From 254e55fc5f6ec4eafcd0e9e35c2f2686d6316cd8 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 23 Mar 2022 14:16:50 +0100 Subject: [PATCH 1/4] 14.9.0 --- conf/gitlab.rb | 56 ++++++++++++++++++++++++++----- manifest.json | 2 +- scripts/upgrade.d/upgrade.last.sh | 16 ++++----- 3 files changed, 56 insertions(+), 18 deletions(-) diff --git a/conf/gitlab.rb b/conf/gitlab.rb index b832ba4..f810b5d 100644 --- a/conf/gitlab.rb +++ b/conf/gitlab.rb @@ -304,6 +304,14 @@ external_url '__GENERATED_EXTERNAL_URL__' # 'poll_interval': 60 # Optional # } +#### How incoming emails are delivered to Rails process. Accept either sidekiq +#### or webhook. The default config is sidekiq. +# gitlab_rails['incoming_email_delivery_method'] = "sidekiq" + +#### Token to authenticate webhook requests. The token must be exactly 32 bytes, +#### encoded with base64 +# gitlab_rails['incoming_email_auth_token'] = nil + ####! The format of mail_room crash logs # mailroom['exit_log_format'] = "plain" @@ -668,7 +676,7 @@ EOS ### For setting up different data storing directory -###! Docs: https://docs.gitlab.com/omnibus/settings/configuration.html#storing-git-data-in-an-alternative-directory +###! Docs: https://docs.gitlab.com/omnibus/settings/configuration.html#store-git-data-in-an-alternative-directory ###! **If you want to use a single non-default directory to store git data use a ###! path that doesn't contain symlinks.** # git_data_dirs({ @@ -701,6 +709,7 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__ # gitlab_rails['extra_google_tag_manager_id'] = '_your_tracking_id' # gitlab_rails['extra_one_trust_id'] = '_your_one_trust_id' # gitlab_rails['extra_google_tag_manager_nonce_id'] = '_your_google_tag_manager_id' +# gitlab_rails['extra_bizible'] = false # gitlab_rails['extra_matomo_url'] = '_your_matomo_url' # gitlab_rails['extra_matomo_site_id'] = '_your_matomo_site_id' # gitlab_rails['extra_matomo_disable_cookies'] = false @@ -1023,8 +1032,8 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__ ################################################################################ ## GitLab Puma -##! Tweak puma settings. You should only use Unicorn or Puma, not both. -##! Docs: https://docs.gitlab.com/omnibus/settings/puma.html +##! Tweak puma settings. +##! Docs: https://docs.gitlab.com/ee/administration/operations/puma.html ################################################################################ # puma['enable'] = true @@ -1497,6 +1506,7 @@ nginx['listen_https'] = false # } # nginx['proxy_cache_path'] = 'proxy_cache keys_zone=gitlab:10m max_size=1g levels=1:2' # nginx['proxy_cache'] = 'gitlab' +# nginx['proxy_custom_buffer_size'] = '4k' # nginx['http2_enabled'] = true # nginx['real_ip_trusted_addresses'] = [] # nginx['real_ip_header'] = nil @@ -1599,7 +1609,7 @@ nginx['listen_https'] = false ##! Docs: https://docs.gitlab.com/omnibus/settings/configuration.html#disable-user-and-group-account-management ################################################################################ -# manage_accounts['enable'] = false +# manage_accounts['enable'] = true ################################################################################ ## Storage directories @@ -1723,6 +1733,10 @@ nginx['listen_https'] = false # gitlab_pages['auth_secret'] = nil # Generated if not present # gitlab_pages['auth_scope'] = nil # Defaults to api, can be changed to read_api to increase security +##! GitLab Pages Server Shutdown Timeout +##! Duration ("30s" for 30 seconds) +# gitlab_pages['server_shutdown_timeout'] = "30s" + ##! GitLab API HTTP client connection timeout # gitlab_pages['gitlab_client_http_timeout'] = "10s" @@ -1773,15 +1787,26 @@ nginx['listen_https'] = false ##! enable `FF_ENABLE_RATE_LIMITER=true` environment variable to ##! reject requests. -##! Rate