YunoHost-Apps/gitlab_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/gitlab_ynh.git synced 2024-09-03 18:36:35 +02:00
Code Issues Activity Actions

Merge pull request #138 from YunoHost-Apps/testing

Browse source 
Testing
This commit is contained in:
Kayou 2021-02-16 17:16:43 +01:00 committed by GitHub
commit a4e3ce638d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 54 additions and 166 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -12,7 +12,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to
GitLab is a web-based Git-repository manager providing wiki, issue-tracking and CI/CD pipeline features, using an open-source license, developed by GitLab Inc.
**Shipped version:** 13.7.4
**Shipped version:** 13.8.4
## Screenshots

2
README_fr.md
View file

@ -12,7 +12,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour
GitLab est un gestionnaire Web de dépôt Git fournissant des fonctionnalités de wiki, de rapports de bugs et de pipeline CI/CD. GitLab est une application open source développée par GitLab Inc.
**Version incluse :** 13.7.4
**Version incluse :** 13.8.4
## Captures d'écran

22
actions.json
View file

@ -1,26 +1,4 @@
[
{
"id": "public_private",
"name": "Move to public or private",
"command": "/bin/bash scripts/actions/public_private",
"user": "root",
"accepted_return_codes": [
0
],
"description": {
"en": "Change the public access of the app."
},
"arguments": [
{
"name": "is_public",
"type": "boolean",
"ask": {
"en": "Is it a public app ?"
},
"default": true
}
]
},
{
"id": "web_account",
"name": "External users",

34
conf/gitlab.rb
View file

@ -502,18 +502,25 @@ gitlab_rails['ldap_enabled'] = true
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS' # remember to close this block with 'EOS' below
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'LDAP'
label: 'YunoHost LDAP'
host: 'localhost'
port: 389
uid: 'uid'
encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
bind_dn: ''
encryption: 'plain' # 'start_tls' or 'simple_tls' or 'plain'
bind_dn: 'ou=users,dc=yunohost,dc=org'
password: ''
active_directory: false
allow_username_or_email_login: false
block_auto_created_users: false
base: 'ou=users,dc=yunohost,dc=org'
user_filter: ''
base: 'dc=yunohost,dc=org'
user_filter: '(&(objectClass=posixAccount)(permission=cn=gitlab.main,ou=permission,dc=yunohost,dc=org))'
timeout: 10
attributes: {
username: ['uid', 'sAMAccountName'],
name: 'cn',
first_name: 'givenName',
last_name: 'sn'
}
EOS
### Smartcard authentication settings
@ -631,6 +638,10 @@ EOS
###! Docs: https://docs.gitlab.com/ee/development/shared_files.html
# gitlab_rails['shared_path'] = '/var/opt/gitlab/gitlab-rails/shared'
### For storing encrypted configuration files
###! Docs: https://docs.gitlab.com/ee/administration/encrypted_configuration.html
# gitlab_rails['encrypted_settings_path'] = '/var/opt/gitlab/gitlab-rails/shared/encrypted_settings'
### Wait for file system to be mounted
###! Docs: https://docs.gitlab.com/omnibus/settings/configuration.html#only-start-omnibus-gitlab-services-after-a-given-filesystem-is-mounted
# high_availability['mountpoint'] = ["/var/opt/gitlab/git-data", "/var/opt/gitlab/gitlab-rails/shared"]
@ -847,6 +858,7 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__
# gitlab_workhorse['enable'] = true
# gitlab_workhorse['ha'] = false
# gitlab_workhorse['alt_document_root'] = nil
# gitlab_workhorse['listen_network'] = "unix"
# gitlab_workhorse['listen_umask'] = 000
# gitlab_workhorse['listen_addr'] = "/var/opt/gitlab/gitlab-workhorse/sockets/socket"
@ -1159,8 +1171,8 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__
# postgresql['default_statistics_target'] = 1000
### Available in PostgreSQL 9.6 and later
# postgresql['min_wal_size'] = 80MB
# postgresql['max_wal_size'] = 1GB
# postgresql['min_wal_size'] = "80MB"
# postgresql['max_wal_size'] = "1GB"
# Backup/Archive settings
# postgresql['archive_command'] = nil
@ -1498,7 +1510,7 @@ nginx['listen_https'] = false
##! { "receive" => ["fsckObjects = true"], "alias" => ["st = status", "co = checkout"] }
# omnibus_gitconfig['system'] = {
# "pack" => ["threads = 1", "useSparse = true"],
# "pack" => ["threads = 1"],
# "receive" => ["fsckObjects = true", "advertisePushOptions = true"],
# "repack" => ["writeBitmaps = true"],
# "transfer" => ["hideRefs=^refs/tmp/", "hideRefs=^refs/keep-around/", "hideRefs=^refs/remotes/"],
@ -1626,7 +1638,7 @@ nginx['listen_https'] = false
# `pages_nginx['some_setting']` and should be set separately.
# Below you can find settings that are exclusive to "GitLab Pages NGINX"
# pages_nginx['enable'] = false
# pages_nginx['enable'] = true
# gitlab_rails['pages_path'] = "/var/opt/gitlab/gitlab-rails/shared/pages"
@ -1943,6 +1955,7 @@ nginx['listen_https'] = false
# gitlab_exporter['home'] = "/var/opt/gitlab/gitlab-exporter"
##! Advanced settings. Should be changed only if absolutely needed.
# gitlab_exporter['server_name'] = 'webrick'
# gitlab_exporter['listen_address'] = 'localhost'
# gitlab_exporter['listen_port'] = '9168'
@ -2176,6 +2189,7 @@ nginx['listen_https'] = false
# letsencrypt['auto_renew_hour'] = 0
# letsencrypt['auto_renew_minute'] = nil # Should be a number or cron expression, if specified.
# letsencrypt['auto_renew_day_of_month'] = "*/4"
# letsencrypt['auto_renew_log_directory'] = '/var/log/gitlab/lets-encrypt'
##! Turn off automatic init system detection. To skip init detection in
##! non-docker containers. Recommended not to change.
@ -2212,7 +2226,7 @@ nginx['listen_https'] = false
# gitlab_rails['historical_data_worker_cron'] = "0 12 * * *"
# gitlab_rails['pseudonymizer_worker_cron'] = "0 23 * * *"
# gitlab_rails['elastic_index_bulk_cron'] = "*/1 * * * *"
# gitlab_rails['analytics_devops_adoption_create_all_snapshots_worker_cron'] = "0 0 1 * *"
# gitlab_rails['analytics_devops_adoption_create_all_snapshots_worker_cron'] = "0 4 * * *"
################################################################################
## Kerberos (EE Only)

