mirror of
https://github.com/sameersbn/docker-gitlab.git
synced 2026-01-18 13:58:25 +00:00
180 lines
5.2 KiB
Bash
Executable File
180 lines
5.2 KiB
Bash
Executable File
#!/bin/bash
|
|
set -e
|
|
|
|
GITLAB_VERSION=7.2.2
|
|
GITLAB_SHELL_VERSION=1.9.8
|
|
|
|
GITLAB_INSTALL_DIR="/home/git/gitlab"
|
|
GITLAB_DATA_DIR="/home/git/data"
|
|
GITLAB_SHELL_INSTALL_DIR="/home/git/gitlab-shell"
|
|
|
|
SETUP_DIR="/app/setup"
|
|
GEM_CACHE_DIR="${SETUP_DIR}/cache"
|
|
|
|
# rebuild apt cache
|
|
apt-get update
|
|
|
|
# install build dependencies for gem installation
|
|
apt-get install -y gcc g++ make patch pkg-config cmake \
|
|
libc6-dev ruby-dev \
|
|
libmysqlclient-dev libpq-dev zlib1g-dev libyaml-dev libssl-dev \
|
|
libgdbm-dev libreadline-dev libncurses5-dev libffi-dev \
|
|
libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev
|
|
|
|
# remove the host keys generated during openssh-server installation
|
|
rm -rf /etc/ssh/ssh_host_*_key /etc/ssh/ssh_host_*_key.pub
|
|
|
|
# add git user
|
|
adduser --disabled-login --gecos 'GitLab' git
|
|
passwd -d git
|
|
|
|
rm -rf /home/git/.ssh
|
|
sudo -u git -H mkdir -p ${GITLAB_DATA_DIR}/.ssh
|
|
sudo -u git -H ln -s ${GITLAB_DATA_DIR}/.ssh /home/git/.ssh
|
|
|
|
# create the data store
|
|
sudo -u git -H mkdir -p ${GITLAB_DATA_DIR}
|
|
|
|
# install gitlab-shell, use local copy if available
|
|
sudo -u git -H git clone -b v${GITLAB_SHELL_VERSION} --depth 1 \
|
|
https://github.com/gitlabhq/gitlab-shell.git ${GITLAB_SHELL_INSTALL_DIR}
|
|
|
|
cd ${GITLAB_SHELL_INSTALL_DIR}
|
|
|
|
sudo -u git -H cp -a config.yml.example config.yml
|
|
sudo -u git -H ./bin/install
|
|
|
|
# shallow clone gitlab-ce
|
|
sudo -u git -H git clone -b v${GITLAB_VERSION} --depth 1 \
|
|
https://github.com/gitlabhq/gitlabhq.git ${GITLAB_INSTALL_DIR}
|
|
|
|
cd ${GITLAB_INSTALL_DIR}
|
|
|
|
# copy default configurations
|
|
cp lib/support/nginx/gitlab /etc/nginx/sites-enabled/gitlab
|
|
sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml
|
|
sudo -u git -H cp config/resque.yml.example config/resque.yml
|
|
sudo -u git -H cp config/database.yml.mysql config/database.yml
|
|
sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb
|
|
sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb
|
|
sudo -u git -H cp config/initializers/smtp_settings.rb.sample config/initializers/smtp_settings.rb
|
|
|
|
# create required tmp and log directories
|
|
sudo -u git -H mkdir -p tmp/pids/ tmp/sockets/
|
|
chmod -R u+rwX log tmp
|
|
|
|
# create symlink to assets in tmp/cache
|
|
rm -rf tmp/cache
|
|
sudo -u git -H ln -s ${GITLAB_DATA_DIR}/tmp/cache tmp/cache
|
|
|
|
# create symlink to assets in public/assets
|
|
rm -rf public/assets
|
|
sudo -u git -H ln -s ${GITLAB_DATA_DIR}/tmp/public/assets public/assets
|
|
|
|
# create symlink to uploads directory
|
|
rm -rf public/uploads
|
|
sudo -u git -H ln -s ${GITLAB_DATA_DIR}/uploads public/uploads
|
|
|
|
# create production log
|
|
