2024-09-03 18:36:35 +02:00 · 2020-05-23 01:04:34 +02:00 · 2020-05-23 01:04:34 +02:00 · ea67cf647f
commit ea67cf647f
parent 55bf883a06
9 changed files with 128 additions and 123 deletions
--- a/README.md
+++ b/README.md
@ -10,7 +10,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to

 GitLab is a web-based Git-repository manager providing wiki, issue-tracking and CI/CD pipeline features, using an open-source license, developed by GitLab Inc.

-**Shipped version:** 12.10.3
+**Shipped version:** 13.0.0

 ## Screenshots

--- a/conf/gitlab.rb
+++ b/conf/gitlab.rb
@ -48,7 +48,8 @@ external_url '__GENERATED_EXTERNAL_URL__'
 ## Roles for multi-instance GitLab
 ##! The default is to have no roles enabled, which results in GitLab running as an all-in-one instance.
 ##! Options:
-##!   redis_sentinel_role redis_master_role redis_slave_role geo_primary_role geo_secondary_role
+##!   redis_sentinel_role redis_master_role redis_replica_role geo_primary_role geo_secondary_role
+##!   postgres_role consul_role application_role monitoring_role
 ##! For more details on each role, see:
 ##! https://docs.gitlab.com/omnibus/roles/README.html#roles
 ##!
@ -238,6 +239,8 @@ external_url '__GENERATED_EXTERNAL_URL__'
 # gitlab_rails['incoming_email_idle_timeout'] = 60
 ####! The file name for internal `mail_room` JSON logfile
 # gitlab_rails['incoming_email_log_file'] = "/var/log/gitlab/mailroom/mail_room_json.log"
+####! Permanently remove messages from the mailbox when they are deleted after delivery
+# gitlab_rails['incoming_email_expunge_deleted'] = false

 ####! The format of mail_room crash logs
 # mailroom['exit_log_format'] = "plain"
@ -557,13 +560,6 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__
 #   'bantime' => 3600
 # }

-# Prioritize the Admin Area protected paths throttle settings over the
-# deprecated Omnibus-managed protected paths throttle. This allows you to keep
-# gitlab_rails['rack_attack_git_basic_auth'] enabled to run the Git and
-# container registry failed authentication ban.
-# See https://gitlab.com/gitlab-org/gitlab/issues/37093
-# gitlab_rails['rack_attack_admin_area_protected_paths_enabled'] = true
-
 ###! **We do not recommend changing these directories.**
 # gitlab_rails['dir'] = "/var/opt/gitlab/gitlab-rails"
 # gitlab_rails['log_directory'] = "/var/log/gitlab/gitlab-rails"
@ -753,6 +749,12 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__
 # gitlab_rails['sentry_clientside_dsn'] = 'https://<key>@sentry.io/<project>'
 # gitlab_rails['sentry_environment'] = 'production'

+################################################################################
+## CI_JOB_JWT
+################################################################################
+##! RSA private key used to sign CI_JOB_JWT
+# gitlab_rails['ci_jwt_signing_key'] = nil # Will be generated if not set.
+
 ################################################################################
 ## GitLab Workhorse
 ##! Docs: https://gitlab.com/gitlab-org/gitlab-workhorse/blob/master/README.md
@ -825,15 +827,15 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__
 ##! Docs: https://docs.gitlab.com/omnibus/settings/unicorn.html
 ################################################################################

-# unicorn['enable'] = true
+unicorn['enable'] = false
 # unicorn['worker_timeout'] = 60
 ###! Minimum worker_processes is 2 at this moment
 ###! See https://gitlab.com/gitlab-org/gitlab-foss/issues/18771
-unicorn['worker_processes'] = __UNICORN_WORKER_PROCESSES__
+# unicorn['worker_processes'] = 2

 ### Advanced settings
 # unicorn['listen'] = 'localhost'
-unicorn['port'] = __UNICORN_PORT__
+# unicorn['port'] = 8080
 # unicorn['socket'] = '/var/opt/gitlab/gitlab-rails/sockets/gitlab.socket'
 # unicorn['pidfile'] = '/opt/gitlab/var/unicorn/unicorn.pid'
 # unicorn['tcp_nopush'] = true
@ -861,16 +863,16 @@ unicorn['port'] = __UNICORN_PORT__
 ##! Docs: https://docs.gitlab.com/omnibus/settings/puma.html
 ################################################################################

-# puma['enable'] = false
+puma['enable'] = true
 # puma['ha'] = false
 # puma['worker_timeout'] = 60
-# puma['worker_processes'] = 2
-# puma['min_threads'] = 4
-# puma['max_threads'] = 4
+puma['worker_processes'] = __PUMA_WORKER_PROCESSES__
+puma['min_threads'] = __PUMA_MIN_THREADS__
+puma['max_threads'] = __PUMA_MAX_THREADS__

