Skip to content

G
gitlab-ce
Commit b3e60816 authored by Kamil Trzcinski's avatar Kamil Trzcinski
Browse files
Options

Update init scripts and installation guide

parent 44f5645f
Hide whitespace changes
Inline Side-by-side
Showing with 146 additions and 33 deletions
doc/install/installation.md
View file @ b3e60816
...@@ -363,6 +363,14 @@ GitLab Shell is an SSH access and repository management software developed speci ...@@ -363,6 +363,14 @@ GitLab Shell is an SSH access and repository management software developed speci
cd gitlab-workhorse cd gitlab-workhorse
sudo -u git -H git checkout 0.6.4 sudo -u git -H git checkout 0.6.4
sudo -u git -H make sudo -u git -H make
### Install gitlab-pages daemon
cd /home/git
sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-pages.git
cd gitlab-pages
sudo -u git -H git checkout 0.1.0
sudo -u git -H make
### Initialize Database and Activate Advanced Features ### Initialize Database and Activate Advanced Features
......
doc/pages/README.md
View file @ b3e60816
...@@ -47,13 +47,42 @@ URL it will be accessible. ...@@ -47,13 +47,42 @@ URL it will be accessible.
## Enable the pages feature in your project ## Enable the pages feature in your project
The GitLab Pages feature needs to be explicitly enabled for each project The GitLab Pages feature is enabled when the valid `.gitlab-ci.yml` is configured
under its **Settings**. in your project.
## Use custom domain
You can define multiple domains for your pages.
Go to **Settings > Pages** and click a **New Domain**.
You will be asked to fill simple form where you put the **Domain** name.
You can use the specified domain only once.
After adding domain you need to configure your DNS to point to your Pages.
To do so add the **CNAME** record for your domain pointing to: `walter.example.com`.
Where `walter` is your group or username.
If you are unable to add a **CNAME**, because your is top-level domain.
You can check the IP address of server serving GitLab Pages:
$ dig walter.example.com
walter.example.com. 300 IN A 1.1.1.1
Add a **A** record pointing to **1.1.1.1**.
## Use custom domain with custom certificates
_**Note:** This feature was [introduced][ee-80] in GitLab EE 8.5_
When defining the domain you can also paste the custom certificates.
You need to paste the certificate with all intermediate certificates required to build a trust chain in PEM format.
The second you need to send us the private key for your certificate.
_**Note:** This feature was [introduced][ee-80] in GitLab EE 8.5 and needs to be explicitly enabled by your Administrator_
## Remove the contents of your pages ## Remove the contents of your pages
Pages can be explicitly removed from a project by clicking **Remove Pages** Pages can be explicitly removed from a project by clicking **Remove Pages**
in a project's **Settings**. in a project's **Settings > Pages**.
## Explore the contents of .gitlab-ci.yml ## Explore the contents of .gitlab-ci.yml
......
doc/update/8.5-ce-to-ee.md
View file @ b3e60816
...@@ -47,12 +47,32 @@ sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production ...@@ -47,12 +47,32 @@ sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
sudo -u git -H bundle exec rake assets:clean assets:precompile cache:clear RAILS_ENV=production sudo -u git -H bundle exec rake assets:clean assets:precompile cache:clear RAILS_ENV=production
``` ```
### 4. Start application ### 4. Install gitlab-pages daemon
cd /home/git
sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-pages.git
cd gitlab-pages
sudo -u git -H git checkout 0.1.0
sudo -u git -H make
### 5. Update the init scripts
Download the init script (will be `/etc/init.d/gitlab`):
sudo cp lib/support/init.d/gitlab /etc/init.d/gitlab
And if you are installing with a non-default folder or user copy and edit the defaults file:
sudo cp lib/support/init.d/gitlab.default.example /etc/default/gitlab
**Note:** This is required to have a support for GitLab Pages.
### 6. Start application
sudo service gitlab start sudo service gitlab start
sudo service nginx restart sudo service nginx restart
### 5. Check application status ### 7. Check application status
Check if GitLab and its environment are configured correctly: Check if GitLab and its environment are configured correctly:
......
lib/support/init.d/gitlab
View file @ b3e60816
...@@ -89,6 +89,13 @@ check_pids(){ ...@@ -89,6 +89,13 @@ check_pids(){
mpid=0 mpid=0
fi fi
fi fi
if [ "$gitlab_pages_enabled" = true ]; then
if [ -f "$gitlab_pages_pid_path" ]; then
gppid=$(cat "$gitlab_pages_pid_path")
else
gppid=0
fi
fi
} }
## Called when we have started the two processes and are waiting for their pid files. ## Called when we have started the two processes and are waiting for their pid files.
