Download as
Browse Code »

Commit 7e4030ec07589a45d870d4273bc82141b4ca4935

Authored by Antonio Terceiro
1 parent 662d8cc0
Exists in master and in 90 other branches 3.x, add_sisp_to_chef, add_super_archives_plugin, api_for_colab, automates_core_packing, backup, backup_not_prod, cdtc_configuration, changes_in_buttons_on_content_panel, colab_automated_login, colab_spb_plugin_recipe, colab_widgets_settings, design_validation, dev-lappis, dev_env_minimal, disable_email_dev, docs, fix_breadcrumbs_position, fix_categories_software_link, fix_edit_institution, fix_edit_software_with_another_license, fix_get_license_info, fix_gitlab_assets_permission, fix_list_style_inside_article, fix_list_style_on_folder_elements, fix_members_pagination, fix_merge_request_url, fix_models_translations, fix_no_license, fix_software_api, fix_software_block_migration, fix_software_communities_translations, fix_software_communities_unit_test, fix_style_create_institution_admin_panel, fix_superarchives_imports, fix_sym_links_noosfero, focus_search_field_theme, gov-user-refactoring, gov-user-refactoring-rails4, header_fix, institution_modal_on_rating, kalibro-conf-refactoring, kalibro-processor-package, lxc_settings, margin_fix, mezuro_cookbook, performance, prezento, r3, refactor_download_block, refactor_software_communities, refactor_software_for_sisp, register_page, release-process, release-process-v2, remove-unused-images, remove_backup_emails, remove_broken_theme, remove_secondary_email_from_user, remove_sisp_buttons, removing_super_archives_email, review_message, scope2method, signals_user_noosfero, sisp_catalog_header, sisp_colab_config, sisp_dev, sisp_dev_master, sisp_simple_version, software_as_organization, software_catalog_style_fix, software_communities_html_refactor, software_infos_api, spb_minimal_env, spb_to_rails4, spec_refactor, stable-4.1, stable-4.2, stable-4.x, stable-devel, support_docs, syslog, temp_soft_comm_refactoring, theme_header, theme_javascript_refactory, thread_dropdown, thread_page, update_search_by_categories, update_software_api, update_softwares_boxes

initial gitlab support

Showing 12 changed files with 319 additions and 1 deletions   Show diff stats
config/roles/integration_server.rb
  Diff comments   View file @7e4030e
... ... @@ -4,10 +4,11 @@ description "Server that runs COLAB (user authentication, visual integration and
4 4 # TODO colab and mailman-api should be able to run in separate hosts at some
5 5 # point in the future
6 6 run_list *[
  7 + 'recipe[basics::nginx]',
7 8 'recipe[mailman-api]',
8 9 'recipe[mailman]',
9 10 'recipe[mailman::webui]',
10 11 'recipe[colab]',
11   - 'recipe[basics::nginx]',
12 12 'recipe[colab::nginx]',
  13 + 'recipe[gitlab]',
13 14 ]
... ...
cookbooks/colab/recipes/default.rb
  Diff comments   View file @7e4030e
... ... @@ -34,6 +34,13 @@ template '/etc/colab/settings.d/00-database.yaml' do
34 34 notifies :restart, 'service[colab]'
35 35 end
36 36  
  37 +template '/etc/colab/settings.d/01-apps.yaml' do
  38 + owner 'root'
  39 + group 'colab'
  40 + mode 0640
  41 + notifies :restart, 'service[colab]'
  42 +end
  43 +
37 44 cookbook_file '/usr/lib/colab/lib/python2.7/site-packages/colab/static/img/logo.svg' do
38 45 owner 'root'
39 46 group 'root'
... ...
cookbooks/colab/templates/01-apps.yaml.erb 0 → 100644
  Diff comments   View file @7e4030e
... ... @@ -0,0 +1,4 @@
  1 +### Colab proxied apps
  2 +PROXIED_APPS:
  3 + gitlab:
  4 + upstream: 'http://<%= node['peers']['integration'] %>:8080/gitlab/'
... ...
cookbooks/gitlab/files/gitlab_path.rb 0 → 100644
  Diff comments   View file @7e4030e
... ... @@ -0,0 +1,3 @@
  1 +Gitlab::Application.configure do
  2 + config.relative_url_root = "/gitlab"
  3 +end
... ...
