archive-gh-me/docker-gitlab
1
0
Fork 0
mirror of https://github.com/sameersbn/docker-gitlab.git synced 2025-12-08 17:36:24 +00:00
Code Issues Projects Releases Wiki Activity
docker-gitlab/assets/init
Sameer Naik 6234225693 remove redis-server stop in appStop
2014-09-20 19:37:44 +05:30

730 lines
30 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -e
trap appStop SIGINT SIGTERM
GITLAB_INSTALL_DIR="/home/git/gitlab"
GITLAB_DATA_DIR="/home/git/data"
GITLAB_BACKUP_DIR="${GITLAB_BACKUP_DIR:-$GITLAB_DATA_DIR/backups}"
GITLAB_SHELL_INSTALL_DIR="/home/git/gitlab-shell"
SETUP_DIR="/app/setup"
SYSCONF_TEMPLATES_DIR="${SETUP_DIR}/config"
USERCONF_TEMPLATES_DIR="${GITLAB_DATA_DIR}/config"
GITLAB_HOST=${GITLAB_HOST:-localhost}
GITLAB_PORT=${GITLAB_PORT:-}
GITLAB_SSH_HOST=${GITLAB_SSH_HOST:-$GITLAB_HOST}
GITLAB_SSH_PORT=${GITLAB_SSH_PORT:-$GITLAB_SHELL_SSH_PORT} # for backwards compatibility
GITLAB_SSH_PORT=${GITLAB_SSH_PORT:-22}
GITLAB_HTTPS=${GITLAB_HTTPS:-false}
GITLAB_EMAIL=${GITLAB_EMAIL:-example@example.com}
GITLAB_SIGNUP=${GITLAB_SIGNUP:-false}
GITLAB_SIGNIN=${GITLAB_SIGNIN:-true}
GITLAB_PROJECTS_LIMIT=${GITLAB_PROJECTS_LIMIT:-100}
GITLAB_USERNAME_CHANGE=${GITLAB_USERNAME_CHANGE:-true}
GITLAB_PROJECTS_VISIBILITY=${GITLAB_PROJECTS_VISIBILITY:-private}
GITLAB_RELATIVE_URL_ROOT=${GITLAB_RELATIVE_URL_ROOT:-}
GITLAB_RESTRICTED_VISIBILITY=${GITLAB_RESTRICTED_VISIBILITY:-}
SSL_SELF_SIGNED=${SSL_SELF_SIGNED:-false}
SSL_CERTIFICATE_PATH=${SSL_CERTIFICATE_PATH:-$GITLAB_DATA_DIR/certs/gitlab.crt}
SSL_KEY_PATH=${SSL_KEY_PATH:-$GITLAB_DATA_DIR/certs/gitlab.key}
SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-$GITLAB_DATA_DIR/certs/dhparam.pem}
CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-$GITLAB_DATA_DIR/certs/ca.crt}
GITLAB_BACKUPS=${GITLAB_BACKUPS:-disable}
GITLAB_BACKUP_EXPIRY=${GITLAB_BACKUP_EXPIRY:-}
NGINX_MAX_UPLOAD_SIZE=${NGINX_MAX_UPLOAD_SIZE:-20m}
GITLAB_MAX_SIZE=$(echo $NGINX_MAX_UPLOAD_SIZE |sed -e "s/^ *\([0-9]*\)[mMkKgG] *$/\1/g" )
case "$NGINX_MAX_UPLOAD_SIZE" in
*[kK] ) GITLAB_MAX_SIZE=$(($GITLAB_MAX_SIZE * 1024));;
*[mM] ) GITLAB_MAX_SIZE=$(($GITLAB_MAX_SIZE * 1048576));;
*[gG] ) GITLAB_MAX_SIZE=$(($GITLAB_MAX_SIZE * 1073741824));;
esac
REDIS_HOST=${REDIS_HOST:-}
REDIS_PORT=${REDIS_PORT:-}
UNICORN_WORKERS=${UNICORN_WORKERS:-2}
UNICORN_TIMEOUT=${UNICORN_TIMEOUT:-60}
SIDEKIQ_CONCURRENCY=${SIDEKIQ_CONCURRENCY:-5}
DB_TYPE=${DB_TYPE:-}
DB_HOST=${DB_HOST:-}
DB_PORT=${DB_PORT:-}
DB_NAME=${DB_NAME:-gitlabhq_production}
DB_USER=${DB_USER:-root}
DB_PASS=${DB_PASS:-}
DB_INIT=${DB_INIT:-}
DB_POOL=${DB_POOL:-10}
SMTP_DOMAIN=${SMTP_DOMAIN:-www.gmail.com}
SMTP_HOST=${SMTP_HOST:-smtp.gmail.com}
SMTP_PORT=${SMTP_PORT:-587}
SMTP_USER=${SMTP_USER:-}
SMTP_PASS=${SMTP_PASS:-}
SMTP_STARTTLS=${SMTP_STARTTLS:-true}
if [ -n "${SMTP_USER}" ]; then
SMTP_ENABLED=${SMTP_ENABLED:-true}
SMTP_AUTHENTICATION=${SMTP_AUTHENTICATION:-login}
fi
SMTP_ENABLED=${SMTP_ENABLED:-false}
LDAP_ENABLED=${LDAP_ENABLED:-false}
LDAP_HOST=${LDAP_HOST:-}
LDAP_PORT=${LDAP_PORT:-636}
LDAP_UID=${LDAP_UID:-sAMAccountName}
LDAP_METHOD=${LDAP_METHOD:-ssl}
LDAP_BIND_DN=${LDAP_BIND_DN:-}
LDAP_PASS=${LDAP_PASS:-}
LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN=${LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN:-}