...@@ -144,7 +151,15 @@ check_status(){ ...@@ -144,7 +151,15 @@ check_status(){
mail_room_status="-1" mail_room_status="-1"
fi fi
fi fi
if [ $web_status = 0 ] && [ $sidekiq_status = 0 ] && [ $gitlab_workhorse_status = 0 ] && { [ "$mail_room_enabled" != true ] || [ $mail_room_status = 0 ]; }; then if [ "$gitlab_pages_enabled" = true ]; then
if [ $gppid -ne 0 ]; then
kill -0 "$gppid" 2>/dev/null
gitlab_pages_status="$?"
else
gitlab_pages_status="-1"
fi
fi
if [ $web_status = 0 ] && [ $sidekiq_status = 0 ] && [ $gitlab_workhorse_status = 0 ] && { [ "$mail_room_enabled" != true ] || [ $mail_room_status = 0 ]; } && { [ "$gitlab_pages_enabled" != true ] || [ $gitlab_pages_status = 0 ]; }; then
gitlab_status=0 gitlab_status=0
else else
# http://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html # http://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html
...@@ -186,12 +201,19 @@ check_stale_pids(){ ...@@ -186,12 +201,19 @@ check_stale_pids(){
exit 1 exit 1
fi fi
fi fi
if [ "$gitlab_pages_enabled" = true ] && [ "$gppid" != "0" ] && [ "$gitlab_pages_status" != "0" ]; then
echo "Removing stale GitLab Pages job dispatcher pid. This is most likely caused by GitLab Pages crashing the last time it ran."
if ! rm "$gitlab_pages_pid_path"; then
echo "Unable to remove stale pid, exiting"
exit 1
fi
fi
} }
## If no parts of the service is running, bail out. ## If no parts of the service is running, bail out.
exit_if_not_running(){ exit_if_not_running(){
check_stale_pids check_stale_pids
if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; }; then if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; } && { [ "$gitlab_pages_enabled" != true ] || [ "$gitlab_pages_status" != "0" ]; }; then
echo "GitLab is not running." echo "GitLab is not running."
exit exit
fi fi
...@@ -213,6 +235,9 @@ start_gitlab() { ...@@ -213,6 +235,9 @@ start_gitlab() {
if [ "$mail_room_enabled" = true ] && [ "$mail_room_status" != "0" ]; then if [ "$mail_room_enabled" = true ] && [ "$mail_room_status" != "0" ]; then
echo "Starting GitLab MailRoom" echo "Starting GitLab MailRoom"
fi fi
if [ "$mail_room_enabled" = true ] && [ "$gitlab_pages_status" != "0" ]; then
echo "Starting GitLab Pages"
fi
# Then check if the service is running. If it is: don't start again. # Then check if the service is running. If it is: don't start again.
if [ "$web_status" = "0" ]; then if [ "$web_status" = "0" ]; then
...@@ -252,6 +277,16 @@ start_gitlab() { ...@@ -252,6 +277,16 @@ start_gitlab() {
fi fi
fi fi
if [ "$gitlab_pages_enabled" = true ]; then
if [ "$gitlab_pages_status" = "0" ]; then
echo "The GitLab Pages is already running with pid $spid, not restarting"
else
$app_root/bin/daemon_with_pidfile $gitlab_pages_pid_path \
$gitlab_pages_dir/gitlab-pages $gitlab_pages_options \
>> $gitlab_pages_log 2>&1 &
fi
fi
# Wait for the pids to be planted # Wait for the pids to be planted
wait_for_pids wait_for_pids
# Finally check the status to tell wether or not GitLab is running # Finally check the status to tell wether or not GitLab is running
...@@ -278,13 +313,17 @@ stop_gitlab() { ...@@ -278,13 +313,17 @@ stop_gitlab() {
echo "Shutting down GitLab MailRoom" echo "Shutting down GitLab MailRoom"
RAILS_ENV=$RAILS_ENV bin/mail_room stop RAILS_ENV=$RAILS_ENV bin/mail_room stop
fi fi
if [ "$gitlab_pages_status" = "0" ]; then
echo "Shutting down gitlab-pages"
kill -- $(cat $gitlab_pages_pid_path)
fi
# If something needs to be stopped, lets wait for it to stop. Never use SIGKILL in a script. # If something needs to be stopped, lets wait for it to stop. Never use SIGKILL in a script.
while [ "$web_status" = "0" ] || [ "$sidekiq_status" = "0" ] || [ "$gitlab_workhorse_status" = "0" ] || { [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; }; do while [ "$web_status" = "0" ] || [ "$sidekiq_status" = "0" ] || [ "$gitlab_workhorse_status" = "0" ] || { [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; } || { [ "$gitlab_pages_enabled" = true ] && [ "$gitlab_pages_status" = "0" ]; }; do
sleep 1 sleep 1
check_status check_status
printf "." printf "."
