[arch-commits] Commit in gitlab/trunk (PKGBUILD configs.patch gitlab.install)
Anatol Pomozov
anatolik at archlinux.org
Tue May 26 08:11:55 UTC 2020
Date: Tuesday, May 26, 2020 @ 08:11:55
Author: anatolik
Revision: 635008
Move config adjustment from seds to a separate patch
gitlab configs are large and its path adjustment using sed becomes more
and more complex. It is easy to miss new config options that left unattended.
Move config adjustment to a separate patch to make review of diffs against
upstream easier.
Added:
gitlab/trunk/configs.patch
Modified:
gitlab/trunk/PKGBUILD
gitlab/trunk/gitlab.install
----------------+
PKGBUILD | 45 ++++---------
configs.patch | 184 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
gitlab.install | 6 +
3 files changed, 204 insertions(+), 31 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2020-05-26 07:45:45 UTC (rev 635007)
+++ PKGBUILD 2020-05-26 08:11:55 UTC (rev 635008)
@@ -28,6 +28,7 @@
"etc/webapps/gitlab/puma.rb"
"etc/logrotate.d/gitlab")
source=(git+https://gitlab.com/gitlab-org/gitlab-foss.git#tag=v$pkgver
+ configs.patch
build_fix.patch
gitlab-puma.service
gitlab-sidekiq.service
@@ -40,6 +41,7 @@
ruby27-pop-extra-arg.patch)
install='gitlab.install'
sha512sums=('SKIP'
+ '9b054872e2017dae3acd0534c0608634cf7c5f996672e589c3b9988ce18b110423b63f5207585c2ba4941b516606a2a9a8db6fd320012a4d90cf3beca147a220'
'9623de113358d3d6e49047f688e272d9394579734ace1bd647497e8717a90784546d27e547a29197a16c80d72ad9f2c79eb65f8edc631deadf2ec90ee86ea44b'
'8d759f1ae3391a0bafe8cfbbddfa6e7bfb5b587439f9f750e34e0bbf85c6c514da7c6932d74be284746f596bf2c4bdddfeff66f81ae39f73e43a9b5326bc688f'
'31fccf265783fd6c95fd94036d2f1148945d5fc9b713d108632d931b0cc51a5e166972956d042d5f30fe411d68a056794461103832ce9afbd4654923a8bde531'
@@ -70,35 +72,18 @@
export SKIP_STORAGE_VALIDATION='true'
- # Patching config files:
- echo "Patching paths in and username gitlab.yml..."
- sed -e "s|# user: git|user: gitlab|" \
- -e "s|/home/git/gitaly/bin|/usr/bin|" \
- -e "s|/home/git/repositories|${_homedir}/repositories|" \
- -e "s|/home/git/gitlab-satellites|${_homedir}/satellites|" \
- -e "s|# path: /mnt/gitlab|path: ${_homedir}/shared|" \
- -e "s|/home/git/gitlab-shell|/usr/share/webapps/gitlab-shell|" \
- -e "s|tmp/backups|${_homedir}/backups|" \
- -e "s|/home/git/gitlab/tmp/sockets/private/gitaly.socket|${_homedir}/sockets/gitlab-gitaly.socket|" \
- config/gitlab.yml.example > config/gitlab.yml
+ patch -p1 < ../configs.patch
+ # '/home/git' path in the config files indicates a default path that need to be adjusted
+ grep -FqR '/home/git' config || exit 1
- echo "Patching paths and timeout in puma.rb..."
- sed -e "s|/home/git/gitlab/tmp/.*/|/run/gitlab/|g" \
- -e "s|/var/run/|/run/|g" \
- -e "s|/home/git/gitlab|${_datadir}|g" \
- -e "s|${_datadir}/log/|${_logdir}/|g" \
- config/puma.rb.example > config/puma.rb
+ cp config/gitlab.yml.example config/gitlab.yml
+ cp config/database.yml.postgresql config/database.yml
+ cp config/resque.yml.example config/resque.yml
+ cp config/puma.rb.example config/puma.rb
# We need this one untouched because otherwise assets will fail
- cp config/database.yml.postgresql config/database.yml.postgresql.orig
+ # cp config/database.yml.postgresql config/database.yml.postgresql.orig
- echo "Patching username in database.yml.postgresql..."