LDAP_BASE=${LDAP_BASE:-}
LDAP_USER_FILTER=${LDAP_USER_FILTER:-}
GITLAB_HTTPS_HSTS_ENABLED=${GITLAB_HTTPS_HSTS_ENABLED:-true}
GITLAB_HTTPS_HSTS_MAXAGE=${GITLAB_HTTPS_HSTS_MAXAGE:-31536000}
REDMINE_URL=${REDMINE_URL:-}
JIRA_URL=${JIRA_URL:-}
OAUTH_ALLOW_SSO=${OAUTH_ALLOW_SSO:-false}
OAUTH_BLOCK_AUTO_CREATED_USERS=${OAUTH_BLOCK_AUTO_CREATED_USERS:-true}
OAUTH_GOOGLE_API_KEY=${OAUTH_GOOGLE_API_KEY:-}
OAUTH_GOOGLE_APP_SECRET=${OAUTH_GOOGLE_APP_SECRET:-}
OAUTH_TWITTER_API_KEY=${OAUTH_TWITTER_API_KEY:-}
OAUTH_TWITTER_APP_SECRET=${OAUTH_TWITTER_APP_SECRET:-}
OAUTH_GITHUB_API_KEY=${OAUTH_GITHUB_API_KEY:-}
OAUTH_GITHUB_APP_SECRET=${OAUTH_GITHUB_APP_SECRET:-}
# is a redis container linked?
if [ -n "${REDISIO_PORT_6379_TCP_ADDR}" ]; then
REDIS_HOST=${REDIS_HOST:-${REDISIO_PORT_6379_TCP_ADDR}}
REDIS_PORT=${REDIS_PORT:-${REDISIO_PORT_6379_TCP_PORT}}
fi
# fallback to default redis port
REDIS_PORT=${REDIS_PORT:-6379}
# is a mysql or postgresql database linked?
# requires that the mysql or postgresql containers have exposed
# port 3306 and 5432 respectively.
if [ -n "${MYSQL_PORT_3306_TCP_ADDR}" ]; then
DB_TYPE=${DB_TYPE:-mysql}
DB_HOST=${DB_HOST:-${MYSQL_PORT_3306_TCP_ADDR}}
DB_PORT=${DB_PORT:-${MYSQL_PORT_3306_TCP_PORT}}
elif [ -n "${POSTGRESQL_PORT_5432_TCP_ADDR}" ]; then
DB_TYPE=${DB_TYPE:-postgres}
DB_HOST=${DB_HOST:-${POSTGRESQL_PORT_5432_TCP_ADDR}}
DB_PORT=${DB_PORT:-${POSTGRESQL_PORT_5432_TCP_PORT}}
fi
# fallback to using the internal mysql server
DB_TYPE=${DB_TYPE:-mysql}
DB_HOST=${DB_HOST:-localhost}
# use default port number if it is still not set
case "${DB_TYPE}" in
mysql) DB_PORT=${DB_PORT:-3306} ;;
postgres) DB_PORT=${DB_PORT:-5432} ;;
*) echo "Unsupported database adapter. Available adapters are mysql and postgres." && exit 1 ;;
esac
##
## For the sake of getting the quick start guide to work,
## we attempt to spin up a redis container if possible.
##
## NOTE: this is only meant for getting the quick start guide to work .
##
if [ -z "${REDIS_HOST}" -a -n "$(which docker)" -a -S /var/run/docker.sock ]; then
echo "Redis connection details not specified."
echo "Will try to spin up a new redis image with the name redis-gitlab."
echo "Please manually configure the redis connection in production."
case "$(docker inspect --format {{.State.Running}} redis-gitlab 2>/dev/null)" in
true)
echo "Using existing redis container..."
;;
false)
echo "Starting up existing redis container..."
docker start redis-gitlab >/dev/null 2>/dev/null
;;
*)
echo "Starting up a new redis container..."
docker run --name='redis-gitlab' -d sameersbn/redis:latest >/dev/null 2>/dev/null
;;
esac
REDIS_HOST=$(docker inspect --format {{.NetworkSettings.IPAddress}} redis-gitlab 2>/dev/null)
REDIS_PORT=6379
fi
if [ -z "${REDIS_HOST}" ]; then
echo "ERROR: "
echo " Please configure the redis connection."
echo " Refer http://git.io/PMnRSw for more information."
echo " Cannot continue without a redis connection. Aborting..."
exit 1
fi
case "${GITLAB_HTTPS}" in
true)
GITLAB_PORT=${GITLAB_PORT:-443}
NGINX_X_FORWARDED_PROTO=${NGINX_X_FORWARDED_PROTO:-https}
;;
*)
GITLAB_PORT=${GITLAB_PORT:-80}
NGINX_X_FORWARDED_PROTO=${NGINX_X_FORWARDED_PROTO:-\$scheme}
;;
esac
case "${GITLAB_BACKUPS}" in
daily|monthly) GITLAB_BACKUP_EXPIRY=${GITLAB_BACKUP_EXPIRY:-604800} ;;
disable|*) GITLAB_BACKUP_EXPIRY=${GITLAB_BACKUP_EXPIRY:-0} ;;
esac
case "${LDAP_UID}" in
userPrincipalName) LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN=${LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN:-false} ;;
*) LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN=${LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN:-true}
