From 580e13676832e264647191a3f84aa45b144f72bd Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Fri, 9 Aug 2024 22:32:56 -0400 Subject: [PATCH] user/gitlab-foss: drop due migration to ilot iports --- user/gitlab-foss/APKBUILD | 375 ------------------ user/gitlab-foss/bin-wrapper.in | 15 - user/gitlab-foss/database-config.patch | 66 --- user/gitlab-foss/gitlab-foss.post-install | 108 ----- user/gitlab-foss/gitlab-foss.post-upgrade | 1 - user/gitlab-foss/gitlab-foss.pre-install | 53 --- user/gitlab-foss/gitlab-rails.confd | 20 - user/gitlab-foss/gitlab.confd | 85 ---- user/gitlab-foss/gitlab.initd | 50 --- user/gitlab-foss/gitlab.logrotate | 24 -- user/gitlab-foss/gitlab.mailroom.initd | 40 -- user/gitlab-foss/gitlab.rails.initd | 119 ------ user/gitlab-foss/gitlab.sidekiq.initd | 76 ---- user/gitlab-foss/gitlab.workhorse.initd | 75 ---- .../upgrade-sys-filesystem-depend.patch | 35 -- 15 files changed, 1142 deletions(-) delete mode 100644 user/gitlab-foss/APKBUILD delete mode 100644 user/gitlab-foss/bin-wrapper.in delete mode 100644 user/gitlab-foss/database-config.patch delete mode 100644 user/gitlab-foss/gitlab-foss.post-install delete mode 120000 user/gitlab-foss/gitlab-foss.post-upgrade delete mode 100644 user/gitlab-foss/gitlab-foss.pre-install delete mode 100644 user/gitlab-foss/gitlab-rails.confd delete mode 100644 user/gitlab-foss/gitlab.confd delete mode 100644 user/gitlab-foss/gitlab.initd delete mode 100644 user/gitlab-foss/gitlab.logrotate delete mode 100644 user/gitlab-foss/gitlab.mailroom.initd delete mode 100644 user/gitlab-foss/gitlab.rails.initd delete mode 100644 user/gitlab-foss/gitlab.sidekiq.initd delete mode 100644 user/gitlab-foss/gitlab.workhorse.initd delete mode 100644 user/gitlab-foss/upgrade-sys-filesystem-depend.patch diff --git a/user/gitlab-foss/APKBUILD b/user/gitlab-foss/APKBUILD deleted file mode 100644 index 21331a4..0000000 --- a/user/gitlab-foss/APKBUILD +++ /dev/null @@ -1,375 +0,0 @@ -# Maintainer: Antoine Martin (ayakael) -# Contributor: Jakub Jirutka -# Contributor: Antoine Martin (ayakael) -pkgname=gitlab-foss -_pkgname=${pkgname%-foss} -pkgver=17.0.4 -_gittag=v$pkgver -pkgrel=0 -pkgdesc="A version control for your server" -url="https://gitlab.com/gitlab-org/gitlab-foss" -arch="x86_64 aarch64" -license="MIT" -# ruby-irb is needed only for Rails console (gitlab-rails console) -depends=" - $pkgname-assets=$pkgver-r$pkgrel - ca-certificates - cmd:dpkg-deb - exiftool - git>=2.42.0 - gitaly~=17.0 - gitlab-shell>=14.35 - graphicsmagick - http-parser - procps - py-docutils - python3 - redis>=2.8 - ruby3.2 - ruby3.2-bigdecimal - ruby3.2-bundler - ruby3.2-fiddle - ruby3.2-io-console - ruby3.2-irb - ruby3.2-json - ruby3.2-rake - ruby3.2-rdoc - ruby3.2-webrick - shared-mime-info - tzdata - " -makedepends=" - cargo - clang-dev - cmd:chrpath - cmake - file-dev - go - gpgme-dev - icu-dev - libffi-dev - libgcrypt-dev - libpq-dev - libxml2-dev - libxslt-dev - linux-headers - llvm - nodejs - openssl-dev - protobuf-dev - re2-dev - ruby3.2-dev - rust - yarn>=1.2.0 - " -pkgusers="git" -pkggroups="git www-data" -install="$pkgname.pre-install $pkgname.post-install $pkgname.post-upgrade" -subpackages="$pkgname-assets::noarch $pkgname-openrc" -source="https://gitlab.com/gitlab-org/gitlab-foss/-/archive/$_gittag/gitlab-foss-$_gittag.tar.gz - database-config.patch - $_pkgname.initd - $_pkgname.mailroom.initd - $_pkgname.rails.initd - $_pkgname.sidekiq.initd - $_pkgname.workhorse.initd - $_pkgname.confd - $_pkgname.logrotate - bin-wrapper.in - upgrade-sys-filesystem-depend.patch - " -builddir="$srcdir/gitlab-foss-$_gittag" - -_prefix="usr/lib/bundles/$_pkgname" - -export BUNDLE_DEPLOYMENT=true -export BUNDLE_FORCE_RUBY_PLATFORM=true -export BUNDLE_FROZEN=true -# Should be tied to $JOBS, but rust native code fails to build -export BUNDLE_JOBS=1 - -prepare() { - default_prepare - - # The default log level is very chatty. - sed -i 's/^\(\s*config.log_level\s*=\).*$/\1 :warn/' \ - config/environments/production.rb - - # This is not needed, the secret_token is generated by the - # gitlab-shell package. It also makes problems in the build phase. - rm config/initializers/gitlab_shell_secret_token.rb - - # Remove all locale files except en. - find locale -type d -mindepth 1 ! -name en -exec rm -rf {} + - - # Allow use of any bundler - sed -i -e '/BUNDLED/,+1d' Gemfile.lock -} - -build() { - local bundle_without='exclude development kerberos mysql test' - - cd "$builddir"/workhorse - - make - - cd "$builddir" - - msg "Installing Ruby gems..." - bundle config --local without "$bundle_without" - bundle config --local build.ffi --enable-system-libffi - bundle config --local build.gpgme --use-system-libraries - bundle config --local build.re2 --enable-system-libraries - bundle config --local build.nokogiri --use-system-libraries \ - --with-xml2-include=/usr/include/libxml2 \ - --with-xslt-include=/usr/include/libxslt - bundle config --local build.ruby-magic --enable-system-libraries - bundle config --local build.google-protobuf '-- --with-cflags=-D__va_copy=va_copy' - bundle config --local path "vendor/bundle" - - bundle install --no-cache - - # Replace bundled CA bundle with symlink. - ( - cd vendor/bundle/ruby/*/gems/aws-sdk-core-*/ - rm ca-bundle.crt - ln -s /etc/ssl/certs/ca-certificates.crt ca-bundle.crt - ) - - # Remove faulty RPATH. - chrpath -d vendor/bundle/ruby/*/extensions/*/*/ruby-magic-*/magic/magic.so - - # Patch installed gem gitlab-markup to use python3. - # Option "-S" causes that Python cannot find docutils module. - sed -i 's/python2 -S/python3/g' \ - vendor/bundle/ruby/*/gems/gitlab-markup-*/lib/github/markups.rb - - # Remove non-sense require of code for tests from top-level module - # (we're gonna delete tests from the package). - sed -i '/require .carrierwave\/test\/matchers./d' \ - vendor/bundle/ruby/*/gems/carrierwave-*/lib/carrierwave.rb - - msg "Installing npm modules..." - yarn install --production --frozen-lockfile - - # Since we have moved assets gems into a group, they are not implicitly - # loaded by default. This will be reverted after compiling assets. - sed -i.bak '/Bundler.require(\*Rails.groups/s/)/, :assets)/' \ - config/application.rb - - # assets:precompile and gettext:compile bootstraps the app, - # so they needs configs. - cp config/gitlab.yml.example config/gitlab.yml - cp config/database.yml.postgresql config/database.yml - cp config/secrets.yml.example config/secrets.yml - - # The configured path is not readable for the user building - # the package, so we must remove it; GitLab will use the default path. - sed -i '/^\s*secret_file:.*/d' config/gitlab.yml - - ( - export NODE_ENV=production - export RAILS_ENV=production - export SKIP_STORAGE_VALIDATION=true - export USE_DB=false - export NO_SOURCEMAPS=true - export NODE_OPTIONS="--max_old_space_size=3584" - - msg "Compiling GetText PO files..." - bundle exec rake gettext:compile - - msg "Compiling assets (this will take few minutes)..." - bundle exec rake gitlab:assets:compile - ) - - # Revert changes. - mv config/application.rb.bak config/application.rb - - msg "Cleaning assets gems..." - bundle config --local without 'exclude development kerberos mysql test assets' - bundle clean - - # Create executables in bin/*. - # See also https://github.com/bundler/bundler/issues/6149. - bundle binstubs --force bundler gitlab-mail_room puma sidekiq - - # Cleanup - rm config/database.yml config/gitlab.yml config/secrets.yml -} - -package() { - local destdir="$pkgdir/$_prefix" - local datadir="$pkgdir/var/lib/gitlab" - local file dest - - install -d -m755 "$destdir" "$destdir"/bin - - install -d -m755 -o git -g git \ - "$datadir" \ - "$pkgdir"/etc/gitlab \ - "$pkgdir"/var/log/gitlab \ - "$datadir"/pages - - install -d -m700 -o git -g git \ - "$datadir"/artifacts \ - "$datadir"/builds \ - "$datadir"/ci_secure_files \ - "$datadir"/dependency_proxy \ - "$datadir"/encrypted_settings \ - "$datadir"/external-diffs \ - "$datadir"/lfs-objects \ - "$datadir"/packages \ - "$datadir"/pages \ - "$datadir"/terraform_state \ - "$datadir"/uploads - - install -d -m0750 -o git -g www-data \ - "$datadir"/pages - - install -d -m02770 -o git -g git \ - "$datadir"/repositories - - # Install application files. - # Note: *VERSION files and doc directory are required (Help in GitLab - # menu refers to the doc directory). - cp -rl .bundle config.ru Gemfile* INSTALLATION_TYPE Rakefile ./*VERSION \ - app data db doc fixtures config lib locale metrics_server public sidekiq_cluster vendor gems \ - "$destdir"/ - - install -m755 -t "$destdir"/bin/ \ - bin/bundle \ - bin/mail_room \ - bin/metrics-server \ - bin/rails \ - bin/rake \ - bin/sidekiq \ - bin/sidekiq-cluster \ - bin/sidekiqmon \ - bin/puma - - cd "$destdir" - - # Not needed in runtime since we have already compiled all assets. - rm -r app/assets - rm -r vendor/assets - find public/assets -name '*.vue' -delete - find public/assets -type d -exec rmdir --ignore-fail-on-non-empty '{}' \; - # These load gems in the assets group. - rm config/initializers/sprockets.rb - - # Remove more stuff not neeeded in production. - rm -r lib/support - rm -r db/fixtures/development - find lib/tasks -maxdepth 1 -type f ! -name cache.rake ! -name setup.rake -delete - find lib/tasks/gitlab \( -name 'generate_docs.*' \ - -o -name 'shell.*' \ - -o -name 'test.*' \) -delete - - - cd "$destdir"/vendor/bundle/ruby/*/ - - # Remove tests, documentations and other useless files. - find gems/ \( -name 'doc' \ - -o -name 'spec' \ - -o -name 'test' \) \ - -type d -maxdepth 2 -exec rm -fr "{}" + - find gems/ \( -name 'README*' \ - -o -name 'CHANGELOG*' \ - -o -name 'CONTRIBUT*' \ - -o -name '*LICENSE*' \ - -o -name 'Rakefile' \ - -o -name '.