Date: Thursday, October 15, 2020 @ 21:12:04 Author: anatolik Revision: 724296
archrelease: copy trunk to community-x86_64 Added: gitlab/repos/community-x86_64/PKGBUILD (from rev 724295, gitlab/trunk/PKGBUILD) gitlab/repos/community-x86_64/build_fix.patch (from rev 724295, gitlab/trunk/build_fix.patch) gitlab/repos/community-x86_64/configs.patch (from rev 724295, gitlab/trunk/configs.patch) gitlab/repos/community-x86_64/environment (from rev 724295, gitlab/trunk/environment) gitlab/repos/community-x86_64/gitlab-backup.service (from rev 724295, gitlab/trunk/gitlab-backup.service) gitlab/repos/community-x86_64/gitlab-backup.timer (from rev 724295, gitlab/trunk/gitlab-backup.timer) gitlab/repos/community-x86_64/gitlab-mailroom.service (from rev 724295, gitlab/trunk/gitlab-mailroom.service) gitlab/repos/community-x86_64/gitlab-puma.service (from rev 724295, gitlab/trunk/gitlab-puma.service) gitlab/repos/community-x86_64/gitlab-sidekiq.service (from rev 724295, gitlab/trunk/gitlab-sidekiq.service) gitlab/repos/community-x86_64/gitlab.install (from rev 724295, gitlab/trunk/gitlab.install) gitlab/repos/community-x86_64/gitlab.logrotate (from rev 724295, gitlab/trunk/gitlab.logrotate) gitlab/repos/community-x86_64/gitlab.target (from rev 724295, gitlab/trunk/gitlab.target) gitlab/repos/community-x86_64/gitlab.tmpfiles.d (from rev 724295, gitlab/trunk/gitlab.tmpfiles.d) Deleted: gitlab/repos/community-x86_64/PKGBUILD gitlab/repos/community-x86_64/build_fix.patch gitlab/repos/community-x86_64/configs.patch gitlab/repos/community-x86_64/environment gitlab/repos/community-x86_64/gitlab-backup.service gitlab/repos/community-x86_64/gitlab-backup.timer gitlab/repos/community-x86_64/gitlab-mailroom.service gitlab/repos/community-x86_64/gitlab-puma.service gitlab/repos/community-x86_64/gitlab-sidekiq.service gitlab/repos/community-x86_64/gitlab.install gitlab/repos/community-x86_64/gitlab.logrotate gitlab/repos/community-x86_64/gitlab.target gitlab/repos/community-x86_64/gitlab.tmpfiles.d -------------------------+ PKGBUILD | 370 +++++++++++++-------------- build_fix.patch | 46 +-- configs.patch | 618 +++++++++++++++++++++++----------------------- environment | 6 gitlab-backup.service | 38 +- gitlab-backup.timer | 20 - gitlab-mailroom.service | 42 +-- gitlab-puma.service | 68 ++--- gitlab-sidekiq.service | 60 ++-- gitlab.install | 68 ++--- gitlab.logrotate | 12 gitlab.target | 14 - gitlab.tmpfiles.d | 2 13 files changed, 682 insertions(+), 682 deletions(-) Deleted: PKGBUILD =================================================================== --- PKGBUILD 2020-10-15 21:10:57 UTC (rev 724295) +++ PKGBUILD 2020-10-15 21:12:04 UTC (rev 724296) @@ -1,185 +0,0 @@ -# Maintainer: Anatol Pomozov <anatol.pomo...@gmail.com> -# Contributor: Sven-Hendrik Haase <svenst...@gmail.com> -# Contributor: Pavol (Lopo) Hluchy <lopo AT losys DOT eu> -# Contributor: Jonas Heinrich <o...@project-insanity.org> -# Contributor: Massimiliano Torromeo <massimiliano.torro...@gmail.com> -# Contributor: Tobias Hunger <tobias DOT hunger AT gmail DOT com> -# Contributor: Stefan Tatschner <ste...@sevenbyte.org> -# Contributor: Caleb Maclennan <ca...@alerque.com> - -pkgname=gitlab -pkgver=13.4.3 -pkgrel=1 -pkgdesc="Project management and code hosting application" -arch=('x86_64') -url="https://gitlab.com/gitlab-org/gitlab-foss" -license=('MIT') -options=(!buildflags) -depends=('ruby' 'ruby-bundler' 'git' 'gitlab-workhorse' 'gitlab-gitaly' 'openssh' 'redis' 'libxslt' 'icu' 're2' 'http-parser' 'nodejs' 'openssl') -makedepends=('cmake' 'postgresql' 'yarn' 'go' 'nodejs') -optdepends=('postgresql: database backend' - 'python-docutils: reStructuredText markup language support' - 'smtp-server: mail server in order to receive mail notifications') -backup=("etc/webapps/gitlab/database.yml" - "etc/webapps/gitlab/gitlab.yml" - "etc/webapps/gitlab/resque.yml" - "etc/webapps/gitlab/puma.rb" - "etc/webapps/gitlab/smtp_settings.rb" - "etc/logrotate.d/gitlab") -source=(git+https://gitlab.com/gitlab-org/gitlab-foss.git#tag=v$pkgver - configs.patch - build_fix.patch - environment - gitlab-puma.service - gitlab-sidekiq.service - gitlab-backup.service - gitlab-mailroom.service - gitlab-backup.timer - gitlab.target - gitlab.tmpfiles.d - gitlab.logrotate) -install='gitlab.install' -sha512sums=('SKIP' - '8b8c06b44bfe4897b8499547a6d18cdf3d12b313c0e9887b1ca209f1c4f93718ff92ee48f5d6e7546a89dc61c4b3ddcbe73e619e609782a9412fc5dab43b6000' - '249b9aa00479bcbd6b41f14402e70fe5655e06f593ebc0ecae0fc4075bf3421f93cb8b5302bc8ca0e542c1a85f25c3fb957bdc79b3c09a3f393119777b687e63' - '5b1ca2958f03a5baf1c5576a1568072e8ed749e2d15745ecbcc4860d2dbd543f2f3ed077e8d87afac2670c9436b19fe498217b49916d56a4e31fb9811aeb9067' - '75bf9e5ad238a862dfc2638101fb74101227d88958a5f0fdf1ced3833e403f91b6a5908dfb97c5172f75748737212bf87d05b7d39bbe90ed5d3a6c248c1c1ab6' - '18f4a31935d0626c26d1be1942b715128cf3edcb114f672af16e4a145d8ac693e1afc7d59094cae3702e47e4c6c4cb4a62a009bafcbec500e69120a2dd400a2a' - '8afffb8caafdaa7a39991a4e694efc5133af1dc201ae07f3dc3989dbabb983339941011ffdd1f97c63033c94a02a3a7a6eb3722001aa3e7155c16f6743aec4c8' - '35c1175ef4347d700e2331c3963ac871cada50c9274964eb4ac8cb80bb27a7d3459bed1548bd1f3a1681b6eb5dd94fe7ec4855cab7b33dddc4e524a91ca791d7' - 'c76d634647336aaf157bc66ba094a363e971c0d275875a7df4521819147f54cd4c709eb8e024cdac9e900d99167e8a78a222587e7292e915573ef29060e6ec21' - '879be339148123e32b58a5669fdd3d3bb8b5d711326cb618f95b1680a6ac3a83c85d8862f2691b352fa26c95e4764dbb827856e22a3e2b9e4a76c13fe42864b5' - 'abacbff0d7be918337a17b56481c84e6bf3eddd9551efe78ba9fb74337179e95c9b60f41c49f275e05074a4074a616be36fa208a48fc12d5b940f0554fbd89c3' - '88e199d2f63e4f235930c35c6dfde80e6010e590907bd4de0af1fbfe6d5491ff56845aefcfe8edefa707712bd84fef96880655747b8bfb949ceeadc0456b0121') - - -_appdir="/usr/share/webapps/gitlab" # the app source code location -_etcdir="/etc/webapps/gitlab" -_datadir="/var/lib/gitlab" # directory with gitlab data and it also $HOME for 'gitlab' user -_logdir="/var/log/gitlab" - -prepare() { - cd gitlab-foss - - # GitLab tries to read its revision information from a file. - git rev-parse --short HEAD > REVISION - - patch -p1 < ../build_fix.patch - patch -p1 < ../configs.patch - # '/home/git' path in the config files indicates a default path that need to be adjusted - grep -FqR '/home/git' config || exit 1 - - cp config/gitlab.yml.example config/gitlab.yml - cp config/database.yml.postgresql config/database.yml - cp config/puma.rb.example config/puma.rb - cp config/resque.yml.example config/resque.yml - cp config/initializers/smtp_settings.rb.sample config/initializers/smtp_settings.rb - - echo "Setting up systemd service files ..." - for service_file in gitlab-sidekiq.service gitlab-puma.service gitlab.logrotate gitlab-backup.service gitlab-mailroom.service; do - sed -i "s|<DATADIR>|${_datadir}|g" "${srcdir}/${service_file}" - sed -i "s|<APPDIR>|${_appdir}|g" "${srcdir}/${service_file}" - sed -i "s|<LOGDIR>|${_logdir}|g" "${srcdir}/${service_file}" - done - - # https://github.com/bundler/bundler/issues/6882 - sed -e '/BUNDLED WITH/,+1d' -i Gemfile.lock - bundle lock --update=bundler-audit - # 'lock' adds 'BUNDLED WITH' back. Remove it again. - sed -e '/BUNDLED WITH/,+1d' -i Gemfile.lock -} - -build() { - cd gitlab-foss - - echo "Fetching bundled gems..." - # Gems will be installed into vendor/bundle - bundle config build.gpgme --use-system-libraries # See https://bugs.archlinux.org/task/63654 - bundle config force_ruby_platform true # some native gems are not available for newer ruby - bundle install --jobs=$(nproc) --no-cache --deployment --without development test aws kerberos - - yarn install --production --pure-lockfile - bundle exec rake gitlab:assets:compile RAILS_ENV=production NODE_ENV=production NODE_OPTIONS="--max_old_space_size=4096" - bundle exec rake gettext:compile RAILS_ENV=production -} - -package() { - depends+=('gitlab-shell') - - cd gitlab-foss - - install -d "${pkgdir}/usr/share/webapps" - - cp -r "${srcdir}"/gitlab-foss "${pkgdir}${_appdir}" - # Remove