sudo -u git -H touch log/production.log
|
|
|
|
# install gems required by gitlab, use local cache if available
|
|
if [ -d "${GEM_CACHE_DIR}" ]; then
|
|
mv ${GEM_CACHE_DIR} vendor/
|
|
chown -R git:git vendor/cache
|
|
fi
|
|
sudo -u git -H bundle install --deployment --without development test aws
|
|
|
|
# make sure everything in /home/git is owned by the git user
|
|
chown -R git:git /home/git/
|
|
|
|
# install gitlab bootscript
|
|
cp lib/support/init.d/gitlab /etc/init.d/gitlab
|
|
chmod +x /etc/init.d/gitlab
|
|
|
|
# install logrotate configuration
|
|
cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab
|
|
|
|
# disable default nginx configuration and enable gitlab's nginx configuration
|
|
rm -f /etc/nginx/sites-enabled/default
|
|
|
|
# disable pam authentication for sshd
|
|
sed 's/UsePAM yes/UsePAM no/' -i /etc/ssh/sshd_config
|
|
sed 's/UsePrivilegeSeparation yes/UsePrivilegeSeparation no/' -i /etc/ssh/sshd_config
|
|
echo "UseDNS no" >> /etc/ssh/sshd_config
|
|
|
|
# configure supervisord log rotation
|
|
cat > /etc/logrotate.d/supervisord <<EOF
|
|
/var/log/supervisor/*.log {
|
|
weekly
|
|
missingok
|
|
rotate 52
|
|
compress
|
|
delaycompress
|
|
notifempty
|
|
copytruncate
|
|
}
|
|
EOF
|
|
|
|
# configure supervisor to start sshd
|
|
mkdir -p /var/run/sshd
|
|
cat > /etc/supervisor/conf.d/sshd.conf <<EOF
|
|
[program:sshd]
|
|
directory=/
|
|
command=/usr/sbin/sshd -D
|
|
user=root
|
|
autostart=false
|
|
autorestart=true
|
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
|
stderr_logfile=/var/log/supervisor/%(program_name)s_error.log
|
|
EOF
|
|
|
|
# configure supervisord to start nginx
|
|
cat > /etc/supervisor/conf.d/nginx.conf <<EOF
|
|
[program:nginx]
|
|
priority=20
|
|
directory=/tmp
|
|
command=/usr/sbin/nginx -g "daemon off;"
|
|
user=root
|
|
autostart=false
|
|
autorestart=true
|
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
|
EOF
|
|
|
|
# configure supervisord to start mysql (manual)
|
|
cat > /etc/supervisor/conf.d/mysqld.conf <<EOF
|
|
[program:mysqld]
|
|
priority=20
|
|
directory=/tmp
|
|
command=/usr/bin/mysqld_safe
|
|
user=root
|
|
autostart=false
|
|
autorestart=true
|
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
|
EOF
|
|
|
|
# configure supervisord to start crond
|
|
cat > /etc/supervisor/conf.d/cron.conf <<EOF
|
|
[program:cron]
|
|
priority=20
|
|
directory=/tmp
|
|
command=/usr/sbin/cron -f
|
|
user=root
|
|
autostart=false
|
|
autorestart=true
|
|
stdout_logfile=/var/log/supervisor/%(program_name)s.log
|
|
stderr_logfile=/var/log/supervisor/%(program_name)s.log
|
|
EOF
|
|
|
|
# purge build dependencies
|
|
apt-get purge -y --auto-remove gcc g++ make patch pkg-config cmake \
|
|
libc6-dev ruby2.1-dev \
|
|
libmysqlclient-dev libpq-dev zlib1g-dev libyaml-dev libssl-dev \
|
|
libgdbm-dev libreadline-dev libncurses5-dev libffi-dev \
|
|
libxml2-dev libxslt-dev libcurl4-openssl-dev libicu-dev
|
|
|
|
# cleanup
|
|
rm -rf /var/lib/apt/lists/*
|