Skip to content

Instantly share code, notes, and snippets.

@fire

fire/gitlab.md

Forked from jhoughtelin/gitlab.sh
Last active January 22, 2020 09:17
Show Gist options
  • Save fire/d4f488d2aa699fcf752d to your computer and use it in GitHub Desktop.
Save fire/d4f488d2aa699fcf752d to your computer and use it in GitHub Desktop.
Download ZIP
Git lab install on smartos
Raw
gitlab.md

Gitlabs on Smartos

Note this script is not executable. Please read through and manually apply each command.

Install necessary packages

  pkgin up
  pkgin -y in \
        bash \
        coreutils \
        curl \
        gcc47 \
        gcc47-runtime \
        gmake \
        icu \
        libxml2 \
        libxslt \
        patch \
        redis \
        scmgit \
        scons \
        libyaml \
        automake \
        autoconf \
        mit-krb5

Done Snapshot: packagesinstalled

Enable redis server

  svcadm enable redis

Done Snapshot: redisactivated

Create git user for gitlab

  groupadd git
  useradd -s /bin/sh -c 'Git Version Control' -g git -d /home/git -m git
  passwd git # supermegaultralongpasswordthatnoonewilleverrememberyetaloneguess
  usermod -G git git

Done snapshot: gitusercreated

Clone gitlab-shell for gitlabhq

  sudo -u git -H git clone https://github.com/gitlabhq/gitlab-shell.git /home/git/gitlab-shell
  cd /home/git/gitlab-shell
  git checkout v1.4.0

Copy and edit config.yml (IPS Domains etc...)

  cp config.yml.example config.yml
  vi config.yml

Change redis location to /opt/local/bin/redis-cli Change url

Do setup

  ./bin/install

Done snapshot: gitlabshellinstalled

Install mysql server and client and enable it

  pkgin -y in postgresql93-server
  svcadm enable postgres

Connect to mysql no password at beginning

  # sudo -u postgres psql -U postgres

Create a user for GitLab. (change $password to a real password)

  CREATE USER gitlab WITH PASSWORD 'test_password';

Create the GitLab production database

  CREATE DATABASE gitlabhq_production OWNER gitlab;

Grant the GitLab user necessary permissions on the table.

  \c gitlabhq_production
  GRANT select, insert, update, delete on ALL TABLES IN SCHEMA public TO gitlab;

Add account to pg_hba.conf

  local   gitlabhq_production git                             peer

Try connecting to the new database with the new user # sudo -u git psql -d gitlabhq_production

Done snapshot: postgresqlworking

Installing gitlab in git folder

  cd /home/git/

Clone GitLab repository sudo -u git -H git clone https://github.com/gitlabhq/gitlabhq.git gitlab

Go to gitlab dir cd /home/git/gitlab

Checkout to stable release sudo -u git -H git checkout 7-10-stable

Done snapshot: gitlabcloned

Copy the example GitLab config sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml

Make sure to change "localhost" to the fully-qualified domain name of your

host serving GitLab where necessary

Make sure to change the location of the git binary sudo -u git -H vi config/gitlab.yml

Make sure GitLab can write to the log/ and tmp/ directories

  sudo chown -R git log/
  sudo chown -R git tmp/
  sudo chmod -R u+rwX  log/
  sudo chmod -R u+rwX  tmp/

Create directory for satellites

  sudo -u git -H mkdir /home/git/gitlab-satellites

Create directories for sockets/pids and make sure GitLab can write to them

  sudo -u git -H mkdir tmp/pids/
  sudo -u git -H mkdir tmp/sockets/
  sudo chmod -R u+rwX  tmp/pids/
  sudo chmod -R u+rwX  tmp/sockets/

Create public/uploads directory otherwise backup will fail

  sudo -u git -H mkdir public/uploads
  sudo chmod -R u+rwX  public/uploads

Copy the example Puma config and edit if necessary

  sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb
  sudo -u git -H vi config/unicorn.rb