 ### Advanced settings
 # puma['listen'] = '127.0.0.1'
-# puma['port'] = 8080
+puma['port'] = __PUMA_PORT__
 # puma['socket'] = '/var/opt/gitlab/gitlab-rails/sockets/gitlab.socket'
 # puma['pidfile'] = '/opt/gitlab/var/puma/puma.pid'
 # puma['state_path'] = '/opt/gitlab/var/puma/puma.state'
@ -890,25 +892,35 @@ unicorn['port'] = __UNICORN_PORT__
 ## GitLab Sidekiq
 ################################################################################

+##! GitLab allows one to start multiple sidekiq processes. These
+##! processes can be used to consume a dedicated set of queues. This
+##! can be used to ensure certain queues are able to handle additional workload.
+##! https://docs.gitlab.com/ee/administration/operations/extra_sidekiq_processes.html
+
 # sidekiq['log_directory'] = "/var/log/gitlab/sidekiq"
 # sidekiq['log_format'] = "json"
 # sidekiq['shutdown_timeout'] = 4
-# sidekiq['concurrency'] = 25
+# sidekiq['cluster'] = true
+# sidekiq['experimental_queue_selector'] = false
+# sidekiq['interval'] = nil
+# sidekiq['max_concurrency'] = 50
+# sidekiq['min_concurrency'] = nil
+
+##! Each entry in the queue_groups array denotes a group of queues that have to be processed by a
+##! Sidekiq process. Multiple queues can be processed by the same process by
+##! separating them with a comma within the group entry, a `*` will process all queues
+
+# sidekiq['queue_groups'] = ['*']
+
+##! If negate is enabled then sidekiq-cluster will process all the queues that
+##! don't match those in queue_groups.
+
+# sidekiq['negate'] = false
+
 # sidekiq['metrics_enabled'] = true
 # sidekiq['listen_address'] = "localhost"
 sidekiq['listen_port'] = __SIDEKIQ_PORT__

-### Experimental Sidekiq Cluster settings
-###! These settings allow starting `sidekiq-cluster` instead of sidekiq.
-###! Docs: https://docs.gitlab.com/ee/administration/operations/extra_sidekiq_processes.html#using-sidekiq-cluster-by-default-experimental
-# sidekiq['cluster'] = false
-# sidekiq['experimental_queue_selector'] = false
-# sidekiq['interval'] = nil
-# sidekiq['max_concurrency'] = nil
-# sidekiq['min_concurrency'] = nil
-# sidekiq['negate'] = false
-# sidekiq['queue_groups'] = ['*']
-
 ################################################################################
 ## gitlab-shell
 ################################################################################
@ -985,7 +997,7 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__
 # postgresql['hot_standby'] = "off"

 ### SSL settings
-# See https://www.postgresql.org/docs/9.6/static/runtime-config-connection.html#GUC-SSL-CERT-FILE for more details
+# See https://www.postgresql.org/docs/11/static/runtime-config-connection.html#GUC-SSL-CERT-FILE for more details
 # postgresql['ssl'] = 'on'
 # postgresql['ssl_ciphers'] = 'HIGH:MEDIUM:+3DES:!aNULL:!SSLv3:!TLSv1'
 # postgresql['ssl_cert_file'] = 'server.crt'
@ -1067,7 +1079,7 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__
 #     }
 #   ]
 # }
-# See https://www.postgresql.org/docs/9.6/static/auth-pg-hba-conf.html for an explanation
+# See https://www.postgresql.org/docs/11/static/auth-pg-hba-conf.html for an explanation
 # of the values

 ### Version settings
@ -1108,11 +1120,11 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__
 #

 ###! **To enable only Redis service in this machine, uncomment
-###!   one of the lines below (choose master or slave instance types).**
+###!   one of the lines below (choose master or replica instance types).**
 ###! Docs: https://docs.gitlab.com/omnibus/settings/redis.html
 ###!       https://docs.gitlab.com/ee/administration/high_availability/redis.html
 # redis_master_role['enable'] = true
-# redis_slave_role['enable'] = true
+# redis_replica_role['enable'] = true

 ### Redis TCP support (will disable UNIX socket transport)
 # redis['bind'] = '0.0.0.0' # or specify an IP to bind to a single one
@ -1120,35 +1132,35 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__
 # redis['password'] = 'redis-password-goes-here'

