diff --git a/README.md b/README.md index ffd0c3b..4ecb5f0 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to GitLab is a web-based Git-repository manager providing wiki, issue-tracking and CI/CD pipeline features, using an open-source license, developed by GitLab Inc. -**Shipped version:** 12.3.4 +**Shipped version:** 12.4.1 ## Screenshots diff --git a/conf/gitlab.rb b/conf/gitlab.rb index 2d86a11..b81c81e 100644 --- a/conf/gitlab.rb +++ b/conf/gitlab.rb @@ -22,6 +22,16 @@ ##! settings that can be configured by this file, which may be found at: ##! https://gitlab.com/gitlab-org/omnibus-gitlab/raw/master/files/gitlab-config-template/gitlab.rb.template +##! You can run `gitlab-ctl diff-config` to compare the contents of the current gitlab.rb with +##! the gitlab.rb.template from the currently running version. + +##! You can run `gitlab-ctl show-config` to display the configuration that will be generated by +##! running `gitlab-ctl reconfigure` + +##! In general, the values specified here should reflect what the default value of the attribute will be. +##! There are instances where this behavior is not possible or desired. For example, when providing passwords, +##! or connecting to third party services. +##! In those instances, we endeavour to provide an example configuration. ## GitLab URL ##! URL on which GitLab will be reachable. @@ -48,8 +58,6 @@ external_url '__GENERATED_EXTERNAL_URL__' ##! beginning; Remove them to enable the setting. ##! **Configuration settings below are optional.** -##! **The values currently assigned are only examples and ARE NOT the default -##! values.** ################################################################################ @@ -305,6 +313,50 @@ external_url '__GENERATED_EXTERNAL_URL__' gitlab_rails['ldap_enabled'] = true ###! **remember to close this block with 'EOS' below** +# gitlab_rails['ldap_servers'] = YAML.load <<-'EOS' +# main: # 'main' is the GitLab 'provider ID' of this LDAP server +# label: 'LDAP' +# host: '_your_ldap_server' +# port: 389 +# uid: 'sAMAccountName' +# bind_dn: '_the_full_dn_of_the_user_you_will_bind_with' +# password: '_the_password_of_the_bind_user' +# encryption: 'plain' # "start_tls" or "simple_tls" or "plain" +# verify_certificates: true +# smartcard_auth: false +# active_directory: true +# allow_username_or_email_login: false +# lowercase_usernames: false +# block_auto_created_users: false +# base: '' +# user_filter: '' +# ## EE only +# group_base: '' +# admin_group: '' +# sync_ssh_keys: false +# +# secondary: # 'secondary' is the GitLab 'provider ID' of second LDAP server +# label: 'LDAP' +# host: '_your_ldap_server' +# port: 389 +# uid: 'sAMAccountName' +# bind_dn: '_the_full_dn_of_the_user_you_will_bind_with' +# password: '_the_password_of_the_bind_user' +# encryption: 'plain' # "start_tls" or "simple_tls" or "plain" +# verify_certificates: true +# smartcard_auth: false +# active_directory: true +# allow_username_or_email_login: false +# lowercase_usernames: false +# block_auto_created_users: false +# base: '' +# user_filter: '' +# ## EE only +# group_base: '' +# admin_group: '' +# sync_ssh_keys: false +# EOS + gitlab_rails['ldap_servers'] = YAML.load <<-'EOS' # remember to close this block with 'EOS' below main: # 'main' is the GitLab 'provider ID' of this LDAP server label: 'LDAP' @@ -447,17 +499,6 @@ gitlab_rails['gitlab_shell_ssh_port'] = __SSH_PORT__ # 'bantime' => 3600 # } -# gitlab_rails['rack_attack_protected_paths'] = [ -# '/users/password', -# '/users/sign_in', -# '/api/#{API::API.version}/session.json', -# '/api/#{API::API.version}/session', -# '/users', -# '/users/confirmation', -# '/unsubscribes/', -# '/import/github/personal_access_token' -# ] - ###! **We do not recommend changing these directories.