esac
if [ ! -e ${GITLAB_DATA_DIR}/ssh/ssh_host_rsa_key ]; then
# create ssh host keys and move them to the data store.
dpkg-reconfigure openssh-server
mkdir -p ${GITLAB_DATA_DIR}/ssh/
mv /etc/ssh/ssh_host_*_key /etc/ssh/ssh_host_*_key.pub ${GITLAB_DATA_DIR}/ssh/
fi
# configure sshd to pick up the host keys from ${GITLAB_DATA_DIR}/ssh/
sed -i 's,HostKey /etc/ssh/,HostKey '"${GITLAB_DATA_DIR}"'/ssh/,g' -i /etc/ssh/sshd_config
# start supervisord
/usr/bin/supervisord -c /etc/supervisor/supervisord.conf
cd ${GITLAB_INSTALL_DIR}
# copy configuration templates
case "${GITLAB_HTTPS}" in
true)
if [ -f "${SSL_CERTIFICATE_PATH}" -a -f "${SSL_KEY_PATH}" -a -f "${SSL_DHPARAM_PATH}" ]; then
cp ${SYSCONF_TEMPLATES_DIR}/nginx/gitlab-ssl /etc/nginx/sites-enabled/gitlab
else
echo "SSL keys and certificates were not found."
echo "Assuming that the container is running behind a HTTPS enabled load balancer."
cp ${SYSCONF_TEMPLATES_DIR}/nginx/gitlab /etc/nginx/sites-enabled/gitlab
fi
;;
*) cp ${SYSCONF_TEMPLATES_DIR}/nginx/gitlab /etc/nginx/sites-enabled/gitlab ;;
esac
sudo -u git -H cp ${SYSCONF_TEMPLATES_DIR}/gitlab-shell/config.yml ${GITLAB_SHELL_INSTALL_DIR}/config.yml
sudo -u git -H cp ${SYSCONF_TEMPLATES_DIR}/gitlabhq/gitlab.yml config/gitlab.yml
sudo -u git -H cp ${SYSCONF_TEMPLATES_DIR}/gitlabhq/resque.yml config/resque.yml
sudo -u git -H cp ${SYSCONF_TEMPLATES_DIR}/gitlabhq/database.yml config/database.yml
sudo -u git -H cp ${SYSCONF_TEMPLATES_DIR}/gitlabhq/sidekiq.yml config/sidekiq.yml
sudo -u git -H cp ${SYSCONF_TEMPLATES_DIR}/gitlabhq/unicorn.rb config/unicorn.rb
sudo -u git -H cp ${SYSCONF_TEMPLATES_DIR}/gitlabhq/rack_attack.rb config/initializers/rack_attack.rb
[ "${SMTP_ENABLED}" == "true" ] && \
sudo -u git -H cp ${SYSCONF_TEMPLATES_DIR}/gitlabhq/smtp_settings.rb config/initializers/smtp_settings.rb
# override default configuration templates with user templates
case "${GITLAB_HTTPS}" in
true)
if [ -f "${SSL_CERTIFICATE_PATH}" -a -f "${SSL_KEY_PATH}" -a -f "${SSL_DHPARAM_PATH}" ]; then
[ -f ${USERCONF_TEMPLATES_DIR}/nginx/gitlab-ssl ] && cp ${USERCONF_TEMPLATES_DIR}/nginx/gitlab-ssl /etc/nginx/sites-enabled/gitlab
else
[ -f ${USERCONF_TEMPLATES_DIR}/nginx/gitlab ] && cp ${USERCONF_TEMPLATES_DIR}/nginx/gitlab /etc/nginx/sites-enabled/gitlab
fi
;;
*) [ -f ${USERCONF_TEMPLATES_DIR}/nginx/gitlab ] && cp ${USERCONF_TEMPLATES_DIR}/nginx/gitlab /etc/nginx/sites-enabled/gitlab ;;
esac
[ -f ${USERCONF_TEMPLATES_DIR}/gitlab-shell/config.yml ] && sudo -u git -H cp ${USERCONF_TEMPLATES_DIR}/gitlab-shell/config.yml ${GITLAB_SHELL_INSTALL_DIR}/config.yml
[ -f ${USERCONF_TEMPLATES_DIR}/gitlabhq/gitlab.yml ] && sudo -u git -H cp ${USERCONF_TEMPLATES_DIR}/gitlabhq/gitlab.yml config/gitlab.yml
[ -f ${USERCONF_TEMPLATES_DIR}/gitlabhq/resque.yml ] && sudo -u git -H cp ${USERCONF_TEMPLATES_DIR}/gitlabhq/resque.yml config/resque.yml
[ -f ${USERCONF_TEMPLATES_DIR}/gitlabhq/database.yml ] && sudo -u git -H cp ${USERCONF_TEMPLATES_DIR}/gitlabhq/database.yml config/database.yml
[ -f ${USERCONF_TEMPLATES_DIR}/gitlabhq/sidekiq.yml ] && sudo -u git -H cp ${USERCONF_TEMPLATES_DIR}/gitlabhq/sidekiq.yml config/sidekiq.yml
[ -f ${USERCONF_TEMPLATES_DIR}/gitlabhq/unicorn.rb ] && sudo -u git -H cp ${USERCONF_TEMPLATES_DIR}/gitlabhq/unicorn.rb config/unicorn.rb
[ -f ${USERCONF_TEMPLATES_DIR}/gitlabhq/rack_attack.rb ] && sudo -u git -H cp ${USERCONF_TEMPLATES_DIR}/gitlabhq/rack_attack.rb config/initializers/rack_attack.rb
[ "${SMTP_ENABLED}" == "true" ] && \
[ -f ${USERCONF_TEMPLATES_DIR}/gitlabhq/smtp_settings.rb ] && sudo -u git -H cp ${USERCONF_TEMPLATES_DIR}/gitlabhq/smtp_settings.rb config/initializers/smtp_settings.rb
if [ -f "${SSL_CERTIFICATE_PATH}" -o -f "${CA_CERTIFICATES_PATH}" ]; then
echo "Updating CA certificates..."
[ -f "${SSL_CERTIFICATE_PATH}" ] && cp "${SSL_CERTIFICATE_PATH}" /usr/local/share/ca-certificates/gitlab.crt
[ -f "${CA_CERTIFICATES_PATH}" ] && cp "${CA_CERTIFICATES_PATH}" /usr/local/share/ca-certificates/ca.crt
update-ca-certificates --fresh >/dev/null 2>&1
fi
# start mysql server if ${DB_HOST} is localhost
if [ "${DB_HOST}" == "localhost" ]; then
if [ "${DB_TYPE}" == "postgres" ]; then
echo "DB_TYPE 'postgres' is not supported internally. Please provide DB_HOST."
exit 1
fi
# fix permissions and ownership of /var/lib/mysql
chown -R mysql:mysql /var/lib/mysql
chmod 700 /var/lib/mysql
# initialize MySQL data directory
if [ ! -d /var/lib/mysql/mysql ]; then
mysql_install_db --user=mysql
fi
echo "Starting mysql server..."
supervisorctl start mysqld >/dev/null
# wait for mysql server to start (max 120 seconds)
timeout=120
while ! mysqladmin -uroot ${DB_PASS:+-p$DB_PASS} status >/dev/null 2>&1
do
timeout=$(expr $timeout - 1)
if [ $timeout -eq 0 ]; then
echo "Failed to start mysql server"
exit 1
fi
sleep 1
done
if ! echo "USE ${DB_NAME}" | mysql -uroot ${DB_PASS:+-p$DB_PASS} >/dev/null 2>&1; then
DB_INIT="yes"
echo "CREATE DATABASE IF NOT EXISTS \`${DB_NAME}\` DEFAULT CHARACTER SET \`utf8\` COLLATE \`utf8_unicode_ci\`;" | mysql -uroot ${DB_PASS:+-p$DB_PASS}
echo "GRANT SELECT, LOCK TABLES, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON \`${DB_NAME}\`.* TO 'root'@'localhost';" | mysql -uroot ${DB_PASS:+-p$DB_PASS}
fi
fi
# configure git for the 'git' user
sudo -u git -H git config --global user.name "GitLab"
sudo -u git -H git config --global user.email "${GITLAB_EMAIL}"
sudo -u git -H git config --global core.autocrlf input
# configure application paths
sudo -u git -H sed 's,{{GITLAB_DATA_DIR}},'"${GITLAB_DATA_DIR}"',g' -i config/gitlab.yml
sudo -u git -H sed 's,{{GITLAB_BACKUP_DIR}},'"${GITLAB_BACKUP_DIR}"',g' -i config/gitlab.yml
sudo -u git -H sed 's,{{GITLAB_SHELL_INSTALL_DIR}},'"${GITLAB_SHELL_INSTALL_DIR}"',g' -i config/gitlab.yml
# configure gitlab
sudo -u git -H sed 's/{{GITLAB_HOST}}/'"${GITLAB_HOST}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{GITLAB_PORT}}/'"${GITLAB_PORT}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{GITLAB_HTTPS}}/'"${GITLAB_HTTPS}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{GITLAB_EMAIL}}/'"${GITLAB_EMAIL}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{GITLAB_BACKUP_EXPIRY}}/'"${GITLAB_BACKUP_EXPIRY}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{GITLAB_MAX_SIZE}}/'"${GITLAB_MAX_SIZE}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{GITLAB_SSH_HOST}}/'"${GITLAB_SSH_HOST}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{GITLAB_SSH_PORT}}/'"${GITLAB_SSH_PORT}"'/' -i config/gitlab.yml
# configure gitlab signup configuration
sudo -u git -H sed 's/{{GITLAB_SIGNUP}}/'"${GITLAB_SIGNUP}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{GITLAB_SIGNIN}}/'"${GITLAB_SIGNIN}"'/' -i config/gitlab.yml
# configure gitlab default_projects_limit
sudo -u git -H sed 's/{{GITLAB_PROJECTS_LIMIT}}/'"${GITLAB_PROJECTS_LIMIT}"'/' -i config/gitlab.yml
# configure gitlab username_changing_enabled
sudo -u git -H sed 's/{{GITLAB_USERNAME_CHANGE}}/'"${GITLAB_USERNAME_CHANGE}"'/' -i config/gitlab.yml
# configure gitlab default visibility_level
sudo -u git -H sed 's/{{GITLAB_PROJECTS_VISIBILITY}}/'"${GITLAB_PROJECTS_VISIBILITY}"'/' -i config/gitlab.yml
# configure gitlab restricted_visibility_levels
sudo -u git -H sed 's/{{GITLAB_RESTRICTED_VISIBILITY}}/'"${GITLAB_RESTRICTED_VISIBILITY}"'/' -i config/gitlab.yml
# configure database
if [ "${DB_TYPE}" == "postgres" ]; then
sudo -u git -H sed 's/{{DB_ADAPTER}}/postgresql/' -i config/database.yml
sudo -u git -H sed 's/{{DB_ENCODING}}/unicode/' -i config/database.yml
sudo -u git -H sed 's/reconnect: false/#reconnect: false/' -i config/database.yml
elif [ "${DB_TYPE}" == "mysql" ]; then
sudo -u git -H sed 's/{{DB_ADAPTER}}/mysql2/' -i config/database.yml
sudo -u git -H sed 's/{{DB_ENCODING}}/utf8/' -i config/database.yml
sudo -u git -H sed 's/#reconnect: false/reconnect: false/' -i config/database.yml
else
echo "Invalid database type: '$DB_TYPE'. Supported choices: [mysql, postgres]."
