diff --git a/README.md b/README.md index 3419ec6..56bdaee 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to GitLab is a web-based Git-repository manager providing wiki, issue-tracking and CI/CD pipeline features, using an open-source license, developed by GitLab Inc. -**Shipped version:** 12.10.3 +**Shipped version:** 13.0.0 ## Screenshots diff --git a/conf/gitlab.rb b/conf/gitlab.rb index 129e484..520295e 100644 --- a/conf/gitlab.rb +++ b/conf/gitlab.rb @@ -48,7 +48,8 @@ external_url '__GENERATED_EXTERNAL_URL__' ## Roles for multi-instance GitLab ##! The default is to have no roles enabled, which results in GitLab running as an all-in-one instance. ##! Options: -##! redis_sentinel_role redis_master_role redis_slave_role geo_primary_role geo_secondary_role +##! redis_sentinel_role redis_master_role redis_replica_role geo_primary_role geo_secondary_role +##! postgres_role consul_role application_role monitoring_role ##! For more details on each role, see: ##! https://docs.gitlab.com/omnibus/roles/README.html#roles ##! @@ -238,6 +239,8 @@ external_url '__GENERATED_EXTERNAL_URL__' # gitlab_rails['incoming_email_idle_timeout'] = 60 ####! The file name for internal `mail_room` JSON logfile # gitlab_rails['incoming_email_log_file'] = "/var/log/gitlab/mailroom/mail_room_json.log" +####! Permanently remove messages from the mailbox when they are deleted after delivery +# gitlab_rails['incoming_email_expunge_deleted'] = false ####! The format of mail_room crash logs # mailroom['exit_log_format'] = "plain" @@ -557,13 +560,6 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__ # 'bantime' => 3600 # } -# Prioritize the Admin Area protected paths throttle settings over the -# deprecated Omnibus-managed protected paths throttle. This allows you to keep -# gitlab_rails['rack_attack_git_basic_auth'] enabled to run the Git and -# container registry failed authentication ban. -# See https://gitlab.com/gitlab-org/gitlab/issues/37093 -# gitlab_rails['rack_attack_admin_area_protected_paths_enabled'] = true - ###! **We do not recommend changing these directories.** # gitlab_rails['dir'] = "/var/opt/gitlab/gitlab-rails" # gitlab_rails['log_directory'] = "/var/log/gitlab/gitlab-rails" @@ -753,6 +749,12 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__ # gitlab_rails['sentry_clientside_dsn'] = 'https://@sentry.io/' # gitlab_rails['sentry_environment'] = 'production' +################################################################################ +## CI_JOB_JWT +################################################################################ +##! RSA private key used to sign CI_JOB_JWT +# gitlab_rails['ci_jwt_signing_key'] = nil # Will be generated if not set. + ################################################################################ ## GitLab Workhorse ##! Docs: https://gitlab.com/gitlab-org/gitlab-workhorse/blob/master/README.md @@ -825,15 +827,15 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__ ##! Docs: https://docs.gitlab.com/omnibus/settings/unicorn.html ################################################################################ -# unicorn['enable'] = true +unicorn['enable'] = false # unicorn['worker_timeout'] = 60 ###! Minimum worker_processes is 2 at this moment ###! See https://gitlab.com/gitlab-org/gitlab-foss/issues/18771 -unicorn['worker_processes'] = __UNICORN_WORKER_PROCESSES__ +# unicorn['worker_processes'] = 2 ### Advanced settings # unicorn['listen'] = 'localhost' -unicorn['port'] = __UNICORN_PORT__ +# unicorn['port'] = 8080 # unicorn['socket'] = '/var/opt/gitlab/gitlab-rails/sockets/gitlab.socket' # unicorn['pidfile'] = '/opt/gitlab/var/unicorn/unicorn.pid' # unicorn['tcp_nopush'] = true @@ -861,16 +863,16 @@ unicorn['port'] = __UNICORN_PORT__ ##! Docs: https://docs.gitlab.com/omnibus/settings/puma.html ################################################################################ -# puma['enable'] = false +puma['enable'] = true # puma['ha'] = false # puma['worker_timeout'] = 60 -# puma['worker_processes'] = 2 -# puma['min_threads'] = 4 -# puma['max_threads'] = 4 +puma['worker_processes'] = __PUMA_WORKER_PROCESSES__ +puma['min_threads'] = __PUMA_MIN_THREADS__ +puma['max_threads'] = __PUMA_MAX_THREADS__ ### Advanced settings # puma['listen'] = '127.0.0.1' -# puma['port'] = 8080 +puma['port'] = __PUMA_PORT__ # puma['socket'] = '/var/opt/gitlab/gitlab-rails/sockets/gitlab.socket' # puma['pidfile'] = '/opt/gitlab/var/puma/puma.pid' # puma['state_path'] = '/opt/gitlab/var/puma/puma.state' @@ -890,25 +892,35 @@ unicorn['port'] = __UNICORN_PORT__ ## GitLab Sidekiq ################################################################################ +##! GitLab allows one to start multiple sidekiq processes. These +##! processes can be used to consume a dedicated set of queues. This +##! can be used to ensure certain queues are able to handle additional workload. +##! https://docs.gitlab.com/ee/administration/operations/extra_sidekiq_processes.html + # sidekiq['log_directory'] = "/var/log/gitlab/sidekiq" # sidekiq['log_format'] = "json" # sidekiq['shutdown_timeout'] = 4 -# sidekiq['concurrency'] = 25 +# sidekiq['cluster'] = true +# sidekiq['experimental_queue_selector'] = false +# sidekiq['interval'] = nil +# sidekiq['max_concurrency'] = 50 +# sidekiq['min_concurrency'] = nil + +##! Each entry in the queue_groups array denotes a group of queues that have to be processed by a +##! Sidekiq process. Multiple queues can be processed by the same process by +##! separating them with a comma within the group entry, a `*` will process all queues + +# sidekiq['queue_groups'] = ['*'] + +##! If negate is enabled then sidekiq-cluster will process all the queues that +##! don't match those in queue_groups. + +# sidekiq['negate'] = false + # sidekiq['metrics_enabled'] = true # sidekiq['listen_address'] = "localhost" sidekiq['listen_port'] = __SIDEKIQ_PORT__ -### Experimental Sidekiq Cluster settings -###! These settings allow starting `sidekiq-cluster` instead of sidekiq. -###! Docs: https://docs.gitlab.com/ee/administration/operations/extra_sidekiq_processes.html#using-sidekiq-cluster-by-default-experimental -# sidekiq['cluster'] = false -# sidekiq['experimental_queue_selector'] = false -# sidekiq['interval'] = nil -# sidekiq['max_concurrency'] = nil -# sidekiq['min_concurrency'] = nil -# sidekiq['negate'] = false -# sidekiq['queue_groups'] = ['*'] - ################################################################################ ## gitlab-shell ################################################################################ @@ -985,7 +997,7 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__ # postgresql['hot_standby'] = "off" ### SSL settings -# See https://www.postgresql.org/docs/9.6/static/runtime-config-connection.html#GUC-SSL-CERT-FILE for more details +# See https://www.postgresql.org/docs/11/static/runtime-config-connection.html#GUC-SSL-CERT-FILE for more details # postgresql['ssl'] = 'on' # postgresql['ssl_ciphers'] = 'HIGH:MEDIUM:+3DES:!aNULL:!SSLv3:!TLSv1' # postgresql['ssl_cert_file'] = 'server.crt' @@ -1067,7 +1079,7 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__ # } # ] # } -# See https://www.postgresql.org/docs/9.6/static/auth-pg-hba-conf.html for an explanation +# See https://www.postgresql.org/docs/11/static/auth-pg-hba-conf.html for an explanation # of the values ### Version settings @@ -1108,11 +1120,11 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__ # ###! **To enable only Redis service in this machine, uncomment -###! one of the lines below (choose master or slave instance types).** +###! one of the lines below (choose master or replica instance types).** ###! Docs: https://docs.gitlab.com/omnibus/settings/redis.html ###! https://docs.gitlab.com/ee/administration/high_availability/redis.html # redis_master_role['enable'] = true -# redis_slave_role['enable'] = true +# redis_replica_role['enable'] = true ### Redis TCP support (will disable UNIX socket transport) # redis['bind'] = '0.0.0.0' # or specify an IP to bind to a single one @@ -1120,35 +1132,35 @@ sidekiq['listen_port'] = __SIDEKIQ_PORT__ # redis['password'] = 'redis-password-goes-here' ### Redis Sentinel support -###! **You need a master slave Redis replication to be able to do failover** +###! **You need a master replica Redis replication to be able to do failover** ###! **Please read the documentation