unneeded directories: node_modules is only needed during build - rm -r "${pkgdir}${_appdir}/node_modules" - # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/194cf8f12e51c26980c09de6388bbd08409e1209/config/software/gitlab-rails.rb#L179 - for dir in spec qa rubocop app/assets vendor/assets; do - rm -r "${pkgdir}${_appdir}/${dir}" - done - - chown -R root:root "${pkgdir}${_appdir}" - chmod 755 "${pkgdir}${_appdir}" - - install -dm750 -o 105 -g 105 "${pkgdir}${_datadir}" - install -dm750 -o 105 -g 105 "${pkgdir}${_datadir}/satellites" - install -dm750 -o 105 -g 105 "${pkgdir}${_datadir}/shared/"{,artifacts,lfs-objects} - install -dm750 -o 105 -g 105 "${pkgdir}${_datadir}/builds" - install -dm700 -o 105 -g 105 "${pkgdir}${_datadir}/uploads" - install -dm750 -o 105 -g 105 "${pkgdir}${_datadir}/backups" - install -dm755 -o 105 -g 105 "${pkgdir}${_etcdir}" - install -dm755 -o 105 -g 105 "${pkgdir}${_logdir}" - install -dm755 "${pkgdir}/usr/share/doc/gitlab" - - rm -r "${pkgdir}${_appdir}"/{.git,builds,tmp,log,shared} - - # Rails app hardcodes/configures by default that data is stored under $_appdir - # Create symlinks that point to data directories under /var - ln -fs "${_logdir}" "${pkgdir}${_appdir}/log" - ln -fs "${_datadir}/builds" "${pkgdir}${_appdir}/builds" - mkdir "${pkgdir}${_appdir}/tmp/" - ln -fs "${_datadir}/backups" "${pkgdir}${_appdir}/tmp/backups" - ln -fs "${_datadir}/uploads" "${pkgdir}${_appdir}/public/uploads" - ln -fs "${_datadir}/shared" "${pkgdir}${_appdir}/shared" - - # TODO: workhorse and shell secret files are the application data and should be stored under /var/lib/gitlab - ln -fs "${_etcdir}/gitlab_workhorse_secret" "${pkgdir}${_appdir}/.gitlab_workhorse_secret" - ln -fs /etc/webapps/gitlab-shell/secret "${pkgdir}${_appdir}/.gitlab_shell_secret" - - # Install config files - for config_file in gitlab.yml database.yml puma.rb resque.yml; do - mv "config/${config_file}" "${pkgdir}${_etcdir}/" - # TODO: configure rails app to use configs right from /etc - ln -fs "${_etcdir}/${config_file}" "${pkgdir}${_appdir}/config/" - done - mv "config/initializers/smtp_settings.rb" "${pkgdir}${_etcdir}/" - ln -fs "${_etcdir}/smtp_settings.rb" "${pkgdir}${_appdir}/config/initializers/smtp_settings.rb" - - # Install secrets symlink - # TODO: ruby uses _appdir to load config files. Figure out if we can load files directly from /etc - ln -fs "${_etcdir}/secrets.yml" "${pkgdir}${_appdir}/config/secrets.yml" - - # files with passwords/secrets are set world-unreadable - for secret_file in smtp_settings.rb; do - chmod 660 "${pkgdir}${_etcdir}/${secret_file}" - # TODO: should we just leave the secret files root owned? - chown root:105 "${pkgdir}${_etcdir}/${secret_file}" - done - - install -Dm644 "${srcdir}/environment" "${pkgdir}${_appdir}" - - # Install license and help files - mv README.md MAINTENANCE.md CONTRIBUTING.md CHANGELOG.md PROCESS.md VERSION config/*.{example,postgresql} "${pkgdir}/usr/share/doc/gitlab" - install -Dm644 "LICENSE" "${pkgdir}/usr/share/licenses/gitlab/LICENSE" - - # TODO: structure.sql looks more like an application data and should be stored under /var/lib/gitlab - chown 105:105 "${pkgdir}${_appdir}/db/structure.sql" - - # Install systemd service files - for service_file in gitlab-puma.service gitlab-sidekiq.service gitlab-backup.service gitlab-backup.timer gitlab.target gitlab-mailroom.service; do - install -Dm644 "${srcdir}/${service_file}" "${pkgdir}/usr/lib/systemd/system/${service_file}" - done - - install -Dm644 "${srcdir}/gitlab.tmpfiles.d" "${pkgdir}/usr/lib/tmpfiles.d/gitlab.conf" - install -Dm644 "${srcdir}/gitlab.logrotate" "${pkgdir}/etc/logrotate.d/gitlab" -} Copied: gitlab/repos/community-x86_64/PKGBUILD (from rev 724295, gitlab/trunk/PKGBUILD) =================================================================== --- PKGBUILD (rev 0) +++ PKGBUILD 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1,185 @@ +# Maintainer: Anatol Pomozov <anatol.pomo...@gmail.com> +# Contributor: Sven-Hendrik Haase <svenst...@gmail.com> +# Contributor: Pavol (Lopo) Hluchy <lopo AT losys DOT eu> +# Contributor: Jonas Heinrich <o...@project-insanity.org> +# Contributor: Massimiliano Torromeo <massimiliano.torro...@gmail.com> +# Contributor: Tobias Hunger <tobias DOT hunger AT gmail DOT com> +# Contributor: Stefan Tatschner <ste...@sevenbyte.org> +# Contributor: Caleb Maclennan <ca...@alerque.com> + +pkgname=gitlab +pkgver=13.4.4 +pkgrel=1 +pkgdesc="Project management and code hosting application" +arch=('x86_64') +url="https://gitlab.com/gitlab-org/gitlab-foss" +license=('MIT') +options=(!buildflags) +depends=('ruby' 'ruby-bundler' 'git' 'gitlab-workhorse' 'gitlab-gitaly' 'openssh' 'redis' 'libxslt' 'icu' 're2' 'http-parser' 'nodejs' 'openssl') +makedepends=('cmake' 'postgresql' 'yarn' 'go' 'nodejs') +optdepends=('postgresql: database backend' + 'python-docutils: reStructuredText markup language support' + 'smtp-server: mail server in order to receive mail notifications') +backup=("etc/webapps/gitlab/database.yml" + "etc/webapps/gitlab/gitlab.yml" + "etc/webapps/gitlab/resque.yml" + "etc/webapps/gitlab/puma.rb" + "etc/webapps/gitlab/smtp_settings.rb" + "etc/logrotate.d/gitlab") +source=(git+https://gitlab.com/gitlab-org/gitlab-foss.git#tag=v$pkgver + configs.patch + build_fix.patch + environment + gitlab-puma.service + gitlab-sidekiq.service + gitlab-backup.service + gitlab-mailroom.service + gitlab-backup.timer + gitlab.target + gitlab.tmpfiles.d + gitlab.logrotate) +install='gitlab.install' +sha512sums=('SKIP' + '8b8c06b44bfe4897b8499547a6d18cdf3d12b313c0e9887b1ca209f1c4f93718ff92ee48f5d6e7546a89dc61c4b3ddcbe73e619e609782a9412fc5dab43b6000' + '249b9aa00479bcbd6b41f14402e70fe5655e06f593ebc0ecae0fc4075bf3421f93cb8b5302bc8ca0e542c1a85f25c3fb957bdc79b3c09a3f393119777b687e63' + '5b1ca2958f03a5baf1c5576a1568072e8ed749e2d15745ecbcc4860d2dbd543f2f3ed077e8d87afac2670c9436b19fe498217b49916d56a4e31fb9811aeb9067' + '75bf9e5ad238a862dfc2638101fb74101227d88958a5f0fdf1ced3833e403f91b6a5908dfb97c5172f75748737212bf87d05b7d39bbe90ed5d3a6c248c1c1ab6' + '18f4a31935d0626c26d1be1942b715128cf3edcb114f672af16e4a145d8ac693e1afc7d59094cae3702e47e4c6c4cb4a62a009bafcbec500e69120a2dd400a2a' + '8afffb8caafdaa7a39991a4e694efc5133af1dc201ae07f3dc3989dbabb983339941011ffdd1f97c63033c94a02a3a7a6eb3722001aa3e7155c16f6743aec4c8' + '35c1175ef4347d700e2331c3963ac871cada50c9274964eb4ac8cb80bb27a7d3459bed1548bd1f3a1681b6eb5dd94fe7ec4855cab7b33dddc4e524a91ca791d7' + 'c76d634647336aaf157bc66ba094a363e971c0d275875a7df4521819147f54cd4c709eb8e024cdac9e900d99167e8a78a222587e7292e915573ef29060e6ec21' + '879be339148123e32b58a5669fdd3d3bb8b5d711326cb618f95b1680a6ac3a83c85d8862f2691b352fa26c95e4764dbb827856e22a3e2b9e4a76c13fe42864b5' + 'abacbff0d7be918337a17b56481c84e6bf3eddd9551efe78ba9fb74337179e95c9b60f41c49f275e05074a4074a616be36fa208a48fc12d5b940f0554fbd89c3' + '88e199d2f63e4f235930c35c6dfde80e6010e590907bd4de0af1fbfe6d5491ff56845aefcfe8edefa707712bd84fef96880655747b8bfb949ceeadc0456b0121') + + +_appdir="/usr/share/webapps/gitlab" # the app source code location +_etcdir="/etc/webapps/gitlab" +_datadir="/var/lib/gitlab" # directory with gitlab data and it also $HOME for 'gitlab' user +_logdir="/var/log/gitlab" + +prepare() { + cd gitlab-foss + + # GitLab tries to read its revision information from a file. + git rev-parse --short HEAD > REVISION + + patch -p1 < ../build_fix.patch + patch -p1 < ../configs.patch + # '/home/git' path in the config files indicates a default path that need to be adjusted + grep -FqR '/home/git' config || exit 1 + + cp config/gitlab.yml.example config/gitlab.yml + cp config/database.yml.postgresql config/database.yml + cp config/puma.rb.example config/puma.rb + cp config/resque.yml.example config/resque.yml + cp config/initializers/smtp_settings.rb.sample config/initializers/smtp_settings.rb + + echo "Setting up systemd service files ..." + for service_file in gitlab-sidekiq.service gitlab-puma.service gitlab.logrotate gitlab-backup.service gitlab-mailroom.service; do + sed -i "s|<DATADIR>|${_datadir}|g" "${srcdir}/${service_file}" + sed -i "s|<APPDIR>|${_appdir}|g" "${srcdir}/${service_file}" + sed -i "s|<LOGDIR>|${_logdir}|g" "${srcdir}/${service_file}" + done + + # https://github.com/bundler/bundler/issues/6882 + sed -e '/BUNDLED WITH/,+1d' -i Gemfile.lock + bundle lock --update=bundler-audit + # 'lock' adds 'BUNDLED WITH' back. Remove it again. + sed -e '/BUNDLED WITH/,+1d' -i Gemfile.lock +} + +build() { + cd gitlab-foss + + echo "Fetching bundled gems..." + # Gems will be installed into vendor/bundle + bundle config build.gpgme --use-system-libraries # See https://bugs.archlinux.org/task/63654 + bundle config force_ruby_platform true # some native gems are not available for newer ruby + bundle install --jobs=$(nproc) --no-cache --deployment --without development test aws kerberos + + yarn install --production --pure-lockfile + bundle exec rake gitlab:assets:compile RAILS_ENV=production NODE_ENV=production NODE_OPTIONS="--max_old_space_size=4096" + bundle exec rake gettext:compile RAILS_ENV=production +} + +package() { + depends+=('gitlab-shell') + + cd gitlab-foss + + install -d "${pkgdir}/usr/share/webapps" + + cp -r "${srcdir}"/gitlab-foss "${pkgdir}${_appdir}" + # Remove unneeded directories: node_modules is only needed during build + rm -r "${pkgdir}${_appdir}/node_modules" + # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/194cf8f12e51c26980c09de6388bbd08409e1209/config/software/gitlab-rails.rb#L179 + for dir in spec qa rubocop app/assets vendor/assets; do + rm -r "${pkgdir}${_appdir}/${dir}" + done + + chown -R root:root "${pkgdir}${_appdir}" + chmod 755 "${pkgdir}${_appdir}" + + install -dm750 -o 105 -g 105 "${pkgdir}${_datadir}" + install -dm750 -o 105 -g 105 "${pkgdir}${_datadir}/satellites" + install -dm750 -o 105 -g 105 "${pkgdir}${_datadir}/shared/"{,artifacts,lfs-objects} + install -dm750 -o 105 -g 105 "${pkgdir}${_datadir}/builds" + install -dm700 -o 105 -g 105 "${pkgdir}${_datadir}/uploads" + install -dm750 -o 105 -g 105 "${pkgdir}${_datadir}/backups" + install -dm755 -o 105 -g 105 "${pkgdir}${_etcdir}" + install -dm755 -o 105 -g 105 "${pkgdir}${_logdir}" + install -dm755 "${pkgdir}/usr/share/doc/gitlab" + + rm -r "${pkgdir}${_appdir}"/{.git,builds,tmp,log,shared} + + # Rails app hardcodes/configures by default that data is stored under $_appdir + # Create symlinks that point to data directories under /var + ln -fs "${_logdir}" "${pkgdir}${_appdir}/log" + ln -fs "${_datadir}/builds" "${pkgdir}${_appdir}/builds" + mkdir "${pkgdir}${_appdir}/tmp/" + ln -fs "${_datadir}/backups" "${pkgdir}${_appdir}/tmp/backups" + ln -fs "${_datadir}/uploads" "${pkgdir}${_appdir}/public/uploads" + ln -fs "${_datadir}/shared" "${pkgdir}${_appdir}/shared" + + # TODO: workhorse and shell secret files are the application data and should be stored under /var/lib/gitlab + ln -fs "${_etcdir}/gitlab_workhorse_secret" "${pkgdir}${_appdir}/.gitlab_workhorse_secret" + ln -fs /etc/webapps/gitlab-shell/secret "${pkgdir}${_appdir}/.gitlab_shell_secret" + + # Install config files + for config_file in gitlab.yml database.yml puma.rb resque.yml; do + mv "config/${config_file}" "${pkgdir}${_etcdir}/" + # TODO: configure rails app to use configs right from /etc + ln -fs "${_etcdir}/${config_file}" "${pkgdir}${_appdir}/config/" + done + mv "config/initializers/smtp_settings.rb" "${pkgdir}${_etcdir}/" + ln -fs "${_etcdir}/smtp_settings.rb" "${pkgdir}${_appdir}/config/initializers/smtp_settings.rb" + + # Install secrets symlink + # TODO: ruby uses _appdir to load config files. Figure out if we can load files directly from /etc + ln -fs "${_etcdir}/secrets.yml" "${pkgdir}${_appdir}/config/secrets.yml" + + # files with passwords/secrets are set world-unreadable + for secret_file in smtp_settings.rb; do + chmod 660 "${pkgdir}${_etcdir}/${secret_file}" + # TODO: should we just leave the secret files root owned? + chown root:105 "${pkgdir}${_etcdir}/${secret_file}" + done + + install -Dm644 "${srcdir}/environment" "${pkgdir}${_appdir}" + + # Install license and help files + mv README.md MAINTENANCE.md CONTRIBUTING.md CHANGELOG.md PROCESS.md VERSION config/*.{example,postgresql} "${pkgdir}/usr/share/doc/gitlab" + install -Dm644 "LICENSE" "${pkgdir}/usr/share/licenses/gitlab/LICENSE" + + # TODO: structure.sql looks more like an application data and should be stored under /var/lib/gitlab + chown 105:105 "${pkgdir}${_appdir}/db/structure.sql" + + # Install systemd service files + for service_file in gitlab-puma.service gitlab-sidekiq.service gitlab-backup.service gitlab-backup.timer gitlab.target gitlab-mailroom.service; do + install -Dm644 "${srcdir}/${service_file}" "${pkgdir}/usr/lib/systemd/system/${service_file}" + done + + install -Dm644 "${srcdir}/gitlab.tmpfiles.d" "${pkgdir}/usr/lib/tmpfiles.d/gitlab.conf" + install -Dm644 "${srcdir}/gitlab.logrotate" "${pkgdir}/etc/logrotate.d/gitlab" +} Deleted: build_fix.patch =================================================================== --- build_fix.patch 2020-10-15 21:10:57 UTC (rev 724295) +++ build_fix.patch 2020-10-15 21:12:04 UTC (rev 724296) @@ -1,23 +0,0 @@ -commit 1bf6c98f3f7513b18b8eed5c666122fe1d56b9bd -Author: Anatol Pomozov <anatol.pomo...@gmail.com> -Date: Sat Mar 21 09:13:31 2020 -0700 - - ArchLinux fixes - -diff --git a/Gemfile b/Gemfile -index 90abfd30900..3a14b21f9b1 100644 ---- a/Gemfile -+++ b/Gemfile -@@ -317,6 +317,12 @@ gem 'gettext_i18n_rails', '~> 1.8.0' - gem 'gettext_i18n_rails_js', '~> 1.3' - gem 'gettext', '~> 3.3', require: false, group: :development - -+# Ping the gems that are needed for the old gettext -+# https://github.com/ruby-gettext/gettext/issues/64 the fix is available in gettext 3.3.0 -+gem 'irb', '~> 1.1.0' # use irb version that matches ruby 2.6. Later irb versions heavily modified its API and it breaks gettext -+gem 'e2mmap' # 'irb' 1.1.1 requires it -+ -+ - gem 'batch-loader', '~> 1.4.0' - - # Perf bar Copied: gitlab/repos/community-x86_64/build_fix.patch (from rev 724295, gitlab/trunk/build_fix.patch) =================================================================== --- build_fix.patch (rev 0) +++ build_fix.patch 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1,23 @@ +commit 1bf6c98f3f7513b18b8eed5c666122fe1d56b9bd +Author: Anatol Pomozov <anatol.pomo...@gmail.com> +Date: Sat Mar 21 09:13:31 2020 -0700 + + ArchLinux fixes + +diff --git a/Gemfile b/Gemfile +index 90abfd30900..3a14b21f9b1 100644 +--- a/Gemfile ++++ b/Gemfile +@@ -317,6 +317,12 @@ gem 'gettext_i18n_rails', '~> 1.8.0' + gem 'gettext_i18n_rails_js', '~> 1.3' + gem 'gettext', '~> 3.3', require: false, group: :development + ++# Ping the gems that are needed for the old gettext ++# https://github.com/ruby-gettext/gettext/issues/64 the fix is available in gettext 3.3.0 ++gem 'irb', '~> 1.1.0' # use irb version that matches ruby 2.6. Later irb versions heavily modified its API and it breaks gettext ++gem 'e2mmap' # 'irb' 1.1.1 requires it ++ ++ + gem 'batch-loader', '~> 1.4.0' + + # Perf bar Deleted: configs.patch =================================================================== --- configs.patch 2020-10-15 21:10:57 UTC (rev 724295) +++ configs.patch 2020-10-15 21:12:04 UTC (rev 724296) @@ -1,309 +0,0 @@ -commit 4af2aa16ed9076903b573b787cb0c8b486afa6ea -Author: Anatol Pomozov <anatol.pomo...