 ### Redis Sentinel support
-###! **You need a master slave Redis replication to be able to do failover**
+###! **You need a master replica Redis replication to be able to do failover**
 ###! **Please read the documentation before enabling it to understand the
 ###!   caveats:**
 ###! Docs: https://docs.gitlab.com/ee/administration/high_availability/redis.html

 ### Replication support
-#### Slave Redis instance
+#### Replica Redis instance
 # redis['master'] = false # by default this is true

-#### Slave and Sentinel shared configuration
+#### Replica and Sentinel shared configuration
 ####! **Both need to point to the master Redis instance to get replication and
 ####!   heartbeat monitoring**
 # redis['master_name'] = 'gitlab-redis'
 # redis['master_ip'] = nil
 # redis['master_port'] = 6379

-#### Support to run redis slaves in a Docker or NAT environment
+#### Support to run redis replicas in a Docker or NAT environment
 ####! Docs: https://redis.io/topics/replication#configuring-replication-in-docker-and-nat
 # redis['announce_ip'] = nil
 # redis['announce_port'] = nil

 ####! **Master password should have the same value defined in
 ####!   redis['password'] to enable the instance to transition to/from
-####!   master/slave in a failover event.**
+####!   master/replica in a failover event.**
 # redis['master_password'] = 'redis-password-goes-here'

-####! Increase these values when your slaves can't catch up with master
+####! Increase these values when your replicas can't catch up with master
 # redis['client_output_buffer_limit_normal'] = '0 0 0'
-# redis['client_output_buffer_limit_slave'] = '256mb 64mb 60'
+# redis['client_output_buffer_limit_replica'] = '256mb 64mb 60'
 # redis['client_output_buffer_limit_pubsub'] = '32mb 8mb 60'

 #####! Redis snapshotting frequency
@ -1266,7 +1278,7 @@ nginx['listen_https'] = false
 # nginx['log_directory'] = "/var/log/gitlab/nginx"
 # nginx['worker_processes'] = 4
 # nginx['worker_connections'] = 10240
-# nginx['log_format'] = '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"'
+# nginx['log_format'] = '$remote_addr - $remote_user [$time_local] "$request_method $filtered_request_uri $server_protocol" $status $body_bytes_sent "$filtered_http_referer" "$http_user_agent" $gzip_ratio'
 # nginx['sendfile'] = 'on'
 # nginx['tcp_nopush'] = 'on'
 # nginx['tcp_nodelay'] = 'on'
@ -1274,7 +1286,7 @@ nginx['listen_https'] = false
 # nginx['gzip_http_version'] = "1.0"
 # nginx['gzip_comp_level'] = "2"
 # nginx['gzip_proxied'] = "any"
-# nginx['gzip_types'] = [ "text/plain", "text/css", "application/x-javascript", "text/xml", "application/xml", "application/xml+rss", "text/javascript", "application/json" ]
+# nginx['gzip_types'] = [ "text/html", "text/plain", "text/css", "application/x-javascript", "text/xml", "application/xml", "application/xml+rss", "text/javascript", "application/json" ]
 # nginx['keepalive_timeout'] = 65
 # nginx['cache_max_size'] = '5000m'
 # nginx['server_names_hash_bucket_size'] = 64
@ -1456,6 +1468,7 @@ nginx['listen_https'] = false
 # gitlab_pages['gitlab_secret'] = nil # Generated if not present
 # gitlab_pages['auth_redirect_uri'] = nil # Defaults to projects subdomain of pages_external_url and + '/auth'
 # gitlab_pages['gitlab_server'] = nil # Defaults to external_url
+# gitlab_pages['internal_gitlab_server'] = nil # defaults to gitlab_server, can be changed to internal load balancer
 # gitlab_pages['auth_secret'] = nil # Generated if not present

 ##! GitLab API HTTP client connection timeout
@ -1788,6 +1801,7 @@ nginx['listen_https'] = false
 # grafana['metrics_enabled'] = false
 # grafana['metrics_basic_auth_username'] = 'grafana_metrics' # default: nil
 # grafana['metrics_basic_auth_password'] = 'please_set_a_unique_password' # default: nil
+# grafana['alerting_enabled'] = false

 ### Dashboards
 #
@ -1842,7 +1856,12 @@ nginx['listen_https'] = false
 # gitaly['env_directory'] = "/opt/gitlab/etc/gitaly/env"
 # gitaly['env'] = {
 #  'PATH' => "/opt/gitlab/bin:/opt/gitlab/embedded/bin:/bin:/usr/bin",
-#  'HOME' => '/var/opt/gitlab'
+#  'HOME' => '/var/opt/gitlab',
+#  'TZ' => ':/etc/localtime',
+#  'PYTHONPATH' => "/opt/gitlab/embedded/lib/python3.7/site-packages",
+#  'ICU_DATA' => "/opt/gitlab/embedded/share/icu/current",
+#  'SSL_CERT_DIR' => "/opt/gitlab/embedded/ssl/certs/",
+#  'WRAPPER_JSON_LOGGING' => true
 # }