fi
# configure database connection
sudo -u git -H sed 's/{{DB_HOST}}/'"${DB_HOST}"'/' -i config/database.yml
sudo -u git -H sed 's/{{DB_PORT}}/'"${DB_PORT}"'/' -i config/database.yml
sudo -u git -H sed 's/{{DB_NAME}}/'"${DB_NAME}"'/' -i config/database.yml
sudo -u git -H sed 's/{{DB_USER}}/'"${DB_USER}"'/' -i config/database.yml
sudo -u git -H sed 's/{{DB_PASS}}/'"${DB_PASS}"'/' -i config/database.yml
sudo -u git -H sed 's/{{DB_POOL}}/'"${DB_POOL}"'/' -i config/database.yml
# configure sidekiq
sudo -u git -H sed 's/{{SIDEKIQ_CONCURRENCY}}/'"${SIDEKIQ_CONCURRENCY}"'/' -i config/sidekiq.yml
# configure redis
sudo -u git -H sed 's/{{REDIS_HOST}}/'"${REDIS_HOST}"'/g' -i config/resque.yml
sudo -u git -H sed 's/{{REDIS_PORT}}/'"${REDIS_PORT}"'/g' -i config/resque.yml
# configure gitlab-shell
sed 's,{{GITLAB_RELATIVE_URL_ROOT}},'"${GITLAB_RELATIVE_URL_ROOT}"',' -i ${GITLAB_SHELL_INSTALL_DIR}/config.yml
sudo -u git -H sed 's,{{GITLAB_DATA_DIR}},'"${GITLAB_DATA_DIR}"',g' -i ${GITLAB_SHELL_INSTALL_DIR}/config.yml
sudo -u git -H sed 's,{{GITLAB_BACKUP_DIR}},'"${GITLAB_BACKUP_DIR}"',g' -i ${GITLAB_SHELL_INSTALL_DIR}/config.yml
sudo -u git -H sed 's/{{SSL_SELF_SIGNED}}/'"${SSL_SELF_SIGNED}"'/' -i ${GITLAB_SHELL_INSTALL_DIR}/config.yml
sudo -u git -H sed 's/{{REDIS_HOST}}/'"${REDIS_HOST}"'/' -i ${GITLAB_SHELL_INSTALL_DIR}/config.yml
sudo -u git -H sed 's/{{REDIS_PORT}}/'"${REDIS_PORT}"'/' -i ${GITLAB_SHELL_INSTALL_DIR}/config.yml
# configure unicorn workers
sudo -u git -H sed 's,{{GITLAB_INSTALL_DIR}},'"${GITLAB_INSTALL_DIR}"',g' -i config/unicorn.rb
sudo -u git -H sed 's/{{UNICORN_WORKERS}}/'"${UNICORN_WORKERS}"'/' -i config/unicorn.rb
# configure unicorn timeout
sudo -u git -H sed 's/{{UNICORN_TIMEOUT}}/'"${UNICORN_TIMEOUT}"'/' -i config/unicorn.rb
if [ "${SMTP_ENABLED}" == "true" ]; then
# configure mail delivery
sudo -u git -H sed 's/{{SMTP_HOST}}/'"${SMTP_HOST}"'/' -i config/initializers/smtp_settings.rb
sudo -u git -H sed 's/{{SMTP_PORT}}/'"${SMTP_PORT}"'/' -i config/initializers/smtp_settings.rb
case "${SMTP_USER}" in
"") sudo -u git -H sed '/{{SMTP_USER}}/d' -i config/initializers/smtp_settings.rb ;;
*) sudo -u git -H sed 's/{{SMTP_USER}}/'"${SMTP_USER}"'/' -i config/initializers/smtp_settings.rb ;;
esac
case "${SMTP_PASS}" in
"") sudo -u git -H sed '/{{SMTP_PASS}}/d' -i config/initializers/smtp_settings.rb ;;
*) sudo -u git -H sed 's/{{SMTP_PASS}}/'"${SMTP_PASS}"'/' -i config/initializers/smtp_settings.rb ;;
esac
sudo -u git -H sed 's/{{SMTP_DOMAIN}}/'"${SMTP_DOMAIN}"'/' -i config/initializers/smtp_settings.rb
sudo -u git -H sed 's/{{SMTP_STARTTLS}}/'"${SMTP_STARTTLS}"'/' -i config/initializers/smtp_settings.rb
case "${SMTP_AUTHENTICATION}" in
"") sudo -u git -H sed '/{{SMTP_AUTHENTICATION}}/d' -i config/initializers/smtp_settings.rb ;;
*) sudo -u git -H sed 's/{{SMTP_AUTHENTICATION}}/'"${SMTP_AUTHENTICATION}"'/' -i config/initializers/smtp_settings.rb ;;
esac
fi
# apply LDAP configuration
sudo -u git -H sed 's/{{LDAP_ENABLED}}/'"${LDAP_ENABLED}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{LDAP_HOST}}/'"${LDAP_HOST}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{LDAP_PORT}}/'"${LDAP_PORT}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{LDAP_UID}}/'"${LDAP_UID}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{LDAP_METHOD}}/'"${LDAP_METHOD}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{LDAP_BIND_DN}}/'"${LDAP_BIND_DN}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{LDAP_PASS}}/'"${LDAP_PASS}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN}}/'"${LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{LDAP_BASE}}/'"${LDAP_BASE}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{LDAP_USER_FILTER}}/'"${LDAP_USER_FILTER}"'/' -i config/gitlab.yml