- sed -i -e "s|username: git|username: gitlab|" config/database.yml.postgresql
-
- echo "Patching redis connection in resque.yml"
- sed -e "s|production: unix:/var/run/redis/redis.sock|production: redis://localhost:6379|" \
- config/resque.yml.example > config/resque.yml.patched
-
echo "Setting up systemd service files ..."
for service_file in gitlab-sidekiq.service gitlab-puma.service gitlab.logrotate gitlab-backup.service gitlab-mailroom.service; do
sed -i "s|<HOMEDIR>|${_homedir}|g" "${srcdir}/${service_file}"
@@ -130,9 +115,9 @@
popd
# We'll temporarily stick this in here so we can build the assets
- cp config/database.yml.postgresql.orig config/database.yml
- cp config/resque.yml.example config/resque.yml
- sed -i 's/url.*/nope.sock/g' config/resque.yml
+ # cp config/database.yml.postgresql.orig config/database.yml
+ # cp config/resque.yml.example config/resque.yml
+ # sed -i 's/url.*/nope.sock/g' config/resque.yml
yarn install --production --pure-lockfile
bundle exec rake gitlab:assets:compile RAILS_ENV=production NODE_ENV=production NODE_OPTIONS="--max_old_space_size=4096"
@@ -139,8 +124,8 @@
bundle exec rake gettext:compile RAILS_ENV=production
# After building assets, clean this up again
- rm config/database.yml config/database.yml.postgresql.orig
- mv config/resque.yml.patched config/resque.yml
+ # rm config/database.yml config/database.yml.postgresql.orig
+ # mv config/resque.yml.patched config/resque.yml
}
package() {
Added: configs.patch
===================================================================
--- configs.patch (rev 0)
+++ configs.patch 2020-05-26 08:11:55 UTC (rev 635008)
@@ -0,0 +1,184 @@
+commit 4c1ed3d0b4c35f91cc34c23db50b6dc0966d048c
+Author: Anatol Pomozov <anatol.pomozov at gmail.com>
+Date: Tue May 26 00:01:38 2020 -0700
+
+ Patch config files with Arch Linux specific locations
+
+ Arch uses upstream's default config files as a base for its configs.
+ But directory structure at Arch is completely different from the default
+ one specified by gitlab project.
+ We used to have a lot of seds expressions to adjust the files but as
+ complexity of configs grew 'sed' makes it easy to miss a changed/added
+ option.
+
+ Track set of diffs as a patch. If upstream modifies config file then it
+ will cause a conflict that needs to be reviewed manually.
+
+diff --git a/config/database.yml.postgresql b/config/database.yml.postgresql
+index 5b3b35c9226..afb139df97e 100644
+--- a/config/database.yml.postgresql
++++ b/config/database.yml.postgresql
+@@ -6,7 +6,7 @@ production:
+ encoding: unicode
+ database: gitlabhq_production
+ pool: 10
+- username: git
++ username: gitlab
+ password: "secure password"
+ host: localhost
+ # load_balancing:
+@@ -39,7 +39,7 @@ staging:
+ encoding: unicode
+ database: gitlabhq_staging
+ pool: 10
+- username: git
++ username: gitlab
+ password: "secure password"
+ host: localhost
+
+diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
+index 9a2e470f852..2189b86ed8d 100644
+--- a/config/gitlab.yml.example
++++ b/config/gitlab.yml.example
+@@ -83,7 +83,7 @@ production: &base
+ #- 2001:0db8::/32
+
+ # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
+- # user: git
++ user: gitlab
+
+ ## Date & Time settings
+ # Uncomment and customize if you want to change the default time zone of GitLab application.