 ##! internal_socket_dir is the directory that will contain internal gitaly sockets,
@ -1887,6 +1906,15 @@ nginx['listen_https'] = false
 ################################################################################

 # praefect['enable'] = false
+# praefect['dir'] = "/var/opt/gitlab/praefect"
+# praefect['log_directory'] = "/var/log/gitlab/praefect"
+# praefect['env_directory'] = "/opt/gitlab/etc/praefect/env"
+# praefect['env'] = {
+#  'SSL_CERT_DIR' => "/opt/gitlab/embedded/ssl/certs/",
+#  'GITALY_PID_FILE' => "/var/opt/gitlab/praefect/praefect.pid",
+#  'WRAPPER_JSON_LOGGING' => true
+# }
+# praefect['wrapper_path'] = "/opt/gitlab/embedded/bin/gitaly-wrapper"
 # praefect['virtual_storage_name'] = "praefect"
 # praefect['failover_enabled'] = false
 # praefect['failover_election_strategy'] = 'local'
@ -2104,52 +2132,21 @@ nginx['listen_https'] = false
 ##!   already tried against the same master by a given Sentinel, is two
 ##!   times the failover timeout.
 ##!
-##! - The time needed for a slave replicating to a wrong master according
+##! - The time needed for a replica replicating to a wrong master according
 ##!   to a Sentinel current configuration, to be forced to replicate
 ##!   with the right master, is exactly the failover timeout (counting since
 ##!   the moment a Sentinel detected the misconfiguration).
 ##!
 ##! - The time needed to cancel a failover that is already in progress but
-##!   did not produced any configuration change (SLAVEOF NO ONE yet not
-##!   acknowledged by the promoted slave).
+##!   did not produced any configuration change (REPLICAOF NO ONE yet not
+##!   acknowledged by the promoted replica).
 ##!
-##! - The maximum time a failover in progress waits for all the slaves to be
-##!   reconfigured as slaves of the new master. However even after this time
-##!   the slaves will be reconfigured by the Sentinels anyway, but not with
+##! - The maximum time a failover in progress waits for all the replicas to be
+##!   reconfigured as replicas of the new master. However even after this time
+##!   the replicas will be reconfigured by the Sentinels anyway, but not with
 ##!   the exact parallel-syncs progression as specified.
 # sentinel['failover_timeout'] = 60000

-################################################################################
-## GitLab Sidekiq Cluster (EE only)
-################################################################################
-
-##! GitLab Enterprise Edition allows one to start an extra set of Sidekiq processes
-##! besides the default one. These processes can be used to consume a dedicated set
-##! of queues. This can be used to ensure certain queues always have dedicated
-##! workers, no matter the amount of jobs that need to be processed.
-
-# sidekiq_cluster['enable'] = false
-# sidekiq_cluster['ha'] = false
-# sidekiq_cluster['log_directory'] = "/var/log/gitlab/sidekiq-cluster"
-# sidekiq_cluster['interval'] = 5 # The number of seconds to wait between worker checks
-# sidekiq_cluster['max_concurrency'] = 50 # The maximum number of threads each Sidekiq process should run
-# sidekiq_cluster['min_concurrency'] = 0 # The minimum number of threads each Sidekiq process should run
-
-##! Each entry in the queue_groups array denotes a group of queues that have to be processed by a
-##! Sidekiq process. Multiple queues can be processed by the same process by
-##! separating them with a comma within the group entry
-
-# sidekiq_cluster['queue_groups'] = [
-#   "process_commit,post_receive",
-#   "gitlab_shell"
-# ]
-#
-
-##! If negate is enabled then sidekiq-cluster will process all the queues that
-##! don't match those in queue_groups.
-
-# sidekiq_cluster['negate'] = false
-
 ################################################################################
 ## Additional Database Settings (EE only)
 ##! Docs: https://docs.gitlab.com/ee/administration/database_load_balancing.html
@ -2161,7 +2158,7 @@ nginx['listen_https'] = false
 ##! Docs: https://docs.gitlab.com/ee/gitlab-geo
 ################################################################################
 ##! Geo roles 'geo_primary_role' and 'geo_secondary_role' are set above with
-##! other roles. For more information, see: https://docs.gitlab.com/omnibus/roles/README.html#roles. 
+##! other roles. For more information, see: https://docs.gitlab.com/omnibus/roles/README.html#roles.

