debian-mirror-gitlab/doc/update/4.2-to-5.0.md

# From 4.2 to 5.0

## Warning

GitLab 5.0 is affected by critical security vulnerability CVE-2013-4490.

## Important changes

- We don't use `gitlab` user any more. Everything will be moved to `git` user
- Self signed SSL certificates are not supported until GitLab 5.1
- **requires ruby1.9.3**

## 0. Stop gitlab

    sudo service gitlab stop

## 1. add bash to git user

```
sudo chsh -s /bin/bash git
```

## 2. git clone gitlab-shell

```
cd /home/git/
sudo -u git -H git clone https://github.com/gitlabhq/gitlab-shell.git /home/git/gitlab-shell
```

## 3. setup gitlab-shell

```bash
# chmod all repos and files under git
sudo chown git:git -R /home/git/repositories/

# login as git
sudo su git
cd /home/git/gitlab-shell
git checkout v1.1.0

# copy config
cp config.yml.example config.yml

# change url to gitlab instance
# ! make sure url end with '/' like 'https://gitlab.example/'
vim config.yml

# rewrite hooks
./support/rewrite-hooks.sh

# check ruby version for git user ( 1.9 required!! )
# gitlab shell requires system ruby 1.9
ruby -v

# exit from git user
exit
```

## 4. Copy gitlab instance to git user

```bash
sudo cp -R /home/gitlab/gitlab /home/git/gitlab
sudo chown git:git -R /home/git/gitlab
sudo rm -rf /home/gitlab/gitlab-satellites

# if exists
sudo rm /tmp/gitlab.socket
```

## 5. Update GitLab to recent version

```bash
cd /home/git/gitlab

# backup current config
sudo -u git -H cp config/gitlab.yml config/gitlab.yml.old

sudo -u git -H git fetch
sudo -u git -H git checkout 5-0-stable

# replace config with recent one
sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml

# edit it
sudo -u git -H vim config/gitlab.yml


sudo -u git -H bundle install --without development test postgres --deployment
sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
sudo -u git -H bundle exec rake gitlab:shell:setup RAILS_ENV=production
sudo -u git -H bundle exec rake gitlab:shell:build_missing_projects RAILS_ENV=production

sudo -u git -H mkdir -p /home/git/gitlab-satellites
sudo -u git -H bundle exec rake gitlab:satellites:create RAILS_ENV=production

# migrate wiki to git
sudo -u git -H bundle exec rake gitlab:wiki:migrate RAILS_ENV=production


# check permissions for /home/git/.ssh/
sudo -u git -H chmod 700 /home/git/.ssh
sudo -u git -H chmod 600 /home/git/.ssh/authorized_keys

# check permissions for /home/git/gitlab/
sudo chown -R git /home/git/gitlab/log/
sudo chown -R git /home/git/gitlab/tmp/
sudo chmod -R u+rwX  /home/git/gitlab/log/
sudo chmod -R u+rwX  /home/git/gitlab/tmp/
sudo -u git -H mkdir -p /home/git/gitlab/tmp/pids/
sudo chmod -R u+rwX  /home/git/gitlab/tmp/pids

```

## 6. Update init.d script and nginx config

```bash
# init.d
sudo rm /etc/init.d/gitlab
sudo curl -L --output /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlab-recipes/5-0-stable/init.d/gitlab
sudo chmod +x /etc/init.d/gitlab

# unicorn
sudo -u git -H cp /home/git/gitlab/config/unicorn.rb /home/git/gitlab/config/unicorn.rb.old
sudo -u git -H cp /home/git/gitlab/config/unicorn.rb.example /home/git/gitlab/config/unicorn.rb

#nginx
# Replace path from '/home/gitlab/' to '/home/git/'
sudo vim /etc/nginx/sites-enabled/gitlab
sudo service nginx restart

```

## 7. Start GitLab instance

```
sudo service gitlab start

# check if unicorn and sidekiq started
# If not try to logout, also check replaced path from '/home/gitlab/' to '/home/git/'
# in nginx, unicorn, init.d etc
ps aux | grep unicorn
ps aux | grep sidekiq

```

## 8. Check installation


```bash
# In 5-10 seconds lets check gitlab-shell
sudo -u git -H /home/git/gitlab-shell/bin/check

# Example of success output
# Check GitLab API access: OK
# Check directories and files:
#         /home/git/repositories: OK
#         /home/git/.ssh/authorized_keys: OK


# Now check GitLab instance
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production

```

**P.S. If everything works as expected you can remove gitlab user from system**

```bash
sudo userdel -r gitlab
```