*' \) \ - -type f -delete - - # Remove bundled libgit2 sources. - rm -r gems/rugged-*/vendor/libgit2 - - # Remove assets, they are already compiled. - rm -r gems/tanuki_emoji-*/app/assets - - # Remove build logs and cache. - rm -rf build_info/ cache/ - find extensions/ \( -name gem_make.out -o -name mkmf.log \) -delete - - - cd "$destdir" - - # Install and symlink config files. - for file in cable.yml.example \ - database.yml.postgresql \ - gitlab.yml.example \ - puma.rb.example \ - resque.yml.example \ - sidekiq.yml.example \ - initializers/smtp_settings.rb.sample - do - dest="$(basename "${file%.*}")" - install -m640 -g git -D config/$file "$pkgdir"/etc/gitlab/$dest - ln -sf /etc/gitlab/$dest "$pkgdir"/$_prefix/config/${file%.*} - done - - # This file will be generated by the post-install script, just prepare symlink. - ln -sf /etc/gitlab/secrets.yml config/secrets.yml - # These shouldn't be necessary, they are all configurable, but OmniBus - # creates them too, so just to be sure... - ln -sf /etc/gitlab/gitlab_kas_secret .gitlab_kas_secret - ln -sf /etc/gitlab/gitlab_pages_secret .gitlab_pages_secret - ln -sf /etc/gitlab/gitlab_shell_secret .gitlab_shell_secret - ln -sf /etc/gitlab/gitlab_workhorse_secret .gitlab_workhorse_secret - - # Some paths are hard-coded in GitLab, so we must make symlinks. :( - ln -sf /var/lib/gitlab/uploads public/uploads - ln -sf /var/log/gitlab log - ln -sf /var/tmp/gitlab tmp - - cat > "$datadir"/.profile <<-EOF - export RAILS_ENV=production - export NODE_ENV=production - export EXECJS_RUNTIME=Disabled - EOF - - # Install wrapper scripts to /usr/bin. - local name; for name in rake rails; do - sed "s/__COMMAND__/$name/g" "$srcdir"/bin-wrapper.in \ - > "$builddir"/gitlab-$name - install -m755 -D "$builddir"/gitlab-$name "$pkgdir"/usr/bin/gitlab-$name - done - - - cd "$builddir"/workhorse - - # Install workhorse. - make install DESTDIR="$pkgdir" PREFIX=/usr - install -m644 config.toml.example "$pkgdir"/etc/gitlab/workhorse.toml - - - for file in $_pkgname $_pkgname.rails $_pkgname.sidekiq $_pkgname.mailroom $_pkgname.workhorse; do - install -m755 -D "$srcdir"/$file.initd "$pkgdir"/etc/init.d/$file - done - - install -m644 -D "$srcdir"/$_pkgname.confd \ - "$pkgdir"/etc/conf.d/$_pkgname - - install -m644 -D "$srcdir"/$_pkgname.logrotate \ - "$pkgdir"/etc/logrotate.d/$_pkgname -} - -assets() { - depends="" - - amove $_prefix/public/assets -} - -sha512sums=" -e09cfbbe4237f42bd8509c551031fd3526b75762beae7dac5164ecc4056ae07890a3ddb8500f1573f0ca9d697150654d1fcab3b3d0a3b93e5382addcee298c5b gitlab-foss-v17.0.4.tar.gz -daa496f3d9146f9dbddff62477bf49d5c7bd2f2a4cdbadc70ee51c8230f3ef01dc950ef157154b31c7e7bef0beecc5cbac50fbac65a79d6d9099b27bcba8b2ab database-config.patch -80d9bf2d064c1d4310566e087e14220e075430c46d9a6c4641c1141fbdc05381ae14a3ae7dfcb7dcb75dbf7af17a136f81764c7a4d109f248a81033782dce23b gitlab.initd -1f451b67a5d5e58650b0fe862a2b65cfb8bff5502b37d94ae90619c1ff9affbecf24428303a2849bebce5f94bef37078f0e5710e344bbab616134e910938384a gitlab.mailroom.initd -d8cdeb54c46f8204936bf5750833649e4586d3dd1942eed45955ed1661ae5f5080f59184fcb59a8f73c1405faccbf02b3db3d2c12fc2a4a81424cd35ce390768 gitlab.rails.initd -cb4ec100f0ea7ffcbb37aead8423e636629e2f4848b2974a7b2468e96cb1081ca732ac336417b08dd943afb961df888c73af1334dcbe054dfd361e74f492fd86 gitlab.sidekiq.initd -85c4e257a030832bd70ad1e257ae7cb568b31e01201fc845abac02d00f02492ca694be1fa2bf743dd8c8623e6a79d36adee3f4de02040134c11158a6001c064b gitlab.workhorse.initd -4dc00b16462f30591297fcb535fc364185d3ed76e9956597f0423a8dfd8a9a351f6ac29d9f0c73052c11324fba4768eb89a21c6bef4da99f15baaea8c9ab8407 gitlab.confd -57f258246925fbef0780caebdf005983c72fe3db1ab3242a1e00137bd322f5ec6c0fd958db7178b8fc22103d071f550d6f71f08422bcd9e859d2a734b2ecef00 gitlab.logrotate -a944c3886388ba1574bf8c96b6de4d9f24ef4a83f553c31a224e17a3b01f2a5c65b60c59b7ed7ca4b25670c60ea8dd41b96a8a623d909d2bb09bdf2520ed7f23 bin-wrapper.in -0eaa7de9a906ddb0fe84b7afbaec893a134bbbdb9e71da75cf4095ef40404643e51447aee88d3cad6e565bc709b34ffd8901cc93061e4a2a410838aed42d3644 upgrade-sys-filesystem-depend.patch -" diff --git a/user/gitlab-foss/bin-wrapper.in b/user/gitlab-foss/bin-wrapper.in deleted file mode 100644 index aa1d411..0000000 --- a/user/gitlab-foss/bin-wrapper.in +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh - -BUNDLE_DIR='/usr/lib/bundles/gitlab' -export RAILS_ENV='production' -export NODE_ENV='production' -export EXECJS_RUNTIME='Disabled' - -cd $BUNDLE_DIR -install -m 700 -o git -g git -d "$(readlink ./tmp)" - -if [ "$(id -un)" != 'git' ]; then - exec su git -c '"$0" "$@"' -- bin/__COMMAND__ "$@" -else - exec bin/__COMMAND__ "$@" -fi diff --git a/user/gitlab-foss/database-config.patch b/user/gitlab-foss/database-config.patch deleted file mode 100644 index 9b113e1..0000000 --- a/user/gitlab-foss/database-config.patch +++ /dev/null @@ -1,66 +0,0 @@ -diff --git a/config/database.yml.postgresql.orig b/config/database.yml.postgresql -index da9f458..2d6d44e 100644 ---- a/config/database.yml.postgresql.orig -+++ b/config/database.yml.postgresql -@@ -26,13 +26,6 @@ production: - username: git - password: "secure password" - host: localhost -- geo: -- adapter: postgresql -- encoding: unicode -- database: gitlabhq_geo_production -- username: git -- password: "secure password" -- host: localhost - - # - # Development specific -@@ -57,13 +50,6 @@ development: - host: localhost - variables: - statement_timeout: 15s -- geo: -- adapter: postgresql -- encoding: unicode -- database: gitlabhq_geo_development -- username: postgres -- password: "secure password" -- host: localhost - - # - # Staging specific -@@ -84,13 +70,6 @@ staging: - username: git - password: "secure password" - host: localhost -- geo: -- adapter: postgresql -- encoding: unicode -- database: gitlabhq_geo_staging -- username: git -- password: "secure password" -- host: localhost - - # Warning: The database defined as "test" will be erased and - # re-generated from your development database when you run "rake". -@@ -119,19 +98,3 @@ test: &test - reaping_frequency: nil - variables: - statement_timeout: 15s -- geo: -- adapter: postgresql -- encoding: unicode -- database: gitlabhq_geo_test -- username: postgres -- password: -- host: localhost -- reaping_frequency: nil -- embedding: -- adapter: postgresql -- encoding: unicode -- database: gitlabhq_embedding_test -- username: postgres -- password: -- host: localhost -- reaping_frequency: nil diff --git a/user/gitlab-foss/gitlab-foss.post-install b/user/gitlab-foss/gitlab-foss.post-install deleted file mode 100644 index 65d05cc..0000000 --- a/user/gitlab-foss/gitlab-foss.post-install +++ /dev/null @@ -1,108 +0,0 @@ -#!/bin/sh -set -eu - -group='git' -data_dir='/var/lib/gitlab' -secrets_file='/etc/gitlab/secrets.yml' -shell_secret_file='/etc/gitlab/gitlab_shell_secret' -workhorse_secret_file='/etc/gitlab/gitlab_workhorse_secret' -kas_secret_file='/etc/gitlab/gitlab_kas_secret' - -gen_random_b64() { - local bits="$1" - ruby <<-EOF - require 'securerandom' - require 'base64' - puts Base64.strict_encode64(SecureRandom.random_bytes($bits)) - EOF -} - - -echo "* Checking $secrets_file" >&2 - -ruby <<-EOF - require 'openssl' - require 'securerandom' - require 'yaml' - - secrets_file = '$secrets_file' - changed = false - - secrets = YAML.load_file(secrets_file) if File.exist?(secrets_file) - secrets ||= {} - prod = secrets['production'] ||= {} - prod['db_key_base'] ||= ( changed = true; SecureRandom.hex(64) ) - prod['secret_key_base'] ||= ( changed = true; SecureRandom.hex(64) ) - prod['otp_key_base'] ||= ( changed = true; SecureRandom.hex(64) ) - prod['encrypted_settings_key_base'] ||= ( changed = true; SecureRandom.hex(64) ) - prod['openid_connect_signing_key'] ||= begin - changed = true - prod.delete('jws_private_key') || OpenSSL::PKey::RSA.new(2048).to_pem - end - # db/fixtures/production/010_settings.rb - prod['ci_jwt_signing_key'] ||= ( changed = true; OpenSSL::PKey::RSA.new(2048).to_pem ) - - if changed - STDERR.puts "* Generating random secrets into #{secrets_file}" - File.write(secrets_file, YAML.dump(secrets), mode: 'w', perm: 0640) - end -EOF -chown root:$group "$secrets_file" - -if [ ! -f "$shell_secret_file" ]; then - echo "* Generating random secret in $shell_secret_file" >&2 - - head -c 512 /dev/urandom | LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 64 > "$shell_secret_file" - chown root:$group "$shell_secret_file" - chmod 0640 "$shell_secret_file" -fi - -if [ ! -f "$workhorse_secret_file" ]; then - echo "* Generating random secret in $workhorse_secret_file" >&2 - - # Sync with lib/gitlab/workhorse.rb. - gen_random_b64 32 > "$workhorse_secret_file" - chown root:$group "$workhorse_secret_file" - chmod 0640 "$workhorse_secret_file" -fi - -if [ ! -f "$kas_secret_file" ]; then - echo "* Generating random secret in $kas_secret_file" >&2 - - # Sync with lib/gitlab/workhorse.rb. - gen_random_b64 32 > "$kas_secret_file" - chown root:$group "$kas_secret_file" - chmod 0640 "$kas_secret_file" -fi - -# NOTE: We create this symlink in post-install script instead of APKBULD, -# so user can decide to have tmp dir inside $data_dir (e.g. it's on bigger disk). -if [ ! -e "$data_dir"/tmp ]; then - ln -s /var/tmp/gitlab "$data_dir"/tmp -fi - - -if [ "${0##*.