 # This is an optional identifier which Geo nodes can use to identify themselves.
 # For example, if external_url is the same for two secondaries, you must specify
@ -2209,7 +2206,9 @@ nginx['listen_https'] = false

 ################################################################################
 ## Unleash
-##! Docs: https://docs.gitlab.com/ee/user/project/operations/feature_flags.html
+##! These settings are for GitLab internal use.
+##! They are used to control feature flags during GitLab development.
+##! Docs: https://docs.gitlab.com/ee/development/feature_flags
 ################################################################################
 # gitlab_rails['feature_flags_unleash_enabled'] = false
 # gitlab_rails['feature_flags_unleash_url'] = nil
--- a/manifest.json
+++ b/manifest.json
@ -2,7 +2,7 @@
    "name": "Gitlab",
    "id": "gitlab",
    "packaging_format": 1,
-    "version": "12.10.3~ynh2",
+    "version": "13.0.0~ynh1",
    "description": {
        "en": "Git-repository manager.",
        "fr": "Gestionnaire de dépôts Git."
@ -38,8 +38,8 @@
                    "en": "Choose a path for gitlab",
                    "fr": "Choisissez un chemin pour gitlab"
                },
-                "example": "/",
-                "default": "/"
+                "example": "/gitlab",
+                "default": "/gitlab"
            },
            {
                "name": "admin",
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -4,7 +4,7 @@
 # SET ALL CONSTANTS
 #=================================================

-pkg_dependencies="openssh-server bc"
+pkg_dependencies="openssh-server"

 #=================================================
 # EXPERIMENTAL HELPERS
--- a/scripts/backup
+++ b/scripts/backup
@ -28,7 +28,6 @@ ynh_script_progression --message="Loading installation settings..." --weight=1

 app=$YNH_APP_INSTANCE_NAME

-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 config_path=$(ynh_app_setting_get --app=$app --key=config_path)
 domain=$(ynh_app_setting_get --app=$app --key=domain)

@ -46,7 +45,7 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 ynh_script_progression --message="Backuping of Gitlab..." --weight=9

-# Use gitlab-rake to backup
+# Use gitlab-backup to backup
 # For the complete doc: https://docs.gitlab.com/ce/raketasks/backup_restore.html
 # For the filename: https://docs.gitlab.com/ce/raketasks/backup_restore.html#backup-filename
 gitlab-backup create BACKUP=last
--- a/scripts/change_url
+++ b/scripts/change_url
@ -27,12 +27,13 @@ app=$YNH_APP_INSTANCE_NAME
 ynh_script_progression --message="Loading installation settings..." --weight=1

 # Needed for helper "ynh_add_nginx_config"
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 config_path=$(ynh_app_setting_get --app=$app --key=config_path)
 port=$(ynh_app_setting_get --app="$app" --key=web_port)
-portUnicorn=$(ynh_app_setting_get --app="$app" --key=unicorn_port)
+portPuma=$(ynh_app_setting_get --app="$app" --key=puma_port)
 portSidekiq=$(ynh_app_setting_get --app="$app" --key=sidekiq_port)
-unicorn_worker_processes=$(ynh_app_setting_get --app="$app" --key=unicorn_worker_processes)
+puma_worker_processes=$(ynh_app_setting_get --app="$app" --key=puma_worker_processes)
+puma_min_threads=$(ynh_app_setting_get --app="$app" --key=puma_min_threads)
+puma_max_threads=$(ynh_app_setting_get --app="$app" --key=puma_max_threads)
 client_max_body_size=$(ynh_app_setting_get --app="$app" --key=client_max_body_size)

 #=================================================
@ -63,7 +64,7 @@ if [ $change_path -eq 1 ]; then