Configure Git global settings for git user, useful when editing via web

Edit user.email according to what is set in gitlab.yml

  sudo -u git -H git config --global user.name "GitLab"
  sudo -u git -H git config --global user.email "gitlab@localhost"

Done snapshot: gitlabconfigured

Configure gitlab db settings

  sudo -u git cp config/database.yml.postgresql config/database.yml
  sudo -u git vi config/database.yml
  sudo -u git chmod 600 config/database.yml

Install gems

  cd /home/git/gitlab

  bundle install --without development test mysql --path vendor/bundle

Done snapshot: bundleinstalled

Install the bundler, otherwise the git user won't find it.

Yes, there's always one illogical step in any HowTo :-(

  gem install bundler
  chown git:other .bundle -R
  chown gitlab:other .bundle -R

Now run as user git

  sudo -u git -H bundle install --deployment --without development test mysql

Done snapshot: bundlecomplete

Initialise Database and Activate Advanced Features

  sudo -u git -H sh -c 'printf "%b\n%b\n" "PATH=\$PATH:/home/git/gitlab" "export PATH" >> /home/git/.profile'
  sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production

Done snapshot: dbtablecreated

Install SMF scripts included

  sudo svccfg import rails-gitlab.xml sidekiq-gitlab.xml

Some fixes for gitlab status checks

Note July 28, 2014: I don't know what this does..

  sudo chown -R git:git /home/git/repositories/
  pkgin -y in ap22-py27-python

Link that we can access with python2

  sudo ln -s /opt/local/bin/python /opt/local/bin/python2

Check gitlab status

  sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production
  sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
  
  sudo chmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites

Trying to start sidekiq (checked that redis server is running)

  sudo -u git -H bundle exec rake sidekiq:start RAILS_ENV=production

installing nginx

  pkgin -y in nginx

  mkdir -p /etc/nginx/sites-available
  sudo curl --output /etc/nginx/sites-available/gitlab https://raw.githubusercontent.com/gitlabhq/gitlabhq/7-0-stable/lib/support/nginx/gitlab-ssl
  sudo ln -s /etc/nginx/sites-available/gitlab /etc/nginx/sites-enabled/gitlab

START Note this is a cas setup for my requirements. It is not needed for general gitlabs.

Working CAS Configuration

Authentication via CAS isn't officially supported. You must satisfy the following requirements before this will work.

  • Your CAS setup must be using CAS 2.0 protocol. omniauth-cas does not support SAML validation.
  • Your CAS protocol must expose at a minimum: First name, Last name, UID, and email.

Install Process

  • Add gem 'omniauth-cas' to Gemfile and do a bundle update (bundle install --without development test mysql --no-deployment --path vendor/bundle)

  • Add CAS to the gitlab.yml with - { name: 'cas' } under providers:

  • Add to the config/initializers/devise.rb file

    ```ruby
config.omniauth :cas, url: 'https://sso.example.com/', disable_ssl_verification: false
```

END

  • Restart GitLab

Note

chmod o-r keys

Make sure git is unlocked

  passwd -u git

Commands to start gitlabs manually

  bundle exec sidekiq -q post_receive -q mailer -q system_hook -q project_web_hook -q gitlab_shell -q common -q default -e production -P           tmp/pids/sidekiq.pid
  bundle exec unicorn -E production -c config/unicorn.rb
  bundle exec rake assets:precompile RAILS_ENV=production
Raw
rails-gitlab.xml
<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type="manifest" name="rails-gitlab">
<service name="site/rails-gitlab" type="service" version="1">
<create_default_instance enabled="true"/>
<single_instance/>
<dependency name="network" grouping="require_all" restart_on="refresh" type="service">
<service_fmri value="svc:/milestone/network:default"/>
</dependency>
<dependency name="filesystem" grouping="require_all" restart_on="refresh" type="service">
<service_fmri value="svc:/system/filesystem/local"/>
</dependency>
<dependency name="nginx" grouping="require_all" restart_on="refresh"
type="service">
<service_fmri value="svc:/pkgsrc/nginx:default"/>
</dependency>
<dependency name="postgresql" grouping="require_all"
restart_on="refresh" type="service">
<service_fmri value="svc:/pkgsrc/postgresql:default"/>
</dependency>
<dependency name="sidekiq-gitlab" grouping="require_all"
restart_on="refresh" type="service">
<service_fmri value="svc:/site/sidekiq-gitlab:default"/>
</dependency>
<method_context working_directory="/home/git/gitlab">
<method_credential user="git" group="git" privileges='basic,net_privaddr' />
<method_environment>
<envvar name="PATH"
value="/home/git/bin:/opt/local/bin/:/usr/local/bin:/usr/bin:/usr/sbin:/bin"/>
<envvar name="RAILS_ENV" value="production"/>
<envvar name="RAILS_ROOT" value="/home/git/gitlab"/>
<envvar name="RUBY_GC_HEAP_INIT_SLOTS" value="800000"/>
<envvar name="RUBY_GC_MALLOC_LIMIT" value="40000000"/>
</method_environment>
</method_context>
<exec_method
type="method"
name="start"
exec="/opt/local/bin/bundle exec unicorn -E production -c config/unicorn.rb"
timeout_seconds="60"/>
<exec_method
type="method"
name="stop"
exec=":kill"
timeout_seconds="60"/>
<property_group name="startd" type="framework">
<propval name="duration" type="astring" value="child"/>
<propval name="ignore_error" type="astring" value="core,signal"/>
</property_group>
<property_group name="application" type="application">
</property_group>
<stability value="Evolving"/>
<template>
<common_name>
<loctext xml:lang="C">Gitlab software to collaborate on code.</loctext>
</common_name>
</template>
</service>
</service_bundle>
Raw
sidekiq-gitlab.xml
<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type="manifest" name="sidekiq-gitlab">
<service name="site/sidekiq-gitlab" type="service" version="1">
<create_default_instance enabled="true"/>
<single_instance/>
<dependency name="network" grouping="require_all" restart_on="refresh" type="service">
<service_fmri value="svc:/milestone/network:default"/>
</dependency>
<dependency name="filesystem" grouping="require_all" restart_on="refresh" type="service">
<service_fmri value="svc:/system/filesystem/local"/>
</dependency>
<dependency name="redis" grouping="require_all" restart_on="refresh"
type="service">
<service_fmri value="svc:/pkgsrc/redis:default"/>
</dependency>
<method_context working_directory="/home/git/gitlab">
<method_credential user="git" group="git" privileges='basic,net_privaddr' />
<method_environment>
<envvar name="PATH"
value="/home/git/bin:/opt/local/bin/:/usr/local/bin:/usr/bin:/usr/sbin:/bin"/>
<envvar name="HOME" value="/home/git"/>
<envvar name="RUBY_GC_HEAP_INIT_SLOTS" value="800000"/>
<envvar name="RUBY_GC_MALLOC_LIMIT" value="40000000"/>
</method_environment>
</method_context>
<exec_method
type="method"
name="start"
exec="/opt/local/bin/bundle exec sidekiq -q
post_receive,mailer,system_hook,project_web_hook,gitlab_shell,common,default -e production -P
tmp/pids/sidekiq.pid"
timeout_seconds="60"/>
<exec_method
type="method"
name="stop"
exec=":kill"
timeout_seconds="60"/>
<property_group name="startd" type="framework">
<propval name="duration" type="astring" value="child"/>
<propval name="ignore_error" type="astring" value="core,signal"/>
</property_group>
<property_group name="application" type="application">
</property_group>
<stability value="Evolving"/>
<template>
<common_name>
<loctext xml:lang="C">Gitlab sidekiq service</loctext>
</common_name>
</template>
</service>
</service_bundle>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment