/etc/make.conf
WITH_PKGNG= yes
WITH_PGSQL_VER= 93
DEFAULT_VERSIONS= ruby=2.1 python=2.7
commands
% cd /usr/ports/ports-mgmt/pkg
% make install clean
% cd /usr/ports/ports-mgmt/portmaster
% make install clean
% portmaster -d shells/bash security/sudo
% portmaster -d lang/ruby21 lang/python lang/gcc
% portmaster -d devel/ruby-gems devel/icu devel/git
% portmaster -d databases/redis databases/mariadb55-server
% cd /usr/local/bin
% ln -s gcc47 gcc
% ln -s g++47 g++
% pw addgroup git
% pw adduser git -g git -m -d /home/git -c "GitLab"
% cd /home/git/
% sudo -u git -H git clone https://github.com/gitlabhq/gitlab-shell.git
% cd gitlab-shell
% sudo -u git -H git checkout v1.9.6
% sudo -u git -H cp config.yml.example config.yml
/home/git/gitlab-shell/config.yml
# GitLab user. git by default
user: git
# Url to gitlab instance. Used for api calls. Should end with a slash.
gitlab_url: "http://yourdomain/"
http_settings:
# user: someone
# password: somepass
# ca_file: /etc/ssl/cert.pem
# ca_path: /etc/pki/tls/certs
self_signed_cert: false
# Repositories path
# Give the canonicalized absolute pathname,
# REPOS_PATH MUST NOT CONTAIN ANY SYMLINK!!!
# Check twice that none of the components is a symlink, including "/home".
repos_path: "/home/git/repositories"
# File used as authorized_keys for gitlab user
auth_file: "/home/git/.ssh/authorized_keys"
# Redis settings used for pushing commit notices to gitlab
redis:
bin: /usr/local/bin/redis-cli
host: 127.0.0.1
port: 6379
# socket: /tmp/redis.socket # Only define this if you want to use sockets
namespace: resque:gitlab
# Log file.
# Default is gitlab-shell.log in the root directory.
log_file: "/home/git/gitlab-shell/gitlab-shell.log"
# Log level. INFO by default
log_level: INFO
# Audit usernames.
# Set to true to see real usernames in the logs instead of key ids, which is easier to follow, but
# incurs an extra API call on every gitlab-shell command.
audit_usernames: false
/etc/rc.conf
redis_enable="YES"
mysql_enable="YES"
commands
% service redis start
% sudo -u git -H ./bin/install
% service mysql-server start
% /usr/local/bin/mysql_secure_installation
% mysql -u root -p
MariaDB [(none)]> CREATE USER 'gitlab'@'localhost' IDENTIFIED BY 'password';
MariaDB [(none)]> CREATE DATABASE IF NOT EXISTS `gitlabhq_production` DEFAULT CHARACTER SET `utf8` COLLATE `utf8_unicode_ci`;
MariaDB [(none)]> GRANT SELECT, LOCK TABLES, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON `gitlabhq_production`.* TO 'gitlab'@'localhost';
MariaDB [(none)]> ctrl + d
% cd /home/git
% sudo -u git -H git clone https://github.com/gitlabhq/gitlabhq.git gitlab
% cd /home/git/gitlab
% sudo -u git -H git checkout v7.1.1
% sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml
/home/git/gitlab/config/gitlab.yml
# # # # # # # # # # # # # # # # # #
# GitLab application config file #
# # # # # # # # # # # # # # # # # #
#
# How to use:
# 1. copy file as gitlab.yml
# 2. Replace gitlab -> host with your domain
# 3. Replace gitlab -> email_from
production: &base
#
# 1. GitLab app settings
# ==========================
## GitLab settings
gitlab:
## Web server settings (note: host is the FQDN, do not include http://)
host: yourdomain
port: 80
https: false
# Uncommment this line below if your ssh host is different from HTTP/HTTPS one
# (you'd obviously need to replace ssh.host_example.com with your own host).
# Otherwise, ssh host will be set to the `host:` value above
# ssh_host: ssh.host_example.com
# WARNING: See config/application.rb under "Relative url support" for the list of
# other files that need to be changed for relative url support
# relative_url_root: /gitlab
# Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
# user: git
## Email settings
# Email address used in the "From" field in mails sent by GitLab
email_from: gitlab@localhost
# Email server smtp settings are in [a separate file](initializers/smtp_settings.rb.sample).
## User settings
default_projects_limit: 10
# default_can_create_group: false # default: true
# username_changing_enabled: false # default: true - User can change her username/namespace
## Default theme
## BASIC = 1
## MARS = 2
## MODERN = 3
## GRAY = 4
## COLOR = 5
# default_theme: 2 # default: 2
## Users can create accounts
# This also allows normal users to sign up for accounts themselves
# default: false - By default GitLab administrators must create all new accounts
# signup_enabled: true
## Standard login settings
# The standard login can be disabled to force login via LDAP
# default: true - If set to false the standard login form won't be shown on the sign-in page
# signin_enabled: false
# Restrict setting visibility levels for non-admin users.
# The default is to allow all levels.
#restricted_visibility_levels: [ "public" ]
## Automatic issue closing
# If a commit message matches this regular expression, all issues referenced from the matched text will be closed.
# This happens when the commit is pushed or merged into the default branch of a project.
# When not specified the default issue_closing_pattern as specified below will be used.
# issue_closing_pattern: '([Cc]lose[sd]|[Ff]ixe[sd]) #(\d+)'
## Default project features settings
default_projects_features:
issues: true
merge_requests: true
wiki: true
snippets: false
visibility_level: "private" # can be "private" | "internal" | "public"
## Repository downloads directory
# When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory.
# The default is 'tmp/repositories' relative to the root of the Rails app.
# repository_downloads_path: tmp/repositories
## External issues trackers
issues_tracker:
# redmine:
# title: "Redmine"
# ## If not nil, link 'Issues' on project page will be replaced with this
# ## Use placeholders:
# ## :project_id - GitLab project identifier
# ## :issues_tracker_id - Project Name or Id in external issue tracker
# project_url: "http://redmine.sample/projects/:issues_tracker_id"
#
# ## If not nil, links from /#\d/ entities from commit messages will replaced with this
# ## Use placeholders:
# ## :project_id - GitLab project identifier
# ## :issues_tracker_id - Project Name or Id in external issue tracker
# ## :id - Issue id (from commit messages)
# issues_url: "http://redmine.sample/issues/:id"
#
# ## If not nil, links to creating new issues will be replaced with this
# ## Use placeholders:
# ## :project_id - GitLab project identifier
# ## :issues_tracker_id - Project Name or Id in external issue tracker
# new_issue_url: "http://redmine.sample/projects/:issues_tracker_id/issues/new"
#
# jira:
# title: "Atlassian Jira"
# project_url: "http://jira.sample/issues/?jql=project=:issues_tracker_id"
# issues_url: "http://jira.sample/browse/:id"
# new_issue_url: "http://jira.sample/secure/CreateIssue.jspa"
## Gravatar
gravatar:
enabled: true # Use user avatar image from Gravatar.com (default: true)
# gravatar urls: possible placeholders: %{hash} %{size} %{email}
# plain_url: "http://..." # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
# ssl_url: "https://..." # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
#
# 2. Auth settings
# ==========================
## LDAP settings
# You can inspect a sample of the LDAP users with login access by running:
# bundle exec rake gitlab:ldap:check RAILS_ENV=production
ldap:
enabled: false
host: '_your_ldap_server'
port: 636
uid: 'sAMAccountName'
method: 'ssl' # "tls" or "ssl" or "plain"
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
password: '_the_password_of_the_bind_user'
# If allow_username_or_email_login is enabled, GitLab will ignore everything
# after the first '@' in the LDAP username submitted by the user on login.
#
# Example:
# - the user enters '[email protected]' and 'p@ssw0rd' as LDAP credentials;
# - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
#
# If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
# disable this setting, because the userPrincipalName contains an '@'.
allow_username_or_email_login: true
# Base where we can search for users
#
# Ex. ou=People,dc=gitlab,dc=example
#
base: ''
# Filter LDAP users
#
# Format: RFC 4515
# Ex. (employeeType=developer)
#
user_filter: ''
## OmniAuth settings
omniauth:
# Allow login via Twitter, Google, etc. using OmniAuth providers
enabled: false
# CAUTION!
# This allows users to login without having a user account first (default: false).
# User accounts will be created automatically when authentication was successful.
allow_single_sign_on: false
# Locks down those users until they have been cleared by the admin (default: true).
block_auto_created_users: true
## Auth providers
# Uncomment the following lines and fill in the data of the auth provider you want to use
# If your favorite auth provider is not listed you can use others:
# see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations
# The 'app_id' and 'app_secret' parameters are always passed as the first two
# arguments, followed by optional 'args' which can be either a hash or an array.
# Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html
providers:
# - { name: 'google_oauth2', app_id: 'YOUR APP ID',
# app_secret: 'YOUR APP SECRET',
# args: { access_type: 'offline', approval_prompt: '' } }
# - { name: 'twitter', app_id: 'YOUR APP ID',
# app_secret: 'YOUR APP SECRET'}
# - { name: 'github', app_id: 'YOUR APP ID',
# app_secret: 'YOUR APP SECRET',
# args: { scope: 'user:email' } }
#
# 3. Advanced settings
# ==========================
# GitLab Satellites
satellites:
# Relative paths are relative to Rails.root (default: tmp/repo_satellites/)
path: /home/git/gitlab-satellites/
## Backup settings
backup:
path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/)
# keep_time: 604800 # default: 0 (forever) (in seconds)
## GitLab Shell settings
gitlab_shell:
path: /home/git/gitlab-shell/
# REPOS_PATH MUST NOT BE A SYMLINK!!!
repos_path: /home/git/repositories/
hooks_path: /home/git/gitlab-shell/hooks/
# Git over HTTP
upload_pack: true
receive_pack: true
# If you use non-standard ssh port you need to specify it
# ssh_port: 22
## Git settings
# CAUTION!
# Use the default values unless you really know what you are doing
git:
bin_path: /usr/local/bin/git
# The next value is the maximum memory size grit can use
# Given in number of bytes per git object (e.g. a commit)
# This value can be increased if you have very large commits
max_size: 20971520 # 20.megabytes
# Git timeout to read a commit, in seconds
timeout: 10
#
# 4. Extra customization
# ==========================
extra:
## Google analytics. Uncomment if you want it
# google_analytics_id: '_your_tracking_id'
## Piwik analytics.
# piwik_url: '_your_piwik_url'
# piwik_site_id: '_your_piwik_site_id'
## Text under sign-in page (Markdown enabled)
# sign_in_text: |
# 
# [Learn more about CompanyName](http://www.companydomain.com/)
development:
<<: *base
test:
<<: *base
gravatar:
enabled: true
gitlab:
host: localhost
port: 80
issues_tracker:
redmine:
title: "Redmine"
project_url: "http://redmine/projects/:issues_tracker_id"
issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
staging:
<<: *base
commands
% sudo chown -R git log/
% sudo chown -R git tmp/
% sudo chmod -R u+rwX log/
% sudo chmod -R u+rwX tmp/
% sudo -u git -H mkdir /home/git/gitlab-satellites/
% sudo -u git -H mkdir tmp/pids/
% sudo -u git -H mkdir tmp/sockets/
% sudo chmod -R u+rwX tmp/pids/
% sudo chmod -R u+rwX tmp/sockets/
% sudo -u git -H mkdir public/uploads
% sudo chmod -R u+rwX public/uploads
% sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb
% sudo -u git -H git config --global user.name "GitLab"
% sudo -u git -H git config --global user.email "gitlab@localhost"
% sudo -u git -H git config --global core.autocrlf input
% sudo -u git cp config/database.yml.mysql config/database.yml
/home/git/gitlab/config/unicorn.rb
# Sample verbose configuration file for Unicorn (not Rack)
#
# This configuration file documents many features of Unicorn
# that may not be needed for some applications. See
# http://unicorn.bogomips.org/examples/unicorn.conf.minimal.rb
# for a much simpler configuration file.
#
# See http://unicorn.bogomips.org/Unicorn/Configurator.html for complete
# documentation.
# WARNING: See config/application.rb under "Relative url support" for the list of
# other files that need to be changed for relative url support
#
# ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab"
# Use at least one worker per core if you're on a dedicated server,
# more will usually help for _short_ waits on databases/caches.
worker_processes 2
# Since Unicorn is never exposed to outside clients, it does not need to
# run on the standard HTTP port (80), there is no reason to start Unicorn
# as root unless it's from system init scripts.
# If running the master process as root and the workers as an unprivileged
# user, do this to switch euid/egid in the workers (also chowns logs):
# user "unprivileged_user", "unprivileged_group"
# Help ensure your application will always spawn in the symlinked
# "current" directory that Capistrano sets up.
working_directory "/home/git/gitlab" # available in 0.94.0+
# listen on both a Unix domain socket and a TCP port,
# we use a shorter backlog for quicker failover when busy
#listen "/home/git/gitlab/tmp/sockets/gitlab.socket", :backlog => 64
listen "127.0.0.1:8080", :tcp_nopush => true
# nuke workers after 30 seconds instead of 60 seconds (the default)
#
# NOTICE: git push over http depends on this value.
# If you want be able to push huge amount of data to git repository over http
# you will have to increase this value too.
#
# Example of output if you try to push 1GB repo to GitLab over http.
# -> git push http://gitlab.... master
#
# error: RPC failed; result=18, HTTP code = 200
# fatal: The remote end hung up unexpectedly
# fatal: The remote end hung up unexpectedly
#
# For more information see http://stackoverflow.com/a/21682112/752049
#
timeout 30
# feel free to point this anywhere accessible on the filesystem
pid "/home/git/gitlab/tmp/pids/unicorn.pid"
# By default, the Unicorn logger will write to stderr.
# Additionally, some applications/frameworks log to stderr or stdout,
# so prevent them from going to /dev/null when daemonized here:
stderr_path "/home/git/gitlab/log/unicorn.stderr.log"
stdout_path "/home/git/gitlab/log/unicorn.stdout.log"
# combine Ruby 2.0.0dev or REE with "preload_app true" for memory savings
# http://rubyenterpriseedition.com/faq.html#adapt_apps_for_cow
preload_app true
GC.respond_to?(:copy_on_write_friendly=) and
GC.copy_on_write_friendly = true
# Enable this flag to have unicorn test client connections by writing the
# beginning of the HTTP headers before calling the application. This
# prevents calling the application for connections that have disconnected
# while queued. This is only guaranteed to detect clients on the same
# host unicorn runs on, and unlikely to detect disconnects even on a
# fast LAN.
check_client_connection false
before_fork do |server, worker|
# the following is highly recomended for Rails + "preload_app true"
# as there's no need for the master process to hold a connection
defined?(ActiveRecord::Base) and
ActiveRecord::Base.connection.disconnect!
# The following is only recommended for memory/DB-constrained
# installations. It is not needed if your system can house
# twice as many worker_processes as you have configured.
#
# This allows a new master process to incrementally
# phase out the old master process with SIGTTOU to avoid a
# thundering herd (especially in the "preload_app false" case)
# when doing a transparent upgrade. The last worker spawned
# will then kill off the old master process with a SIGQUIT.
old_pid = "#{server.config[:pid]}.oldbin"
if old_pid != server.pid
begin
sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU
Process.kill(sig, File.read(old_pid).to_i)
rescue Errno::ENOENT, Errno::ESRCH
end
end
#
# Throttle the master from forking too quickly by sleeping. Due
# to the implementation of standard Unix signal handlers, this
# helps (but does not completely) prevent identical, repeated signals
# from being lost when the receiving process is busy.
# sleep 1
end
after_fork do |server, worker|
# per-process listener ports for debugging/admin/migrations
# addr = "127.0.0.1:#{9293 + worker.nr}"
# server.listen(addr, :tries => -1, :delay => 5, :tcp_nopush => true)
# the following is *required* for Rails + "preload_app true",
defined?(ActiveRecord::Base) and
ActiveRecord::Base.establish_connection
# if preload_app is true, then you may also want to check and
# restart any other shared sockets/descriptors such as Memcached,
# and Redis. TokyoCabinet file handles are safe to reuse
# between any number of forked children (assuming your kernel
# correctly implements pread()/pwrite() system calls)
end
/home/git/gitlab/config/databases.yml
#
# PRODUCTION
#
production:
adapter: mysql2
encoding: utf8
reconnect: false
database: gitlabhq_production
pool: 10
username: gitlab
password: password
# host: localhost
socket: /tmp/mysql.sock
#
# Development specific
#
development:
adapter: mysql2
encoding: utf8
reconnect: false
database: gitlabhq_development
pool: 5
username: root
password: "secure password"
# socket: /tmp/mysql.sock
# Warning: The database defined as "test" will be erased and
# re-generated from your development database when you run "rake".
# Do not set this db to the same as development or production.
test: &test
adapter: mysql2
encoding: utf8
reconnect: false
database: gitlabhq_test
pool: 5
username: root
password:
# socket: /tmp/mysql.sock
commands
% sudo -u git -H chmod o-rwx config/database.yml
% gem install charlock_holmes --version '0.6.9.4' --no-ri --no-rdoc
% gem install bundler --no-ri --no-rdoc
% sudo -u git -H bundle install --deployment --without development test postgres aws
% sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production
% sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production
% cp /home/git/gitlab/lib/support/init.d/gitlab /usr/local/etc/rc.d/
% chmod +x /usr/local/etc/rc.d/gitlab
% sudo -u git -H cp config/resque.yml.example config/resque.yml
% sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production
% service gitlab start