cookbooks/gitlab/recipes/default.rb 0 → 100644
  Diff comments   View file @7e4030e
... ... @@ -0,0 +1,75 @@
  1 +if node['platform'] == 'centos'
  2 + cookbook_file '/etc/yum.repos.d/gitlab.repo' do
  3 + owner 'root'
  4 + mode 0644
  5 + end
  6 +end
  7 +
  8 +package 'redis'
  9 +service 'redis' do
  10 + action [:enable, :start]
  11 +end
  12 +
  13 +package 'gitlab'
  14 +
  15 +template '/etc/gitlab/database.yml' do
  16 + owner 'root'
  17 + group 'root'
  18 + mode 0644
  19 +
  20 + notifies :run, 'execute[gitlab:setup]'
  21 +end
  22 +
  23 +execute 'gitlab:setup' do
  24 + user 'git'
  25 + cwd '/usr/lib/gitlab'
  26 + command 'yes yes | bundle exec rake db:setup RAILS_ENV=production'
  27 +
  28 + action :nothing
  29 + notifies :restart, 'service[gitlab]'
  30 +end
  31 +
  32 +# gitlab-shell configuration
  33 +template '/etc/gitlab-shell/config.yml' do
  34 + source 'gitlab-shell.yml.erb'
  35 +
  36 + owner 'root'
  37 + group 'root'
  38 + mode 0644
  39 +
  40 + notifies :restart, 'service[gitlab]'
  41 +end
  42 +
  43 +####################################################
  44 +# Run under /gitlab
  45 +####################################################
  46 +
  47 +template '/etc/gitlab/gitlab.yml' do
  48 + owner 'root'
  49 + group 'root'
  50 + mode 0644
  51 + notifies :restart, 'service[gitlab]'
  52 +end
  53 +cookbook_file '/usr/lib/gitlab/config/initializers/gitlab_path.rb' do
  54 + owner 'root'
  55 + group 'root'
  56 + mode 0644
  57 + notifies :restart, 'service[gitlab]'
  58 +end
  59 +template '/etc/gitlab/unicorn.rb' do
  60 + owner 'root'
  61 + group 'root'
  62 + mode 0644
  63 + notifies :restart, 'service[gitlab]'
  64 +end
  65 +
  66 +####################################################
  67 +# Run under /gitlab (END)
  68 +####################################################
  69 +
  70 +# TODO: Remote-User authentication
  71 +
  72 +service 'gitlab' do
  73 + action :enable
  74 + supports :restart => true
  75 +end
... ...
cookbooks/gitlab/templates/database.yml.erb 0 → 100644
  Diff comments   View file @7e4030e
... ... @@ -0,0 +1,7 @@
  1 +# MANAGED WITH CHEF. DO NOT MAKE MANUAL CHANGES
  2 +production:
  3 + adapter: postgresql
  4 + encoding: unicode
  5 + database: gitlab
  6 + host: <%= node['peers']['database'] %>
  7 + user: gitlab
... ...
cookbooks/gitlab/templates/gitlab-shell.yml.erb 0 → 100644
  Diff comments   View file @7e4030e
... ... @@ -0,0 +1,25 @@
  1 +user: git
  2 +gitlab_url: "http://localhost:8080/gitlab"
  3 +
  4 +http_settings:
  5 +# user: someone
  6 +# password: somepass
  7 +# ca_file: /etc/ssl/cert.pem
  8 +# ca_path: /etc/pki/tls/certs
  9 + self_signed_cert: false
  10 +
  11 +repos_path: "/var/lib/gitlab/repositories/"
  12 +auth_file: "/var/lib/gitlab-shell/.ssh/authorized_keys"
  13 +
  14 +redis:
  15 + bin: /usr/bin/redis-cli
  16 + host: <%= node['peers']['database'] %>
  17 + port: 6379
  18 + # pass: redispass # Allows you to specify the password for Redis
  19 + #database: 0
  20 + #socket: /var/run/redis/redis.sock # Comment out this line if you want to use TCP
  21 + #namespace: resque:gitlab
  22 +
  23 +log_file: "/var/log/gitlab-shell/gitlab-shell.log"
  24 +log_level: INFO
  25 +audit_usernames: false
... ...
cookbooks/gitlab/templates/gitlab.yml.erb 0 → 100644
  Diff comments   View file @7e4030e
... ... @@ -0,0 +1,52 @@
  1 +production: &base
  2 + gitlab:
  3 + host: localhost
  4 + relative_url_root: /gitlab
  5 + port: 80 # Set to 443 if using HTTPS
  6 + https: false # Set to true if using HTTPS
  7 + email_from: example@example.com
  8 + default_projects_limit: 10
  9 + default_projects_features:
  10 + issues: true
  11 + merge_requests: true
  12 + wiki: true
  13 + snippets: false
  14 + visibility_level: "private" # can be "private" | "internal" | "public"
  15 + gravatar:
  16 + enabled: true
  17 + plain_url: "http://cdn.libravatar.org/avatar/%{hash}?s=%{size}&d=identicon"
  18 + ssl_url: "https://seccdn.libravatar.org/avatar/%{hash}?s=%{size}&d=identicon"
  19 + omniauth:
  20 + # Allow login via Twitter, Google, etc. using OmniAuth providers
  21 + enabled: false
  22 + allow_single_sign_on: false
  23 + block_auto_created_users: true
  24 + providers:
  25 + # - { name: 'google_oauth2', app_id: 'YOUR APP ID',
  26 + # app_secret: 'YOUR APP SECRET',
  27 + # args: { access_type: 'offline', approval_prompt: '' } }
  28 + satellites:
  29 + path: /var/lib/gitlab/satellites
  30 + timeout: 30
  31 + backup:
  32 + path: /var/lib/gitlab/backups
  33 + gitlab_shell:
  34 + path: /usr/lib/gitlab-shell
  35 + repos_path: /var/lib/gitlab/repositories/
  36 + hooks_path: /usr/lib/gitlab-shell/hooks/
  37 + # Git over HTTP
  38 + upload_pack: true
  39 + receive_pack: true
  40 + git:
  41 + bin_path: /usr/bin/git
  42 + max_size: 20971520 # 20.megabytes
  43 + timeout: 10
  44 + extra:
  45 + ## Piwik analytics.
  46 + # piwik_url: '_your_piwik_url'
  47 + # piwik_site_id: '_your_piwik_site_id'
  48 +
  49 + ## Text under sign-in page (Markdown enabled)
  50 + # sign_in_text: |
  51 + # ![Company Logo](http://www.companydomain.com/logo.png)
  52 + # [Learn more about CompanyName](http://www.companydomain.com/)
... ...
cookbooks/gitlab/templates/unicorn.rb.erb 0 → 100644
  Diff comments   View file @7e4030e
... ... @@ -0,0 +1,124 @@
  1 +# Sample verbose configuration file for Unicorn (not Rack)
  2 +#
  3 +# This configuration file documents many features of Unicorn
  4 +# that may not be needed for some applications. See
  5 +# http://unicorn.bogomips.org/examples/unicorn.conf.minimal.rb
  6 +# for a much simpler configuration file.
  7 +#
  8 +# See http://unicorn.bogomips.org/Unicorn/Configurator.html for complete
  9 +# documentation.
  10 +
  11 +# WARNING: See config/application.rb under "Relative url support" for the list of
  12 +# other files that need to be changed for relative url support
  13 +#
  14 +ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab"
  15 +
  16 +# Read about unicorn workers here:
  17 +# http://doc.gitlab.com/ee/install/requirements.html#unicorn-workers
  18 +#
  19 +worker_processes 2
  20 +
  21 +# Since Unicorn is never exposed to outside clients, it does not need to
  22 +# run on the standard HTTP port (80), there is no reason to start Unicorn
  23 +# as root unless it's from system init scripts.
  24 +# If running the master process as root and the workers as an unprivileged
  25 +# user, do this to switch euid/egid in the workers (also chowns logs):
  26 +# user "unprivileged_user", "unprivileged_group"
  27 +
  28 +# Help ensure your application will always spawn in the symlinked
  29 +# "current" directory that Capistrano sets up.
  30 +working_directory "/usr/lib/gitlab" # available in 0.94.0+
  31 +
  32 +# Listen on both a Unix domain socket and a TCP port.
  33 +# If you are load-balancing multiple Unicorn masters, lower the backlog
  34 +# setting to e.g. 64 for faster failover.
  35 +listen "/usr/lib/gitlab/tmp/sockets/gitlab.socket", :backlog => 1024
  36 +listen "127.0.0.1:8080", :tcp_nopush => true
  37 +listen "<%= node['peers']['integration'] %>:8080", :tcp_nopush => true
  38 +
  39 +# nuke workers after 30 seconds instead of 60 seconds (the default)
  40 +#
  41 +# NOTICE: git push over http depends on this value.
  42 +# If you want be able to push huge amount of data to git repository over http
  43 +# you will have to increase this value too.
  44 +#
  45 +# Example of output if you try to push 1GB repo to GitLab over http.
  46 +# -> git push http://gitlab.... master
  47 +#
  48 +# error: RPC failed; result=18, HTTP code = 200
  49 +# fatal: The remote end hung up unexpectedly
  50 +# fatal: The remote end hung up unexpectedly
  51 +#
  52 +# For more information see http://stackoverflow.com/a/21682112/752049
  53 +#
  54 +timeout 60
  55 +
  56 +# feel free to point this anywhere accessible on the filesystem
  57 +pid "/usr/lib/gitlab/tmp/pids/unicorn.pid"
  58 +
  59 +# By default, the Unicorn logger will write to stderr.