@gmail.com> -Date: Tue May 26 00:01:38 2020 -0700 - - Patch config files with Arch Linux specific locations - - Arch uses upstream's default config files as a base for its configs. - But directory structure at Arch is completely different from the default - one specified by gitlab project. - We used to have a lot of seds expressions to adjust the files but as - complexity of configs grew 'sed' makes it easy to miss a changed/added - option. - - Track set of diffs as a patch. If upstream modifies config file then it - will cause a conflict that needs to be reviewed manually. - -diff --git a/config/database.yml.postgresql b/config/database.yml.postgresql -index 37c69ad326b..68415ea3f82 100644 ---- a/config/database.yml.postgresql -+++ b/config/database.yml.postgresql -@@ -5,7 +5,7 @@ production: - adapter: postgresql - encoding: unicode - database: gitlabhq_production -- username: git -+ username: gitlab - password: "secure password" - host: localhost - # load_balancing: -@@ -36,7 +36,7 @@ staging: - adapter: postgresql - encoding: unicode - database: gitlabhq_staging -- username: git -+ username: gitlab - password: "secure password" - host: localhost - -diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example -index 605729a1435..737dca493f2 100644 ---- a/config/gitlab.yml.example -+++ b/config/gitlab.yml.example -@@ -83,7 +83,7 @@ production: &base - #- 2001:0db8::/32 - - # Uncomment and customize if you can't use the default user to run GitLab (default: 'git') -- # user: git -+ user: gitlab - - ## Date & Time settings - # Uncomment and customize if you want to change the default time zone of GitLab application. -@@ -103,15 +103,15 @@ production: &base - # enabled: false - # S/MIME private key file in PEM format, unencrypted - # Default is '.gitlab_smime_key' relative to Rails.root (i.e. root of the GitLab app). -- # key_file: /home/git/gitlab/.gitlab_smime_key -+ # key_file: /var/lib/gitlab/.gitlab_smime_key - # S/MIME public certificate key in PEM format, will be attached to signed messages - # Default is '.gitlab_smime_cert' relative to Rails.root (i.e. root of the GitLab app). -- # cert_file: /home/git/gitlab/.gitlab_smime_cert -+ # cert_file: /var/lib/gitlab/.gitlab_smime_cert - # S/MIME extra CA public certificates in PEM format, will be attached to signed messages - # Optional -- # ca_certs_file: /home/git/gitlab/.gitlab_smime_ca_certs -+ # ca_certs_file: /var/lib/gitlab/.gitlab_smime_ca_certs - -- # Email server smtp settings are in config/initializers/smtp_settings.rb.sample -+ # Email server smtp settings are in /etc/webapps/gitlab/smtp_settings.rb - - # default_can_create_group: false # default: true - # username_changing_enabled: false # default: true - User can change their username/namespace -@@ -157,7 +157,7 @@ production: &base - ## Repository downloads directory - # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory. - # The default is 'shared/cache/archive/' relative to the root of the Rails app. -- # repository_downloads_path: shared/cache/archive/ -+ repository_downloads_path: /var/lib/gitlab/shared/cache/archive - - ## Impersonation settings - impersonation_enabled: true -@@ -200,7 +200,7 @@ production: &base - # Since `mail_room` is run independently of Rails, an absolute path is preferred. - # The default is 'log/mail_room_json.log' relative to the root of the Rails app. - # -- # log_path: log/mail_room_json.log -+ log_path: /var/log/gitlab/mail_room_json.log - - # Whether to expunge (permanently remove) messages from the mailbox when they are deleted after delivery - expunge_deleted: false -@@ -239,7 +239,7 @@ production: &base - artifacts: - enabled: true - # The location where build artifacts are stored (default: shared/artifacts). -- # path: shared/artifacts -+ path: /var/lib/gitlab/shared/artifacts - # object_store: - # enabled: false - # remote_directory: artifacts # The bucket name -@@ -259,7 +259,7 @@ production: &base - # be stored on disk, or in object storage - enabled: false - # The location where external diffs are stored (default: shared/lfs-external-diffs). -- # storage_path: shared/external-diffs -+ storage_path: /var/lib/gitlab/shared/external-diffs - # object_store: - # enabled: false - # remote_directory: external-diffs -@@ -275,7 +275,7 @@ production: &base - lfs: - enabled: true - # The location where LFS objects are stored (default: shared/lfs-objects). -- # storage_path: shared/lfs-objects -+ storage_path: /var/lib/gitlab/shared/lfs-objects - object_store: - enabled: false - remote_directory: lfs-objects # Bucket name -@@ -318,7 +318,7 @@ production: &base - packages: - enabled: true - # The location where build packages are stored (default: shared/packages). -- # storage_path: shared/packages -+ storage_path: /var/lib/gitlab/shared/packages - object_store: - enabled: false - remote_directory: packages # The bucket name -@@ -339,7 +339,7 @@ production: &base - dependency_proxy: - enabled: true - # The location where build packages are stored (default: shared/dependency_proxy). -- # storage_path: shared/dependency_proxy -+ storage_path: /var/lib/gitlab/shared/dependency_proxy - object_store: - enabled: false - remote_directory: dependency_proxy # The bucket name -@@ -360,7 +360,7 @@ production: &base - terraform_state: - enabled: true - # The location where Terraform state files are stored (default: shared/terraform_state). -- # storage_path: shared/terraform_state -+ storage_path: /var/lib/gitlab/shared/terraform_state - object_store: - enabled: false - remote_directory: terraform # The bucket name -@@ -379,7 +379,7 @@ production: &base - enabled: false - access_control: false - # The location where pages are stored (default: shared/pages). -- # path: shared/pages -+ path: /var/lib/gitlab/shared/pages - - # The domain under which the pages are served: - # http://group.example.com/project -@@ -393,7 +393,7 @@ production: &base - - # File that contains the shared secret key for verifying access for gitlab-pages. - # Default is '.gitlab_pages_secret' relative to Rails.root (i.e. root of the GitLab app). -- # secret_file: /home/git/gitlab/.gitlab_pages_secret -+ # secret_file: /var/lib/gitlab/.gitlab_pages_secret - - ## Mattermost - ## For enabling Add to Mattermost button -@@ -533,7 +533,7 @@ production: &base - # port: 5005 - # api_url: http://localhost:5000/ # internal address to the registry, will be used by GitLab to directly communicate with API - # key: config/registry.key -- # path: shared/registry -+ path: /var/lib/gitlab/shared/registry - # issuer: gitlab-issuer - # notification_secret: '' # only set it when you use Geo replication feature without built-in Registry - -@@ -590,7 +590,7 @@ production: &base - # add_pusher: true - - # The location where build traces are stored (default: builds/). Relative paths are relative to Rails.root -- # builds_path: builds/ -+ builds_path: /var/lib/gitlab/builds - - # - # 3. Auth settings -@@ -1007,12 +1007,12 @@ production: &base - - # Shared file storage settings - shared: -- # path: /mnt/gitlab # Default: shared -+ path: /var/lib/gitlab/shared # Default: shared - - # Gitaly settings - gitaly: - # Path to the directory containing Gitaly client executables. -- client_path: /home/git/gitaly -+ client_path: /usr/bin - # Default Gitaly authentication token. Can be overridden per storage. Can - # be left blank when Gitaly is running locally on a Unix socket, which - # is the normal way to deploy Gitaly. -@@ -1030,13 +1030,13 @@ production: &base - # real path not the symlink. - storages: # You must have at least a `default` storage path. - default: -- path: /home/git/repositories/ -- gitaly_address: unix:/home/git/gitlab/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port). -+ path: /var/lib/gitlab/repositories -+ gitaly_address: unix:/run/gitlab/gitlab-gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port). - # gitaly_token: 'special token' # Optional: override global gitaly.token for this storage. - - ## Backup settings - backup: -- path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) -+ path: "/var/lib/gitlab/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) - # archive_permissions: 0640 # Permissions for the resulting backup.tar file (default: 0600) - # keep_time: 604800 # default: 0 (forever) (in seconds) - # pg_schema: public # default: nil, it means that all schemas will be backed up -@@ -1077,12 +1077,12 @@ production: &base - - ## GitLab Shell settings - gitlab_shell: -- path: /home/git/gitlab-shell/ -- authorized_keys_file: /home/git/.ssh/authorized_keys -+ path: /usr/share/webapps/gitlab-shell -+ authorized_keys_file: /var/lib/gitlab/.ssh/authorized_keys - - # File that contains the secret key for verifying access for