** # gitlab_rails['dir'] = "/var/opt/gitlab/gitlab-rails" # gitlab_rails['log_directory'] = "/var/log/gitlab/gitlab-rails" @@ -745,6 +786,11 @@ unicorn['port'] = __UNICORN_PORT__ # unicorn['worker_memory_limit_min'] = "400 * 1 << 20" # unicorn['worker_memory_limit_max'] = "650 * 1 << 20" +# unicorn['exporter_enabled'] = false +# unicorn['exporter_address'] = "127.0.0.1" +# unicorn['exporter_port'] = 8083 +# unicorn['exporter_blackout_seconds'] = 10 + ################################################################################ ## GitLab Puma ##! Tweak puma settings. You should only use Unicorn or Puma, not both. @@ -770,7 +816,12 @@ unicorn['port'] = __UNICORN_PORT__ ### **Only change these settings if you understand well what they mean** ###! Docs: https://github.com/schneems/puma_worker_killer -# puma['per_worker_max_memory_mb'] = 650 +# puma['per_worker_max_memory_mb'] = 850 + +# puma['exporter_enabled'] = false +# puma['exporter_address'] = "127.0.0.1" +# puma['exporter_port'] = 8083 +# puma['exporter_blackout_seconds'] = 10 ################################################################################ ## GitLab Sidekiq @@ -1199,6 +1250,7 @@ nginx['listen_https'] = false ##! You can disable built in logrotate feature. ################################################################################ # logrotate['enable'] = true +# logrotate['log_directory'] = "/var/log/gitlab/logrotate" ################################################################################ ## Users and groups accounts @@ -1307,16 +1359,6 @@ nginx['listen_https'] = false ##! Specifies the maximum SSL/TLS version ("ssl3", "tls1.0", "tls1.1" or "tls1.2") # gitlab_pages['tls_max_version'] = "tls1.2" -##! Configure the pages admin API -# gitlab_pages['admin_secret_token'] = 'custom secret' -# gitlab_pages['admin_https_listener'] = '0.0.0.0:5678' -# gitlab_pages['admin_https_cert'] = '/etc/gitlab/pages-admin.crt' -# gitlab_pages['admin_https_key'] = '/etc/gitlab/pages-admin.key' - -##! Client side configuration for gitlab-pages admin API, in case pages runs on a different host -# gitlab_rails['pages_admin_address'] = 'pages.gitlab.example.com:5678' -# gitlab_rails['pages_admin_certificate'] = '/etc/gitlab/pages-admin.crt' - ##! Pages access control # gitlab_pages['access_control'] = false # gitlab_pages['gitlab_id'] = nil # Automatically generated if not present @@ -1530,6 +1572,7 @@ nginx['listen_https'] = false ##! Advanced settings. Should be changed only if absolutely needed. # alertmanager['listen_address'] = 'localhost:9093' +# alertmanager['global'] = {} ################################################################################ ## Prometheus Node Exporter @@ -1713,6 +1756,7 @@ grafana['enable'] = false # gitaly['ruby_max_rss'] = 300000000 # RSS threshold in bytes for triggering a gitaly-ruby restart # gitaly['ruby_graceful_restart_timeout'] = '10m' # Grace time for a gitaly-ruby process to finish ongoing requests # gitaly['ruby_restart_delay'] = '5m' # Period of sustained high RSS that needs to be observed before restarting gitaly-ruby +# gitaly['ruby_rugged_git_config_search_path'] = "/opt/gitlab/embedded/etc" # Location of system-wide gitconfig file # gitaly['ruby_num_workers'] = 3 # Number of gitaly-ruby worker processes. Minimum 2, default 2. # gitaly['storage'] = [ # { @@ -1734,6 +1778,32 @@ grafana['enable'] = false # } # ] +################################################################################ +## Praefect +##! Docs: https://gitlab.com/gitlab-org/gitaly/blob/master/doc/design_ha.md +################################################################################ + +# praefect['enable'] = false +# praefect['virtual_storage_name'] = "praefect" +# praefect['auth_token'] = "" +# praefect['auth_transitioning'] = false +# praefect['listen_addr'] = "localhost:2305" +# praefect['prometheus_listen_addr'] = "localhost:9652" +# praefect['logging_level'] = "warn" +# praefect['logging_format'] = "json" +# praefect['storage_nodes'] = [ +# { +# 'storage' => 'praefect', +# 'address' => 'tcp://12:23:56:78', +# 'token' => 'abc123' +# }, +# { +# 'storoge' => 'praefect-2', +# 'address' => 'tcp://praefect2.internal', +# 'token' => 'xyz456' +# } +# ] + ################################################################################ # Storage check ################################################################################ @@ -1760,6 +1830,11 @@ grafana['enable'] = false ##! non-docker containers. Recommended not to change. # package['detect_init'] = true +##! Specify maximum number of tasks that can be created by the systemd unit +##! Will be populated as TasksMax value to the unit file if