}" = 'post-upgrade' ]; then - cat >&2 <<-EOF - * - * To finish GitLab upgrade run: - * - * gitlab-rake gitlab:db:configure - * - EOF -else - cat >&2 <<-EOF - * - * 1. Adjust settings in /etc/gitlab/database.yml and gitlab.yml. - * - * 2. Create database for GitLab: - * - * psql -c "CREATE ROLE gitlab PASSWORD 'top-secret' INHERIT LOGIN;" - * psql -c "CREATE DATABASE gitlab OWNER gitlab ENCODING 'UTF-8';" - * psql -d gitlab -c "CREATE EXTENSION pg_trgm; CREATE EXTENSION btree_gist;" - * - * 3. Run "gitlab-rake gitlab:setup", or "gitlab-rake gitlab:db:configure" if - * you are updating existing database. - * - EOF -fi diff --git a/user/gitlab-foss/gitlab-foss.post-upgrade b/user/gitlab-foss/gitlab-foss.post-upgrade deleted file mode 120000 index 20d2b0c..0000000 --- a/user/gitlab-foss/gitlab-foss.post-upgrade +++ /dev/null @@ -1 +0,0 @@ -gitlab-foss.post-install \ No newline at end of file diff --git a/user/gitlab-foss/gitlab-foss.pre-install b/user/gitlab-foss/gitlab-foss.pre-install deleted file mode 100644 index 66ad895..0000000 --- a/user/gitlab-foss/gitlab-foss.pre-install +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/sh -# It's very important to set user/group correctly. - -git_dir='/var/lib/gitlab' - -if ! getent group git 1>/dev/null; then - echo '* Creating group git' 1>&2 - - addgroup -S git -fi - -if ! id git 2>/dev/null 1>&2; then - echo '* Creating user git' 1>&2 - - adduser -DHS -G git -h "$git_dir" -s /bin/sh \ - -g "added by apk for gitlab-foss" git - passwd -u git 1>/dev/null # unlock -fi - -if ! id -Gn git | grep -Fq redis; then - echo '* Adding user git to group redis' 1>&2 - - addgroup git redis -fi - -if [ "$(id -gn git)" != 'git' ]; then - cat >&2 <<-EOF - !! - !! User git has primary group $(id -gn git). We strongly recommend to change - !! git's primary group to git, otherwise GitLab may not work correctly. - !! - EOF - - # Add it at least as a supplementary group. - adduser git git -fi - -user_home="$(getent passwd git | cut -d: -f6)" - -if [ "$user_home" != "$git_dir" ]; then - cat >&2 <<-EOF - !! - !! User git has home directory in $user_home, but this package assumes - !! $git_dir. Although it's possible to use a different directory, - !! it's really not easy. - !! - !! Please change git's home directory to $git_dir, or adjust settings - !! and move files yourself. Otherwise GitLab will not work! - !! - EOF -fi - -exit 0 diff --git a/user/gitlab-foss/gitlab-rails.confd b/user/gitlab-foss/gitlab-rails.confd deleted file mode 100644 index d85aa9c..0000000 --- a/user/gitlab-foss/gitlab-rails.confd +++ /dev/null @@ -1,20 +0,0 @@ -# Configuration for /etc/init.d/gitlab.rails - -# Path to the Puma configuration file. -#puma_config="/etc/gitlab/puma.rb" - -# IP address and port for Puma server to listen on. -#puma_listen_tcp="127.0.0.1:8080" - -# Absolute path of unix socket for Puma server to listen on. -#puma_listen_unix="/run/gitlab/gitlab.socket" - -# Path to the file to redirect stdout from Puma server to. -#puma_stdout_file="/var/log/gitlab/puma_stdout.log" - -# Path to the file to redirect stderr from Puma server to. -#puma_stderr_file="/var/log/gitlab/puma_stderr.log" - -# Action Cable uses a separate thread pool per Puma worker. This configures -# number of threads in the pool. -#action_cable_worker_pool_size=4 diff --git a/user/gitlab-foss/gitlab.confd b/user/gitlab-foss/gitlab.confd deleted file mode 100644 index ade6bcc..0000000 --- a/user/gitlab-foss/gitlab.confd +++ /dev/null @@ -1,85 +0,0 @@ -# Configuration file for /etc/init.d/gitlab and -# /etc/init.d/gitlab.{mailroom,rails,sidekiq,workhorse} - - -# Path to the base directory for the Prometheus metrics used by Puma and -# Sidekiq. -#metrics_dir=/dev/shm/gitlab - - -# How many Puma worker processes to create (0 to disable cluster mode). -#puma_workers=3 - -# IP address and port for Puma server to listen on. -#puma_listen_tcp="127.0.0.1:8080" - -# Absolute path of unix socket for Puma server to listen on. -#puma_listen_unix="/run/gitlab/gitlab.socket" - -# Action Cable uses a separate thread pool per Puma worker. This configures -# number of threads in the pool. -#action_cable_worker_pool_size=4 - - -# IP address and port, or absolute path of the unix socket, where should -# Workhorse listen on for connections from a web server. -#workhorse_listen="/run/gitlab/workhorse.socket" - -# How long to wait for response headers when proxying the request. -#workhorse_proxy_header_timeout="1m0s" - -# Number of API requests allowed at single time. -#workhorse_api_limit= - -# Maximum queueing duration of requests (default 30s). -#workhorse_api_queue_duration= - -# Number of API requests allowed to be queued. -#workhorse_api_queue_limit= - -# Long polling duration for job requesting for runners (default 0s - disabled) -#workhorse_ci_long_polling_duration= - -# Log format to use: text, json, structured, none. Defaults to "text". -#workhorse_log_format= - -# Prometheus listening address. -#workhorse_prometheus_listen= - -# Sentry DSN for Workhorse. -#workhorse_sentry_dsn= - - -# Specify how many processes to create using sidekiq-cluster and which queue -# they should handle. Each whitespace-separated item equates to one additional -# Sidekiq process, and comma-separated values in each item determine the queues -# it works on. The special queue name "*" means all queues. -# Example: "* gitlab_shell process_commit,post_receive" -# See https://docs.gitlab.com/ee/administration/sidekiq/extra_sidekiq_processes.html. -#sidekiq_queue_groups="*" - -# Maximum threads to use with Sidekiq (default: 50, 0 to disable). -#sidekiq_max_concurrency= - -# Minimum threads to use with Sidekiq (default: 0). -#sidekiq_min_concurrency= - -# The number of seconds to wait between worker checks. -#sidekiq_interval= - -# Graceful timeout for all running processes. -#sidekiq_shutdown_timeout= - -# Run workers for all queues in sidekiq_queues.yml except the given ones. -#sidekiq_negate=no - -# Run workers based on the provided selector. -#sidekiq_queue_selector=no - -# Memory limit (in MiB) for the Sidekiq process. If the RSS (Resident Set Size) -# of the Sidekiq process exceeds this limit, a delayed shutdown is triggered. -#sidekiq_memkiller_max_rss=2000 - - -# Enable mail_room to handle incoming mails? -#mailroom_enabled="no" diff --git a/user/gitlab-foss/gitlab.initd b/user/gitlab-foss/gitlab.initd deleted file mode 100644 index cdf212e..0000000 --- a/user/gitlab-foss/gitlab.initd +++ /dev/null @@ -1,50 +0,0 @@ -#!/sbin/openrc-run - -name="GitLab" -description="Meta script for starting/stopping all the GitLab components" - -: ${mailroom_enabled:="no"} -: ${pages_enabled:="yes"} - -subservices="gitlab.rails gitlab.gitaly gitlab.sidekiq gitlab.workhorse" -if yesno "$mailroom_enabled"; then - subservices="$subservices gitlab.mailroom" -fi -if yesno "$pages_enabled" && [ -e /etc/init.d/gitlab.pages ]; then - subservices="$subservices gitlab.pages" -fi - -depend() { - need redis postgresql - use net -} - -start() { - local ret=0 - - ebegin "Starting all GitLab components" - local svc; for svc in $subservices; do - service $svc start || ret=1 - done - eend $ret -} - -stop() { - local ret=0 - - ebegin "Stopping all GitLab components" - local svc; for svc in $subservices; do - service $svc stop || ret=1 - done - eend $ret -} - -status() { - local ret=0 - - local svc; for svc in $subservices; do - echo "$svc:" - service $svc status || ret=1 - done - eend $ret -} diff --git a/user/gitlab-foss/gitlab.logrotate b/user/gitlab-foss/gitlab.logrotate deleted file mode 100644 index 721ff49..0000000 --- a/user/gitlab-foss/gitlab.logrotate +++ /dev/null @@ -1,24 +0,0 @@ -/var/log/gitlab/workhorse.log { - compress - maxsize 10M - minsize 1M - missingok - postrotate - /etc/init.d/gitlab.workhorse --quiet --ifstarted reopen - endscript - sharedscripts - rotate 5 - weekly -} - -/var/log/gitlab/*.log { - compress - copytruncate - delaycompress - maxsize 10M - minsize 1M - missingok - sharedscripts - rotate 10 - weekly -} diff --git a/user/gitlab-foss/gitlab.mailroom.initd b/user/gitlab-foss/gitlab.mailroom.initd deleted file mode 100644 index e6d6a64..0000000 --- a/user/gitlab-foss/gitlab.mailroom.initd +++ /dev/null @@ -1,40 +0,0 @@ -#!/sbin/openrc-run - -supervisor=supervise-daemon - -name="GitLab (mailroom)" -description="GitLab service for processing incoming mails." - -: ${gitlab_base:="/usr/lib/bundles/gitlab"} -: ${gitlab_config:="/etc/gitlab/gitlab.yml"} -: ${mailroom_logfile:="/var/log/gitlab/mail_room.log"} -: ${mailroom_config:="$gitlab_base/config/mail_room.yml"} - -command="$gitlab_base/bin/mail_room" -command_args="-c $mailroom_config" -command_background="yes" -command_user="git" - -directory="$gitlab_base" -error_log="$mailroom_logfile" -output_log="$mailroom_logfile" - -supervise_daemon_args=" - --env RAILS_ENV=production - --env TZ=:/etc/localtime - --env MAIL_ROOM_GITLAB_CONFIG_FILE=$gitlab_config - " -start_stop_daemon_args="--interpreted $supervise_daemon_args" -pidfile="/run/gitlab/mail_room.pid" - -required_files="$mailroom_config $gitlab_config" - -depend() { - need redis - use net -} - -start_pre() { - checkpath -d -m 755 -o $command_user -q "${pidfile%/*}" || return 1 - checkpath -f -m 640 -o $command_user "$mailroom_logfile" -} diff --git a/user/gitlab-foss/gitlab.rails.initd b/user/gitlab-foss/gitlab.rails.initd deleted file mode 100644 index 4c824d9..0000000 --- a/user/gitlab-foss/gitlab.rails.initd +++ /dev/null @@ -1,119 +0,0 @@ -#!