 	#doc in: https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab

-	gitlab-ctl stop unicorn
+	gitlab-ctl stop puma
 	gitlab-ctl stop sidekiq

 	# Make a backup of the original nginx config file if modified
@ -105,8 +106,10 @@ path_url="$new_path"

 ynh_replace_string --match_string="__GENERATED_EXTERNAL_URL__" --replace_string="https://$domain${path_url%/}" --target_file="$config_path/gitlab.rb"
 ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config_path/gitlab.rb"
-ynh_replace_string --match_string="__UNICORN_PORT__" --replace_string="$portUnicorn" --target_file="$config_path/gitlab.rb"
-ynh_replace_string --match_string="__UNICORN_WORKER_PROCESSES__" --replace_string="$unicorn_worker_processes" --target_file="$config_path/gitlab.rb"
+ynh_replace_string --match_string="__PUMA_PORT__" --replace_string="$portPuma" --target_file="$config_path/gitlab.rb"
+ynh_replace_string --match_string="__PUMA_WORKER_PROCESSES__" --replace_string="$puma_worker_processes" --target_file="$config_path/gitlab.rb"
+ynh_replace_string --match_string="__PUMA_MIN_THREADS__" --replace_string="$puma_min_threads" --target_file="$config_path/gitlab.rb"
+ynh_replace_string --match_string="__PUMA_MAX_THREADS__" --replace_string="$puma_max_threads" --target_file="$config_path/gitlab.rb"
 ynh_replace_string --match_string="__CLIENT_MAX_BODY_SIZE__" --replace_string="$client_max_body_size" --target_file="$config_path/gitlab.rb"
 ynh_replace_string --match_string="__SSH_PORT__" --replace_string="$ssh_port" --target_file="$config_path/gitlab.rb"
 ynh_replace_string --match_string="__SIDEKIQ_PORT__" --replace_string="$portSidekiq" --target_file="$config_path/gitlab.rb"
@ -124,7 +127,7 @@ gitlab-ctl reconfigure
 #=================================================
 ynh_script_progression --message="Waiting for gitlab..." --weight=15

-ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/unicorn/current" --line_match="adopted" --timeout=300
+ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on tcp://127.0.0.1:$portPuma" --timeout=300

 #=================================================
 # GENERIC FINALISATION
--- a/scripts/install
+++ b/scripts/install
@ -85,11 +85,11 @@ ynh_script_progression --message="Find internal port..." --weight=1

 # Find free ports
 port=$(ynh_find_port --port=8080)
-portUnicorn=$(ynh_find_port --port=$(($port + 1)))
-portSidekiq=$(ynh_find_port --port=$(($portUnicorn + 1)))
+portPuma=$(ynh_find_port --port=$(($port + 1)))
+portSidekiq=$(ynh_find_port --port=$(($portPuma + 1)))

 ynh_app_setting_set --app=$app --key=web_port --value=$port
-ynh_app_setting_set --app=$app --key=unicorn_port --value=$portUnicorn
+ynh_app_setting_set --app=$app --key=puma_port --value=$portPuma
 ynh_app_setting_set --app=$app --key=sidekiq_port --value=$portSidekiq

 #=================================================
@ -103,19 +103,21 @@ ynh_install_app_dependencies $pkg_dependencies
 # DEFINE THE NUMBER OF WORKERS USED
 #=================================================

-# https://docs.gitlab.com/ce/install/requirements.html#unicorn-workers
-unicorn_worker_processes=$(bc <<< "($(nproc) * 1.5 + 1) / 1")
+#https://docs.gitlab.com/ce/install/requirements.html#puma-workers
+puma_worker_processes=$(( $(nproc) > 2 ? $(nproc) : 2 ))

-# If the server has at least 2GB of RAM
-if [ $(ynh_check_ram --no_swap) -ge 2000 ]; then
-	# Min 3 worker processes
-	unicorn_worker_processes=$(($unicorn_worker_processes>3?$unicorn_worker_processes:3))
+# If the server has less than 2GB of RAM
+if [ $(ynh_check_ram --no_swap) -lt 2000 ]; then
+	puma_min_threads=1
+	puma_max_threads=1
 else
-	# 2 worker processes
-	unicorn_worker_processes=2
+	puma_min_threads=2
+	puma_max_threads=4
 fi

-ynh_app_setting_set --app=$app --key=unicorn_worker_processes --value=$unicorn_worker_processes
+ynh_app_setting_set --app=$app --key=puma_workers --value=$puma_worker_processes
+ynh_app_setting_set --app=$app --key=puma_max_threads --value=$puma_max_threads
+ynh_app_setting_set --app=$app --key=puma_min_threads --value=$puma_min_threads

 #=================================================
 # ADD SWAP IF NEEDED
@ -136,8 +138,10 @@ if [ $(($total_swap + $swap_needed)) -lt 2048 ]; then
 	swap_needed=$((2048 - $total_swap))
 fi

-ynh_script_progression --message="Adding $swap_needed Mo to swap..." --weight=1
-ynh_add_swap --size=$swap_needed
+if [ $swap_needed -gt 0 ]; then
+	ynh_script_progression --message="Adding $swap_needed Mo to swap..."
+	ynh_add_swap --size=$swap_needed
+fi