  60 +# Additionally, some applications/frameworks log to stderr or stdout,
  61 +# so prevent them from going to /dev/null when daemonized here:
  62 +stderr_path "/usr/lib/gitlab/log/unicorn.stderr.log"
  63 +stdout_path "/usr/lib/gitlab/log/unicorn.stdout.log"
  64 +
  65 +# combine Ruby 2.0.0dev or REE with "preload_app true" for memory savings
  66 +# http://rubyenterpriseedition.com/faq.html#adapt_apps_for_cow
  67 +preload_app true
  68 +GC.respond_to?(:copy_on_write_friendly=) and
  69 + GC.copy_on_write_friendly = true
  70 +
  71 +# Enable this flag to have unicorn test client connections by writing the
  72 +# beginning of the HTTP headers before calling the application. This
  73 +# prevents calling the application for connections that have disconnected
  74 +# while queued. This is only guaranteed to detect clients on the same
  75 +# host unicorn runs on, and unlikely to detect disconnects even on a
  76 +# fast LAN.
  77 +check_client_connection false
  78 +
  79 +before_fork do |server, worker|
  80 + # the following is highly recomended for Rails + "preload_app true"
  81 + # as there's no need for the master process to hold a connection
  82 + defined?(ActiveRecord::Base) and
  83 + ActiveRecord::Base.connection.disconnect!
  84 +
  85 + # The following is only recommended for memory/DB-constrained
  86 + # installations. It is not needed if your system can house
  87 + # twice as many worker_processes as you have configured.
  88 + #
  89 + # This allows a new master process to incrementally
  90 + # phase out the old master process with SIGTTOU to avoid a
  91 + # thundering herd (especially in the "preload_app false" case)
  92 + # when doing a transparent upgrade. The last worker spawned
  93 + # will then kill off the old master process with a SIGQUIT.
  94 + old_pid = "#{server.config[:pid]}.oldbin"
  95 + if old_pid != server.pid
  96 + begin
  97 + sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU
  98 + Process.kill(sig, File.read(old_pid).to_i)
  99 + rescue Errno::ENOENT, Errno::ESRCH
  100 + end
  101 + end
  102 + #
  103 + # Throttle the master from forking too quickly by sleeping. Due
  104 + # to the implementation of standard Unix signal handlers, this
  105 + # helps (but does not completely) prevent identical, repeated signals
  106 + # from being lost when the receiving process is busy.
  107 + # sleep 1
  108 +end
  109 +
  110 +after_fork do |server, worker|
  111 + # per-process listener ports for debugging/admin/migrations
  112 + # addr = "127.0.0.1:#{9293 + worker.nr}"
  113 + # server.listen(addr, :tries => -1, :delay => 5, :tcp_nopush => true)
  114 +
  115 + # the following is *required* for Rails + "preload_app true",
  116 + defined?(ActiveRecord::Base) and
  117 + ActiveRecord::Base.establish_connection
  118 +
  119 + # if preload_app is true, then you may also want to check and
  120 + # restart any other shared sockets/descriptors such as Memcached,
  121 + # and Redis. TokyoCabinet file handles are safe to reuse
  122 + # between any number of forked children (assuming your kernel
  123 + # correctly implements pread()/pwrite() system calls)
  124 +end
... ...
cookbooks/postgresql/recipes/default.rb
  Diff comments   View file @7e4030e
  1 +# FIXME on Debian it's postgresql
1 2 package 'postgresql-server'
2 3  
3 4 execute 'postgresql-setup initdb || true'
... ...
test/colab_test.sh
  Diff comments   View file @7e4030e
... ... @@ -25,4 +25,8 @@ test_nginx_virtualhost() {
25 25 assertEquals "<title>Home - Colab</title>" "$title"
26 26 }
27 27  
  28 +test_reverse_proxy_gitlab() {
  29 + assertTrue 'Reverse proxy for gitlab' "curl --header 'Host: softwarepublico.dev' http://$integration/gitlab/public/projects | grep -i '<meta.*gitlab.*>'"
  30 +}
  31 +
28 32 . shunit2
... ...
test/gitlab_test.sh 0 → 100644
  Diff comments   View file @7e4030e
... ... @@ -0,0 +1,15 @@
  1 +. $(dirname $0)/test_helper.sh
  2 +
  3 +test_database_connectivity() {
  4 + assertTrue 'gitlab database connectivity' 'run_on integration psql -h database -U gitlab < /dev/null'
  5 +}
  6 +
  7 +test_gitlab_running() {
  8 + assertTrue 'gitlab running' 'run_on integration pgrep -fa unicorn.*gitlab'
  9 +}
  10 +
  11 +test_gitlab_responds() {
  12 + assertTrue 'gitlab responds on HTTP' 'run_on integration curl http://localhost:8080/gitlab/public/projects'
  13 +}
  14 +
  15 +. shunit2
... ...