4
conf/nginx.conf
View file

@ -1,5 +1,5 @@
location __PATH__/ {
# Adapted from https://gitlab.com/gitlab-org/gitlab-recipes/blob/master/web-server/nginx/gitlab-omnibus-ssl-nginx.conf
# Adapted from https://gitlab.com/gitlab-org/gitlab-foss/-/blob/master/lib/support/nginx/gitlab-ssl
client_max_body_size __CLIENT_MAX_BODY_SIZE__;
gzip off;
@ -19,6 +19,8 @@ location __PATH__/ {
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;

14
config_panel.json
View file

@ -6,20 +6,6 @@
"name": "GitLab configuration",
"id": "main",
"sections": [
{
"name": "Public access",
"id": "is_public",
"options": [
{
"name": "is_public",
"ask": {
"en": "Is it a public app ?"
},
"type": "boolean",
"default": true
}
]
},
{
"name": "Overwriting config files",
"id": "overwrite_files",

4
manifest.json
View file

@ -2,7 +2,7 @@
"name": "GitLab",
"id": "gitlab",
"packaging_format": 1,
"version": "13.7.4~ynh1",
"version": "13.8.4~ynh1",
"description": {
"en": "Git-repository manager.",
"fr": "Gestionnaire de dépôts Git."
@ -14,7 +14,7 @@
"email": "pierre@kayou.io"
},
"requirements": {
"yunohost": ">= 4.0.8"
"yunohost": ">= 4.1.5"
},
"multi_instance": false,
"services": [

