +++ b/init/sysvinit/debian/README.md @@ -0,0 +1,9 @@ +Alternative sysvinit file for puma. Tested on Debian/Ubuntu but this should work for all Debian based distros. Make sure you have the `puma` gem installed and `puma.rb` in `/home/git/gitlab/config/`. + +Get `gitlab-puma` in your `/etc/init.d/` directory: + + wget -O /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlab-recipes/master/init/sysvinit/debian/gitlab-puma + +Then start the service with: + + service gitlab start diff --git a/init/sysvinit/debian/gitlab-puma b/init/sysvinit/debian/gitlab-puma new file mode 100644 index 0000000..2db37ed --- /dev/null +++ b/init/sysvinit/debian/gitlab-puma @@ -0,0 +1,140 @@ +#! /bin/bash + +# GITLAB +# Maintainer: @randx +# App Version: 5.2 + +### BEGIN INIT INFO +# Provides: gitlab +# Required-Start: $local_fs $remote_fs $network $syslog redis-server +# Required-Stop: $local_fs $remote_fs $network $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: GitLab git repository management +# Description: GitLab git repository management +### END INIT INFO + + +APP_ROOT="/home/git/gitlab" +APP_USER="git" +DAEMON_OPTS="-C $APP_ROOT/config/puma.rb" +PID_PATH="$APP_ROOT/tmp/pids" +SOCKET_PATH="$APP_ROOT/tmp/sockets" +SOCKET_FILE="$SOCKET_PATH/gitlab.socket" +WEB_SERVER_PID="$PID_PATH/puma.pid" +SIDEKIQ_PID="$PID_PATH/sidekiq.pid" +STOP_SIDEKIQ="RAILS_ENV=production bundle exec rake sidekiq:stop" +START_SIDEKIQ="RAILS_ENV=production bundle exec rake sidekiq:start" +NAME="gitlab" +DESC="GitLab service" + +check_pid(){ + if [ -f $WEB_SERVER_PID ]; then + PID=`cat $WEB_SERVER_PID` + SPID=`cat $SIDEKIQ_PID` + STATUS=`ps aux | grep $PID | grep -v grep | wc -l` + else + STATUS=0 + PID=0 + fi +} + +execute() { + sudo -u $APP_USER -H bash -l -c "$1" +} + +start() { + cd $APP_ROOT + check_pid + if [ "$PID" -ne 0 -a "$STATUS" -ne 0 ]; then + # Program is running, exit with error code 1. + echo "Error! $DESC $NAME is currently running!" + exit 1 + else + if [ `whoami` = root ]; then + ! [ -e $SOCKET_FILE ] || execute "rm $SOCKET_FILE" + execute "RAILS_ENV=production bundle exec puma $DAEMON_OPTS" + execute "mkdir -p $PID_PATH && $START_SIDEKIQ > /dev/null 2>&1 &" + echo "$DESC started" + fi + fi +} + +stop() { + cd $APP_ROOT + check_pid + if [ "$PID" -ne 0 -a "$STATUS" -ne 0 ]; then + ## Program is running, stop it. + kill -QUIT `cat $WEB_SERVER_PID` + ! [ -e $SOCKET_FILE ] || execute "rm $SOCKET_FILE" + execute "mkdir -p $PID_PATH && $STOP_SIDEKIQ > /dev/null 2>&1 &" + rm "$WEB_SERVER_PID" >> /dev/null + echo "$DESC stopped" + else + ## Program is not running, exit with error. + echo "Error! $DESC is not started!" + exit 1 + fi +} + +restart() { + cd $APP_ROOT + check_pid + if [ "$PID" -ne 0 -a "$STATUS" -ne 0 ]; then + echo "Restarting $DESC..." + kill -USR2 `cat $WEB_SERVER_PID` + execute "mkdir -p $PID_PATH && $STOP_SIDEKIQ > /dev/null 2>&1" + if [ `whoami` = root ]; then + execute "mkdir -p $PID_PATH && $START_SIDEKIQ > /dev/null 2>&1 &" + fi + echo "$DESC restarted." + else + echo "Error, $NAME not running!" + exit 1 + fi +} + +status() { + cd $APP_ROOT + check_pid + if [ "$PID" -ne 0 -a "$STATUS" -ne 0 ]; then + echo "$DESC / Puma with PID $PID is running." + echo "$DESC / Sidekiq with PID $SPID is running." + else + echo "$DESC is not running." + exit 1 + fi +} + +## Check to see if we are running as root first. +## Found at http://www.cyberciti.biz/tips/shell-root-user-check-script.html +if [ "$(id -u)" != "0" ]; then + echo "This script must be run as root" + exit 1 +fi + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + restart + ;; + reload|force-reload) + echo -n "Reloading $NAME configuration: " + kill -HUP `cat $PID` + echo "done." + ;; + status) + status + ;; + *) + echo "Usage: sudo service gitlab {start|stop|restart|reload}" >&2 + exit 1 + ;; +esac + +exit 0 From 5581ab898fea2b95f71a3894a1c0efa5b8644bea Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Tue, 20 Aug 2013 09:34:02 +0300 Subject: [PATCH 32/41] Fix readme --- app-server/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app-server/README.md b/app-server/README.md index cd53f54..782eff8 100644 --- a/app-server/README.md +++ b/app-server/README.md @@ -1 +1 @@ -Alternative configuration file for the `puma` application server. Copy it under `/home/git/gitlab/config/` and rename it to `puma.rb`. +Alternative configuration file for the `puma` application server. Copy it under `/home/git/gitlab/config/`. From 2c31ba690f8c5ec1beba1d8b4cf4f80ca6e6bb3f Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Tue, 20 Aug 2013 09:36:03 +0300 Subject: [PATCH 33/41] Split line --- init/sysvinit/debian/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/init/sysvinit/debian/README.md b/init/sysvinit/debian/README.md index 9413a60..936baeb 100644 --- a/init/sysvinit/debian/README.md +++ b/init/sysvinit/debian/README.md @@ -1,4 +1,5 @@ -Alternative sysvinit file for puma. Tested on Debian/Ubuntu but this should work for all Debian based distros. Make sure you have the `puma` gem installed and `puma.rb` in `/home/git/gitlab/config/`. +Alternative sysvinit file for puma. Tested on Debian/Ubuntu but this should work for all Debian based distros. +Make sure you have the `puma` gem installed and `puma.rb` in `/home/git/gitlab/config/`. Get `gitlab-puma` in your `/etc/init.d/` directory: From 3eee346d5afd091843355aa19956007e1febb7ca Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Tue, 20 Aug 2013 22:30:54 +0300 Subject: [PATCH 34/41] Move contributing guidelines to separate file --- README.md | 79 ++++------------------------------------ contributing.md | 95 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 102 insertions(+), 72 deletions(-) create mode 100644 contributing.md diff --git a/README.md b/README.md index abcefbb..c7047ec 100644 --- a/README.md +++ b/README.md @@ -1,81 +1,16 @@ -gitlab-recipes -============== +## GitLab recipes: unofficial guides for using GitLab with different software -Unofficial guides for using GitLab with different software (operating systems, webservers, etc.) +Here you will find unofficial guides for using GitLab with different software (operating systems, web servers, etc.) provided by the community, for systems other than the officially supported (Debian/Ubuntu). Bare in mind that this repository is co-maintained by volunteers/contributors like you. -# Contributing +## Contributing -## Naming guidelines +See [contributing.md](contributing.md) for contribution guidelines. -For better maintainance and clarity, some naming guidelines should be followed. +## Notes on the reliability of guides/scripts -* Installation guides should be provided in README files so that they render first when viewing the repository. - -* Installation scripts reside in a `scripts/` directory inside every platform folder. - -### Scripts - -There are scripts doing similar things - -? Scripts should be named after the following scheme: platform-platform_version -Example: `ubuntu-server-12.04.sh` - -## Install information - -If you have an installation guide to provide, fill in the template and place it on top -of your guide or include it in your installation script (commented), again on top. - -### Template - -``` -Distribution : -GitLab version : -Web Server : -Init system : -Database : -Contributor : -Additional Notes : -``` - -### Explanation - -| Label | Explanation | -| ---------------- | ------------------------- | -| Distribution | The official name and version of the platform/distribution, case sensitive. | -| GitLab version | GitLab version on which the guide/script was tested. | -| Web Server | The web server used to serve GitLab. May be two-fold, eg. apache with mod_passenger. | -| Init system | (Optional but recommended) The init system used by the platform if any. Examples: `sysvinit`, `systemd`, `upstart`, `openrc`, etc | -| Database | The database used for installation. Examples: `mysql`, `postrgres`, `mariadb`. -| Contributor | Your github username (recommended in order to track you and give credits) or your real name or both. Example of the latter: **thedude (Jeffrey Lebowski)** | -| Additional Notes | Anything else you want to add. Any deviations form the official guide can be reported here. Eg. using rvm for ruby install, storing in different locations, etc.