user is on a systemd +##! version that supports it (>= 227). Will be a no-op if user is not on systemd. +# package['systemd_tasks_max'] = 4915 + ################################################################################ ################################################################################ ## Configuration Settings for GitLab EE only ## diff --git a/manifest.json b/manifest.json index 51fb76c..26f5bab 100644 --- a/manifest.json +++ b/manifest.json @@ -2,7 +2,7 @@ "name": "Gitlab", "id": "gitlab", "packaging_format": 1, - "version": "12.3.4~ynh1", + "version": "12.4.1~ynh1", "description": { "en": "GitLab is a Git-repository manager.", "fr": "GitLab est un gestionnaire de dépôts Git." diff --git a/scripts/install b/scripts/install index 52657de..bdf5ae8 100644 --- a/scripts/install +++ b/scripts/install @@ -186,14 +186,10 @@ tempdir="$(mktemp -d)" ynh_setup_source --dest_dir=$tempdir --source_id=$architecture -if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then - if ! ynh_exec_warn_less dpkg -i $tempdir/$gitlab_filename ; - then # This command will fail in lxc env - package_check_action # defined in upgrade.d/upgrade.last.sh - ynh_exec_warn_less dpkg --configure gitlab-ce - fi -else - ynh_exec_warn_less dpkg -i $tempdir/$gitlab_filename +if ! ynh_exec_warn_less dpkg -i $tempdir/$gitlab_filename ; +then # This command will fail in lxc env + package_check_action # defined in upgrade.d/upgrade.last.sh + ynh_exec_warn_less dpkg --configure gitlab-ce fi #================================================= diff --git a/scripts/restore b/scripts/restore index ddd8ec1..9914ebb 100644 --- a/scripts/restore +++ b/scripts/restore @@ -115,14 +115,10 @@ tempdir="$(mktemp -d)" ynh_setup_source --dest_dir=$tempdir --source_id=$architecture -if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then - if ! ynh_exec_warn_less dpkg -i $tempdir/$gitlab_filename ; - then # This command will fail in lxc env - package_check_action # defined in upgrade.d/upgrade.last.sh - ynh_exec_warn_less dpkg --configure gitlab-ce - fi -else - ynh_exec_warn_less dpkg -i $tempdir/$gitlab_filename +if ! ynh_exec_warn_less dpkg -i $tempdir/$gitlab_filename ; +then # This command will fail in lxc env + package_check_action # defined in upgrade.d/upgrade.last.sh + ynh_exec_warn_less dpkg --configure gitlab-ce fi #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 8568bba..7d9df73 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -278,6 +278,9 @@ if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Setting up source files..." --weight=200 + # To avoid the automatic backup, already performed by YunoHost: https://docs.gitlab.com/omnibus/update/#updating-methods + touch $config_path/skip-auto-backup + current_version=$(grep gitlab-ce /opt/gitlab/version-manifest.txt | cut -d' ' -f2) # Load the last available version @@ -317,14 +320,10 @@ then ynh_setup_source --dest_dir=$tempdir --source_id=$architecture - if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then - if ! ynh_exec_warn_less dpkg -i $tempdir/$gitlab_filename ; - then # This command will fail in lxc env - package_check_action # defined in upgrade.d/upgrade.X.sh - ynh_exec_warn_less dpkg --configure gitlab-ce - fi - else - ynh_exec_warn_less dpkg -i $tempdir/$gitlab_filename + if ! ynh_exec_warn_less dpkg -i $tempdir/$gitlab_filename ; + then # This command will fail in lxc env + package_check_action # defined in upgrade.d/upgrade.X.sh + ynh_exec_warn_less dpkg --configure gitlab-ce fi ynh_exec_warn_less ynh_secure_remove --file="$tempdir" diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh index c922646..9d27a59 100644 --- a/scripts/upgrade.d/upgrade.last.sh +++ b/scripts/upgrade.d/upgrade.last.sh @@ -1,8 +1,8 @@ -gitlab_version="12.3.4" +gitlab_version="12.4.1" -gitlab_x86_64_source_sha256="6b913d17bca52e955429081e3331c3fc9003f4087c37b06019f124d41bce3c26" +gitlab_x86_64_source_sha256="c648d9b00ed5070a3cae6df508479380757040682ac71b7e43fb6466b1c2bb38" -gitlab_arm_source_sha256="c09fb0ba3ec71574d8fa0efc6b1c3afbc075cebfd8e5bd903a21be9b6e3e2a1b" +gitlab_arm_source_sha256="9634c287b75e849c7424c1bbf9507ad7f63bef14f340c2ce156e39e64a38cea5" gitlab_filename="gitlab-ce-${gitlab_version}.deb"