74
scripts/actions/public_private
View file

@ -1,74 +0,0 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
# Get is_public
is_public=${YNH_ACTION_IS_PUBLIC}
app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID}
#=================================================
# CHECK IF ARGUMENTS ARE CORRECT
#=================================================
#=================================================
# CHECK IF AN ACTION HAS TO BE DONE
#=================================================
is_public_old=$(ynh_app_setting_get --app=$app --key=is_public)
if [ $is_public -eq $is_public_old ]
then
ynh_die "is_public is already set as $is_public." 0
fi
#=================================================
# SPECIFIC ACTION
#=================================================
# MOVE TO PUBLIC OR PRIVATE
#=================================================
if [ $is_public -eq 0 ]; then
public_private="private"
else
public_private="public"
fi
ynh_script_progression --message=--message="Moving the application to $public_private..." --weight=1
# Make app public if necessary
if [ $is_public -eq 0 ]; then
ynh_app_setting_delete $app unprotected_uris
else
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
fi
ynh_script_progression --message=--message="Reconfiguring SSOwat..." --weight=1
# Regen ssowat configuration
yunohost app ssowatconf
# Update the config of the app
ynh_app_setting_set --app=$app --key=is_public --value=$is_public
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message=--message="Reloading nginx web server..." --weight=1
ynh_systemd_action --action=reload --service_name=nginx
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Execution completed" --last

2
scripts/change_url
View file

@ -127,7 +127,7 @@ gitlab-ctl reconfigure
#=================================================
ynh_script_progression --message="Waiting for GitLab..." --weight=15
ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on tcp://127.0.0.1:$portPuma" --timeout=300
ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on http://127.0.0.1:$portPuma" --timeout=300
#=================================================
# GENERIC FINALISATION

9
scripts/config
View file

@ -25,10 +25,6 @@ app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID}
# If the form has a value for a variable, take the value from the form,
# Otherwise, keep the value from the app config.
# is_public
old_is_public="$(ynh_app_setting_get --app=$app --key=is_public)"
is_public="${YNH_CONFIG_MAIN_IS_PUBLIC_IS_PUBLIC:-$old_is_public}"
# Overwrite nginx configuration
old_overwrite_nginx="$(ynh_app_setting_get --app=$app --key=overwrite_nginx)"
overwrite_nginx="${YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX:-$old_overwrite_nginx}"
@ -45,8 +41,6 @@ show_config() {
# here you are supposed to read some config file/database/other then print the values
# echo "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value"
ynh_return "YNH_CONFIG_MAIN_IS_PUBLIC_IS_PUBLIC=$is_public"
ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX=$overwrite_nginx"
ynh_return "YNH_CONFIG_MAIN_USERS_USE_WEB_ACCOUNT=$use_web_account"
@ -57,9 +51,6 @@ show_config() {
#=================================================
apply_config() {
# Change public accessibility
yunohost app action run $app public_private --args is_public=$is_public
# Change use_web_account
yunohost app action run $app web_account --args use_web_account=$use_web_account

6
scripts/install
View file

@ -69,7 +69,6 @@ ynh_script_progression --message="Storing installation settings..." --weight=2
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=is_public --value=$is_public
ynh_app_setting_set --app=$app --key=use_web_account --value=$use_web_account
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
ynh_app_setting_set --app=$app --key=config_path --value=$config_path
@ -243,8 +242,7 @@ ynh_script_progression --message="Configuring SSOwat..." --weight=1
# Make app public if necessary
if [ $is_public -eq 1 ]; then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
@ -259,7 +257,7 @@ ynh_systemd_action --action=reload --service_name=nginx
#=================================================
ynh_script_progression --message="Restarting GitLab..." --weight=15
ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on tcp://127.0.0.1:$portPuma" --timeout=300
ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on http://127.0.0.1:$portPuma" --timeout=300
#=================================================
# END OF SCRIPT

2
scripts/restore
View file

@ -152,7 +152,7 @@ yunohost service add "gitlab-runsvdir" --log "/var/log/$app/gitlab-rails/applica
#=================================================
ynh_script_progression --message="Waiting for GitLab..." --weight=14
ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on tcp://127.0.0.1:$portPuma" --timeout=300
ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on http://127.0.0.1:$portPuma" --timeout=300
#=================================================
# CHECK THE RESTORED DATA

