make nginx optional, use ucf for conf files
This commit is contained in:
parent
68078685d6
commit
39a2bfd88a
7 changed files with 204 additions and 37 deletions
9
debian/changelog
vendored
9
debian/changelog
vendored
|
@ -1,3 +1,12 @@
|
|||
gitlab (8.5.8+dfsg-5) UNRELEASED; urgency=medium
|
||||
|
||||
* Make nginx optional (Closes: #819260)
|
||||
* Manage nginx configuration via ucf (Closes: #819262)
|
||||
* Manage gitlab-debian.conf and gitlab.yml via ucf
|
||||
* Make postinst more verbose
|
||||
|
||||
-- Pirate Praveen <praveen@debian.org> Fri, 08 Apr 2016 01:10:02 +0530
|
||||
|
||||
gitlab (8.5.8+dfsg-4) unstable; urgency=medium
|
||||
|
||||
* Tighten version requirements for dependencies
|
||||
|
|
5
debian/conf/gitlab-debian.conf
vendored
5
debian/conf/gitlab-debian.conf
vendored
|
@ -4,6 +4,10 @@ gitlab_user=gitlab
|
|||
gitlab_app_root=/usr/share/gitlab
|
||||
gitlab_data_dir=/var/lib/gitlab
|
||||
gitlab_scripts=/usr/lib/gitlab/scripts
|
||||
gitlab_yml_private=/var/lib/gitlab/gitlab.yml
|
||||
gitlab_yml=/etc/gitlab/gitlab.yml
|
||||
gitlab_debian_conf_private=/var/lib/gitlab/gitlab-debian.conf
|
||||
gitlab_debian_conf=/etc/gitlab/gitlab-debian.conf
|
||||
gitlab_nginx_log=/var/log/gitlab
|
||||
gitlab_ssl_path=/etc/gitlab/ssl
|
||||
gitlab_shell_root=/usr/share/gitlab-shell
|
||||
|
@ -13,3 +17,4 @@ gitlab_pid_path=/run/gitlab
|
|||
nginx_user=www-data
|
||||
nginx_conf_example=/usr/share/doc/gitlab/nginx.conf.example
|
||||
nginx_ssl_conf_example_gz=/usr/share/doc/gitlab/nginx.ssl.conf.example.gz
|
||||
nginx_site_private=/var/lib/gitlab/nginx.conf
|
||||
|
|
1
debian/control
vendored
1
debian/control
vendored
|
@ -28,6 +28,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ruby | ruby-interpreter,
|
|||
nginx | httpd,
|
||||
postfix | exim4 | mail-transport-agent,
|
||||
openssh-client,
|
||||
ucf,
|
||||
gitlab-shell (>= 2.6.10~),
|
||||
gitlab-workhorse (>= 0.6.2~),
|
||||
ruby-rails (>= 2:4.2.5.2~),
|
||||
|
|
4
debian/install
vendored
4
debian/install
vendored
|
@ -1,9 +1,9 @@
|
|||
debian/conf/gitlab etc/default
|
||||
debian/conf/unicorn.rb etc/gitlab
|
||||
debian/conf/database.yml etc/gitlab
|
||||
debian/conf/gitlab.yml etc/gitlab
|
||||
debian/conf/gitlab.yml var/lib/gitlab
|
||||
debian/conf/resque.yml etc/gitlab
|
||||
debian/conf/gitlab-debian.conf etc/gitlab
|
||||
debian/conf/gitlab-debian.conf var/lib/gitlab
|
||||
debian/conf/*.target lib/systemd/system
|
||||
debian/conf/*.service lib/systemd/system
|
||||
debian/conf/smtp_settings.rb etc/gitlab/initializers
|
||||
|
|
73
debian/postinst
vendored
73
debian/postinst
vendored
|
@ -33,8 +33,11 @@ case "$1" in
|
|||
|
||||
# Read and export debian specific configuration
|
||||
# Only exported variables will be passed on to gitlab app
|
||||
gitlab_debian_conf=/etc/gitlab/gitlab-debian.conf
|
||||
export $(cat ${gitlab_debian_conf})
|
||||
gitlab_debian_conf_private=/var/lib/gitlab/gitlab-debian.conf
|
||||
export $(cat ${gitlab_debian_conf_private})
|
||||
|
||||
# If /etc/gitlab/gitlab-debian.conf is already present, use it
|
||||
test -f ${gitlab_debian_conf} && export $(cat ${gitlab_debian_conf})
|
||||
|
||||
# Create gitlab user
|
||||
. /usr/lib/gitlab/scripts/adduser.sh
|
||||
|
@ -45,6 +48,7 @@ case "$1" in
|
|||
gitlab_uploads_path=${gitlab_data_dir}/public/uploads
|
||||
|
||||
# Create directories and change ownership
|
||||
echo "Creating runtime directories for gitlab..."