if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; }; then if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; } && { [ "$gitlab_pages_enabled" != true ] || [ "$gitlab_pages_status" != "0" ]; }; then
printf "\n" printf "\n"
break break
fi fi
...@@ -298,6 +337,7 @@ stop_gitlab() { ...@@ -298,6 +337,7 @@ stop_gitlab() {
if [ "$mail_room_enabled" = true ]; then if [ "$mail_room_enabled" = true ]; then
rm "$mail_room_pid_path" 2>/dev/null rm "$mail_room_pid_path" 2>/dev/null
fi fi
rm -f "$gitlab_pages_pid_path"
print_status print_status
} }
...@@ -305,7 +345,7 @@ stop_gitlab() { ...@@ -305,7 +345,7 @@ stop_gitlab() {
## Prints the status of GitLab and its components. ## Prints the status of GitLab and its components.
print_status() { print_status() {
check_status check_status
if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; }; then if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; } && { [ "$gitlab_pages_enabled" != true ] || [ "$gitlab_pages_status" != "0" ]; }; then
echo "GitLab is not running." echo "GitLab is not running."
return return
fi fi
...@@ -331,7 +371,14 @@ print_status() { ...@@ -331,7 +371,14 @@ print_status() {
printf "The GitLab MailRoom email processor is \033[31mnot running\033[0m.\n" printf "The GitLab MailRoom email processor is \033[31mnot running\033[0m.\n"
fi fi
fi fi
if [ "$web_status" = "0" ] && [ "$sidekiq_status" = "0" ] && [ "$gitlab_workhorse_status" = "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" = "0" ]; }; then if [ "$gitlab_pages_enabled" = true ]; then
if [ "$gitlab_pages_status" = "0" ]; then
echo "The GitLab Pages with pid $mpid is running."
else
printf "The GitLab Pages is \033[31mnot running\033[0m.\n"
fi
fi
if [ "$web_status" = "0" ] && [ "$sidekiq_status" = "0" ] && [ "$gitlab_workhorse_status" = "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" = "0" ]; } && { [ "$gitlab_pages_enabled" != true ] || [ "$gitlab_pages_status" = "0" ]; }; then
printf "GitLab and all its components are \033[32mup and running\033[0m.\n" printf "GitLab and all its components are \033[32mup and running\033[0m.\n"
fi fi
} }
...@@ -362,7 +409,7 @@ reload_gitlab(){ ...@@ -362,7 +409,7 @@ reload_gitlab(){
## Restarts Sidekiq and Unicorn. ## Restarts Sidekiq and Unicorn.
restart_gitlab(){ restart_gitlab(){
check_status check_status
if [ "$web_status" = "0" ] || [ "$sidekiq_status" = "0" ] || [ "$gitlab_workhorse" = "0" ] || { [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; }; then if [ "$web_status" = "0" ] || [ "$sidekiq_status" = "0" ] || [ "$gitlab_workhorse" = "0" ] || { [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; } || { [ "$gitlab_pages_enabled" = true ] && [ "$gitlab_pages_status" = "0" ]; }; then
stop_gitlab stop_gitlab
fi fi
start_gitlab start_gitlab
......
lib/support/init.d/gitlab.default.example
View file @ b3e60816
...@@ -47,6 +47,19 @@ gitlab_workhorse_pid_path="$pid_path/gitlab-workhorse.pid" ...@@ -47,6 +47,19 @@ gitlab_workhorse_pid_path="$pid_path/gitlab-workhorse.pid"
gitlab_workhorse_options="-listenUmask 0 -listenNetwork unix -listenAddr $socket_path/gitlab-workhorse.socket -authBackend http://127.0.0.1:8080 -authSocket $socket_path/gitlab.socket -documentRoot $app_root/public" gitlab_workhorse_options="-listenUmask 0 -listenNetwork unix -listenAddr $socket_path/gitlab-workhorse.socket -authBackend http://127.0.0.1:8080 -authSocket $socket_path/gitlab.socket -documentRoot $app_root/public"
gitlab_workhorse_log="$app_root/log/gitlab-workhorse.log" gitlab_workhorse_log="$app_root/log/gitlab-workhorse.log"
# The GitLab Pages Daemon needs to use separate IP address on which it will listen
# You can also use the different ports (80 or 443) that will be forwarded to GitLab Pages Daemon
# To enable HTTP support for custom domains:
# -listen-http 1.1.1.1:80
# The value of -listen-http must be set to `gitlab.yml:pages:external_http`
# To enable HTTPS support for custom domains and certificates:
# -listen-https 1.1.1.1:443 -root-cert /path/to/example.com.crt -root-key /path/to/example.com.key
# The value of -listen-https must be set to `gitlab.yml:pages:external_http`
# The -pages-domain must be specified the same as in `gitlab.yml`
gitlab_pages_enabled=true
gitlab_pages_options="-pages-domain example.com -pages-root $app_root/shared/pages -listen-proxy 127.0.0.1:8282"
gitlab_pages_log="$app_root/log/gitlab-pages.log"
# mail_room_enabled specifies whether mail_room, which is used to process incoming email, is enabled. # mail_room_enabled specifies whether mail_room, which is used to process incoming email, is enabled.