/sbin/openrc-run - -name="GitLab Rails" -description="GitLab application" - -extra_started_commands="reload reopen" -description_reload="Reload configuration" -description_reopen="Reopen log files" - -: ${gitlab_base:="/usr/lib/bundles/gitlab"} -: ${metrics_dir:="/dev/shm/gitlab"} - -: ${action_cable_worker_pool_size:=4} -: ${gitlab_config:="/etc/gitlab/gitlab.yml"} -: ${puma_workers:=3} -: ${puma_listen_unix:="/run/gitlab/gitlab.socket"} -: ${puma_listen_tcp:="127.0.0.1:8080"} -: ${puma_stdout_file:="/var/log/gitlab/puma_stdout.log"} -: ${puma_stderr_file:="/var/log/gitlab/puma_stderr.log"} -: ${puma_config:="/etc/gitlab/puma.rb"} -: ${puma_metrics_dir:="$metrics_dir/puma"} - -command="$gitlab_base/bin/puma" -command_args=" - --config $puma_config - --workers $puma_workers - --bind tcp://$puma_listen_tcp - --bind unix://$puma_listen_unix - --redirect-stdout $puma_stdout_file - --redirect-stderr $puma_stderr_file - --redirect-append - --state /run/gitlab/puma.state - " -command_background="yes" -command_user="git" -directory="$gitlab_base" - -supervise_daemon_args=" - --env ACTION_CABLE_WORKER_POOL_SIZE=$action_cable_worker_pool_size - --env RAILS_ENV=production - --env NODE_ENV=production - --env EXECJS_RUNTIME=Disabled - --env GITLAB_BASE=$gitlab_base - --env TZ=:/etc/localtime - --env prometheus_multiproc_dir=$puma_metrics_dir - ${supervise_daemon_args:-} - " -start_stop_daemon_args=" - --interpreted - $supervise_daemon_args - $start_stop_daemon_args - " -pidfile="/run/gitlab/puma.pid" - -required_files="$gitlab_config $puma_config" - -depend() { - need redis - want sshd postgresql docker-registry - use net -} - -start_pre() { - checkpath -d -m 755 -o $command_user -q "${pidfile%/*}" || return 1 - checkpath -d -m 700 -o $command_user -q "$(readlink -f "$gitlab_base"/tmp)" || return 1 - checkpath -d -m 700 -o $command_user -q "$metrics_dir" || return 1 - checkpath -d -m 700 -o $command_user --directory-truncate "$puma_metrics_dir" || return 1 - checkpath -f -m 644 -o $command_user "$puma_stdout_file" || return 1 - checkpath -f -m 644 -o $command_user "$puma_stderr_file" || return 1 - - # Ruby requires sticky bit on TMP directory. - checkpath -d -m 1777 /tmp - - local downloads_path="$(_parse_yaml "$gitlab_config" \ - production.gitlab.repository_downloads_path)" - - if [ -n "$downloads_path" ]; then - checkpath -d -m 700 -o $command_user -q "$downloads_path" - fi - - checkpath --directory --owner $command_user --mode 0775 \ - /var/tmp/gitlab/downloads \ - /var/tmp/gitlab/backups - -} - -reload() { - ebegin "Reloading $name" - - if [ "$supervisor" ]; then - $supervisor "$RC_SVCNAME" --signal USR2 - else - start-stop-daemon --pidfile "$pidfile" --signal USR2 - fi - eend $? -} - -reopen() { - ebegin "Telling $name to reopen log files" - - if [ "$supervisor" ]; then - $supervisor "$RC_SVCNAME" --signal USR1 - else - start-stop-daemon --pidfile "$pidfile" --signal USR1 - fi - eend $? -} - -_parse_yaml() { - local file="$1" - local key="$2" - local default="${3:-}" - local key_path="$(echo "[\"$key\"]" | sed 's/\./"]["/g')" - - ruby <<-EOF - require "yaml" - puts YAML.load_file("$file")$key_path rescue puts "$default" - EOF -} diff --git a/user/gitlab-foss/gitlab.sidekiq.initd b/user/gitlab-foss/gitlab.sidekiq.initd deleted file mode 100644 index eb30f4c..0000000 --- a/user/gitlab-foss/gitlab.sidekiq.initd +++ /dev/null @@ -1,76 +0,0 @@ -#!/sbin/openrc-run - -extra_started_commands="finish" - -name="GitLab Sidekiq" -description="GitLab backgroud workers" -description_finish="Stop fetching new jobs and finish current ones" - -: ${gitlab_base:="/usr/lib/bundles/gitlab"} -: ${metrics_dir:="/dev/shm/gitlab"} - -: ${sidekiq_logfile:="/var/log/gitlab/sidekiq.log"} -: ${sidekiq_memkiller_max_rss:="2000"} # default per Omnibus -: ${sidekiq_metrics_dir:="$metrics_dir/sidekiq"} -: ${sidekiq_negate:="no"} -: ${sidekiq_queue_groups:="*"} -: ${sidekiq_queue_selector:="no"} - -command="$gitlab_base/bin/sidekiq-cluster" -# Note: The rest of the options is set in start_pre(). -command_args="-r $gitlab_base -e production ${command_args:-}" -command_background="yes" -command_user="git" - -directory="$gitlab_base" -error_log="$sidekiq_logfile" -output_log="$sidekiq_logfile" - -supervise_daemon_args=" - --env RAILS_ENV=production - --env NODE_ENV=production - --env EXECJS_RUNTIME=Disabled - --env TZ=:/etc/localtime - --env SIDEKIQ_MEMORY_KILLER_MAX_RSS=$(( sidekiq_memkiller_max_rss * 1024 )) - --env prometheus_multiproc_dir=$sidekiq_metrics_dir - " -start_stop_daemon_args="--interpreted $supervise_daemon_args" -pidfile="/run/gitlab/sidekiq.pid" - -depend() { - need redis - use net postgresql -} - -start_pre() { - yesno "$sidekiq_queue_selector" && command_args="$command_args --queue-selector" - - command_args="$command_args - $(optif --max-concurrency ${sidekiq_max_concurrency:-}) - $(optif --min-concurrency ${sidekiq_min_concurrency:-}) - $(optif --interval ${sidekiq_interval:-}) - $(optif --timeout ${sidekiq_shutdown_timeout:-}) - $(set -f; printf "'%s' " $sidekiq_queue_groups) - " - yesno "$sidekiq_negate" && command_args="$command_args --negate" - - checkpath -d -m 755 -o $command_user -q "${pidfile%/*}" || return 1 - checkpath -d -m 700 -o $command_user -q "$metrics_dir" || return 1 - checkpath -d -m 700 -o $command_user --directory-truncate "$sidekiq_metrics_dir" || return 1 - checkpath -f -m 644 -o $command_user "$sidekiq_logfile" -} - -finish() { - ebegin "Telling $name to stop fetching new jobs" - - if [ "$supervisor" ]; then - $supervisor "$RC_SVCNAME" --signal TSTP - else - start-stop-daemon --pidfile "$pidfile" --signal TSTP - fi - eend $? -} - -optif() { - test -n "$2" && printf '%s/n' "$1=$2" || true -} diff --git a/user/gitlab-foss/gitlab.workhorse.initd b/user/gitlab-foss/gitlab.workhorse.initd deleted file mode 100644 index 4b04d7c..0000000 --- a/user/gitlab-foss/gitlab.workhorse.initd +++ /dev/null @@ -1,75 +0,0 @@ -#!/sbin/openrc-run - -extra_started_commands="reopen" - -name="GitLab Workhorse" -description="A reverse proxy for GitLab." -description_reopen="Reopen log files" - -: ${gitlab_base:="/usr/lib/bundles/gitlab"} -: ${workhorse_logfile:="/var/log/gitlab/workhorse.log"} -: ${workhorse_access_log:="no"} - -command="/usr/bin/gitlab-workhorse" -# Note: The rest of the options is set in start_pre(). -command_args=" - -authBackend=http://${puma_listen_tcp:="127.0.0.1:8080"} - -config=${workhorse_config:="/etc/gitlab/workhorse.toml"} - -documentRoot=${gitlab_public_dir:="$gitlab_base/public"} - -listenAddr=${workhorse_listen:="/run/gitlab/workhorse.socket"} - -listenUmask=${workhorse_listen_umask:="000"} - -logFile=$workhorse_logfile - -secretPath=${workhorse_secret_path:="/etc/gitlab/gitlab_workhorse_secret"} - " -command_background="yes" -command_user="git" -directory="$gitlab_base" -pidfile="/run/gitlab/workhorse.pid" - -depend() { - use net -} - -start_pre() { - local listen_net="tcp" - [ "${workhorse_listen:0:1}" = '/' ] && listen_net="unix" - - command_args="$command_args - -listenNetwork=$listen_net - $(optif -apiCiLongPollingDuration "$workhorse_ci_long_polling_duration") - $(optif -apiLimit "$workhorse_api_limit") - $(optif -apiQueueDuration "$workhorse_api_queue_duration") - $(optif -apiQueueLimit "$workhorse_api_queue_limit") - $(optif -authSocket "$puma_listen_unix") - $(optif -logFormat "$workhorse_log_format") - $(optif -prometheusListenAddr "$workhorse_prometheus_listen_addr") - $(optif -proxyHeadersTimeout "$workhorse_proxy_header_timeout")" - # FIXME: not implemented - #yesno "$workhorse_access_log" || command_args="$command_args -disableAccessLog" - - start_stop_daemon_args="$start_stop_daemon_args - $(optif '--env GITLAB_WORKHORSE_SENTRY_DSN' "$workhorse_sentry_dns")" - supervise_daemon_args="$supervise_daemon_args - $(optif '--env GITLAB_WORKHORSE_SENTRY_DSN' "$workhorse_sentry_dns")" - - checkpath -d -m 755 -o $command_user -q "${pidfile%/*}" || return 1 - if [ "$listen_net" = "unix" ]; then - checkpath -d -m 755 -o $command_user -q "${workhorse_listen%/*}" || return 1 - fi - checkpath -f -m 640 -o $command_user "$workhorse_logfile" -} - -reopen() { - ebegin "Telling $name to reopen log files" - - if [ "$supervisor" ]; then - $supervisor "$RC_SVCNAME" --signal HUP - else - start-stop-daemon --pidfile "$pidfile" --signal HUP - fi - eend $? -} - -optif() { - test -n "$2" && printf '%s/n' "$1=$2" || true -} diff --git a/user/gitlab-foss/upgrade-sys-filesystem-depend.patch b/user/gitlab-foss/upgrade-sys-filesystem-depend.patch deleted file mode 100644 index d608191..0000000 --- a/user/gitlab-foss/upgrade-sys-filesystem-depend.patch +++ /dev/null @@ -1,35 +0,0 @@ -diff --git a/Gemfile.orig b/Gemfile -index c1e9e34..a4448b7 100644 ---- a/Gemfile.orig -+++ b/Gemfile -@@ -525,7 +525,7 @@ gem 'health_check', '~> 3.0' # rubocop:todo Gemfile/MissingFeatureCategory - - # System information - gem 'vmstat', '~> 2.3.0' # rubocop:todo Gemfile/MissingFeatureCategory --gem 'sys-filesystem', '~> 1.4.3' # rubocop:todo Gemfile/MissingFeatureCategory -+gem 'sys-filesystem', '~> 1.4.5' # rubocop:todo Gemfile/MissingFeatureCategory - - # NTP client - gem 'net-ntp' # rubocop:todo Gemfile/MissingFeatureCategory -diff --git a/Gemfile.lock.orig b/Gemfile.lock -index bb66169..a4da10b 100644 ---- a/Gemfile.lock.orig -+++ b/Gemfile.lock -@@ -1657,7 +1657,7 @@ GEM - attr_required (>= 0.0.5) - httpclient (>= 2.4) - sync (0.5.0) -- sys-filesystem (1.4.3) -+ sys-filesystem (1.4.5) - ffi (~> 1.1) - sysexits (1.2.0) - table_print (1.5.7) -@@ -2123,7 +2123,7 @@ DEPENDENCIES - stackprof (~> 0.2.25) - state_machines-activerecord (~> 0.8.0) - static_holmes (~> 0.7.7) -- sys-filesystem (~> 1.4.3) -+ sys-filesystem (~> 1.4.5) - tanuki_emoji (~> 0.9) - telesignenterprise (~> 2.2) - terser (= 1.0.2)