| - - -### Example - -``` -Distribution : Fedora 19 -GitLab version : 5.4 -Web Server : apache with mod_passenger -Init system : systemd -Database : mariadb -Contributor : thedude -Additional Notes : the script uses rvm to install ruby -``` - -### Accepting Pull Requests - -Please stick as close as possible to the guidelines. That way we ensure quality guides -and easy to merge requests. - -Your Pull Request will be reviewed by one of our volunteers and you will be -asked to reformat it if needed. We don't bite and we will try to be as flexible -as possible, so don't get intimidated by the extent of the quidelines :) - -## Notes - -* We try to test everything before accepting PRs, in a clean, newly installed platform. +* We will try to test everything before accepting PRs, in a clean, newly installed platform. * You should read a script and understand what it does prior to running it. -* If something goes wrong during installation and you think the guide/script needs fixing, file a bug report or a Pull Request. +* If something goes wrong during installation and you think the guide/script needs fixing, file a bug report or a submit a Pull Request. diff --git a/contributing.md b/contributing.md new file mode 100644 index 0000000..34fd260 --- /dev/null +++ b/contributing.md @@ -0,0 +1,95 @@ +# Contribute to GitLab recipes + +This guide details how to use issues and pull requests to improve GitLab recipes. + +Please stick as close as possible to the guidelines. That way we ensure quality guides +and easy to merge requests. + +Your Pull Request will be reviewed by one of our devs/volunteers and you will be +asked to reformat it if needed. We don't bite and we will try to be as flexible +as possible, so don't get intimidated by the extent of the quidelines :) + +For better maintainance and clarity, some naming guidelines should be followed. +See details in each section below. + +## Pull Request title + +Try to be as more descriptive as you can in your Pull Request title. + +Particularly if you are submitting a new script or guide, include in the title, +information about GitLab version, OS tested on and any other relevant info. + +For example some good titles would be: + +* [Installation script] GitLab 6.x - Ubuntu 12.04 - Apache +* [Guide] GitLab 6.1 - FreeBSD - postrges, rvm + +## Guides + +Each installation guide has its own namespace and it should be provided in a +`README` file so that it renders first when viewing the repository. Submit a new +one in `install/platform/README.md` (it doesn't have to be strictly in markdown though). + +## Scripts + +Installation scripts reside in `install/platform/scripts/`, so if you have one, +submit it there. They should named after the following scheme: `platform-platform_version`. + +Example: `ubuntu-server-12.04.sh` + +You are strongly encouraged to also provide a `README` file that describes +how to use the script. You may have included all the needed info in the script +itself (recommended), so you could simply write something between the lines: + + > This script installs GitLab 6.0 on Archlinux. Run it with `./archlinux.sh your_domain_name` + > For more info and variables you can change, read the comments in the script. + + +### Scripts doing similar things + +There is a strong possibility that your script will do similar things to what a +script already in this repo do. In that case, please work on the existing script +and enhance it with your changes. No need to duplicate things. + +## What information to put on your guide/script etc (mandatory) + +If you have an installation guide to provide, fill in the template and place it on top +of it or include it in your installation script (commented), again on top. Try to +include as many items of this template as you can. + +### Template + +``` +Distribution : +GitLab version : +Web Server : +Init system : +Database : +Contributor : +Additional Notes : +``` + +### Explanation + +| Label | Explanation | +| ---------------- | ------------------------- | +| Distribution | The official name and version of the platform/distribution, case sensitive. | +| GitLab version | GitLab version on which the guide/script was tested. | +| Web Server | The web server used to serve GitLab. May be two-fold, eg. apache with mod_passenger. | +| Init system | (Optional but recommended) The init system used by the platform if any. Examples: `sysvinit`, `systemd`, `upstart`, `openrc`, etc | +| Database | The database used for installation. Examples: `mysql`, `postrgres`, `mariadb`. +| Contributors | Your github username (recommended in order to track you and give credits) or your real name or both. Example of the latter: **thedude (Jeffrey Lebowski)** | +| Additional Notes | Anything else you want to add. Any deviations form the official guide can be reported here. Eg. using rvm for ruby install, storing in different locations, etc.| + + +### Example + +``` +Distribution : Fedora 19 +GitLab version : 5.4 +Web Server : apache with mod_passenger +Init system : systemd +Database : mariadb +Contributors : thedude +Additional Notes : the script uses rvm to install ruby +``` From 44eee6b6564695280d25a821129c84415f003877 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Tue, 20 Aug 2013 23:00:14 +0300 Subject: [PATCH 35/41] Use plural --- contributing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contributing.md b/contributing.md index 34fd260..a74e650 100644 --- a/contributing.md +++ b/contributing.md @@ -65,7 +65,7 @@ GitLab version : Web Server : Init system : Database : -Contributor : +Contributors : Additional Notes : ``` From 6881f2becc32715e5ac9b9895322646bfccef6a4 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Tue, 20 Aug 2013 23:00:34 +0300 Subject: [PATCH 36/41] Add contributors info, reference download links --- init/systemd/gitlab-sidekiq.service | 8 ++++++++ init/systemd/gitlab-unicorn.service | 8 ++++++++ init/systemd/gitlab.target | 8 ++++++++ 3 files changed, 24 insertions(+) diff --git a/init/systemd/gitlab-sidekiq.service b/init/systemd/gitlab-sidekiq.service index 704840f..3777be2 100644 --- a/init/systemd/gitlab-sidekiq.service +++ b/init/systemd/gitlab-sidekiq.service @@ -1,3 +1,11 @@ +########################################################################################### +# +# GitLab version : 5.x - 6.x +# Contributors : davispuh, mtorromeo, axilleas +# Downloaded from : https://github.com/gitlabhq/gitlab-recipes/tree/master/init/systemd +# +########################################################################################### + [Unit] Description=GitLab Sidekiq Worker Requires=redis.service diff --git a/init/systemd/gitlab-unicorn.service b/init/systemd/gitlab-unicorn.service index 94df50f..3b895bd 100644 --- a/init/systemd/gitlab-unicorn.service +++ b/init/systemd/gitlab-unicorn.service @@ -1,3 +1,11 @@ +########################################################################################### +# +# GitLab version : 5.x - 6.x +# Contributors : davispuh, mtorromeo, axilleas +# Downloaded from : https://github.com/gitlabhq/gitlab-recipes/tree/master/init/systemd +# +########################################################################################### + [Unit] Description=GitLab Unicorn Server Requires=redis.service diff --git a/init/systemd/gitlab.target b/init/systemd/gitlab.target index 9dfbb2f..de2449b 100644 --- a/init/systemd/gitlab.target +++ b/init/systemd/gitlab.target @@ -1,3 +1,11 @@ +########################################################################################### +# +# GitLab version : 5.x - 6.x +# Contributors : davispuh, mtorromeo, axilleas +# Downloaded from : https://github.com/gitlabhq/gitlab-recipes/tree/master/init/systemd +# +########################################################################################### + [Unit] Description=GitLab - Self Hosted Git Management From b96f664f6e67cd84a644b9401140187722e73f5c Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Tue, 20 Aug 2013 23:11:30 +0300 Subject: [PATCH 37/41] Move puma to own namespace --- app-server/puma/README.md | 1 + app-server/puma/puma.rb | 96 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 97 insertions(+) create mode 100644 app-server/puma/README.md create mode 100644 app-server/puma/puma.rb diff --git a/app-server/puma/README.md b/app-server/puma/README.md new file mode 100644 index 0000000..782eff8 --- /dev/null +++ b/app-server/puma/README.md @@ -0,0 +1 @@ +Alternative configuration file for the `puma` application server. Copy it under `/home/git/gitlab/config/`. diff --git a/app-server/puma/puma.rb b/app-server/puma/puma.rb new file mode 100644 index 0000000..8d7133f --- /dev/null +++ b/app-server/puma/puma.rb @@ -0,0 +1,96 @@ +#!/usr/bin/env puma + +# Start Puma with next command: +# RAILS_ENV=production bundle exec puma -C ./config/puma.rb + +# uncomment and customize to run in non-root path +# note that config/gitlab.yml web path should also be changed +# ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab" + +application_path = '/home/git/gitlab' +directory application_path +environment 'production' +daemonize true +pidfile "#{application_path}/tmp/pids/puma.pid" +state_path "#{application_path}/tmp/pids/puma.state" +stdout_redirect "#{application_path}/log/puma.stdout.log", "#{application_path}/log/puma.stderr.log" + +# Configure “min” to be the minimum number of threads to use to answer +# requests and “max” the maximum. +# +# The default is “0, 16”. +# +# threads 0, 16 + +# Bind the server to “url”. “tcp://”, “unix://” and “ssl://” are the only +# accepted protocols. +# +# +# The default is “tcp://0.0.0.0:9292”. +# +# bind 'tcp://0.0.0.0:9292' +# bind 'unix:///var/run/puma.sock' +# bind 'unix:///var/run/puma.sock?umask=0777' +# bind 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert' +# +## Comment the next line if you use apache. +bind "unix://#{application_path}/tmp/sockets/gitlab.socket" + +# Instead of “bind 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert'” you +# can also use the “ssl_bind” option. +# +# ssl_bind '127.0.0.1', '9292', { key: path_to_key, cert: path_to_cert } + +# Code to run before doing a restart. This code should +# close log files, database connections, etc. +# +# This can be called multiple times to add code each time. +# +# on_restart do +# puts 'On restart...' +# end + +# Command to use to restart puma. This should be just how to +# load puma itself (ie. 'ruby -Ilib bin/puma'), not the arguments +# to puma, as those are the same as the original process. +# +# restart_command '/u/app/lolcat/bin/restart_puma' + +# === Cluster mode === + +# How many worker processes to run. +# +# The default is “0”. +# +# workers 2 + +# GitLab cluster mode recommendations +# If you have more than 1 GB RAM, uncomment one of the following lines: +# +# workers 2 # if you have at least 1.5 GB RAM +# workers 3 # if you have at least 2 GB RAM +# workers 4 # if you have at least 2.5 GB RAM + +# Code to run when a worker boots to setup the process before booting +# the app. +# +# This can be called multiple times to add hooks. +# +# on_worker_boot do +# puts 'On worker boot...' +# end + +# === Puma control rack application === + +# Start the puma control rack application on “url”. This application can +# be communicated with to control the main server. Additionally, you can +# provide an authentication token, so all requests to the control server +# will need to include that token as a query parameter. This allows for +# simple authentication. +# +# Check out https://github.com/puma/puma/blob/master/lib/puma/app/status.rb +# to see what the app has available. +# +# activate_control_app 'unix:///var/run/pumactl.sock' +# activate_control_app 'unix:///var/run/pumactl.sock', { auth_token: '12345' } +# activate_control_app 'unix:///var/run/pumactl.sock', { no_token: true } From 1a480d659c59b68753a906da9d710f4363a8bde5 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Tue, 20 Aug 2013 23:12:08 +0300 Subject: [PATCH 38/41] Add README file in each main dir --- app-server/README.md | 4 +- app-server/puma.rb | 96 -------------------------------------------- init/README.md | 3 ++ install/README.md | 5 ++- web-server/README.md | 2 + 5 files changed, 11 insertions(+), 99 deletions(-) delete mode 100644 app-server/puma.rb create mode 100644 init/README.md diff --git a/app-server/README.md b/app-server/README.md index 782eff8..eb433a7 100644 --- a/app-server/README.md +++ b/app-server/README.md @@ -1 +1,3 @@ -Alternative configuration file for the `puma` application server. Copy it under `/home/git/gitlab/config/`. +In this section there are provided additional configuration files for various application servers. + +If you have something to contribute please read the [contributing guidelines](../contributing.md). diff --git a/app-server/puma.rb b/app-server/puma.rb deleted file mode 100644 index 8d7133f..0000000 --- a/app-server/puma.rb +++ /dev/null @@ -1,96 +0,0 @@ -#!/usr/bin/env puma - -# Start Puma with next command: -# RAILS_ENV=production bundle exec puma -C ./config/puma.rb - -# uncomment and customize to run in non-root path -# note that config/gitlab.yml web path should also be changed -# ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab" - -application_path = '/home/git/gitlab' -directory application_path -environment 'production' -daemonize true -pidfile "#{application_path}/tmp/pids/puma.pid" -state_path "#{application_path}/tmp/pids/puma.state" -stdout_redirect "#{application_path}/log/puma.stdout.log", "#{application_path}/log/puma.stderr.log" - -# Configure “min” to be the minimum number of threads to use to answer -# requests and “max” the maximum. -# -# The default is “0, 16”. -# -# threads 0, 16 - -# Bind the server to “url”. “tcp://”, “unix://” and “ssl://” are the only -# accepted protocols. -# -# -# The default is “tcp://0.0.0.0:9292”. -# -# bind 'tcp://0.0.0.0:9292' -# bind 'unix:///var/run/puma.sock' -# bind 'unix:///var/run/puma.sock?umask=0777' -# bind 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert' -# -## Comment the next line if you use apache. -bind "unix://#{application_path}/tmp/sockets/gitlab.socket" - -# Instead of “bind 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert'” you -# can also use the “ssl_bind” option. -# -# ssl_bind '127.0.0.1', '9292', { key: path_to_key, cert: path_to_cert } - -# Code to run before doing a restart. This code should -# close log files, database connections, etc. -# -# This can be called multiple times to add code each time. -# -# on_restart do -# puts 'On restart...' -# end - -# Command to use to restart puma. This should be just how to -# load puma itself (ie. 'ruby -Ilib bin/puma'), not the arguments -# to puma, as those are the same as the original process. -# -# restart_command '/u/app/lolcat/bin/restart_puma' - -# === Cluster mode === - -# How many worker processes to run. -# -# The default is “0”. -# -# workers 2 - -# GitLab cluster mode recommendations -# If you have more than 1 GB RAM, uncomment one of the following lines: -# -# workers 2 # if you have at least 1.5 GB RAM -# workers 3 # if you have at least 2 GB RAM -# workers 4 # if you have at least 2.5 GB RAM - -# Code to run when a worker boots to setup the process before booting -# the app. -# -# This can be called multiple times to add hooks. -# -# on_worker_boot do -# puts 'On worker boot...' -# end - -# === Puma control rack application === - -# Start the puma control rack application on “url”. This application can -# be communicated with to control the main server. Additionally, you can -# provide an authentication token, so all requests to the control server -# will need to include that token as a query parameter. This