22
scripts/upgrade
View file

@ -41,13 +41,9 @@ upgrade_type=$(ynh_check_app_version_changed)
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set --app=$app --key=is_public --value=1
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set --app=$app --key=is_public --value=0
is_public=0
# Delete is_public if it exists
if [ ! -z $is_public ]; then
ynh_app_setting_delete --app=$app --key=is_public
fi
# If final_path doesn't exist, create it
@ -330,16 +326,6 @@ fi
yunohost service add "gitlab-runsvdir" --log "/var/log/$app/gitlab-rails/application.log" "/var/log/$app/gitlab-rails/api_json.log" "/var/log/$app/gitlab-rails/production.log" "/var/log/$app/gitlab-rails/production_json.log" "/var/log/$app/gitlab-rails/sidekiq.log" "/var/log/$app/puma/puma_stderr.log" "/var/log/$app/puma/current" "/var/log/$app/alertmanager/current" "/var/log/$app/gitaly/current" "/var/log/$app/gitlab-monitor/current" "/var/log/$app/gitlab-shell/gitlab-shell.log" "/var/log/$app/gitlab-workhorse/current" "/var/log/$app/logrotate/current" "/var/log/$app/nginx/current" "/var/log/$app/nginx/access.log" "/var/log/$app/nginx/error.log" "/var/log/$app/nginx/gitlab_access.log" "/var/log/$app/nginx/gitlab_error.log" "/var/log/$app/node-exporter/current" "/var/log/$app/postgres-exporter/current" "/var/log/$app/postgresql/current" "/var/log/$app/prometheus/current" "/var/log/$app/redis/current" "/var/log/$app/redis-exporter/current"
#=================================================
# SETUP SSOWAT
#=================================================
# If app is public, add url to SSOWat conf as skipped_uris
if [ $is_public -eq 1 ]; then
# See install script
ynh_app_setting_set --app="$app" --key=unprotected_uris --value="/"
fi
#=================================================
# WAITING GITLAB
#=================================================
@ -348,7 +334,7 @@ if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Restarting GitLab..." --weight=15
ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on tcp://127.0.0.1:$portPuma" --timeout=300
ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on http://127.0.0.1:$portPuma" --timeout=300
fi
#=================================================

6
scripts/upgrade.d/upgrade.last.sh
View file

@ -1,13 +1,13 @@
#!/bin/bash
gitlab_version="13.7.4"
gitlab_version="13.8.4"
# sha256sum found here: https://packages.gitlab.com/gitlab
gitlab_debian_version="buster"
gitlab_x86_64_buster_source_sha256="73341390775bdece7e084b7c76833338e9c00a26e849ac483db74dd279bcf9b0"
gitlab_x86_64_buster_source_sha256="571297ac5765ee2cbd513d7cb083b81a69a077c8db61fee4bd266f79815692b8"
gitlab_arm_buster_source_sha256="21070aa0f991ec88f4149765ce1273c6a44cb8c3a91f301e27b3142235f75394"
gitlab_arm_buster_source_sha256="849d0de1857618e19d6fca1f7a24be18cb09d14c4a163c5af71b06477cab2f29"
architecture=$(ynh_app_setting_get --app="$app" --key=architecture)

17
upgrade-versions.sh
View file

@ -82,18 +82,25 @@ from_file '/etc/gitlab/gitlab-persistent.rb'"
ldap_conf="
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS' # remember to close this block with 'EOS' below
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'LDAP'
label: 'YunoHost LDAP'
host: 'localhost'
port: 389
uid: 'uid'
encryption: 'plain' # \"start_tls\" or \"simple_tls\" or \"plain\"
bind_dn: ''
encryption: 'plain' # 'start_tls' or 'simple_tls' or 'plain'
bind_dn: 'ou=users,dc=yunohost,dc=org'
password: ''
active_directory: false
allow_username_or_email_login: false
block_auto_created_users: false
base: 'ou=users,dc=yunohost,dc=org'
user_filter: ''
base: 'dc=yunohost,dc=org'
user_filter: '(&(objectClass=posixAccount)(permission=cn=gitlab.main,ou=permission,dc=yunohost,dc=org))'
timeout: 10
attributes: {
username: ['uid', 'sAMAccountName'],
name: 'cn',
first_name: 'givenName',
last_name: 'sn'
}
EOS"
# Add ldap conf