limit per source IP in number of requests per second, 0 means is disabled +##! Rate limits as described in https://docs.gitlab.com/ee/administration/pages/#rate-limits + +##! Rate limit HTTP requests per second from a single IP, 0 means is disabled # gitlab_pages['rate_limit_source_ip'] = 50.0 -##! Rate limit per source IP maximum burst allowed per second +##! Rate limit HTTP requests from a single IP, maximum burst allowed per second # gitlab_pages['rate_limit_source_ip_burst'] = 600 -##! Rate limit per domain name in number of requests per second, 0 means is disabled +##! Rate limit HTTP requests per second to a single domain, 0 means is disabled # gitlab_pages['rate_limit_domain'] = 0 -##! Rate limit per domain name maximum burst allowed per second +##! Rate limit HTTP requests to a single domain, maximum burst allowed per second # gitlab_pages['rate_limit_domain_burst'] = 10000 +##! Rate limit new TLS connections per second from a single IP, 0 means is disabled +# gitlab_pages['rate_limit_tls_source_ip'] = 50.0 +##! Rate limit new TLS connections from a single IP, maximum burst allowed per second +# gitlab_pages['rate_limit_tls_source_ip_burst'] = 600 +##!Rate limit new TLS connections per second from to a single domain, 0 means is disabled +# gitlab_pages['rate_limit_tls_domain'] = 0 +##! Rate limit new TLS connections to a single domain, maximum burst allowed per second +# gitlab_pages['rate_limit_tls_domain_burst'] = 10000 + # gitlab_pages['env_directory'] = "/opt/gitlab/etc/gitlab-pages/env" # gitlab_pages['env'] = { # 'SSL_CERT_DIR' => "#{node['package']['install-dir']}/embedded/ssl/certs/" @@ -1860,6 +1885,9 @@ nginx['listen_https'] = false ##! Metrics configuration for GitLab KAS # gitlab_kas['metrics_usage_reporting_period'] = 60 +##! Log configuration for GitLab KAS +# gitlab_kas['log_level'] = 'info' + ##! Environment variables for GitLab KAS # gitlab_kas['env'] = { # 'SSL_CERT_DIR' => "/opt/gitlab/embedded/ssl/certs/", @@ -2049,7 +2077,7 @@ nginx['listen_https'] = false ###! **Only needed if Prometheus and Rails are not on the same server.** ### For example, in a multi-node architecture, Prometheus will be installed on the monitoring node, while Rails will be on the Rails node. ### https://docs.gitlab.com/ee/administration/monitoring/prometheus/index.html#using-an-external-prometheus-server -### This value should be the address at which Prometheus is available to GitLab Rails(Puma/Unicorn, Sidekiq) node. +### This value should be the address at which Prometheus is available to a GitLab Rails(Puma, Sidekiq) node. ################################################################################ # gitlab_rails['prometheus_address'] = 'your.prom:9090' @@ -2311,6 +2339,7 @@ nginx['listen_https'] = false # gitaly['graceful_restart_timeout'] = '1m' # Grace time for a gitaly process to finish ongoing requests # gitaly['git_catfile_cache_size'] = 100 # Number of 'git cat-file' processes kept around for re-use # gitaly['git_bin_path'] = "/opt/gitlab/embedded/bin/git" # A custom path for the 'git' executable +# gitaly['use_bundled_git'] = true # Whether to use bundled Git. # gitaly['open_files_ulimit'] = 15000 # Maximum number of open files allowed for the gitaly process # gitaly['ruby_max_rss'] = 300000000 # RSS threshold in bytes for triggering a gitaly-ruby restart # gitaly['ruby_graceful_restart_timeout'] = '10m' # Grace time for a gitaly-ruby process to finish ongoing requests @@ -2373,6 +2402,7 @@ nginx['listen_https'] = false # praefect['key_path'] = "/var/opt/gitlab/prafect/key.pem" # praefect['prometheus_listen_addr'] = "localhost:9652" # praefect['prometheus_grpc_latency_buckets'] = "[0.001, 0.005, 0.025, 0.1, 0.5, 1.0, 10.0, 30.0, 60.0, 300.0, 1500.0]" +# praefect['separate_database_metrics'] = true # praefect['logging_level'] = "warn" # praefect['logging_format'] = "json" # praefect['virtual_storages'] = { @@ -3045,6 +3075,14 @@ package['modify_kernel_parameters'] = __MODIFY_KERNEL_PARAMETERS__ # 'poll_interval': 60 # Optional # } +#### How service desk emails are delivered to Rails process. Accept either +#### sidekiq or webhook. The default config is sidekiq. +# gitlab_rails['service_desk_email_delivery_method'] = "sidekiq" + +#### Token to authenticate webhook requests. The token must be exactly 32 bytes, +#### encoded with base64 +# gitlab_rails['service_desk_email_auth_token'] = nil + ################################################################################ ## Spamcheck (EE only) ################################################################################# diff --git a/manifest.json b/manifest.json index 7b7b22f..44048e6 100644 --- a/manifest.json +++ b/manifest.json @@ -2,7 +2,7 @@ "name": "GitLab", "id": "gitlab", "packaging_format": 1, - "version": "14.8.3~ynh1", + "version": "14.9.0~ynh1", "description": { "en": "Git-repository manager providing wiki, issue-tracking and CI/CD pipeline features", "fr": "Gestionnaire de dépôts Git proposant des fonctionnalités de wiki, suivi de bugs et de pipeline CI/CD" diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh index 52d3619..41f29b9 100644 --- a/scripts/upgrade.d/upgrade.last.sh +++ b/scripts/upgrade.d/upgrade.last.sh @@ -1,17 +1,17 @@ #!/bin/bash -gitlab_version="14.8.3" +gitlab_version="14.9.0" # sha256sum found here: https://packages.gitlab.com/gitlab gitlab_debian_version="$(lsb_release -sc)" -gitlab_x86_64_bullseye_source_sha256="948adb94af48fc6100cf2d0e9015f31e02cfbbd2c0a57457e13b80ea711428ff" -gitlab_x86_64_buster_source_sha256="1f76f7e55dfc05a5bfa4db0ffac9c0ef1cb51e85ccb95e096cfb46594bc04919" +gitlab_x86_64_bullseye_source_sha256="1ee36b1e74d424f2ef7cdb7de98e5b322afea3a674e801d5fbf670f5377add63" +gitlab_x86_64_buster_source_sha256="f01412a7c385cba3ed92689f9165f0e72aa13b33d9a802f09e55336e426f4f7c" -gitlab_arm64_bullseye_source_sha256="ec0af5697f0c8607d3af9073cc605d4c29e0a6ca9458d53e7842408eb4df1369" -gitlab_arm64_buster_source_sha256="8b1fb75525b94c2670393676279860d7a64a365d1ce4e69b21bbd50579141f39" +gitlab_arm64_bullseye_source_sha256="a849ce359fda7e19adaa4302ba92a3dd566f384bb6b81f6ebc919787299ce33d" +gitlab_arm64_buster_source_sha256="e77e89ee193a13d50e0e6400f586b1ec86afc8a43e7d5e00242aa70d86ec278b" -gitlab_arm_buster_source_sha256="1bc0b92ec8bb97cf21d4437ba23c4e0568b7f60eb301f34c53f1ab620774c736" +gitlab_arm_buster_source_sha256="d913d4835c10d569c5298cc3d6bf765b0c83b6d08be6646a89a8850579456a71" architecture=$(ynh_app_setting_get --app="$app" --key=architecture) @@ -35,8 +35,8 @@ elif [ "$architecture" = "arm64" ]; then elif [ "$architecture" = "arm" ]; then # If the version for arm doesn't exist, then use an older one if [ -z "$gitlab_arm_buster_source_sha256" ]; then - gitlab_version="14.8.3" - gitlab_arm_buster_source_sha256="1bc0b92ec8bb97cf21d4437ba23c4e0568b7f60eb301f34c53f1ab620774c736" + gitlab_version="14.9.0" + gitlab_arm_buster_source_sha256="d913d4835c10d569c5298cc3d6bf765b0c83b6d08be6646a89a8850579456a71" fi gitlab_source_sha256=$gitlab_arm_buster_source_sha256 fi From ae263e2d90f8189a5cdeaba5f499aa8ef2503b67 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Wed, 23 Mar 2022 13:16:59 +0000 Subject: [PATCH 2/4] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d660a05..ce8e477 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Git-repository manager providing wiki, issue-tracking and CI/CD pipeline features -**Shipped version:** 14.8.3~ynh1 +**Shipped version:** 14.9.0~ynh1 **Demo:** https://gitlab.com/explore diff --git a/README_fr.md b/README_fr.md index fd94847..b91177d 100644 --- a/README_fr.md +++ b/README_fr.md @@ -13,7 +13,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour Gestionnaire de dépôts Git proposant des fonctionnalités de wiki, suivi de bugs et de pipeline CI/CD -**Version incluse :** 14.8.3~ynh1 +**Version incluse :** 14.9.0~ynh1 **Démo :** https://gitlab.com/explore From ca2763407972793d1958cc72b8740faaa45dd332 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Fri, 25 Mar 2022 10:10:39 +0100 Subject: [PATCH 3/4] 14.9.1 --- manifest.json | 2 +- scripts/upgrade.d/upgrade.last.sh | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/manifest.json b/manifest.json index 44048e6..ac80ae2 100644 --- a/manifest.json +++ b/manifest.json @@ -2,7 +2,7 @@ "name": "GitLab", "id": "gitlab", "packaging_format": 1, - "version": "14.9.0~ynh1", + "version": "14.9.1~ynh1", "description": { "en": "Git-repository manager providing wiki, issue-tracking and CI/CD pipeline features", "fr": "Gestionnaire de dépôts Git proposant des fonctionnalités de wiki, suivi de bugs et de pipeline CI/CD" diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh index 41f29b9..fc6f496 100644 --- a/scripts/upgrade.d/upgrade.last.sh +++ b/scripts/upgrade.d/upgrade.last.sh @@ -1,17 +1,17 @@ #!/bin/bash -gitlab_version="14.9.0" +gitlab_version="14.9.1" # sha256sum found here: https://packages.gitlab.com/gitlab gitlab_debian_version="$(lsb_release -sc)" -gitlab_x86_64_bullseye_source_sha256="1ee36b1e74d424f2ef7cdb7de98e5b322afea3a674e801d5fbf670f5377add63" -gitlab_x86_64_buster_source_sha256="f01412a7c385cba3ed92689f9165f0e72aa13b33d9a802f09e55336e426f4f7c" +gitlab_x86_64_bullseye_source_sha256="c5945ec778701ed1f29d663527929102c17527e75e0a07804c2d58ae74d0786e" +gitlab_x86_64_buster_source_sha256="d1546e23522690b3f314e1edbb165d24684dd70de2c6e075a040d02b5e48dfb2" -gitlab_arm64_bullseye_source_sha256="a849ce359fda7e19adaa4302ba92a3dd566f384bb6b81f6ebc919787299ce33d" -gitlab_arm64_buster_source_sha256="e77e89ee193a13d50e0e6400f586b1ec86afc8a43e7d5e00242aa70d86ec278b" +gitlab_arm64_bullseye_source_sha256="6e0a03d5aa85797610ca1eea24f2bbe1c974f61e04673ad00391c7dedd236ae7" +gitlab_arm64_buster_source_sha256="f883acc3fdad0cf27080a247abd94891724d452f8e75e9f1b19a07121af702b3" -gitlab_arm_buster_source_sha256="d913d4835c10d569c5298cc3d6bf765b0c83b6d08be6646a89a8850579456a71" +gitlab_arm_buster_source_sha256="c8fcc05aa2ede0556798b732dd823c8d7f8b153a7c6683cc2f619f014429679e" architecture=$(ynh_app_setting_get --app="$app" --key=architecture) @@ -35,8 +35,8 @@ elif [ "$architecture" = "arm64" ]; then elif [ "$architecture" = "arm" ]; then # If the version for arm doesn't exist, then use an older one if [ -z "$gitlab_arm_buster_source_sha256" ]; then - gitlab_version="14.9.0" - gitlab_arm_buster_source_sha256="d913d4835c10d569c5298cc3d6bf765b0c83b6d08be6646a89a8850579456a71" + gitlab_version="14.9.1" + gitlab_arm_buster_source_sha256="c8fcc05aa2ede0556798b732dd823c8d7f8b153a7c6683cc2f619f014429679e" fi gitlab_source_sha256=$gitlab_arm_buster_source_sha256 fi From f8cfc3c9e4be322c779b7023cf40fb8f76377e8b Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 25 Mar 2022 09:10:56 +0000 Subject: [PATCH 4/4] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ce8e477..8a8a05e 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Git-repository manager providing wiki, issue-tracking and CI/CD pipeline features -**Shipped version:** 14.9.0~ynh1 +**Shipped version:** 14.9.1~ynh1 **Demo:** https://gitlab.com/explore diff --git a/README_fr.md b/README_fr.md index b91177d..bb88892 100644 --- a/README_fr.md +++ b/README_fr.md @@ -13,7 +13,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour Gestionnaire de dépôts Git proposant des fonctionnalités de wiki, suivi de bugs et de pipeline CI/CD -**Version incluse :** 14.9.0~ynh1 +**Version incluse :** 14.9.1~ynh1 **Démo :** https://gitlab.com/explore