+@@ -103,13 +103,13 @@ production: &base
+ # enabled: false
+ # S/MIME private key file in PEM format, unencrypted
+ # Default is '.gitlab_smime_key' relative to Rails.root (i.e. root of the GitLab app).
+- # key_file: /home/git/gitlab/.gitlab_smime_key
++ # key_file: /var/lib/gitlab/.gitlab_smime_key
+ # S/MIME public certificate key in PEM format, will be attached to signed messages
+ # Default is '.gitlab_smime_cert' relative to Rails.root (i.e. root of the GitLab app).
+- # cert_file: /home/git/gitlab/.gitlab_smime_cert
++ # cert_file: /var/lib/gitlab/.gitlab_smime_cert
+ # S/MIME extra CA public certificates in PEM format, will be attached to signed messages
+ # Optional
+- # ca_certs_file: /home/git/gitlab/.gitlab_smime_ca_certs
++ # ca_certs_file: /var/lib/gitlab/.gitlab_smime_ca_certs
+
+ # Email server smtp settings are in config/initializers/smtp_settings.rb.sample
+
+@@ -363,7 +363,7 @@ production: &base
+
+ # File that contains the shared secret key for verifying access for gitlab-pages.
+ # Default is '.gitlab_pages_secret' relative to Rails.root (i.e. root of the GitLab app).
+- # secret_file: /home/git/gitlab/.gitlab_pages_secret
++ # secret_file: /var/lib/gitlab/.gitlab_pages_secret
+
+ ## Mattermost
+ ## For enabling Add to Mattermost button
+@@ -956,12 +956,12 @@ production: &base
+
+ # Shared file storage settings
+ shared:
+- # path: /mnt/gitlab # Default: shared
++ path: /var/lib/gitlab/shared # Default: shared
+
+ # Gitaly settings
+ gitaly:
+ # Path to the directory containing Gitaly client executables.
+- client_path: /home/git/gitaly
++ client_path: /usr/bin
+ # Default Gitaly authentication token. Can be overridden per storage. Can
+ # be left blank when Gitaly is running locally on a Unix socket, which
+ # is the normal way to deploy Gitaly.
+@@ -979,13 +979,13 @@ production: &base
+ # real path not the symlink.
+ storages: # You must have at least a `default` storage path.
+ default:
+- path: /home/git/repositories/
+- gitaly_address: unix:/home/git/gitlab/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port).
++ path: /var/lib/gitlab/repositories/
++ gitaly_address: unix:/run/gitlab/gitlab-gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port).
+ # gitaly_token: 'special token' # Optional: override global gitaly.token for this storage.
+
+ ## Backup settings
+ backup:
+- path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/)
++ path: "/var/lib/gitlab/backups" # Relative paths are relative to Rails.root (default: tmp/backups/)
+ # archive_permissions: 0640 # Permissions for the resulting backup.tar file (default: 0600)
+ # keep_time: 604800 # default: 0 (forever) (in seconds)
+ # pg_schema: public # default: nil, it means that all schemas will be backed up
+@@ -1026,12 +1026,12 @@ production: &base
+
+ ## GitLab Shell settings
+ gitlab_shell:
+- path: /home/git/gitlab-shell/
+- authorized_keys_file: /home/git/.ssh/authorized_keys
++ path: /usr/share/webapps/gitlab-shell/
++ authorized_keys_file: /var/lib/gitlab/.ssh/authorized_keys
+
+ # File that contains the secret key for verifying access for gitlab-shell.
+ # Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app).
+- # secret_file: /home/git/gitlab/.gitlab_shell_secret
++ # secret_file: /var/lib/gitlab/.gitlab_shell_secret
+
+ # Git over HTTP
+ upload_pack: true
+@@ -1046,11 +1046,11 @@ production: &base
+ workhorse:
+ # File that contains the secret key for verifying access for gitlab-workhorse.
+ # Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app).
+- # secret_file: /home/git/gitlab/.gitlab_workhorse_secret
++ # secret_file: /var/lib/gitlab/.gitlab_workhorse_secret
+
+ ## GitLab Elasticsearch settings
+ elasticsearch:
+- indexer_path: /home/git/gitlab-elasticsearch-indexer/
++ indexer_path: /var/lib/gitlab/elasticsearch-indexer/
+
+ ## Git settings
+ # CAUTION!
+diff --git a/config/puma.rb.example b/config/puma.rb.example
+index cd7adca157f..9dffc101ae5 100644
+--- a/config/puma.rb.example
++++ b/config/puma.rb.example
+@@ -5,11 +5,11 @@
+ # The default is "config.ru".
+ #
+ rackup 'config.ru'
+-pidfile '/home/git/gitlab/tmp/pids/puma.pid'
+-state_path '/home/git/gitlab/tmp/pids/puma.state'
++pidfile '/run/gitlab/puma.pid'
++state_path '/run/gitlab/puma.state'
+
+-stdout_redirect '/home/git/gitlab/log/puma.stdout.log',
+- '/home/git/gitlab/log/puma.stderr.log',
++stdout_redirect '/var/log/gitlab/puma.stdout.log',
++ '/var/log/gitlab/puma.stderr.log',
+ true
+
+ # Configure "min" to be the minimum number of threads to use to answer
+@@ -31,12 +31,12 @@ queue_requests false
+
+ # Bind the server to "url". "tcp://", "unix://" and "ssl://" are the only
+ # accepted protocols.
+-bind 'unix:///home/git/gitlab/tmp/sockets/gitlab.socket'
++bind 'unix:///run/gitlab/gitlab.socket'
+
+ workers 3
+
+-require_relative "/home/git/gitlab/lib/gitlab/cluster/lifecycle_events"
+-require_relative "/home/git/gitlab/lib/gitlab/cluster/puma_worker_killer_initializer"
++require_relative "/usr/share/webapps/gitlab/lib/gitlab/cluster/lifecycle_events"
++require_relative "/usr/share/webapps/gitlab/lib/gitlab/cluster/puma_worker_killer_initializer"
+
+ on_restart do
+ # Signal application hooks that we're about to restart
+@@ -70,7 +70,7 @@ tag 'gitlab-puma-worker'
+ worker_timeout 60
+
+ # Use json formatter
+-require_relative "/home/git/gitlab/lib/gitlab/puma_logging/json_formatter"
++require_relative "/usr/share/webapps/gitlab/lib/gitlab/puma_logging/json_formatter"
+
+ json_formatter = Gitlab::PumaLogging::JSONFormatter.new
+ log_formatter do |str|
Modified: gitlab.install
===================================================================
--- gitlab.install 2020-05-26 07:45:45 UTC (rev 635007)
+++ gitlab.install 2020-05-26 08:11:55 UTC (rev 635008)
@@ -18,9 +18,13 @@
echo "# systemctl daemon-reload"
echo "# systemctl restart gitlab-sidekiq gitlab-puma gitlab-workhorse gitlab-gitaly"
- if (( $(vercmp $2 13.0.0) < 0)); then
+ if (( $(vercmp $2 13.0.1) < 0)); then
echo "=========="
echo "Since 13.0.0, upstream switched default Ruby web server from Unicorn to Puma."
echo "Please use 'gitlab-puma' systemd service instead of 'gitlab-unicorn'."
+
+ echo "=========="
+ echo "The new Puma server uses socket files by default thus configuration for gitlab-gitlay and gitlab-shell need to be updated."
+ echo "Please check new option values for at /etc/webapps/gitlab-shell/config.yml and /etc/gitlab-gitaly/config.toml. Pay attention to 'gitlab_url' and 'secret_file' values."
fi
}
More information about the arch-commits
mailing list