allows for -# simple authentication. -# -# Check out https://github.com/puma/puma/blob/master/lib/puma/app/status.rb -# to see what the app has available. -# -# activate_control_app 'unix:///var/run/pumactl.sock' -# activate_control_app 'unix:///var/run/pumactl.sock', { auth_token: '12345' } -# activate_control_app 'unix:///var/run/pumactl.sock', { no_token: true } diff --git a/init/README.md b/init/README.md new file mode 100644 index 0000000..0fa962e --- /dev/null +++ b/init/README.md @@ -0,0 +1,3 @@ +In this section there are provided additional configuration files for various init systems. + +If you have something to contribute please read the [contributing guidelines](../contributing.md). diff --git a/install/README.md b/install/README.md index dff4a42..4886128 100644 --- a/install/README.md +++ b/install/README.md @@ -1,2 +1,3 @@ -In this directory you will find installation guides and scripts for various platforms. -If you have something to contribute please read the [contributing guidelines](../README.md#Contributing). +In this section there are provided additional installation guides and scripts for various platforms. + +If you have something to contribute please read the [contributing guidelines](../contributing.md). diff --git a/web-server/README.md b/web-server/README.md index 026e526..4117d6f 100644 --- a/web-server/README.md +++ b/web-server/README.md @@ -1 +1,3 @@ In this section there are provided additional configuration files for various web servers. + +If you have something to contribute please read the [contributing guidelines](../contributing.md). From a80428e287cd9c645457a25f4e9f6e85a39c8759 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Wed, 21 Aug 2013 16:44:18 +0300 Subject: [PATCH 39/41] Uppercase --- contributing.md => CONTRIBUTING.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename contributing.md => CONTRIBUTING.md (100%) diff --git a/contributing.md b/CONTRIBUTING.md similarity index 100% rename from contributing.md rename to CONTRIBUTING.md From 9a7bcd835f0c96364c79218922e35ae20824731f Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Thu, 22 Aug 2013 03:10:30 +0300 Subject: [PATCH 40/41] Add newline to quote --- CONTRIBUTING.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a74e650..c064532 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -26,8 +26,8 @@ For example some good titles would be: ## Guides -Each installation guide has its own namespace and it should be provided in a -`README` file so that it renders first when viewing the repository. Submit a new +Each installation guide has its own namespace and it should be provided in a +`README` file so that it renders first when viewing the repository. Submit a new one in `install/platform/README.md` (it doesn't have to be strictly in markdown though). ## Scripts @@ -42,6 +42,7 @@ how to use the script. You may have included all the needed info in the script itself (recommended), so you could simply write something between the lines: > This script installs GitLab 6.0 on Archlinux. Run it with `./archlinux.sh your_domain_name` + > > For more info and variables you can change, read the comments in the script. @@ -87,7 +88,7 @@ Additional Notes : ``` Distribution : Fedora 19 GitLab version : 5.4 -Web Server : apache with mod_passenger +Web Server : apache with mod_passenger Init system : systemd Database : mariadb Contributors : thedude From b6143521f7a81f7faeaf19e95c700a43f1bd5678 Mon Sep 17 00:00:00 2001 From: Axilleas Pipinellis Date: Thu, 22 Aug 2013 03:12:50 +0300 Subject: [PATCH 41/41] Fix the link pointing to CONTRIBUTING.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c7047ec..e932cd2 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ Bare in mind that this repository is co-maintained by volunteers/contributors li ## Contributing -See [contributing.md](contributing.md) for contribution guidelines. +See [contributing.md](CONTRIBUTING.md) for contribution guidelines. ## Notes on the reliability of guides/scripts