gitlab-shell. - # Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app). -- # secret_file: /home/git/gitlab/.gitlab_shell_secret -+ # secret_file: /var/lib/gitlab/.gitlab_shell_secret - - # Git over HTTP - upload_pack: true -@@ -1097,7 +1097,7 @@ production: &base - workhorse: - # File that contains the secret key for verifying access for gitlab-workhorse. - # Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app). -- # secret_file: /home/git/gitlab/.gitlab_workhorse_secret -+ # secret_file: /var/lib/gitlab/.gitlab_workhorse_secret - - gitlab_kas: - # File that contains the secret key for verifying access for gitlab-kas. -@@ -1106,7 +1106,7 @@ production: &base - - ## GitLab Elasticsearch settings - elasticsearch: -- indexer_path: /home/git/gitlab-elasticsearch-indexer/ -+ indexer_path: /var/lib/gitlab/elasticsearch-indexer - - ## Git settings - # CAUTION! -diff --git a/config/initializers/smtp_settings.rb.sample b/config/initializers/smtp_settings.rb.sample -index bd37080b1c8..f956e786071 100644 ---- a/config/initializers/smtp_settings.rb.sample -+++ b/config/initializers/smtp_settings.rb.sample -@@ -1,13 +1,6 @@ --# To enable smtp email delivery for your GitLab instance do the following: --# 1. Rename this file to smtp_settings.rb --# 2. Edit settings inside this file --# 3. Restart GitLab instance --# - # For full list of options and their values see http://api.rubyonrails.org/classes/ActionMailer/Base.html --# --# If you change this file in a Merge Request, please also create a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests - --if Rails.env.production? -+if false # To enable SMTP please replace 'false' with 'Rails.env.production?' - Rails.application.config.action_mailer.delivery_method = :smtp - - ActionMailer::Base.delivery_method = :smtp -diff --git a/config/puma.rb.example b/config/puma.rb.example -index cd7adca157f..9dffc101ae5 100644 ---- a/config/puma.rb.example -+++ b/config/puma.rb.example -@@ -5,11 +5,11 @@ - # The default is "config.ru". - # - rackup 'config.ru' --pidfile '/home/git/gitlab/tmp/pids/puma.pid' --state_path '/home/git/gitlab/tmp/pids/puma.state' -+pidfile '/run/gitlab/puma.pid' -+state_path '/run/gitlab/puma.state' - --stdout_redirect '/home/git/gitlab/log/puma.stdout.log', -- '/home/git/gitlab/log/puma.stderr.log', -+stdout_redirect '/var/log/gitlab/puma.stdout.log', -+ '/var/log/gitlab/puma.stderr.log', - true - - # Configure "min" to be the minimum number of threads to use to answer -@@ -31,12 +31,12 @@ queue_requests false - - # Bind the server to "url". "tcp://", "unix://" and "ssl://" are the only - # accepted protocols. --bind 'unix:///home/git/gitlab/tmp/sockets/gitlab.socket' -+bind 'unix:///run/gitlab/gitlab.socket' - - workers 3 - --require_relative "/home/git/gitlab/lib/gitlab/cluster/lifecycle_events" --require_relative "/home/git/gitlab/lib/gitlab/cluster/puma_worker_killer_initializer" -+require_relative "/usr/share/webapps/gitlab/lib/gitlab/cluster/lifecycle_events" -+require_relative "/usr/share/webapps/gitlab/lib/gitlab/cluster/puma_worker_killer_initializer" - - on_restart do - # Signal application hooks that we're about to restart -@@ -70,7 +70,7 @@ tag 'gitlab-puma-worker' - worker_timeout 60 - - # Use json formatter --require_relative "/home/git/gitlab/lib/gitlab/puma_logging/json_formatter" -+require_relative "/usr/share/webapps/gitlab/lib/gitlab/puma_logging/json_formatter" - - json_formatter = Gitlab::PumaLogging::JSONFormatter.new - log_formatter do |str| Copied: gitlab/repos/community-x86_64/configs.patch (from rev 724295, gitlab/trunk/configs.patch) =================================================================== --- configs.patch (rev 0) +++ configs.patch 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1,309 @@ +commit 4af2aa16ed9076903b573b787cb0c8b486afa6ea +Author: Anatol Pomozov <anatol.pomo...@gmail.com> +Date: Tue May 26 00:01:38 2020 -0700 + + Patch config files with Arch Linux specific locations + + Arch uses upstream's default config files as a base for its configs. + But directory structure at Arch is completely different from the default + one specified by gitlab project. + We used to have a lot of seds expressions to adjust the files but as + complexity of configs grew 'sed' makes it easy to miss a changed/added + option. + + Track set of diffs as a patch. If upstream modifies config file then it + will cause a conflict that needs to be reviewed manually. + +diff --git a/config/database.yml.postgresql b/config/database.yml.postgresql +index 37c69ad326b..68415ea3f82 100644 +--- a/config/database.yml.postgresql ++++ b/config/database.yml.postgresql +@@ -5,7 +5,7 @@ production: + adapter: postgresql + encoding: unicode + database: gitlabhq_production +- username: git ++ username: gitlab + password: "secure password" + host: localhost + # load_balancing: +@@ -36,7 +36,7 @@ staging: + adapter: postgresql + encoding: unicode + database: gitlabhq_staging +- username: git ++ username: gitlab + password: "secure password" + host: localhost + +diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example +index 605729a1435..737dca493f2 100644 +--- a/config/gitlab.yml.example ++++ b/config/gitlab.yml.example +@@ -83,7 +83,7 @@ production: &base + #- 2001:0db8::/32 + + # Uncomment and customize if you can't use the default user to run GitLab (default: 'git') +- # user: git ++ user: gitlab + + ## Date & Time settings + # Uncomment and customize if you want to change the default time zone of GitLab application. +@@ -103,15 +103,15 @@ production: &base + # enabled: false + # S/MIME private key file in PEM format, unencrypted + # Default is '.gitlab_smime_key' relative to Rails.root (i.e. root of the GitLab app). +- # key_file: /home/git/gitlab/.gitlab_smime_key ++ # key_file: /var/lib/gitlab/.gitlab_smime_key + # S/MIME public certificate key in PEM format, will be attached to signed messages + # Default is '.gitlab_smime_cert' relative to Rails.root (i.e. root of the GitLab app). +- # cert_file: /home/git/gitlab/.gitlab_smime_cert ++ # cert_file: /var/lib/gitlab/.gitlab_smime_cert + # S/MIME extra CA public certificates in PEM format, will be attached to signed messages + # Optional +- # ca_certs_file: /home/git/gitlab/.gitlab_smime_ca_certs ++ # ca_certs_file: /var/lib/gitlab/.gitlab_smime_ca_certs + +- # Email server smtp settings are in config/initializers/smtp_settings.rb.sample ++ # Email server smtp settings are in /etc/webapps/gitlab/smtp_settings.rb + + # default_can_create_group: false # default: true + # username_changing_enabled: false # default: true - User can change their username/namespace +@@ -157,7 +157,7 @@ production: &base + ## Repository downloads directory + # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory. + # The default is 'shared/cache/archive/' relative to the root of the Rails app. +- # repository_downloads_path: shared/cache/archive/ ++ repository_downloads_path: /var/lib/gitlab/shared/cache/archive + + ## Impersonation settings + impersonation_enabled: true +@@ -200,7 +200,7 @@ production: &base + # Since `mail_room` is run independently of Rails, an absolute path is preferred. + # The default is 'log/mail_room_json.log' relative to the root of the Rails app. + # +- # log_path: log/mail_room_json.log ++ log_path: /var/log/gitlab/mail_room_json.log + + # Whether to expunge (permanently remove) messages from the mailbox when they are deleted after delivery + expunge_deleted: false +@@ -239,7 +239,7 @@ production: &base + artifacts: + enabled: true + # The location where build artifacts are stored (default: shared/artifacts). +- # path: shared/artifacts ++ path: /var/lib/gitlab/shared/artifacts + # object_store: + # enabled: false + # remote_directory: artifacts # The bucket name +@@ -259,7 +259,7 @@ production: &base + # be stored on disk, or in object storage + enabled: false + # The location where external diffs are stored (default: shared/lfs-external-diffs). +- # storage_path: shared/external-diffs ++ storage_path: /var/lib/gitlab/shared/external-diffs + # object_store: + # enabled: false + # remote_directory: external-diffs +@@ -275,7 +275,7 @@ production: &base + lfs: + enabled: true + # The location where LFS objects are stored (default: shared/lfs-objects). +- # storage_path: shared/lfs-objects ++ storage_path: /var/lib/gitlab/shared/lfs-objects + object_store: + enabled: false + remote_directory: lfs-objects # Bucket name +@@ -318,7 +318,7 @@ production: &base + packages: + enabled: true + # The location where build packages are stored (default: shared/packages). +- # storage_path: shared/packages ++ storage_path: /var/lib/gitlab/shared/packages + object_store: + enabled: false + remote_directory: packages # The bucket name +@@ -339,7 +339,7 @@ production: &base + dependency_proxy: + enabled: true + # The location where build packages are stored (default: shared/dependency_proxy). +- # storage_path: shared/dependency_proxy ++ storage_path: /var/lib/gitlab/shared/dependency_proxy + object_store: + enabled: false + remote_directory: dependency_proxy # The bucket name +@@ -360,7 +360,7 @@ production: &base + terraform_state: + enabled: true + # The location where Terraform state files are stored (default: shared/terraform_state). +- # storage_path: shared/terraform_state ++ storage_path: /var/lib/gitlab/shared/terraform_state + object_store: + enabled: false + remote_directory: terraform # The bucket name +@@ -379,7 +379,7 @@ production: &base + enabled: false + access_control: false + # The location where pages are stored (default: shared/pages). +- # path: shared/pages ++ path: /var/lib/gitlab/shared/pages + + # The domain under which the pages are served: + # http://group.example.com/project +@@ -393,7 +393,7 @@ production: &base + + # File that contains the shared secret key for verifying access for gitlab-pages. + # Default is '.gitlab_pages_secret' relative to Rails.root (i.e. root of the GitLab app). +- # secret_file: /home/git/gitlab/.gitlab_pages_secret ++ # secret_file: /var/lib/gitlab/.gitlab_pages_secret + + ## Mattermost + ## For enabling Add to Mattermost button +@@ -533,7 +533,7 @@ production: &base + # port: 5005 + # api_url: http://localhost:5000/ # internal address to the registry, will be used by GitLab to directly communicate with API + # key: config/registry.key +- # path: shared/registry ++ path: /var/lib/gitlab/shared/registry + # issuer: gitlab-issuer + # notification_secret: '' # only set it when you use Geo replication feature without built-in Registry + +@@ -590,7 +590,7 @@ production: &base + # add_pusher: true + + # The location where build traces are stored (default: builds/). Relative paths are relative to Rails.root +- # builds_path: builds/ ++ builds_path: /var/lib/gitlab/builds + + # + # 3. Auth settings +@@ -1007,12 +1007,12 @@ production: &base + + # Shared file storage settings + shared: +- # path: /mnt/gitlab # Default: shared ++ path: /var/lib/gitlab/shared # Default: shared + + # Gitaly settings + gitaly: + # Path to the directory containing Gitaly client executables. +- client_path: /home/git/gitaly ++ client_path: /usr/bin + # Default Gitaly authentication token. Can be overridden per storage. Can + # be left blank when Gitaly is running locally on a Unix socket, which + # is the normal way to deploy Gitaly. +@@ -1030,13 +1030,13 @@ production: &base + # real path not the symlink. + storages: # You must have at least a `default` storage path. + default: +- path: /home/git/repositories/ +- gitaly_address: unix:/home/git/gitlab/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port). ++ path: /var/lib/gitlab/repositories ++ gitaly_address: unix:/run/gitlab/gitlab-gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port). + # gitaly_token: 'special token' # Optional: override global gitaly.token for this storage. + + ## Backup settings + backup: +- path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) ++ path: "/var/lib/gitlab/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) + # archive_permissions: 0640 # Permissions for the resulting backup.tar file (default: 0600) + # keep_time: 604800 # default: 0 (forever) (in seconds) + # pg_schema: public # default: nil, it means that all schemas will be backed up +@@ -1077,12 +1077,12 @@ production: &base + + ## GitLab Shell settings + gitlab_shell: +- path: /home/git/gitlab-shell/ +- authorized_keys_file: /home/git/.ssh/authorized_keys ++ path: /usr/share/webapps/gitlab-shell ++ authorized_keys_file: /var/lib/gitlab/.ssh/authorized_keys + + # File that contains the secret key for verifying access for gitlab-shell. + # Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app). +- # secret_file: /home/git/gitlab/.gitlab_shell_secret ++ # secret_file: /var/lib/gitlab/.gitlab_shell_secret + + # Git over HTTP + upload_pack: true +@@ -1097,7 +1097,7 @@ production: &base + workhorse: + # File that contains the secret key for verifying access for gitlab-workhorse. + # Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app). +- # secret_file: /home/git/gitlab/.gitlab_workhorse_secret ++ # secret_file: /var/lib/gitlab/.gitlab_workhorse_secret + + gitlab_kas: + # File that contains the secret key for verifying access for gitlab-kas. +@@ -1106,7 +1106,7 @@ production: &base + + ## GitLab Elasticsearch settings + elasticsearch: +- indexer_path: /home/git/gitlab-elasticsearch-indexer/ ++ indexer_path: /var/lib/gitlab/elasticsearch-indexer + + ## Git settings + # CAUTION! +diff --git a/config/initializers/smtp_settings.rb.sample b/config/initializers/smtp_settings.rb.sample +index bd37080b1c8..f956e786071 100644 +--- a/config/initializers/smtp_settings.rb.sample ++++ b/config/initializers/smtp_settings.rb.sample +@@ -1,13 +1,6 @@ +-# To enable smtp email delivery for your GitLab instance do the following: +-# 1. Rename this file to smtp_settings.rb +-# 2. Edit settings inside this file +-# 3. Restart GitLab instance +-# + # For full list of options and their values see http://api.rubyonrails.org/classes/ActionMailer/Base.html +-# +-# If you change this file in a Merge Request, please also create a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests + +-if Rails.env.production? ++if false # To enable SMTP please replace 'false' with 'Rails.env.production?' + Rails.application.config.action_mailer.delivery_method = :smtp + + ActionMailer::Base.delivery_method = :smtp +diff --git a/config/puma.rb.example b/config/puma.rb.example +index cd7adca157f..9dffc101ae5 100644 +--- a/config/puma.rb.example ++++ b/config/puma.rb.example +@@ -5,11 +5,11 @@ + # The default is "config.ru". + # + rackup 'config.ru' +-pidfile '/home/git/gitlab/tmp/pids/puma.pid' +-state_path '/home/git/gitlab/tmp/pids/puma.state' ++pidfile '/run/gitlab/puma.pid' ++state_path '/run/gitlab/puma.state' + +-stdout_redirect '/home/git/gitlab/log/puma.stdout.log', +- '/home/git/gitlab/log/puma.stderr.log', ++stdout_redirect '/var/log/gitlab/puma.stdout.log', ++ '/var/log/gitlab/puma.stderr.log', + true + + # Configure "min" to be the minimum number of threads to use to answer +@@ -31,12 +31,12 @@ queue_requests false + + # Bind the server to "url". "tcp://", "unix://" and "ssl://" are the only + # accepted protocols. +-bind 'unix:///home/git/gitlab/tmp/sockets/gitlab.socket' ++bind 'unix:///run/gitlab/gitlab.socket' + + workers 3 + +-require_relative "/home/git/gitlab/lib/gitlab/cluster/lifecycle_events" +-require_relative "/home/git/gitlab/lib/gitlab/cluster/puma_worker_killer_initializer" ++require_relative "/usr/share/webapps/gitlab/lib/gitlab/cluster/lifecycle_events" ++require_relative "/usr/share/webapps/gitlab/lib/gitlab/cluster/puma_worker_killer_initializer" + + on_restart do + # Signal application hooks that we're about to restart +@@ -70,7 +70,7 @@ tag 'gitlab-puma-worker' + worker_timeout 60 + + # Use json formatter +-require_relative "/home/git/gitlab/lib/gitlab/puma_logging/json_formatter" ++require_relative "/usr/share/webapps/gitlab/lib/gitlab/puma_logging/json_formatter" + + json_formatter = Gitlab::PumaLogging::JSONFormatter.new + log_formatter do |str| Deleted: environment =================================================================== --- environment 2020-10-15 21:10:57 UTC (rev 724295) +++ environment 2020-10-15 21:12:04 UTC (rev 724296) @@ -1,3 +0,0 @@ -RAILS_ENV=production -EXECJS_RUNTIME=Disabled -RUBYOPT='-W:no-deprecated' Copied: gitlab/repos/community-x86_64/environment (from rev 724295, gitlab/trunk/environment) =================================================================== --- environment (rev 0) +++ environment 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1,3 @@ +RAILS_ENV=production +EXECJS_RUNTIME=Disabled +RUBYOPT='-W:no-deprecated' Deleted: gitlab-backup.service =================================================================== --- gitlab-backup.service 2020-10-15 21:10:57 UTC (rev 724295) +++ gitlab-backup.service 2020-10-15 21:12:04 UTC (rev 724296) @@ -1,19 +0,0 @@ -[Unit] -Description=GitLab Backup process -Requires= -After=network.target - -[Service] -Type=oneshot -User=gitlab -Group=gitlab -SyslogIdentifier=gitlab-backup -WorkingDirectory=<APPDIR> -EnvironmentFile=<APPDIR>/environment -CapabilityBoundingSet= -PrivateTmp=true -PrivateDevices=true -ProtectSystem=full -ProtectHome=true -NoNewPrivileges=true -ExecStart=/usr/bin/bundle exec rake gitlab:backup:create Copied: gitlab/repos/community-x86_64/gitlab-backup.service (from rev 724295, gitlab/trunk/gitlab-backup.service) =================================================================== --- gitlab-backup.service (rev 0) +++ gitlab-backup.service 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1,19 @@ +[Unit] +Description=GitLab Backup process +Requires= +After=network.target + +[Service] +Type=oneshot +User=gitlab +Group=gitlab +SyslogIdentifier=gitlab-backup +WorkingDirectory=<APPDIR> +EnvironmentFile=<APPDIR>/environment +CapabilityBoundingSet= +PrivateTmp=true +PrivateDevices=true +ProtectSystem=full +ProtectHome=true +NoNewPrivileges=true +ExecStart=/usr/bin/bundle exec rake gitlab:backup:create Deleted: gitlab-backup.timer =================================================================== --- gitlab-backup.timer 2020-10-15 21:10:57 UTC (rev 724295) +++ gitlab-backup.timer 2020-10-15 21:12:04 UTC (rev 724296) @@ -1,10 +0,0 @@ -[Unit] -Description=Daily gitlab backup - -[Timer] -OnCalendar=daily -AccuracySec=12h -Persistent=true - -[Install] -WantedBy=timers.target Copied: gitlab/repos/community-x86_64/gitlab-backup.timer (from rev 724295, gitlab/trunk/gitlab-backup.timer) =================================================================== --- gitlab-backup.timer (rev 0) +++ gitlab-backup.timer 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1,10 @@ +[Unit] +Description=Daily gitlab backup + +[Timer] +OnCalendar=daily +AccuracySec=12h +Persistent=true + +[Install] +WantedBy=timers.target Deleted: gitlab-mailroom.service =================================================================== --- gitlab-mailroom.service 2020-10-15 21:10:57 UTC (rev 724295) +++ gitlab-mailroom.service 2020-10-15 21:12:04 UTC (rev 724296) @@ -1,21 +0,0 @@ -[Unit] -Description=Gitlab Mailroom Worker -Requires=gitlab-puma.service -Wants=gitlab-puma.service -After=gitlab-puma.service -StartLimitIntervalSec=100s - -[Service] -User=gitlab -Group=gitlab -WorkingDirectory=<APPDIR> -EnvironmentFile=<APPDIR>/environment -SyslogIdentifier=gitlab-mailroom -PIDFile=/run/gitlab/mailroom.pid -ExecStart=/usr/bin/bundle exec mail_room -q -c <APPDIR>/config/mail_room.yml -ExecStop=/usr/bin/kill -QUIT $MAINPID -Restart=on-failure -RestartSec=1 - -[Install] -WantedBy=multi-user.target Copied: gitlab/repos/community-x86_64/gitlab-mailroom.service (from rev 724295, gitlab/trunk/gitlab-mailroom.service) =================================================================== --- gitlab-mailroom.service (rev 0) +++ gitlab-mailroom.service 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1,21 @@ +[Unit] +Description=Gitlab Mailroom Worker +Requires=gitlab-puma.service +Wants=gitlab-puma.service +After=gitlab-puma.service +StartLimitIntervalSec=100s + +[Service] +User=gitlab +Group=gitlab +WorkingDirectory=<APPDIR> +EnvironmentFile=<APPDIR>/environment +SyslogIdentifier=gitlab-mailroom +PIDFile=/run/gitlab/mailroom.pid +ExecStart=/usr/bin/bundle exec mail_room -q -c <APPDIR>/config/mail_room.yml +ExecStop=/usr/bin/kill -QUIT $MAINPID +Restart=on-failure +RestartSec=1 + +[Install] +WantedBy=multi-user.target Deleted: gitlab-puma.service =================================================================== --- gitlab-puma.service 2020-10-15 21:10:57 UTC (rev 724295) +++ gitlab-puma.service 2020-10-15 21:12:04 UTC (rev 724296) @@ -1,34 +0,0 @@ -[Unit] -Description=GitLab Puma Server -Requires=redis.service -Wants=postgresql.service -After=redis.service postgresql.service network.target -StartLimitIntervalSec=100s - -[Service] -User=gitlab -Group=gitlab -WorkingDirectory=<APPDIR> -EnvironmentFile=<APPDIR>/environment -SyslogIdentifier=gitlab-puma -PIDFile=/run/gitlab/puma.pid -RuntimeDirectory=gitlab -RuntimeDirectoryPreserve=yes -RuntimeDirectoryMode=775 -PrivateTmp=true -PrivateDevices=true -ProtectSystem=full -ProtectHome=true -# These options break Gitlab's email delivery if you -# use postfix' sendmail wrapper. If you use an SMTP server -# instead you can safely enable these security features. -#NoNewPrivileges=true -#CapabilityBoundingSet= -ExecStart=/usr/bin/bundle exec puma -C <APPDIR>/config/puma.rb -e production -ExecStop=/usr/bin/kill -QUIT $MAINPID -ExecReload=/usr/bin/kill -USR2 $MAINPID -Restart=on-failure -RestartSec=1 - -[Install] -WantedBy=multi-user.target Copied: gitlab/repos/community-x86_64/gitlab-puma.service (from rev 724295, gitlab/trunk/gitlab-puma.service) =================================================================== --- gitlab-puma.service (rev 0) +++ gitlab-puma.service 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1,34 @@ +[Unit] +Description=GitLab Puma Server +Requires=redis.service +Wants=postgresql.service +After=redis.service postgresql.service network.target +StartLimitIntervalSec=100s + +[Service] +User=gitlab +Group=gitlab +WorkingDirectory=<APPDIR> +EnvironmentFile=<APPDIR>/environment +SyslogIdentifier=gitlab-puma +PIDFile=/run/gitlab/puma.pid +RuntimeDirectory=gitlab +RuntimeDirectoryPreserve=yes +RuntimeDirectoryMode=775 +PrivateTmp=true +PrivateDevices=true +ProtectSystem=full +ProtectHome=true +# These options break Gitlab's email delivery if you +# use postfix' sendmail wrapper. If you use an SMTP server +# instead you can safely enable these security features. +#NoNewPrivileges=true +#CapabilityBoundingSet= +ExecStart=/usr/bin/bundle exec puma -C <APPDIR>/config/puma.rb -e production +ExecStop=/usr/bin/kill -QUIT $MAINPID +ExecReload=/usr/bin/kill -USR2 $MAINPID +Restart=on-failure +RestartSec=1 + +[Install] +WantedBy=multi-user.target Deleted: gitlab-sidekiq.service =================================================================== --- gitlab-sidekiq.service 2020-10-15 21:10:57 UTC (rev 724295) +++ gitlab-sidekiq.service 2020-10-15 21:12:04 UTC (rev 724296) @@ -1,30 +0,0 @@ -[Unit] -Description=GitLab Sidekiq Worker -Requires=redis.service gitlab-puma.service -Wants=postgresql.service -After=redis.service postgresql.service network.target gitlab-puma.service -JoinsNamespaceOf=gitlab-puma.service -StartLimitIntervalSec=100s - -[Service] -User=gitlab -Group=gitlab -WorkingDirectory=<APPDIR> -EnvironmentFile=<APPDIR>/environment -SyslogIdentifier=gitlab-sidekiq -PIDFile=/run/gitlab/sidekiq.pid -PrivateTmp=true -ProtectSystem=full -ProtectHome=true -# These options break Gitlab's email delivery if you -# use postfix' sendmail wrapper. If you use an SMTP server -# instead you can safely enable these security features. -#NoNewPrivileges=true -#CapabilityBoundingSet= -ExecStart=/usr/bin/bundle exec sidekiq -C <APPDIR>/config/sidekiq_queues.yml -e production -ExecStop=/usr/bin/bundle exec sidekiqctl stop /run/gitlab/sidekiq.pid -Restart=on-failure -RestartSec=1 - -[Install] -WantedBy=multi-user.target Copied: gitlab/repos/community-x86_64/gitlab-sidekiq.service (from rev 724295, gitlab/trunk/gitlab-sidekiq.service) =================================================================== --- gitlab-sidekiq.service (rev 0) +++ gitlab-sidekiq.service 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1,30 @@ +[Unit] +Description=GitLab Sidekiq Worker +Requires=redis.service gitlab-puma.service +Wants=postgresql.service +After=redis.service postgresql.service network.target gitlab-puma.service +JoinsNamespaceOf=gitlab-puma.service +StartLimitIntervalSec=100s + +[Service] +User=gitlab +Group=gitlab +WorkingDirectory=<APPDIR> +EnvironmentFile=<APPDIR>/environment +SyslogIdentifier=gitlab-sidekiq +PIDFile=/run/gitlab/sidekiq.pid +PrivateTmp=true +ProtectSystem=full +ProtectHome=true +# These options break Gitlab's email delivery if you +# use postfix' sendmail wrapper. If you use an SMTP server +# instead you can safely enable these security features. +#NoNewPrivileges=true +#CapabilityBoundingSet= +ExecStart=/usr/bin/bundle exec sidekiq -C <APPDIR>/config/sidekiq_queues.yml -e production +ExecStop=/usr/bin/bundle exec sidekiqctl stop /run/gitlab/sidekiq.pid +Restart=on-failure +RestartSec=1 + +[Install] +WantedBy=multi-user.target Deleted: gitlab.install =================================================================== --- gitlab.install 2020-10-15 21:10:57 UTC (rev 724295) +++ gitlab.install 2020-10-15 21:12:04 UTC (rev 724296) @@ -1,34 +0,0 @@ -post_install() { - echo "Configure your /etc/webapps/gitlab/gitlab.yml" - echo "Set up your redis to run on /run/redis/redis.sock or configure gitlab to use redis TCP" - echo "Put a secret bytestring to /etc/webapps/gitlab/secret" - echo "Copy /usr/share/webapps/gitlab/config/secrets.yml.example to /etc/webapps/gitlab/secrets.yml and configure it" - echo "Setup the database:" - echo "$ (cd /usr/share/webapps/gitlab && sudo -u gitlab \$(cat environment | xargs) bundle exec rake gitlab:setup)" - echo "Finally run the following commands to check your installation:" - echo "$ (cd /usr/share/webapps/gitlab && sudo -u gitlab \$(cat environment | xargs) bundle exec rake gitlab:env:info)" - echo "$ (cd /usr/share/webapps/gitlab && sudo -u gitlab \$(cat environment | xargs) bundle exec rake gitlab:check)" -} - -post_upgrade() { - echo "You should upgrade your database:" - echo "$ (cd /usr/share/webapps/gitlab && sudo -u gitlab \$(cat environment | xargs) bundle exec rake db:migrate)" - echo "Afterwards, restart gitlab-related services:" - echo "# systemctl daemon-reload" - echo "# systemctl restart gitlab-sidekiq gitlab-puma gitlab-workhorse gitlab-gitaly" - - if (( $(vercmp $2 13.0.0) < 0)); then - echo "==========" - echo "Since 13.0.0, upstream switched default Ruby web server from Unicorn to Puma." - echo "Please use 'gitlab-puma' systemd service instead of 'gitlab-unicorn'." - fi - - if (( $(vercmp $2 13.0.1) < 0)); then - echo "==========" - echo "The new Puma server uses socket files by default thus configuration for gitlab-gitlay and gitlab-shell need to be updated." - echo "Please check new option values for 'gitlab_url' and 'secret_file' in /etc/webapps/gitlab-shell/config.yml and /etc/gitlab-gitaly/config.toml." - - echo "==========" - echo "Legacy symlinks /var/lib/gitlab/{gitlab-shell,log,pids,sockets} and /usr/share/webapps/gitlab/{builds,log,tmp} have been removed. Please check your config files and make sure you use direct target location such as /var/log/gitlab, /var/tmp, /run/gitlab ..." - fi -} Copied: gitlab/repos/community-x86_64/gitlab.install (from rev 724295, gitlab/trunk/gitlab.install) =================================================================== --- gitlab.install (rev 0) +++ gitlab.install 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1,34 @@ +post_install() { + echo "Configure your /etc/webapps/gitlab/gitlab.yml" + echo "Set up your redis to run on /run/redis/redis.sock or configure gitlab to use redis TCP" + echo "Put a secret bytestring to /etc/webapps/gitlab/secret" + echo "Copy /usr/share/webapps/gitlab/config/secrets.yml.example to /etc/webapps/gitlab/secrets.yml and configure it" + echo "Setup the database:" + echo "$ (cd /usr/share/webapps/gitlab && sudo -u gitlab \$(cat environment | xargs) bundle exec rake gitlab:setup)" + echo "Finally run the following commands to check your installation:" + echo "$ (cd /usr/share/webapps/gitlab && sudo -u gitlab \$(cat environment | xargs) bundle exec rake gitlab:env:info)" + echo "$ (cd /usr/share/webapps/gitlab && sudo -u gitlab \$(cat environment | xargs) bundle exec rake gitlab:check)" +} + +post_upgrade() { + echo "You should upgrade your database:" + echo "$ (cd /usr/share/webapps/gitlab && sudo -u gitlab \$(cat environment | xargs) bundle exec rake db:migrate)" + echo "Afterwards, restart gitlab-related services:" + echo "# systemctl daemon-reload" + echo "# systemctl restart gitlab-sidekiq gitlab-puma gitlab-workhorse gitlab-gitaly" + + if (( $(vercmp $2 13.0.0) < 0)); then + echo "==========" + echo "Since 13.0.0, upstream switched default Ruby web server from Unicorn to Puma." + echo "Please use 'gitlab-puma' systemd service instead of 'gitlab-unicorn'." + fi + + if (( $(vercmp $2 13.0.1) < 0)); then + echo "==========" + echo "The new Puma server uses socket files by default thus configuration for gitlab-gitlay and gitlab-shell need to be updated." + echo "Please check new option values for 'gitlab_url' and 'secret_file' in /etc/webapps/gitlab-shell/config.yml and /etc/gitlab-gitaly/config.toml." + + echo "==========" + echo "Legacy symlinks /var/lib/gitlab/{gitlab-shell,log,pids,sockets} and /usr/share/webapps/gitlab/{builds,log,tmp} have been removed. Please check your config files and make sure you use direct target location such as /var/log/gitlab, /var/tmp, /run/gitlab ..." + fi +} Deleted: gitlab.logrotate =================================================================== --- gitlab.logrotate 2020-10-15 21:10:57 UTC (rev 724295) +++ gitlab.logrotate 2020-10-15 21:12:04 UTC (rev 724296) @@ -1,6 +0,0 @@ -<LOGDIR>/*.log { - missingok - compress - notifempty - copytruncate -} Copied: gitlab/repos/community-x86_64/gitlab.logrotate (from rev 724295, gitlab/trunk/gitlab.logrotate) =================================================================== --- gitlab.logrotate (rev 0) +++ gitlab.logrotate 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1,6 @@ +<LOGDIR>/*.log { + missingok + compress + notifempty + copytruncate +} Deleted: gitlab.target =================================================================== --- gitlab.target 2020-10-15 21:10:57 UTC (rev 724295) +++ gitlab.target 2020-10-15 21:12:04 UTC (rev 724296) @@ -1,7 +0,0 @@ -[Unit] -Description=GitLab - Self Hosted Git Management -Requires=gitlab-puma.service gitlab-workhorse.service -Wants=gitlab-sidekiq.service gitlab-backup.timer gitlab-gitaly.service gitlab-mailroom.service - -[Install] -WantedBy=multi-user.target Copied: gitlab/repos/community-x86_64/gitlab.target (from rev 724295, gitlab/trunk/gitlab.target) =================================================================== --- gitlab.target (rev 0) +++ gitlab.target 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1,7 @@ +[Unit] +Description=GitLab - Self Hosted Git Management +Requires=gitlab-puma.service gitlab-workhorse.service +Wants=gitlab-sidekiq.service gitlab-backup.timer gitlab-gitaly.service gitlab-mailroom.service + +[Install] +WantedBy=multi-user.target Deleted: gitlab.tmpfiles.d =================================================================== --- gitlab.tmpfiles.d 2020-10-15 21:10:57 UTC (rev 724295) +++ gitlab.tmpfiles.d 2020-10-15 21:12:04 UTC (rev 724296) @@ -1 +0,0 @@ -d /run/gitlab 0775 gitlab gitlab - - Copied: gitlab/repos/community-x86_64/gitlab.tmpfiles.d (from rev 724295, gitlab/trunk/gitlab.tmpfiles.d) =================================================================== --- gitlab.tmpfiles.d (rev 0) +++ gitlab.tmpfiles.d 2020-10-15 21:12:04 UTC (rev 724296) @@ -0,0 +1 @@ +d /run/gitlab 0775 gitlab gitlab - -