# apply redmine configuration
if [ -n "${REDMINE_URL}" ]; then
sudo -u git -H sed 's,{{REDMINE_URL}},'"${REDMINE_URL}"',g' -i config/gitlab.yml
else
# remove the redmine configuration block
sudo -u git -H sed '/redmine:/d' -i config/gitlab.yml
sudo -u git -H sed '/title: "Redmine"/d' -i config/gitlab.yml
sudo -u git -H sed '/project_url: "{{REDMINE_URL}}/d' -i config/gitlab.yml
sudo -u git -H sed '/issues_url: "{{REDMINE_URL}}/d' -i config/gitlab.yml
sudo -u git -H sed '/new_issue_url: "{{REDMINE_URL}}/d' -i config/gitlab.yml
fi
# apply jira configuration
if [ -n "${JIRA_URL}" ]; then
sudo -u git -H sed 's,{{JIRA_URL}},'"${JIRA_URL}"',g' -i config/gitlab.yml
else
# remove the jira configuration block
sudo -u git -H sed '/jira:/d' -i config/gitlab.yml
sudo -u git -H sed '/title: "Atlassian Jira"/d' -i config/gitlab.yml
sudo -u git -H sed '/project_url: "{{JIRA_URL}}/d' -i config/gitlab.yml
sudo -u git -H sed '/issues_url: "{{JIRA_URL}}/d' -i config/gitlab.yml
sudo -u git -H sed '/new_issue_url: "{{JIRA_URL}}/d' -i config/gitlab.yml
fi
# apply oauth configuration
# google
if [ -n "${OAUTH_GOOGLE_API_KEY}" -a -n "${OAUTH_GOOGLE_APP_SECRET}" ]; then
OAUTH_ENABLED=true
sudo -u git -H sed 's/{{OAUTH_GOOGLE_API_KEY}}/'"${OAUTH_GOOGLE_API_KEY}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{OAUTH_GOOGLE_APP_SECRET}}/'"${OAUTH_GOOGLE_APP_SECRET}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{OAUTH_GOOGLE_RESTRICT_DOMAIN}}/'"${OAUTH_GOOGLE_RESTRICT_DOMAIN}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{OAUTH_GOOGLE_APPROVAL_PROMPT}}//' -i config/gitlab.yml
else
sudo -u git -H sed '/{{OAUTH_GOOGLE_API_KEY}}/d' -i config/gitlab.yml
sudo -u git -H sed '/{{OAUTH_GOOGLE_APP_SECRET}}/d' -i config/gitlab.yml
sudo -u git -H sed '/{{OAUTH_GOOGLE_RESTRICT_DOMAIN}}/d' -i config/gitlab.yml
sudo -u git -H sed '/{{OAUTH_GOOGLE_APPROVAL_PROMPT}}/d' -i config/gitlab.yml
fi
# twitter
if [ -n "${OAUTH_TWITTER_API_KEY}" -a -n "${OAUTH_TWITTER_APP_SECRET}" ]; then
OAUTH_ENABLED=true
sudo -u git -H sed 's/{{OAUTH_TWITTER_API_KEY}}/'"${OAUTH_TWITTER_API_KEY}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{OAUTH_TWITTER_APP_SECRET}}/'"${OAUTH_TWITTER_APP_SECRET}"'/' -i config/gitlab.yml
else
sudo -u git -H sed '/{{OAUTH_TWITTER_API_KEY}}/d' -i config/gitlab.yml
sudo -u git -H sed '/{{OAUTH_TWITTER_APP_SECRET}}/d' -i config/gitlab.yml
fi
# github
if [ -n "${OAUTH_GITHUB_API_KEY}" -a -n "${OAUTH_GITHUB_APP_SECRET}" ]; then
OAUTH_ENABLED=true
sudo -u git -H sed 's/{{OAUTH_GITHUB_API_KEY}}/'"${OAUTH_GITHUB_API_KEY}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{OAUTH_GITHUB_APP_SECRET}}/'"${OAUTH_GITHUB_APP_SECRET}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{OAUTH_GITHUB_SCOPE}}/user:email/' -i config/gitlab.yml
else
sudo -u git -H sed '/{{OAUTH_GITHUB_API_KEY}}/d' -i config/gitlab.yml
sudo -u git -H sed '/{{OAUTH_GITHUB_APP_SECRET}}/d' -i config/gitlab.yml
sudo -u git -H sed '/{{OAUTH_GITHUB_SCOPE}}/d' -i config/gitlab.yml
fi
OAUTH_ENABLED=${OAUTH_ENABLED:-false}
sudo -u git -H sed 's/{{OAUTH_ENABLED}}/'"${OAUTH_ENABLED}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{OAUTH_ALLOW_SSO}}/'"${OAUTH_ALLOW_SSO}"'/' -i config/gitlab.yml
sudo -u git -H sed 's/{{OAUTH_BLOCK_AUTO_CREATED_USERS}}/'"${OAUTH_BLOCK_AUTO_CREATED_USERS}"'/' -i config/gitlab.yml
# configure nginx vhost
sed 's,{{GITLAB_INSTALL_DIR}},'"${GITLAB_INSTALL_DIR}"',g' -i /etc/nginx/sites-enabled/gitlab
sed 's/{{YOUR_SERVER_FQDN}}/'"${GITLAB_HOST}"'/' -i /etc/nginx/sites-enabled/gitlab
sed 's/{{GITLAB_PORT}}/'"${GITLAB_PORT}"'/' -i /etc/nginx/sites-enabled/gitlab
sed 's,{{SSL_CERTIFICATE_PATH}},'"${SSL_CERTIFICATE_PATH}"',' -i /etc/nginx/sites-enabled/gitlab
sed 's,{{SSL_KEY_PATH}},'"${SSL_KEY_PATH}"',' -i /etc/nginx/sites-enabled/gitlab
sed 's,{{SSL_DHPARAM_PATH}},'"${SSL_DHPARAM_PATH}"',' -i /etc/nginx/sites-enabled/gitlab
sed 's/{{NGINX_MAX_UPLOAD_SIZE}}/'"${NGINX_MAX_UPLOAD_SIZE}"'/' -i /etc/nginx/sites-enabled/gitlab
sed 's/{{NGINX_X_FORWARDED_PROTO}}/'"${NGINX_X_FORWARDED_PROTO}"'/' -i /etc/nginx/sites-enabled/gitlab
if [ "${GITLAB_HTTPS_HSTS_ENABLED}" == "true" ]; then
sed 's/{{GITLAB_HTTPS_HSTS_MAXAGE}}/'"${GITLAB_HTTPS_HSTS_MAXAGE}"'/' -i /etc/nginx/sites-enabled/gitlab
else
sed '/{{GITLAB_HTTPS_HSTS_MAXAGE}}/d' -i /etc/nginx/sites-enabled/gitlab
fi
# configure relative_url_root
if [ -n "${GITLAB_RELATIVE_URL_ROOT}" ]; then
sed 's,{{GITLAB_RELATIVE_URL_ROOT}},'"${GITLAB_RELATIVE_URL_ROOT}"',' -i /etc/nginx/sites-enabled/gitlab
sed 's,{{GITLAB_RELATIVE_URL_ROOT__with_trailing_slash}},'"${GITLAB_RELATIVE_URL_ROOT}/"',' -i /etc/nginx/sites-enabled/gitlab
sed 's,# alias '"${GITLAB_INSTALL_DIR}"'/public,alias '"${GITLAB_INSTALL_DIR}"'/public,' -i /etc/nginx/sites-enabled/gitlab
sudo -u git -H sed 's,# config.relative_url_root = "/gitlab",config.relative_url_root = "'${GITLAB_RELATIVE_URL_ROOT}'",' -i config/application.rb
sudo -u git -H sed 's,# relative_url_root: {{GITLAB_RELATIVE_URL_ROOT}},relative_url_root: '${GITLAB_RELATIVE_URL_ROOT}',' -i config/gitlab.yml
sudo -u git -H sed 's,{{GITLAB_RELATIVE_URL_ROOT}},'"${GITLAB_RELATIVE_URL_ROOT}"',' -i config/unicorn.rb
else
sed 's,{{GITLAB_RELATIVE_URL_ROOT}},/,' -i /etc/nginx/sites-enabled/gitlab
sed 's,{{GITLAB_RELATIVE_URL_ROOT__with_trailing_slash}},/,' -i /etc/nginx/sites-enabled/gitlab
sudo -u git -H sed '/{{GITLAB_RELATIVE_URL_ROOT}}/d' -i config/unicorn.rb
fi
# fix permission and ownership of ${GITLAB_DATA_DIR}
chmod 755 ${GITLAB_DATA_DIR}
chown git:git ${GITLAB_DATA_DIR}
# set executable flags on ${GITLAB_DATA_DIR} (needed if mounted from a data-only
# container using --volumes-from)
chmod +x ${GITLAB_DATA_DIR}
# create the repositories directory and make sure it has the right permissions
sudo -u git -H mkdir -p ${GITLAB_DATA_DIR}/repositories/
chown git:git ${GITLAB_DATA_DIR}/repositories/
chmod ug+rwX,o-rwx ${GITLAB_DATA_DIR}/repositories/
sudo -u git -H chmod g+s ${GITLAB_DATA_DIR}/repositories/
# create the satellites directory and make sure it has the right permissions
sudo -u git -H mkdir -p ${GITLAB_DATA_DIR}/gitlab-satellites/
chmod u+rwx,g=rx,o-rwx ${GITLAB_DATA_DIR}/gitlab-satellites
chown git:git ${GITLAB_DATA_DIR}/gitlab-satellites
# remove old cache directory (remove this line after a few releases)
rm -rf ${GITLAB_DATA_DIR}/cache
# create the backups directory
sudo -u git -H mkdir -p ${GITLAB_BACKUP_DIR}
chown git:git ${GITLAB_BACKUP_DIR}
# create the uploads directory
sudo -u git -H mkdir -p ${GITLAB_DATA_DIR}/uploads/
chmod -R u+rwX ${GITLAB_DATA_DIR}/uploads/
chown git:git ${GITLAB_DATA_DIR}/uploads/
# create the .ssh directory
sudo -u git -H mkdir -p ${GITLAB_DATA_DIR}/.ssh/
touch ${GITLAB_DATA_DIR}/.ssh/authorized_keys
chmod 700 ${GITLAB_DATA_DIR}/.ssh
chmod 600 ${GITLAB_DATA_DIR}/.ssh/authorized_keys
chown -R git:git ${GITLAB_DATA_DIR}/.ssh
appStart () {
echo "Starting cron..."
supervisorctl start cron >/dev/null
echo "Starting openssh server..."
supervisorctl start sshd >/dev/null
echo "Starting nginx..."
supervisorctl start nginx >/dev/null
# reset the database if the --db-init switch was given.
if [ "$DB_INIT" == "yes" ]; then
echo "Initializing database..."
sudo -u git -H force=yes bundle exec rake gitlab:setup RAILS_ENV=production
fi
# migrate database and compile the assets if the gitlab version has changed.
CACHE_VERSION=
GITLAB_VERSION=$(cat VERSION)
[ -f tmp/cache/VERSION ] && CACHE_VERSION=$(cat tmp/cache/VERSION)
if [ "${GITLAB_VERSION}" != "${CACHE_VERSION}" ]; then
echo "Migrating database..."
sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production 2>/dev/null
# recreate the tmp directory
rm -rf ${GITLAB_DATA_DIR}/tmp
sudo -u git -H mkdir -p ${GITLAB_DATA_DIR}/tmp/
chmod -R u+rwX ${GITLAB_DATA_DIR}/tmp/
# create the tmp/cache and tmp/public/assets directory
sudo -u git -H mkdir -p ${GITLAB_DATA_DIR}/tmp/cache/
sudo -u git -H mkdir -p ${GITLAB_DATA_DIR}/tmp/public/assets/
echo "Compiling assets. Please be patient, this could take a while..."
sudo -u git -H bundle exec rake assets:clean RAILS_ENV=production
sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production 2>/dev/null
sudo -u git -H touch tmp/cache/VERSION
sudo -u git -H echo "${GITLAB_VERSION}" > tmp/cache/VERSION
fi
# remove stale unicorn and sidekiq pid's if they exist.
rm -rf tmp/pids/unicorn.pid
rm -rf tmp/pids/sidekiq.pid
# start the gitlab application
sudo -u git -H /etc/init.d/gitlab start
# create satellite directories
sudo -u git -H bundle exec rake gitlab:satellites:create RAILS_ENV=production
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production
# setup cron job for automatic backups
case "${GITLAB_BACKUPS}" in
daily)
sudo -u git -H cat > /tmp/cron.git <<EOF
00 04 * * * cd ${GITLAB_INSTALL_DIR} && PATH=/usr/local/bin:/usr/bin:/bin bundle exec rake gitlab:backup:create RAILS_ENV=production
EOF
;;
monthly)
sudo -u git -H cat > /tmp/cron.git <<EOF
00 04 01 * * cd ${GITLAB_INSTALL_DIR} && PATH=/usr/local/bin:/usr/bin:/bin bundle exec rake gitlab:backup:create RAILS_ENV=production
EOF
;;
esac
crontab -u git /tmp/cron.git 2>/dev/null && rm -rf /tmp/cron.git
# watch the access logs
tail -F /var/log/nginx/gitlab_access.log
}
appStop() {
echo ""
/etc/init.d/gitlab stop
echo "Stopping crond..."
supervisorctl stop cron >/dev/null
echo "Stopping sshd..."
supervisorctl stop sshd >/dev/null
echo "Stopping nginx..."
supervisorctl stop nginx >/dev/null
echo "Stopping mysqld..."
supervisorctl stop mysqld >/dev/null
echo "Stopping supervisord..."
kill -15 $(cat /var/run/supervisord.pid)
exit
}
appSanitize () {
echo "Checking repository directories permissions..."
chmod -R ug+rwX,o-rwx ${GITLAB_DATA_DIR}/repositories/
sudo -u git -H chmod -R ug-s ${GITLAB_DATA_DIR}/repositories/
find ${GITLAB_DATA_DIR}/repositories/ -type d -print0 | xargs -0 sudo -u git -H chmod g+s
chown -R git:git ${GITLAB_DATA_DIR}/repositories
echo "Checking satellites directories permissions..."
sudo -u git -H mkdir -p ${GITLAB_DATA_DIR}/gitlab-satellites/
chmod u+rwx,g=rx,o-rwx ${GITLAB_DATA_DIR}/gitlab-satellites
chown -R git:git ${GITLAB_DATA_DIR}/gitlab-satellites
echo "Checking uploads directory permissions..."
chmod -R u+rwX ${GITLAB_DATA_DIR}/uploads/
chown git:git -R ${GITLAB_DATA_DIR}/uploads/
echo "Checking tmp directory permissions..."
chmod -R u+rwX ${GITLAB_DATA_DIR}/tmp/
chown git:git -R ${GITLAB_DATA_DIR}/tmp/
}
appRake () {
if [ -z ${1} ]; then
echo "Please specify the rake task to execute. See https://github.com/gitlabhq/gitlabhq/tree/master/doc/raketasks"
return 1
fi
echo "Running gitlab rake task..."
if [ "$1" == "gitlab:backup:restore" ]; then
# user needs to select the backup to restore
nBackups=$(ls ${GITLAB_BACKUP_DIR}/*_gitlab_backup.tar | wc -l)
if [ $nBackups -eq 0 ]; then
echo "No backup present. Cannot continue restore process.".
return 1
fi
for b in `ls ${GITLAB_BACKUP_DIR} | sort -r`
do
echo "$b"
done
read -p "Select a backup to restore: " file
if [ ! -f "${GITLAB_BACKUP_DIR}/${file}" ]; then
echo "Specified backup does not exist. Aborting..."
return 1
fi
timestamp=$(echo $file | cut -d'_' -f1)
sudo -u git -H bundle exec rake gitlab:backup:restore BACKUP=$timestamp RAILS_ENV=production
else
[ "$1" == "gitlab:import:repos" ] && appSanitize
sudo -u git -H bundle exec rake $@ RAILS_ENV=production
fi
}
appHelp () {
echo "Available options:"
echo " app:start - Starts the gitlab server (default)"
echo " app:sanitize - Fix repository/satellites directory permissions."
echo " app:rake <task> - Execute a rake task."
echo " app:help - Displays the help"
echo " [command] - Execute the specified linux command eg. bash."
}
case "$1" in
app:start)
appStart
;;
app:sanitize)
appSanitize
;;
app:rake)
shift 1
appRake $@
;;
app:help)
appHelp
;;
*)
if [ -x $1 ]; then
$1
else
prog=$(which $1)
if [ -n "${prog}" ] ; then
shift 1
$prog $@
else
appHelp
fi
fi
;;
esac
exit 0
Reference in New Issue View Git Blame Copy Permalink