#!/bin/bash
set -e

GITLAB_VERSION=7.4.3
GITLAB_SHELL_VERSION=2.0.1

GITLAB_INSTALL_DIR="/home/git/gitlab"
GITLAB_DATA_DIR="/home/git/data"
GITLAB_SHELL_INSTALL_DIR="/home/git/gitlab-shell"

SETUP_DIR="/app/setup"
GEM_CACHE_DIR="${SETUP_DIR}/cache"

# rebuild apt cache
apt-get update

# install build dependencies for gem installation
apt-get install -y gcc g++ make patch pkg-config cmake \
  libc6-dev ruby2.1-dev \
  libmysqlclient-dev libpq-dev zlib1g-dev libyaml-dev libssl-dev \
  libgdbm-dev libreadline-dev libncurses5-dev libffi-dev \
  libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev

# remove the host keys generated during openssh-server installation
rm -rf /etc/ssh/ssh_host_*_key /etc/ssh/ssh_host_*_key.pub

# add git user
adduser --disabled-login --gecos 'GitLab' git
passwd -d git

rm -rf /home/git/.ssh
sudo -u git -H mkdir -p ${GITLAB_DATA_DIR}/.ssh
sudo -u git -H ln -s ${GITLAB_DATA_DIR}/.ssh /home/git/.ssh

# create the data store
sudo -u git -H mkdir -p ${GITLAB_DATA_DIR}

# install gitlab-shell, use local copy if available
echo "Cloning gitlab-shell v.${GITLAB_SHELL_VERSION}..."
sudo -u git -H git clone -q -b v${GITLAB_SHELL_VERSION} --depth 1 \
  https://github.com/gitlabhq/gitlab-shell.git ${GITLAB_SHELL_INSTALL_DIR}

cd ${GITLAB_SHELL_INSTALL_DIR}

sudo -u git -H cp -a config.yml.example config.yml
sudo -u git -H ./bin/install

# shallow clone gitlab-ce
echo "Cloning gitlab-ce v.${GITLAB_VERSION}..."
sudo -u git -H git clone -q -b v${GITLAB_VERSION} --depth 1 \
  https://github.com/gitlabhq/gitlabhq.git ${GITLAB_INSTALL_DIR}

cd ${GITLAB_INSTALL_DIR}

# copy default configurations
cp lib/support/nginx/gitlab /etc/nginx/sites-enabled/gitlab
sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml
sudo -u git -H cp config/resque.yml.example config/resque.yml
sudo -u git -H cp config/database.yml.mysql config/database.yml
sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb
sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb
sudo -u git -H cp config/initializers/smtp_settings.rb.sample config/initializers/smtp_settings.rb

# symlink log -> /var/log/gitlab/gitlab
rm -rf log
ln -sf /var/log/gitlab/gitlab log

# create required tmp directories
sudo -u git -H mkdir -p tmp/pids/ tmp/sockets/
chmod -R u+rwX tmp

# create symlink to assets in tmp/cache
rm -rf tmp/cache
sudo -u git -H ln -s ${GITLAB_DATA_DIR}/tmp/cache tmp/cache

# create symlink to assets in public/assets
rm -rf public/assets
sudo -u git -H ln -s ${GITLAB_DATA_DIR}/tmp/public/assets public/assets

# create symlink to uploads directory
rm -rf public/uploads
sudo -u git -H ln -s ${GITLAB_DATA_DIR}/uploads public/uploads

# install gems required by gitlab, use local cache if available
if [ -d "${GEM_CACHE_DIR}" ]; then
  mv ${GEM_CACHE_DIR} vendor/
  chown -R git:git vendor/cache
fi
sudo -u git -H bundle install --deployment --without development test aws

# make sure everything in /home/git is owned by the git user
chown -R git:git /home/git/

# install gitlab bootscript
cp lib/support/init.d/gitlab /etc/init.d/gitlab
chmod +x /etc/init.d/gitlab

# disable default nginx configuration and enable gitlab's nginx configuration
rm -f /etc/nginx/sites-enabled/default

# disable pam authentication for sshd
sed 's/UsePAM yes/UsePAM no/' -i /etc/ssh/sshd_config
sed 's/UsePrivilegeSeparation yes/UsePrivilegeSeparation no/' -i /etc/ssh/sshd_config
echo "UseDNS no" >> /etc/ssh/sshd_config

# move supervisord.log file to /var/log/gitlab/supervisor/
sed 's|^logfile=.*|logfile=/var/log/gitlab/supervisor/supervisord.log ;|' -i /etc/supervisor/supervisord.conf

# move nginx logs to /var/log/gitlab/nginx
sed 's|access_log /var/log/nginx/access.log;|access_log /var/log/gitlab/nginx/access.log;|' -i /etc/nginx/nginx.conf
sed 's|error_log /var/log/nginx/error.log;|error_log /var/log/gitlab/nginx/error.log;|' -i /etc/nginx/nginx.conf

# configure supervisord log rotation
cat > /etc/logrotate.d/supervisord <<EOF
/var/log/gitlab/supervisor/*.log {
  weekly
  missingok
  rotate 52
  compress
  delaycompress
  notifempty
  copytruncate
}
EOF

# configure gitlab log rotation
cat > /etc/logrotate.d/gitlab <<EOF
/var/log/gitlab/gitlab/*.log {
  weekly
  missingok
  rotate 52
  compress
  delaycompress
  notifempty
  copytruncate
}
EOF

# configure gitlab-shell log rotation
cat > /etc/logrotate.d/gitlab <<EOF
/var/log/gitlab/gitlab-shell/*.log {
  weekly
  missingok
  rotate 52
  compress
  delaycompress
  notifempty
  copytruncate
}
EOF

# configure gitlab vhost log rotation
cat > /etc/logrotate.d/gitlab <<EOF
/var/log/gitlab/nginx/*.log {
  weekly
  missingok
  rotate 52
  compress
  delaycompress
  notifempty
  copytruncate
}
EOF

# configure supervisord to start unicorn
cat > /etc/supervisor/conf.d/unicorn.conf <<EOF
[program:unicorn]
priority=10
directory=${GITLAB_INSTALL_DIR}
environment=HOME=/home/git
command=bundle exec unicorn_rails -c ${GITLAB_INSTALL_DIR}/config/unicorn.rb -E production
user=git
autostart=true
autorestart=true
stopsignal=QUIT
stdout_logfile=/var/log/gitlab/supervisor/%(program_name)s.log
stderr_logfile=/var/log/gitlab/supervisor/%(program_name)s.log
EOF

# configure supervisord to start sidekiq
cat > /etc/supervisor/conf.d/sidekiq.conf <<EOF
[program:sidekiq]
priority=10
directory=${GITLAB_INSTALL_DIR}
environment=HOME=/home/git
command=bundle exec sidekiq -c {{SIDEKIQ_CONCURRENCY}}
  -q post_receive
  -q mailer
  -q system_hook
  -q project_web_hook
  -q gitlab_shell
  -q common
  -q default
  -e production
  -P ${GITLAB_INSTALL_DIR}/tmp/pids/sidekiq.pid
  -L ${GITLAB_INSTALL_DIR}/log/sidekiq.log
user=git
autostart=true
autorestart=true
stdout_logfile=/var/log/gitlab/supervisor/%(program_name)s.log
stderr_logfile=/var/log/gitlab/supervisor/%(program_name)s.log
EOF

# configure supervisor to start sshd
mkdir -p /var/run/sshd
cat > /etc/supervisor/conf.d/sshd.conf <<EOF
[program:sshd]
directory=/
command=/usr/sbin/sshd -D
user=root
autostart=true
autorestart=true
stdout_logfile=/var/log/gitlab/supervisor/%(program_name)s.log
stderr_logfile=/var/log/gitlab/supervisor/%(program_name)s.log
EOF

# configure supervisord to start nginx
cat > /etc/supervisor/conf.d/nginx.conf <<EOF
[program:nginx]
priority=20
directory=/tmp
command=/usr/sbin/nginx -g "daemon off;"
user=root
autostart=true
autorestart=true
stdout_logfile=/var/log/gitlab/supervisor/%(program_name)s.log
stderr_logfile=/var/log/gitlab/supervisor/%(program_name)s.log
EOF

# configure supervisord to start crond
cat > /etc/supervisor/conf.d/cron.conf <<EOF
[program:cron]
priority=20
directory=/tmp
command=/usr/sbin/cron -f
user=root
autostart=true
autorestart=true
stdout_logfile=/var/log/gitlab/supervisor/%(program_name)s.log
stderr_logfile=/var/log/gitlab/supervisor/%(program_name)s.log
EOF

# purge build dependencies
apt-get purge -y --auto-remove gcc g++ make patch pkg-config cmake \
  libc6-dev ruby2.1-dev \
  libmysqlclient-dev libpq-dev zlib1g-dev libyaml-dev libssl-dev \
  libgdbm-dev libreadline-dev libncurses5-dev libffi-dev \
  libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev

# cleanup
rm -rf /var/lib/apt/lists/*