 #=================================================
 # PRECONFIGURE GITLAB
@ -154,8 +158,10 @@ ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+")

 ynh_replace_string --match_string="__GENERATED_EXTERNAL_URL__" --replace_string="https://$domain${path_url%/}" --target_file="$config_path/gitlab.rb"
 ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config_path/gitlab.rb"
-ynh_replace_string --match_string="__UNICORN_PORT__" --replace_string="$portUnicorn" --target_file="$config_path/gitlab.rb"
-ynh_replace_string --match_string="__UNICORN_WORKER_PROCESSES__" --replace_string="$unicorn_worker_processes" --target_file="$config_path/gitlab.rb"
+ynh_replace_string --match_string="__PUMA_PORT__" --replace_string="$portPuma" --target_file="$config_path/gitlab.rb"
+ynh_replace_string --match_string="__PUMA_WORKER_PROCESSES__" --replace_string="$puma_worker_processes" --target_file="$config_path/gitlab.rb"
+ynh_replace_string --match_string="__PUMA_MIN_THREADS__" --replace_string="$puma_min_threads" --target_file="$config_path/gitlab.rb"
+ynh_replace_string --match_string="__PUMA_MAX_THREADS__" --replace_string="$puma_max_threads" --target_file="$config_path/gitlab.rb"
 ynh_replace_string --match_string="__CLIENT_MAX_BODY_SIZE__" --replace_string="$client_max_body_size" --target_file="$config_path/gitlab.rb"
 ynh_replace_string --match_string="__SSH_PORT__" --replace_string="$ssh_port" --target_file="$config_path/gitlab.rb"
 ynh_replace_string --match_string="__SIDEKIQ_PORT__" --replace_string="$portSidekiq" --target_file="$config_path/gitlab.rb"
@ -231,7 +237,7 @@ gitlab-ctl reconfigure
 # ADVERTISE SERVICE IN ADMIN PANEL
 #=================================================

-yunohost service add "gitlab-runsvdir" --log "/var/log/$app/gitlab-rails/application.log" "/var/log/$app/gitlab-rails/api_json.log" "/var/log/$app/gitlab-rails/production.log" "/var/log/$app/gitlab-rails/production_json.log" "/var/log/$app/gitlab-rails/sidekiq.log" "/var/log/$app/unicorn/unicorn_stderr.log" "/var/log/$app/unicorn/current" "/var/log/$app/alertmanager/current" "/var/log/$app/gitaly/current" "/var/log/$app/gitlab-monitor/current" "/var/log/$app/gitlab-shell/gitlab-shell.log" "/var/log/$app/gitlab-workhorse/current" "/var/log/$app/logrotate/current" "/var/log/$app/nginx/current" "/var/log/$app/nginx/access.log" "/var/log/$app/nginx/error.log" "/var/log/$app/nginx/gitlab_access.log" "/var/log/$app/nginx/gitlab_error.log" "/var/log/$app/node-exporter/current" "/var/log/$app/postgres-exporter/current" "/var/log/$app/postgresql/current" "/var/log/$app/prometheus/current" "/var/log/$app/redis/current" "/var/log/$app/redis-exporter/current"
+yunohost service add "gitlab-runsvdir" --log "/var/log/$app/gitlab-rails/application.log" "/var/log/$app/gitlab-rails/api_json.log" "/var/log/$app/gitlab-rails/production.log" "/var/log/$app/gitlab-rails/production_json.log" "/var/log/$app/gitlab-rails/sidekiq.log" "/var/log/$app/puma/puma_stderr.log" "/var/log/$app/puma/current" "/var/log/$app/alertmanager/current" "/var/log/$app/gitaly/current" "/var/log/$app/gitlab-monitor/current" "/var/log/$app/gitlab-shell/gitlab-shell.log" "/var/log/$app/gitlab-workhorse/current" "/var/log/$app/logrotate/current" "/var/log/$app/nginx/current" "/var/log/$app/nginx/access.log" "/var/log/$app/nginx/error.log" "/var/log/$app/nginx/gitlab_access.log" "/var/log/$app/nginx/gitlab_error.log" "/var/log/$app/node-exporter/current" "/var/log/$app/postgres-exporter/current" "/var/log/$app/postgresql/current" "/var/log/$app/prometheus/current" "/var/log/$app/redis/current" "/var/log/$app/redis-exporter/current"

 #=================================================
 # SETUP SSOWAT
@ -256,7 +262,7 @@ ynh_systemd_action --action=reload --service_name=nginx
 #=================================================
 ynh_script_progression --message="Restarting gitlab..." --weight=15

-ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/unicorn/current" --line_match="adopted" --timeout=300
+ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on tcp://127.0.0.1:$portPuma" --timeout=300

 #=================================================
 # END OF SCRIPT
--- a/scripts/remove
+++ b/scripts/remove
@ -16,9 +16,8 @@ ynh_script_progression --message="Loading installation settings..." --weight=2

 app=$YNH_APP_INSTANCE_NAME

-domain=$(ynh_app_setting_get --app="$app" --key=domain)
 port=$(ynh_app_setting_get --app="$app" --key=web_port)
-portUnicorn=$(ynh_app_setting_get --app="$app" --key=unicorn_port)
+portPuma=$(ynh_app_setting_get --app="$app" --key=puma_port)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 config_path=$(ynh_app_setting_get --app=$app --key=config_path)

@ -84,9 +83,9 @@ if yunohost firewall list | grep -q "\- $port$"; then
 	ynh_exec_warn_less yunohost firewall disallow TCP $port
 fi

-if yunohost firewall list | grep -q "\- $portUnicorn$"; then
-	ynh_script_progression --message="Closing port $portUnicorn" --weight=1
-	ynh_exec_warn_less yunohost firewall disallow TCP $portUnicorn
+if yunohost firewall list | grep -q "\- $portPuma$"; then
+	ynh_script_progression --message="Closing port $portPuma" --weight=1
+	ynh_exec_warn_less yunohost firewall disallow TCP $portPuma
 fi

 #=================================================
--- a/scripts/restore
+++ b/scripts/restore
@ -33,8 +33,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain)
 path_url=$(ynh_app_setting_get --app=$app --key=path)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 config_path=$(ynh_app_setting_get --app=$app --key=config_path)
-port=$(ynh_app_setting_get --app="$app" --key=web_port)
-portUnicorn=$(ynh_app_setting_get --app="$app" --key=unicorn_port)
+portPuma=$(ynh_app_setting_get --app="$app" --key=puma_port)
 architecture=$(ynh_app_setting_get --app="$app" --key=architecture)

 #=================================================
@ -133,7 +132,7 @@ ynh_restore_file --origin_path="/var/opt/$app/backups/last_gitlab_backup.tar"

 last_backup="last"

-gitlab-ctl stop unicorn
+gitlab-ctl stop puma
 gitlab-ctl stop sidekiq

 # Use gitlab-rake to backup
@ -151,14 +150,14 @@ fi
 # ADVERTISE SERVICE IN ADMIN PANEL
 #=================================================

-yunohost service add "gitlab-runsvdir" --log "/var/log/$app/gitlab-rails/application.log" "/var/log/$app/gitlab-rails/api_json.log" "/var/log/$app/gitlab-rails/production.log" "/var/log/$app/gitlab-rails/production_json.log" "/var/log/$app/gitlab-rails/sidekiq.log" "/var/log/$app/unicorn/unicorn_stderr.log" "/var/log/$app/unicorn/current" "/var/log/$app/alertmanager/current" "/var/log/$app/gitaly/current" "/var/log/$app/gitlab-monitor/current" "/var/log/$app/gitlab-shell/gitlab-shell.log" "/var/log/$app/gitlab-workhorse/current" "/var/log/$app/logrotate/current" "/var/log/$app/nginx/current" "/var/log/$app/nginx/access.log" "/var/log/$app/nginx/error.log" "/var/log/$app/nginx/gitlab_access.log" "/var/log/$app/nginx/gitlab_error.log" "/var/log/$app/node-exporter/current" "/var/log/$app/postgres-exporter/current" "/var/log/$app/postgresql/current" "/var/log/$app/prometheus/current" "/var/log/$app/redis/current" "/var/log/$app/redis-exporter/current"
+yunohost service add "gitlab-runsvdir" --log "/var/log/$app/gitlab-rails/application.log" "/var/log/$app/gitlab-rails/api_json.log" "/var/log/$app/gitlab-rails/production.log" "/var/log/$app/gitlab-rails/production_json.log" "/var/log/$app/gitlab-rails/sidekiq.log" "/var/log/$app/puma/puma_stderr.log" "/var/log/$app/puma/current" "/var/log/$app/alertmanager/current" "/var/log/$app/gitaly/current" "/var/log/$app/gitlab-monitor/current" "/var/log/$app/gitlab-shell/gitlab-shell.log" "/var/log/$app/gitlab-workhorse/current" "/var/log/$app/logrotate/current" "/var/log/$app/nginx/current" "/var/log/$app/nginx/access.log" "/var/log/$app/nginx/error.log" "/var/log/$app/nginx/gitlab_access.log" "/var/log/$app/nginx/gitlab_error.log" "/var/log/$app/node-exporter/current" "/var/log/$app/postgres-exporter/current" "/var/log/$app/postgresql/current" "/var/log/$app/prometheus/current" "/var/log/$app/redis/current" "/var/log/$app/redis-exporter/current"

 #=================================================
 # WAITING GITLAB
 #=================================================
 ynh_script_progression --message="Waiting for gitlab..." --weight=14

-ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/unicorn/current" --line_match="adopted" --timeout=300
+ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on tcp://127.0.0.1:$portPuma" --timeout=300

 #=================================================
 # CHECK THE RESTORED DATA