|
||||
for i in ${gitlab_repo_path} ${gitlab_cache_path} ${gitlab_uploads_path}\
|
||||
${gitlab_pid_path} ${gitlab_log_dir} ${gitlab_shell_log} ${gitlab_builds_log}; do
|
||||
mkdir -p $i
|
||||
|
@ -56,6 +60,7 @@ case "$1" in
|
|||
chown ${gitlab_user}:${nginx_user} -R ${gitlab_uploads_path}/.. ${gitlab_pid_path}
|
||||
|
||||
# Customize permissions
|
||||
echo "Updating file permissions..."
|
||||
chmod -R ug+rwX,o-rwx ${gitlab_repo_path}/
|
||||
chmod -R ug-s ${gitlab_repo_path}/
|
||||
find ${gitlab_repo_path}/ -type d -print0 | xargs -0 chmod g+s
|
||||
|
@ -72,19 +77,34 @@ case "$1" in
|
|||
# Obtain hostname from debconf db
|
||||
db_get gitlab/fqdn
|
||||
if [ "${RET}" != "" ]; then
|
||||
if ! grep GITLAB_HOST ${gitlab_debian_conf}; then
|
||||
if ! grep GITLAB_HOST ${gitlab_debian_conf_private}; then
|
||||
echo "Configuring hostname and email..."
|
||||
export GITLAB_HOST=${RET} # We need this to configure nginx below
|
||||
echo GITLAB_HOST=${RET} >> ${gitlab_debian_conf}
|
||||
echo GITLAB_EMAIL_FROM="no-reply@${RET}" >> ${gitlab_debian_conf}
|
||||
echo GITLAB_EMAIL_DISPLAY_NAME="Gitlab" >> ${gitlab_debian_conf}
|
||||
echo GITLAB_EMAIL_REPLY_TO="no-reply@${RET}" >> ${gitlab_debian_conf}
|
||||
cat <<EOF >> ${gitlab_debian_conf_private}
|
||||
GITLAB_HOST=${RET}
|
||||
GITLAB_EMAIL_FROM="no-reply@${RET}"
|
||||
GITLAB_EMAIL_DISPLAY_NAME="Gitlab"
|
||||
GITLAB_EMAIL_REPLY_TO="no-reply@${RET}"
|
||||
EOF
|
||||
fi
|
||||
|
||||
# Check if ssl option is selected
|
||||
db_get gitlab/ssl
|
||||
gl_proto="http"
|
||||
if [ "${RET}" = "true" ]; then
|
||||
if ! grep GITLAB_HTTPS ${gitlab_debian_conf}; then
|
||||
echo GITLAB_HTTPS=${RET} >> ${gitlab_debian_conf}
|
||||
echo "Configuring nginx with HTTPS..."
|
||||
if ! grep GITLAB_HTTPS ${gitlab_debian_conf_private}; then
|
||||
echo GITLAB_HTTPS=${RET} >> ${gitlab_debian_conf_private}
|
||||
# Workaround for #813770
|
||||
gl_proto="https"
|
||||
echo "Configuring gitlab with HTTPS..."
