diff --git a/software/gitlab/buildout.hash.cfg b/software/gitlab/buildout.hash.cfg index 7325d50e6273129fc5d15995214ad9a356398bbe..a3fe115b5e27982ac6879a04313b98993ca41274 100644 --- a/software/gitlab/buildout.hash.cfg +++ b/software/gitlab/buildout.hash.cfg @@ -34,7 +34,7 @@ md5sum = 7782f5c5d75663c2586e28d029c51e49 [gitlab-parameters.cfg] _update_hash_filename_ = gitlab-parameters.cfg -md5sum = c2e23c0f7baa1633df0436ca4e728424 +md5sum = cfda6d959bb90bf0b9c947383f45ce0a [gitlab-shell-config.yml.in] _update_hash_filename_ = template/gitlab-shell-config.yml.in @@ -42,11 +42,11 @@ md5sum = 9920d10442604f5d8a736825f20ebd2a [gitlab-unicorn-startup.in] _update_hash_filename_ = gitlab-unicorn-startup.in -md5sum = 79310724640dcc385e627b33334f4877 +md5sum = 649342a015e9dcd84c3ce45da616fee4 [gitlab.yml.in] _update_hash_filename_ = template/gitlab.yml.in -md5sum = bedbfc03eaf3560a93cfde1f497e99f6 +md5sum = 7729388b0939a785e2cd20f6e623660c [gitaly-config.toml.in] _update_hash_filename_ = template/gitaly-config.toml.in @@ -54,7 +54,7 @@ md5sum = 96d597d5f344dadfe9fb4bdc5ae1f2b2 [instance-gitlab.cfg.in] _update_hash_filename_ = instance-gitlab.cfg.in -md5sum = 1b96d49767f925afc53df6960614eebb +md5sum = a7e6f2e557bc177b402f45d3c0ffca6e [instance-gitlab-export.cfg.in] _update_hash_filename_ = instance-gitlab-export.cfg.in @@ -62,7 +62,7 @@ md5sum = 6ba5b3157a4c89edf280e32e84db6ac2 [instance-gitlab-test.cfg.in] _update_hash_filename_ = instance-gitlab-test.cfg.in -md5sum = 60714fb4e6c869c41bd5e9fada1b6e40 +md5sum = 6c24bbc5b74cb1a6c1c78a9d160ac78c [macrolib.cfg.in] _update_hash_filename_ = macrolib.cfg.in @@ -94,4 +94,4 @@ md5sum = f85c5bf252b8756558f40c8b110731cf [unicorn.rb.in] _update_hash_filename_ = template/unicorn.rb.in -md5sum = 046cee1a8a024e55f8e64078b1fd5cb2 +md5sum = ed1fb75d937613356388f62898166a47 diff --git a/software/gitlab/gitlab-parameters.cfg b/software/gitlab/gitlab-parameters.cfg index 5f5c73b6976101ac5e570cfe5bc63196e54bfaec..1f84fabc1fc483fdc185572c6dd4c8cfb9f50882 100644 --- a/software/gitlab/gitlab-parameters.cfg +++ b/software/gitlab/gitlab-parameters.cfg @@ -9,7 +9,7 @@ # (last updated for omnibus-gitlab 8.8.9+ce.0-g25376053) [gitlab-parameters] -configuration.external_url = http://lab.example.com +configuration.external_url = https://lab.example.com # db advanced configuration.db_pool = 10 diff --git a/software/gitlab/gitlab-unicorn-startup.in b/software/gitlab/gitlab-unicorn-startup.in index 646c998b6d3ef0ed6c3941d0a981bbd2d98303e7..396196d6f4fade5cc0bd062a451371894db425a3 100644 --- a/software/gitlab/gitlab-unicorn-startup.in +++ b/software/gitlab/gitlab-unicorn-startup.in @@ -57,7 +57,7 @@ $RAKE db:migrate >$migrate_log 2>&1 || die "db:migrate failed" # if it was a no-op "migration" - we don't need info about that - only keep # logs of actual migration run. test -s $migrate_log || rm $migrate_log - +touch {{ var_dir }}/gitlab_db_ok # clear cache $RAKE cache:clear || die "cache:clear failed" diff --git a/software/gitlab/instance-gitlab-test.cfg.in b/software/gitlab/instance-gitlab-test.cfg.in index a2f8d5a08a39ea87bf6527e094254341671abb32..8bb9d061743683a490ed28f30a9f687a8441d715 100644 --- a/software/gitlab/instance-gitlab-test.cfg.in +++ b/software/gitlab/instance-gitlab-test.cfg.in @@ -31,9 +31,9 @@ socket = ${:srv}/unc.socket password = ${root-password:passwd} # token for default.user user in gitlab demo backup # Edit this token if needed -private-token = SLurtnxPscPsU-SDm4oN +private-token = 7zdiC6VrZYnUD3yuvna3 # raw URL for latest commit on setup.py in gitlab demo backup. -latest-file-uri = ${:backend_url}/open/slapos/raw/94c96d42c22e16836dadddac7c8061f4a8c6ca7a/setup.py +latest-file-uri = ${:backend_url}/open/slapos/-/blob/4c2fa97791a2b7530b2d71e8760cb11d287d4e53/setup.py [instance-parameter] # backup more often, 10 minutes seems the minimal @@ -47,14 +47,18 @@ command = if [ -f "${:backup-done}" ]; then echo "Demo backup installed." else - rm -rf ${secrets:secrets} ${directory:var}/backup/* && - mkdir -p ${secrets:secrets} ${directory:var}/tmp && - cp -r {{ gitlab_demo_backup_path }}/secrets/* ${secrets:secrets} && - cp -rf {{ gitlab_demo_backup_path }}/backup-gitlab.git/ ${directory:var}/tmp && - cd ${directory:var}/tmp/backup-gitlab.git/ - PATH=${directory:bin}:{{ gopath_bin }}:{{ git_location }}/bin:$PATH - gitlab-backup restore -vupok -go HEAD && - touch ${:backup-done} + if [ ! -f "${directory:var}/gitlab_db_ok" ]; then + echo "Not ready to start restoration now..." + else + rm -rf ${secrets:secrets} ${directory:var}/backup/* && + mkdir -p ${secrets:secrets} ${directory:var}/tmp && + cp -r {{ gitlab_demo_backup_path }}/secrets/* ${secrets:secrets} && + cp -rf {{ gitlab_demo_backup_path }}/backup-gitlab.git/ ${directory:var}/tmp && + cd ${directory:var}/tmp/backup-gitlab.git/ + PATH=${directory:bin}:{{ gopath_bin }}:{{ git_location }}/bin:$PATH + gitlab-backup restore -vupok -go HEAD && + touch ${:backup-done} + fi fi update-command = ${:command} diff --git a/software/gitlab/instance-gitlab.cfg.in b/software/gitlab/instance-gitlab.cfg.in index c81a7b1867f3ab3c079eb5d42db54050ae4aa6b8..fbc65f3acc759527bbd94b182d74a6df4b100eee 100644 --- a/software/gitlab/instance-gitlab.cfg.in +++ b/software/gitlab/instance-gitlab.cfg.in @@ -342,6 +342,7 @@ context = raw psql_bin {{ postgresql_location }}/bin/psql section pgsql service-postgresql raw log_dir ${gitlab:log} + raw var_dir ${directory:var} section unicorn_rb unicorn.rb section gitlab_work gitlab-work @@ -401,13 +402,13 @@ tune-command = # secret* tmp/ log/ shared/ builds/ node_modules/ rm -f .secret && rm -rf log tmp shared builds node_modules && - ln -sf ${secrets:secrets}/gitlab_rails_secret .secret && +# ln -sf ${secrets:secrets}/gitlab_rails_secret .secret && ln -sf ${gitlab:log} log && ln -sf ${gitlab:tmp} tmp && ln -sf ${gitlab:shared} shared && ln -sf ${gitlab:builds} builds && ln -sf {{ gitlab_repository_location }}/node_modules node_modules && - ln -sf ${gitlab-workhorse:secret} .gitlab_workhorse_secret + ln -sf ${gitlab-workhorse:secret} .gitlab_workhorse_secret && # config/ cd config && ln -sf ${unicorn.rb:rendered} unicorn.rb && @@ -417,7 +418,7 @@ tune-command = ln -sf ${secrets:secrets}/gitlab_secrets.yml secrets.yml && # config/initializers/ cd initializers && - ln -sf ${rack_attack.rb:rendered} rack_attack.rb && +# ln -sf ${rack_attack.rb:rendered} rack_attack.rb && ln -sf ${smtp_settings.rb:rendered} smtp_settings.rb && # public/ cd ../../public && @@ -542,6 +543,7 @@ name = redis truncate = true + ######################## # gitlab-workhorse # ######################## @@ -586,7 +588,7 @@ depend = [promise-gitlab-workhorse] <= promise-byurl # http://localhost/users/statics.css will not redirect to /users/sign_in anymore because of this commit: -# https://lab.nexedi.com/nexedi/gitlab-workhorse/commit/c81f109a62fecf2a847fb17ceed012b380dab49f#c1215002e6d745f05eaaf9ee1dad7752e85d866f_318_331 +# https://lab.nexedi.com/nexedi/gitlab-workhorse/commit/c81f109a62fecf2a847fb17ceed012b380dab49f#c1215002e6d745f05eaaf9ee1dad7752e85d866f_318_331 config-command = {{ curl_bin }} --unix-socket ${gitlab-workhorse:socket} http://localhost/users/sign_in @@ -714,6 +716,8 @@ command-line = depend = ${promise-sidekiq:recipe} ${logrotate-entry-sidekiq:recipe} +wait-for-files = + ${directory:var}/gitlab_db_ok [promise-sidekiq] <= promise-rakebase @@ -836,8 +840,6 @@ rake = ${gitlab-rake:wrapper-path} # run command on every reinstantiation update-command = ${:command} -# https://gitlab.com/gitlab-org/gitlab-foss/issues/38457 -# we need to manually install ajv@^4.0.0 with yarn to fix the bug 'yarn check failed!' command = ${:rake} gitlab:assets:clean && ${:rake} gettext:compile RAILS_ENV=production && diff --git a/software/gitlab/software.cfg b/software/gitlab/software.cfg index 4762140a6c6dbcc8ddbc7485f58caf183c7f6bb6..d2dea8ce9fbe66395f9528d57e98d7f614ba2771 100644 --- a/software/gitlab/software.cfg +++ b/software/gitlab/software.cfg @@ -143,7 +143,8 @@ git-executable = ${git:location}/bin/git repository = https://gitlab.com/gitlab-org/gitlab-foss.git # 11.11.8 + NXD patches: #revision = v11.11.8-7-g193b94c3e2 -revision = v13.0.3-0-ge2397fc +revision = 5aa982e01ea9793c71f9f1a6ac0146f4ffe52879 +#branch = v13.1.0 location = ${buildout:parts-directory}/gitlab [gitlab-shell-repository] @@ -401,8 +402,8 @@ destination = ${buildout:directory}/${:_buildout_section_name_} [gitlab-demo-backup.git] recipe = hexagonit.recipe.download -url = https://lab.nexedi.com/alain.takoudjou/labdemo.backup/repository/archive.tar.gz?ref=master -md5sum = d40e5e211dc9a4e5ada9c0250377c639 +url = https://lab.nexedi.com/alain.takoudjou/labdemo.backup/-/archive/version-13/labdemo.backup-version-13.tar.bz2 +md5sum = 80fb5fd25c6368b1615af5191f176bca strip-top-level-dir = true [versions] diff --git a/software/gitlab/template/gitlab.yml.in b/software/gitlab/template/gitlab.yml.in index 0a5912c61c4353f97eabf9e8d5ad6731c2a38f5d..b659adf7021ee16c9d806e61ef671da01080de5a 100644 --- a/software/gitlab/template/gitlab.yml.in +++ b/software/gitlab/template/gitlab.yml.in @@ -18,6 +18,9 @@ production: &base host: {{ external_url.hostname }} port: {{ external_url.port or default_port[external_url.scheme] }} https: {{ cfg_https }} + # The maximum time unicorn/puma can spend on the request. This needs to be smaller than the worker timeout. + # Default is 95% of the worker timeout. + # max_request_duration_seconds: 57 {# ssh is disabled completely in slapos version # Uncommment this line below if your ssh host is different from HTTP/HTTPS one @@ -413,10 +416,11 @@ production: &base #} # Gitaly settings + # This setting controls whether GitLab uses Gitaly + # Eventually Gitaly use will become mandatory and + # this option will disappear. gitaly: - # Default Gitaly authentication token. Can be overriden per storage. Can - # be left blank when Gitaly is running locally on a Unix socket, which - # is the normal way to deploy Gitaly. + client_path: {{ gitaly.location }} token: diff --git a/software/gitlab/template/unicorn.rb.in b/software/gitlab/template/unicorn.rb.in index c1bb07409de1b18aa74ffb9f30757e0087dc3ddb..2d722706f49d49c285ca2b30af3ece26936e418b 100644 --- a/software/gitlab/template/unicorn.rb.in +++ b/software/gitlab/template/unicorn.rb.in @@ -31,12 +31,15 @@ preload_app true check_client_connection false require_relative '{{ gitlab_work.location }}/lib/gitlab/cluster/lifecycle_events' +require_relative '{{ gitlab_work.location }}/lib/gitlab/log_timestamp_formatter.rb' before_exec do |server| # Signal application hooks that we're about to restart Gitlab::Cluster::LifecycleEvents.do_before_master_restart end +run_once = true + # How many worker processes worker_processes {{ cfg('unicorn_worker_processes') }} @@ -86,7 +89,6 @@ after_fork do |server, worker| end - # Where to drop a pidfile pid '{{ directory.run }}/unicorn.pid' @@ -109,3 +111,7 @@ ENV['GITLAB_UNICORN_MEMORY_MIN'] = ({{ cfg('unicorn_worker_memory_limit_min') }} # Max memory size (RSS) per worker ENV['GITLAB_UNICORN_MEMORY_MAX'] = ({{ cfg('unicorn_worker_memory_limit_max') }}).to_s + +# Configure the default logger to use a custom formatter that formats the +# timestamps to be in UTC and in ISO8601.3 format +Configurator::DEFAULTS[:logger].formatter = Gitlab::LogTimestampFormatter.new