before enabling it to understand the ###! caveats:** ###! Docs: https://docs.gitlab.com/ee/administration/high_availability/redis.html ### Replication support -#### Slave Redis instance +#### Replica Redis instance # redis['master'] = false # by default this is true -#### Slave and Sentinel shared configuration +#### Replica and Sentinel shared configuration ####! **Both need to point to the master Redis instance to get replication and ####! heartbeat monitoring** # redis['master_name'] = 'gitlab-redis' # redis['master_ip'] = nil # redis['master_port'] = 6379 -#### Support to run redis slaves in a Docker or NAT environment +#### Support to run redis replicas in a Docker or NAT environment ####! Docs: https://redis.io/topics/replication#configuring-replication-in-docker-and-nat # redis['announce_ip'] = nil # redis['announce_port'] = nil ####! **Master password should have the same value defined in ####! redis['password'] to enable the instance to transition to/from -####! master/slave in a failover event.** +####! master/replica in a failover event.** # redis['master_password'] = 'redis-password-goes-here' -####! Increase these values when your slaves can't catch up with master +####! Increase these values when your replicas can't catch up with master # redis['client_output_buffer_limit_normal'] = '0 0 0' -# redis['client_output_buffer_limit_slave'] = '256mb 64mb 60' +# redis['client_output_buffer_limit_replica'] = '256mb 64mb 60' # redis['client_output_buffer_limit_pubsub'] = '32mb 8mb 60' #####! Redis snapshotting frequency @@ -1266,7 +1278,7 @@ nginx['listen_https'] = false # nginx['log_directory'] = "/var/log/gitlab/nginx" # nginx['worker_processes'] = 4 # nginx['worker_connections'] = 10240 -# nginx['log_format'] = '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"' +# nginx['log_format'] = '$remote_addr - $remote_user [$time_local] "$request_method $filtered_request_uri $server_protocol" $status $body_bytes_sent "$filtered_http_referer" "$http_user_agent" $gzip_ratio' # nginx['sendfile'] = 'on' # nginx['tcp_nopush'] = 'on' # nginx['tcp_nodelay'] = 'on' @@ -1274,7 +1286,7 @@ nginx['listen_https'] = false # nginx['gzip_http_version'] = "1.0" # nginx['gzip_comp_level'] = "2" # nginx['gzip_proxied'] = "any" -# nginx['gzip_types'] = [ "text/plain", "text/css", "application/x-javascript", "text/xml", "application/xml", "application/xml+rss", "text/javascript", "application/json" ] +# nginx['gzip_types'] = [ "text/html", "text/plain", "text/css", "application/x-javascript", "text/xml", "application/xml", "application/xml+rss", "text/javascript", "application/json" ] # nginx['keepalive_timeout'] = 65 # nginx['cache_max_size'] = '5000m' # nginx['server_names_hash_bucket_size'] = 64 @@ -1456,6 +1468,7 @@ nginx['listen_https'] = false # gitlab_pages['gitlab_secret'] = nil # Generated if not present # gitlab_pages['auth_redirect_uri'] = nil # Defaults to projects subdomain of pages_external_url and + '/auth' # gitlab_pages['gitlab_server'] = nil # Defaults to external_url +# gitlab_pages['internal_gitlab_server'] = nil # defaults to gitlab_server, can be changed to internal load balancer # gitlab_pages['auth_secret'] = nil # Generated if not present ##! GitLab API HTTP client connection timeout @@ -1788,6 +1801,7 @@ nginx['listen_https'] = false # grafana['metrics_enabled'] = false # grafana['metrics_basic_auth_username'] = 'grafana_metrics' # default: nil # grafana['metrics_basic_auth_password'] = 'please_set_a_unique_password' # default: nil +# grafana['alerting_enabled'] = false ### Dashboards # @@ -1842,7 +1856,12 @@ nginx['listen_https'] = false # gitaly['env_directory'] = "/opt/gitlab/etc/gitaly/env" # gitaly['env'] = { # 'PATH' => "/opt/gitlab/bin:/opt/gitlab/embedded/bin:/bin:/usr/bin", -# 'HOME' => '/var/opt/gitlab' +# 'HOME' => '/var/opt/gitlab', +# 'TZ' => ':/etc/localtime', +# 'PYTHONPATH' => "/opt/gitlab/embedded/lib/python3.7/site-packages", +# 'ICU_DATA' => "/opt/gitlab/embedded/share/icu/current", +# 'SSL_CERT_DIR' => "/opt/gitlab/embedded/ssl/certs/", +# 'WRAPPER_JSON_LOGGING' => true # } ##! internal_socket_dir is the directory that will contain internal gitaly sockets, @@ -1887,6 +1906,15 @@ nginx['listen_https'] = false ################################################################################ # praefect['enable'] = false +# praefect['dir'] = "/var/opt/gitlab/praefect" +# praefect['log_directory'] = "/var/log/gitlab/praefect" +# praefect['env_directory'] = "/opt/gitlab/etc/praefect/env" +# praefect['env'] = { +# 'SSL_CERT_DIR' => "/opt/gitlab/embedded/ssl/certs/", +# 'GITALY_PID_FILE' => "/var/opt/gitlab/praefect/praefect.pid", +# 'WRAPPER_JSON_LOGGING' => true +# } +# praefect['wrapper_path'] = "/opt/gitlab/embedded/bin/gitaly-wrapper" # praefect['virtual_storage_name'] = "praefect" # praefect['failover_enabled'] = false # praefect['failover_election_strategy'] = 'local' @@ -2104,52 +2132,21 @@ nginx['listen_https'] = false ##! already tried against the same master by a given Sentinel, is two ##! times the failover timeout. ##! -##! - The time needed for a slave replicating to a wrong master according +##! - The time needed for a replica replicating to a wrong master according ##! to a Sentinel current configuration, to be forced to replicate ##! with the right master, is exactly the failover timeout (counting since ##! the moment a Sentinel detected the misconfiguration). ##! ##! - The time needed to cancel a failover that is already in progress but -##! did not produced any configuration change (SLAVEOF NO ONE yet not -##! acknowledged by the promoted slave). +##! did not produced any configuration change (REPLICAOF NO ONE yet not +##! acknowledged by the promoted replica). ##! -##! - The maximum time a failover in progress waits for all the slaves to be -##! reconfigured as slaves of the new master. However even after this time -##! the slaves will be reconfigured by the Sentinels anyway, but not with +##! - The maximum time a failover in progress waits for all the replicas to be +##! reconfigured as replicas of the new master. However even after this time +##! the replicas will be reconfigured by the Sentinels anyway, but not with ##! the exact parallel-syncs progression as specified. # sentinel['failover_timeout'] = 60000 -################################################################################ -## GitLab Sidekiq Cluster (EE only) -################################################################################ - -##! GitLab Enterprise Edition allows one to start an extra set of Sidekiq processes -##! besides the default one. These processes can be used to consume a dedicated set -##! of queues. This can be used to ensure certain queues always have dedicated -##! workers, no matter the amount of jobs that need to be processed. - -# sidekiq_cluster['enable'] = false -# sidekiq_cluster['ha'] = false -# sidekiq_cluster['log_directory'] = "/var/log/gitlab/sidekiq-cluster" -# sidekiq_cluster['interval'] = 5 # The number of seconds to wait between worker checks -# sidekiq_cluster['max_concurrency'] = 50 # The maximum number of threads each Sidekiq process should run -# sidekiq_cluster['min_concurrency'] = 0 # The minimum number of threads each Sidekiq process should run - -##! Each entry in the queue_groups array denotes a group of queues that have to be processed by a -##! Sidekiq process. Multiple queues can be processed by the same process by -##! separating them with a comma within the group entry - -# sidekiq_cluster['queue_groups'] = [ -# "process_commit,post_receive", -# "gitlab_shell" -# ] -# - -##! If negate is enabled then sidekiq-cluster will process all the queues that -##! don't match those in queue_groups. - -# sidekiq_cluster['negate'] = false - ################################################################################ ## Additional Database Settings (EE only) ##! Docs: https://docs.gitlab.com/ee/administration/database_load_balancing.html @@ -2161,7 +2158,7 @@ nginx['listen_https'] = false ##! Docs: https://docs.gitlab.com/ee/gitlab-geo ################################################################################ ##! Geo roles 'geo_primary_role' and 'geo_secondary_role' are set above with -##! other roles. For more information, see: https://docs.gitlab.com/omnibus/roles/README.html#roles. +##! other roles. For more information, see: https://docs.gitlab.com/omnibus/roles/README.html#roles. # This is an optional identifier which Geo nodes can use to identify themselves. # For example, if external_url is the same for two secondaries, you must specify @@ -2209,7 +2206,9 @@ nginx['listen_https'] = false ################################################################################ ## Unleash -##! Docs: https://docs.gitlab.com/ee/user/project/operations/feature_flags.html +##! These settings are for GitLab internal use. +##! They are used to control feature flags during GitLab development. +##! Docs: https://docs.gitlab.com/ee/development/feature_flags ################################################################################ # gitlab_rails['feature_flags_unleash_enabled'] = false # gitlab_rails['feature_flags_unleash_url'] = nil diff --git a/manifest.json b/manifest.json index ba01a3b..20feff5 100644 --- a/manifest.json +++ b/manifest.json @@ -2,7 +2,7 @@ "name": "Gitlab", "id": "gitlab", "packaging_format": 1, - "version": "12.10.3~ynh2", + "version": "13.0.0~ynh1", "description": { "en": "Git-repository manager.", "fr": "Gestionnaire de dépôts Git." @@ -38,8 +38,8 @@ "en": "Choose a path for gitlab", "fr": "Choisissez un chemin pour gitlab" }, - "example": "/", - "default": "/" + "example": "/gitlab", + "default": "/gitlab" }, { "name": "admin", diff --git a/scripts/_common.sh b/scripts/_common.sh index a7ba0f4..3bf74f9 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,7 +4,7 @@ # SET ALL CONSTANTS #================================================= -pkg_dependencies="openssh-server bc" +pkg_dependencies="openssh-server" #================================================= # EXPERIMENTAL HELPERS diff --git a/scripts/backup b/scripts/backup index 895d95e..32523cb 100644 --- a/scripts/backup +++ b/scripts/backup @@ -28,7 +28,6 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get --app=$app --key=final_path) config_path=$(ynh_app_setting_get --app=$app --key=config_path) domain=$(ynh_app_setting_get --app=$app --key=domain) @@ -46,7 +45,7 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= ynh_script_progression --message="Backuping of Gitlab..." --weight=9 -# Use gitlab-rake to backup +# Use gitlab-backup to backup # For the complete doc: https://docs.gitlab.com/ce/raketasks/backup_restore.html # For the filename: https://docs.gitlab.com/ce/raketasks/backup_restore.html#backup-filename gitlab-backup create BACKUP=last diff --git a/scripts/change_url b/scripts/change_url index b30f1e3..80c4f41 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -27,12 +27,13 @@ app=$YNH_APP_INSTANCE_NAME ynh_script_progression --message="Loading installation settings..." --weight=1 # Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) config_path=$(ynh_app_setting_get --app=$app --key=config_path) port=$(ynh_app_setting_get --app="$app" --key=web_port) -portUnicorn=$(ynh_app_setting_get --app="$app" --key=unicorn_port) +portPuma=$(ynh_app_setting_get --app="$app" --key=puma_port) portSidekiq=$(ynh_app_setting_get --app="$app" --key=sidekiq_port) -unicorn_worker_processes=$(ynh_app_setting_get --app="$app" --key=unicorn_worker_processes) +puma_worker_processes=$(ynh_app_setting_get --app="$app" --key=puma_worker_processes) +puma_min_threads=$(ynh_app_setting_get --app="$app" --key=puma_min_threads) +puma_max_threads=$(ynh_app_setting_get --app="$app" --key=puma_max_threads) client_max_body_size=$(ynh_app_setting_get --app="$app" --key=client_max_body_size) #================================================= @@ -63,7 +64,7 @@ if [ $change_path -eq 1 ]; then #doc in: https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab - gitlab-ctl stop unicorn + gitlab-ctl stop puma gitlab-ctl stop sidekiq # Make a backup of the original nginx config file if modified @@ -105,8 +106,10 @@ path_url="$new_path" ynh_replace_string --match_string="__GENERATED_EXTERNAL_URL__" --replace_string="https://$domain${path_url%/}" --target_file="$config_path/gitlab.rb" ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config_path/gitlab.rb" -ynh_replace_string --match_string="__UNICORN_PORT__" --replace_string="$portUnicorn" --target_file="$config_path/gitlab.rb" -ynh_replace_string --match_string="__UNICORN_WORKER_PROCESSES__" --replace_string="$unicorn_worker_processes" --target_file="$config_path/gitlab.rb" +ynh_replace_string --match_string="__PUMA_PORT__" --replace_string="$portPuma" --target_file="$config_path/gitlab.rb" +ynh_replace_string --match_string="__PUMA_WORKER_PROCESSES__" --replace_string="$puma_worker_processes" --target_file="$config_path/gitlab.rb" +ynh_replace_string --match_string="__PUMA_MIN_THREADS__" --replace_string="$puma_min_threads" --target_file="$config_path/gitlab.rb" +ynh_replace_string --match_string="__PUMA_MAX_THREADS__" --replace_string="$puma_max_threads" --target_file="$config_path/gitlab.rb" ynh_replace_string --match_string="__CLIENT_MAX_BODY_SIZE__" --replace_string="$client_max_body_size" --target_file="$config_path/gitlab.rb" ynh_replace_string --match_string="__SSH_PORT__" --replace_string="$ssh_port" --target_file="$config_path/gitlab.rb" ynh_replace_string --match_string="__SIDEKIQ_PORT__" --replace_string="$portSidekiq" --target_file="$config_path/gitlab.rb" @@ -124,7 +127,7 @@ gitlab-ctl reconfigure #================================================= ynh_script_progression --message="Waiting for gitlab..." --weight=15 -ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/unicorn/current" --line_match="adopted" --timeout=300 +ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on tcp://127.0.0.1:$portPuma" --timeout=300 #================================================= # GENERIC FINALISATION diff --git a/scripts/install b/scripts/install index 5d59fc5..ae14bb8 100644 --- a/scripts/install +++ b/scripts/install @@ -85,11 +85,11 @@ ynh_script_progression --message="Find internal port..." --weight=1 # Find free ports port=$(ynh_find_port --port=8080) -portUnicorn=$(ynh_find_port --port=$(($port + 1))) -portSidekiq=$(ynh_find_port --port=$(($portUnicorn + 1))) +portPuma=$(ynh_find_port --port=$(($port + 1))) +portSidekiq=$(ynh_find_port --port=$(($portPuma + 1))) ynh_app_setting_set --app=$app --key=web_port --value=$port -ynh_app_setting_set --app=$app --key=unicorn_port --value=$portUnicorn +ynh_app_setting_set --app=$app --key=puma_port --value=$portPuma ynh_app_setting_set --app=$app --key=sidekiq_port --value=$portSidekiq #================================================= @@ -103,19 +103,21 @@ ynh_install_app_dependencies $pkg_dependencies # DEFINE THE NUMBER OF WORKERS USED #================================================= -# https://docs.gitlab.com/ce/install/requirements.html#unicorn-workers -unicorn_worker_processes=$(bc <<< "($(nproc) * 1.5 + 1) / 1") +#https://docs.gitlab.com/ce/install/requirements.html#puma-workers +puma_worker_processes=$(( $(nproc) > 2 ? $(nproc) : 2 )) -# If the server has at least 2GB of RAM -if [ $(ynh_check_ram --no_swap) -ge 2000 ]; then - # Min 3 worker processes - unicorn_worker_processes=$(($unicorn_worker_processes>3?$unicorn_worker_processes:3)) +# If the server has less than 2GB of RAM +if [ $(ynh_check_ram --no_swap) -lt 2000 ]; then + puma_min_threads=1 + puma_max_threads=1 else - # 2 worker processes - unicorn_worker_processes=2 + puma_min_threads=2 + puma_max_threads=4 fi -ynh_app_setting_set --app=$app --key=unicorn_worker_processes --value=$unicorn_worker_processes +ynh_app_setting_set --app=$app --key=puma_workers --value=$puma_worker_processes +ynh_app_setting_set --app=$app --key=puma_max_threads --value=$puma_max_threads +ynh_app_setting_set --app=$app --key=puma_min_threads --value=$puma_min_threads #================================================= # ADD SWAP IF NEEDED @@ -136,8 +138,10 @@ if [ $(($total_swap + $swap_needed)) -lt 2048 ]; then swap_needed=$((2048 - $total_swap)) fi -ynh_script_progression --message="Adding $swap_needed Mo to swap..." --weight=1 -ynh_add_swap --size=$swap_needed +if [ $swap_needed -gt 0 ]; then + ynh_script_progression --message="Adding $swap_needed Mo to swap..." + ynh_add_swap --size=$swap_needed +fi #================================================= # PRECONFIGURE GITLAB @@ -154,8 +158,10 @@ ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+") ynh_replace_string --match_string="__GENERATED_EXTERNAL_URL__" --replace_string="https://$domain${path_url%/}" --target_file="$config_path/gitlab.rb" ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config_path/gitlab.rb" -ynh_replace_string --match_string="__UNICORN_PORT__" --replace_string="$portUnicorn" --target_file="$config_path/gitlab.rb" -ynh_replace_string --match_string="__UNICORN_WORKER_PROCESSES__" --replace_string="$unicorn_worker_processes" --target_file="$config_path/gitlab.rb" +ynh_replace_string --match_string="__PUMA_PORT__" --replace_string="$portPuma" --target_file="$config_path/gitlab.rb" +ynh_replace_string --match_string="__PUMA_WORKER_PROCESSES__" --replace_string="$puma_worker_processes" --target_file="$config_path/gitlab.rb" +ynh_replace_string --match_string="__PUMA_MIN_THREADS__" --replace_string="$puma_min_threads" --target_file="$config_path/gitlab.rb" +ynh_replace_string --match_string="__PUMA_MAX_THREADS__" --replace_string="$puma_max_threads" --target_file="$config_path/gitlab.rb" ynh_replace_string --match_string="__CLIENT_MAX_BODY_SIZE__" --replace_string="$client_max_body_size" --target_file="$config_path/gitlab.rb" ynh_replace_string --match_string="__SSH_PORT__" --replace_string="$ssh_port" --target_file="$config_path/gitlab.rb" ynh_replace_string --match_string="__SIDEKIQ_PORT__" --replace_string="$portSidekiq" --target_file="$config_path/gitlab.rb" @@ -231,7 +237,7 @@ gitlab-ctl reconfigure # ADVERTISE SERVICE IN ADMIN PANEL #================================================= -yunohost service add "gitlab-runsvdir" --log "/var/log/$app/gitlab-rails/application.log" "/var/log/$app/gitlab-rails/api_json.log" "/var/log/$app/gitlab-rails/production.log" "/var/log/$app/gitlab-rails/production_json.log" "/var/log/$app/gitlab-rails/sidekiq.log" "/var/log/$app/unicorn/unicorn_stderr.log" "/var/log/$app/unicorn/current" "/var/log/$app/alertmanager/current" "/var/log/$app/gitaly/current" "/var/log/$app/gitlab-monitor/current" "/var/log/$app/gitlab-shell/gitlab-shell.log" "/var/log/$app/gitlab-workhorse/current" "/var/log/$app/logrotate/current" "/var/log/$app/nginx/current" "/var/log/$app/nginx/access.log" "/var/log/$app/nginx/error.log" "/var/log/$app/nginx/gitlab_access.log" "/var/log/$app/nginx/gitlab_error.log" "/var/log/$app/node-exporter/current" "/var/log/$app/postgres-exporter/current" "/var/log/$app/postgresql/current" "/var/log/$app/prometheus/current" "/var/log/$app/redis/current" "/var/log/$app/redis-exporter/current" +yunohost service add "gitlab-runsvdir" --log "/var/log/$app/gitlab-rails/application.log" "/var/log/$app/gitlab-rails/api_json.log" "/var/log/$app/gitlab-rails/production.log" "/var/log/$app/gitlab-rails/production_json.log" "/var/log/$app/gitlab-rails/sidekiq.log" "/var/log/$app/puma/puma_stderr.log" "/var/log/$app/puma/current" "/var/log/$app/alertmanager/current" "/var/log/$app/gitaly/current" "/var/log/$app/gitlab-monitor/current" "/var/log/$app/gitlab-shell/gitlab-shell.log" "/var/log/$app/gitlab-workhorse/current" "/var/log/$app/logrotate/current" "/var/log/$app/nginx/current" "/var/log/$app/nginx/access.log" "/var/log/$app/nginx/error.log" "/var/log/$app/nginx/gitlab_access.log" "/var/log/$app/nginx/gitlab_error.log" "/var/log/$app/node-exporter/current" "/var/log/$app/postgres-exporter/current" "/var/log/$app/postgresql/current" "/var/log/$app/prometheus/current" "/var/log/$app/redis/current" "/var/log/$app/redis-exporter/current" #================================================= # SETUP SSOWAT @@ -256,7 +262,7 @@ ynh_systemd_action --action=reload --service_name=nginx #================================================= ynh_script_progression --message="Restarting gitlab..." --weight=15 -ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/unicorn/current" --line_match="adopted" --timeout=300 +ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on tcp://127.0.0.1:$portPuma" --timeout=300 #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index c79bc79..c2c8ba3 100644 --- a/scripts/remove +++ b/scripts/remove @@ -16,9 +16,8 @@ ynh_script_progression --message="Loading installation settings..." --weight=2 app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app="$app" --key=domain) port=$(ynh_app_setting_get --app="$app" --key=web_port) -portUnicorn=$(ynh_app_setting_get --app="$app" --key=unicorn_port) +portPuma=$(ynh_app_setting_get --app="$app" --key=puma_port) final_path=$(ynh_app_setting_get --app=$app --key=final_path) config_path=$(ynh_app_setting_get --app=$app --key=config_path) @@ -84,9 +83,9 @@ if yunohost firewall list | grep -q "\- $port$"; then ynh_exec_warn_less yunohost firewall disallow TCP $port fi -if yunohost firewall list | grep -q "\- $portUnicorn$"; then - ynh_script_progression --message="Closing port $portUnicorn" --weight=1 - ynh_exec_warn_less yunohost firewall disallow TCP $portUnicorn +if yunohost firewall list | grep -q "\- $portPuma$"; then + ynh_script_progression --message="Closing port $portPuma" --weight=1 + ynh_exec_warn_less yunohost firewall disallow TCP $portPuma fi #================================================= diff --git a/scripts/restore b/scripts/restore index 2e78b15..adc9e3b 100644 --- a/scripts/restore +++ b/scripts/restore @@ -33,8 +33,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) config_path=$(ynh_app_setting_get --app=$app --key=config_path) -port=$(ynh_app_setting_get --app="$app" --key=web_port) -portUnicorn=$(ynh_app_setting_get --app="$app" --key=unicorn_port) +portPuma=$(ynh_app_setting_get --app="$app" --key=puma_port) architecture=$(ynh_app_setting_get --app="$app" --key=architecture) #================================================= @@ -133,7 +132,7 @@ ynh_restore_file --origin_path="/var/opt/$app/backups/last_gitlab_backup.tar" last_backup="last" -gitlab-ctl stop unicorn +gitlab-ctl stop puma gitlab-ctl stop sidekiq # Use gitlab-rake to backup @@ -151,14 +150,14 @@ fi # ADVERTISE SERVICE IN ADMIN PANEL #================================================= -yunohost service add "gitlab-runsvdir" --log "/var/log/$app/gitlab-rails/application.log" "/var/log/$app/gitlab-rails/api_json.log" "/var/log/$app/gitlab-rails/production.log" "/var/log/$app/gitlab-rails/production_json.log" "/var/log/$app/gitlab-rails/sidekiq.log" "/var/log/$app/unicorn/unicorn_stderr.log" "/var/log/$app/unicorn/current" "/var/log/$app/alertmanager/current" "/var/log/$app/gitaly/current" "/var/log/$app/gitlab-monitor/current" "/var/log/$app/gitlab-shell/gitlab-shell.log" "/var/log/$app/gitlab-workhorse/current" "/var/log/$app/logrotate/current" "/var/log/$app/nginx/current" "/var/log/$app/nginx/access.log" "/var/log/$app/nginx/error.log" "/var/log/$app/nginx/gitlab_access.log" "/var/log/$app/nginx/gitlab_error.log" "/var/log/$app/node-exporter/current" "/var/log/$app/postgres-exporter/current" "/var/log/$app/postgresql/current" "/var/log/$app/prometheus/current" "/var/log/$app/redis/current" "/var/log/$app/redis-exporter/current" +yunohost service add "gitlab-runsvdir" --log "/var/log/$app/gitlab-rails/application.log" "/var/log/$app/gitlab-rails/api_json.log" "/var/log/$app/gitlab-rails/production.log" "/var/log/$app/gitlab-rails/production_json.log" "/var/log/$app/gitlab-rails/sidekiq.log" "/var/log/$app/puma/puma_stderr.log" "/var/log/$app/puma/current" "/var/log/$app/alertmanager/current" "/var/log/$app/gitaly/current" "/var/log/$app/gitlab-monitor/current" "/var/log/$app/gitlab-shell/gitlab-shell.log" "/var/log/$app/gitlab-workhorse/current" "/var/log/$app/logrotate/current" "/var/log/$app/nginx/current" "/var/log/$app/nginx/access.log" "/var/log/$app/nginx/error.log" "/var/log/$app/nginx/gitlab_access.log" "/var/log/$app/nginx/gitlab_error.log" "/var/log/$app/node-exporter/current" "/var/log/$app/postgres-exporter/current" "/var/log/$app/postgresql/current" "/var/log/$app/prometheus/current" "/var/log/$app/redis/current" "/var/log/$app/redis-exporter/current" #================================================= # WAITING GITLAB #================================================= ynh_script_progression --message="Waiting for gitlab..." --weight=14 -ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/unicorn/current" --line_match="adopted" --timeout=300 +ynh_systemd_action --action=restart --service_name="gitlab-runsvdir" --log_path="/var/log/$app/puma/current" --line_match="Listening on tcp://127.0.0.1:$portPuma" --timeout=300 #================================================= # CHECK THE RESTORED DATA