# This is required for the Reply by email feature. # This is required for the Reply by email feature.
# The default is "false" # The default is "false"
......
lib/support/nginx/gitlab-pages
View file @ b3e60816
...@@ -7,21 +7,19 @@ server { ...@@ -7,21 +7,19 @@ server {
listen [::]:80 ipv6only=on; listen [::]:80 ipv6only=on;
## Replace this with something like pages.gitlab.com ## Replace this with something like pages.gitlab.com
server_name ~^(?<group>.*)\.YOUR_GITLAB_PAGES\.DOMAIN$; server_name *.YOUR_GITLAB_PAGES.DOMAIN;
root /home/git/gitlab/shared/pages/${group};
## Individual nginx logs for GitLab pages ## Individual nginx logs for GitLab pages
access_log /var/log/nginx/gitlab_pages_access.log; access_log /var/log/nginx/gitlab_pages_access.log;
error_log /var/log/nginx/gitlab_pages_error.log; error_log /var/log/nginx/gitlab_pages_error.log;
# 1. Try to get /path/ from shared/pages/${group}/${path}/public/ location / {
# 2. Try to get / from shared/pages/${group}/${host}/public/ proxy_set_header Host $http_host;
location ~ ^/([^/]*)(/.*)?$ { proxy_set_header X-Real-IP $remote_addr;
try_files "/$1/public$2" proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
"/$1/public$2/index.html" proxy_set_header X-Forwarded-Proto $scheme;
"/${host}/public/${uri}" # The same address as passed to GitLab Pages: `-listen-proxy`
"/${host}/public/${uri}/index.html" proxy_pass http://localhost:8282/;
=404;
} }
# Define custom error pages # Define custom error pages
......
lib/support/nginx/gitlab-pages-ssl
View file @ b3e60816
...@@ -11,7 +11,7 @@ server { ...@@ -11,7 +11,7 @@ server {
listen [::]:80 ipv6only=on; listen [::]:80 ipv6only=on;
## Replace this with something like pages.gitlab.com ## Replace this with something like pages.gitlab.com
server_name ~^(?<group>.*)\.YOUR_GITLAB_PAGES\.DOMAIN$; server_name *.YOUR_GITLAB_PAGES.DOMAIN;
server_tokens off; ## Don't show the nginx version number, a security best practice server_tokens off; ## Don't show the nginx version number, a security best practice
return 301 https://$http_host$request_uri; return 301 https://$http_host$request_uri;
...@@ -26,9 +26,8 @@ server { ...@@ -26,9 +26,8 @@ server {
listen [::]:443 ipv6only=on ssl; listen [::]:443 ipv6only=on ssl;
## Replace this with something like pages.gitlab.com ## Replace this with something like pages.gitlab.com
server_name ~^(?<group>.*)\.YOUR_GITLAB_PAGES\.DOMAIN$; server_name *.YOUR_GITLAB_PAGES.DOMAIN;
server_tokens off; ## Don't show the nginx version number, a security best practice server_tokens off; ## Don't show the nginx version number, a security best practice
root /home/git/gitlab/shared/pages/${group};
## Strong SSL Security ## Strong SSL Security
## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & https://cipherli.st/ ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & https://cipherli.st/
...@@ -63,14 +62,13 @@ server { ...@@ -63,14 +62,13 @@ server {
access_log /var/log/nginx/gitlab_pages_access.log; access_log /var/log/nginx/gitlab_pages_access.log;
error_log /var/log/nginx/gitlab_pages_error.log; error_log /var/log/nginx/gitlab_pages_error.log;
# 1. Try to get /path/ from shared/pages/${group}/${path}/public/ location / {
# 2. Try to get / from shared/pages/${group}/${host}/public/ proxy_set_header Host $http_host;
location ~ ^/([^/]*)(/.*)?$ { proxy_set_header X-Real-IP $remote_addr;
try_files "/$1/public$2" proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
"/$1/public$2/index.html" proxy_set_header X-Forwarded-Proto $scheme;
"/${host}/public/${uri}" # The same address as passed to GitLab Pages: `-listen-proxy`
"/${host}/public/${uri}/index.html" proxy_pass http://localhost:8282/;
=404;
} }
# Define custom error pages # Define custom error pages
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7