|
||||
sed -i "s/#port: 80/port: 443/" ${gitlab_yml_private}
|
||||
sed -i "s/https: false/https: true/" ${gitlab_yml_private}
|
||||
echo "Updating gitlab_url in gitlab-shell configuration..."
|
||||
sed -i \
|
||||
"s/gitlab_url: http*:\/\/.*/gitlab_url: ${gl_proto}:\/\/${GITLAB_HOST}/"\
|
||||
${gitlab_shell_root}/config.yml
|
||||
|
||||
fi
|
||||
mkdir -p /etc/gitlab/ssl
|
||||
if [ -f "${nginx_ssl_conf_example_gz}" ]; then
|
||||
|
@ -97,6 +117,7 @@ case "$1" in
|
|||
# Check if letsencrypt option is selected
|
||||
db_get gitlab/letsencrypt
|
||||
if [ "${RET}" = "true" ]; then
|
||||
echo "Configuring letsencrypt..."
|
||||
# Check if certificate is already present
|
||||
if [ -e /etc/letsencrypt/live/${GITLAB_HOST}/fullchain.pem ]; then
|
||||
echo "Let's encrypt certificate already present."
|
||||
|
@ -105,29 +126,47 @@ case "$1" in
|
|||
/etc/gitlab/ssl/gitlab.crt
|
||||
ln -sf /etc/letsencrypt/live/${GITLAB_HOST}/privkey.pem \
|
||||
/etc/gitlab/ssl/gitlab.key
|
||||
|
||||
# Port 80 and 443 should be available for letsencrypt
|
||||
if command -v nginx > /dev/null; then
|
||||
echo "Stopping nginx for letsencrypt..."
|
||||
invoke-rc.d nginx stop
|
||||
letsencrypt -d ${GITLAB_HOST} certonly
|
||||
fi
|
||||
|
||||
letsencrypt -d ${GITLAB_HOST} certonly || {
|
||||
echo "letsencrypt auto configuration failed..."
|
||||
echo "Stop your webserver and try running letsencrypt manually..."
|
||||
echo "letsencrypt -d ${GITLAB_HOST} certonly"
|
||||
}
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "Registering ${gitlab_yml} via ucf"
|
||||
ucf --debconf-ok --three-way ${gitlab_yml_private} ${gitlab_yml}
|
||||
ucfr gitlab ${gitlab_yml}
|
||||
# Manage gitlab-debian.conf via ucf
|
||||
echo "Registering ${gitlab_debian_conf} via ucf"
|
||||
ucf --debconf-ok --three-way ${gitlab_debian_conf_private} ${gitlab_debian_conf}
|
||||
ucfr gitlab ${gitlab_debian_conf}
|
||||
|
||||
if test -f ${nginx_conf_example}; then
|
||||
nginx_site="/etc/nginx/sites-available/${GITLAB_HOST}"
|
||||
if test -f ${nginx_site}; then
|
||||
echo "${nginx_site} is already present, skipping nginx configuration"
|
||||
else
|
||||
sed -e "s/YOUR_SERVER_FQDN/${GITLAB_HOST}/"\
|
||||
${nginx_conf_example} >/etc/nginx/sites-available/${GITLAB_HOST}
|
||||
ln -fs /etc/nginx/sites-available/${GITLAB_HOST} /etc/nginx/sites-enabled/
|
||||
${nginx_conf_example} >${nginx_site_private}
|
||||
ucf --debconf-ok --three-way ${nginx_site_private} ${nginx_site}
|
||||
ucfr gitlab ${nginx_site}
|
||||
ln -fs ${nginx_site} /etc/nginx/sites-enabled/
|
||||
rm -f ${nginx_conf_example_tmp}
|
||||
fi
|
||||
else
|
||||
echo "nginx example configuration file not found"
|
||||
exit 1
|
||||
fi
|
||||
# Reload nginx
|
||||
if command -v nginx > /dev/null; then
|
||||
echo "Reloading nginx configuration..."
|
||||
invoke-rc.d nginx reload
|
||||
fi
|
||||
else
|
||||
echo "Failed to retrieve fully qualified domain name"
|
||||
exit 1
|
||||
|
@ -156,7 +195,7 @@ case "$1" in
|
|||
echo "Verifying we have all required libraries..."
|
||||
su ${gitlab_user} -s /bin/sh -c 'bundle install --local'
|
||||
|
||||
echo "Running final rake tasks..."
|
||||
echo "Running final rake tasks and tweaks..."
|
||||
. /usr/lib/gitlab/scripts/rake-tasks.sh
|
||||
|
||||
|
||||
|
|
126
debian/postrm
vendored
Normal file
126
debian/postrm
vendored
Normal file
|
@ -0,0 +1,126 @@
|
|||
#! /bin/sh
|
||||
# postrm.skeleton
|
||||
# Skeleton maintainer script showing all the possible cases.
|
||||
# Written by Charles Briscoe-Smith, March-June 1998. Public Domain.
|
||||
|
||||
# Abort if any command returns an error value
|
||||
set -e
|
||||
|
||||
# This script is called twice during the removal of the package; once
|
||||
# after the removal of the package's files from the system, and as
|
||||
# the final step in the removal of this package, after the package's
|
||||
# conffiles have been removed.
|
||||
|
||||
# Ensure the menu system is updated
|
||||
|
||||
# Read and export debian specific configuration
|
||||
# Only exported variables will be passed on to gitlab app
|
||||
echo "Reading gitlab-debian.conf..."
|
||||
gitlab_debian_conf=/etc/gitlab/gitlab-debian.conf
|
||||
test -f ${gitlab_debian_conf} && export $(cat ${gitlab_debian_conf})
|
||||
nginx_site="/etc/nginx/sites-available/${GITLAB_HOST}"
|
||||
|
||||
test -f ${nginx_site} && echo "Found nginx site configuration at ${nginx_site}..."
|
||||
|
||||
case "$1" in
|
||||
remove)
|
||||
# This package is being removed, but its configuration has not yet
|
||||
# been purged.
|
||||
:
|
||||
|
||||
# Remove diversion
|
||||
# ldconfig is NOT needed during removal of a library, only during
|
||||
# installation
|
||||
|
||||
;;
|
||||
purge)
|
||||
# This package has previously been removed and is now having
|
||||
# its configuration purged from the system.
|
||||
:
|
||||
|
||||
# we mimic dpkg as closely as possible, so we remove configuration
|
||||
# files with dpkg backup extensions too:
|
||||
### Some of the following is from Tore Anderson:
|
||||
for ext in '~' '%' .bak .ucf-new .ucf-old .ucf-dist; do
|
||||
rm -f ${nginx_site}$ext
|
||||
rm -f ${gitlab_debian_conf}$ext
|
||||
rm -f ${gitlab_yml}$ext
|
||||
done
|
||||
|
||||
# remove the configuration file itself
|
||||
test -f ${nginx_site} && rm -f ${nginx_site}
|
||||
test -f ${gitlab_debian_conf} && rm -f ${gitlab_debian_conf}
|
||||
test -f ${gitlab_yml} && rm -f ${gitlab_yml}
|
||||
|
||||
# and finally clear it out from the ucf database
|
||||
if which ucf >/dev/null; then
|
||||
test -n "${nginx_site}" && ucf --purge ${nginx_site}
|
||||
test -n "${gitlab_debian_conf}" && ucf --purge ${gitlab_debian_conf}
|
||||
test -n "${gitlab_yml}" && ucf --purge ${gitlab_yml}
|
||||
fi
|
||||
if which ucfr >/dev/null; then
|
||||
test -n "${nginx_site}" && ucfr --purge gitlab ${nginx_site}
|
||||
test -n "${gitlab_debian_conf}" && ucfr --purge gitlab ${gitlab_debian_conf}
|
||||
test -n "${gitlab_yml}" && ucfr --purge gitlab ${gitlab_yml}
|
||||
fi
|
||||
|
||||
;;
|
||||
disappear)
|
||||
if test "$2" != overwriter; then
|
||||
echo "$0: undocumented call to \`postrm $*'" 1>&2
|
||||
exit 0
|
||||
fi
|
||||
# This package has been completely overwritten by package $3
|
||||
# (version $4). All our files are already gone from the system.
|
||||
# This is a special case: neither "prerm remove" nor "postrm remove"
|
||||
# have been called, because dpkg didn't know that this package would
|
||||
# disappear until this stage.
|
||||
:
|
||||
|
||||
;;
|
||||
upgrade)
|
||||
# About to upgrade FROM THIS VERSION to version $2 of this package.
|
||||
# "prerm upgrade" has been called for this version, and "preinst
|
||||
# upgrade" has been called for the new version. Last chance to
|
||||
# clean up.
|
||||
:
|
||||
|
||||
;;
|
||||
failed-upgrade)
|
||||
# About to upgrade from version $2 of this package TO THIS VERSION.
|
||||
# "prerm upgrade" has been called for the old version, and "preinst
|
||||
# upgrade" has been called for this version. This is only used if
|
||||
# the previous version's "postrm upgrade" couldn't handle it and
|
||||
# returned non-zero. (Fix old postrm bugs here.)
|
||||
:
|
||||
|
||||
;;
|
||||
abort-install)
|
||||
# Back out of an attempt to install this package. Undo the effects of
|
||||
# "preinst install...". There are two sub-cases.
|
||||
:
|
||||
|
||||
if test "${2+set}" = set; then
|
||||
# When the install was attempted, version $2's configuration
|
||||
# files were still on the system. Undo the effects of "preinst
|
||||
# install $2".
|
||||
:
|
||||
|
||||
else
|
||||
# We were being installed from scratch. Undo the effects of
|
||||
# "preinst install".
|
||||
:
|
||||
|
||||
fi ;;
|
||||
abort-upgrade)
|
||||
# Back out of an attempt to upgrade this package from version $2
|
||||
# TO THIS VERSION. Undo the effects of "preinst upgrade $2".
|
||||
:
|
||||
|
||||
;;
|
||||
*) echo "$0: didn't understand being called with \`$1'" 1>&2
|
||||
exit 0;;
|
||||
esac
|
||||
|
||||
#DEBHELPER#
|
||||
exit 0
|
13
debian/rake-tasks.sh
vendored
13
debian/rake-tasks.sh
vendored
|
@ -51,19 +51,6 @@ else
|
|||
invoke-rc.d gitlab start
|
||||
fi
|
||||
|
||||
# Workaround for #813770
|
||||
if [ "${GITLAB_HTTPS}" = "true" ]; then
|
||||
gl_proto="https"
|
||||
sed -i "s/#port: 80/port: 443/" ${gitlab_app_root}/config/gitlab.yml
|
||||
sed -i "s/https: false/https: true/" ${gitlab_app_root}/config/gitlab.yml
|
||||
else
|
||||
gl_proto="http"
|
||||
fi
|
||||
|
||||
sed -i \
|
||||
"s/gitlab_url: http*:\/\/.*/gitlab_url: ${gl_proto}:\/\/${GITLAB_HOST}/"\
|
||||
${gitlab_shell_root}/config.yml
|
||||
|
||||
# Check gitlab is configured correctly
|
||||
su ${gitlab_user} -s /bin/sh -c 'bundle exec rake gitlab:check RAILS_ENV=production'
|
||||
|
||||
|
|
Loading…
Reference in a new issue