File gitlab-ce.default_config.patch of Package gitlab-ce

Index: gitlab-ce/config/gitlab.yml.example
===================================================================
--- gitlab-ce.orig/config/gitlab.yml.example
+++ gitlab-ce/config/gitlab.yml.example
@@ -84,11 +84,13 @@ production: &base
 
     # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
     # user: git
+    user: gitlab
 
     ## Date & Time settings
     # Uncomment and customize if you want to change the default time zone of GitLab application.
     # To see all available zones, run `bundle exec rake time:zones:all RAILS_ENV=production`
     # time_zone: 'UTC'
+    time_zone: 'UTC'
 
     ## Email settings
     # Uncomment and set to false if you need to disable email sending from GitLab (default: true)
@@ -103,10 +105,10 @@ production: &base
       # enabled: false
       # S/MIME private key file in PEM format, unencrypted
       # Default is '.gitlab_smime_key' relative to Rails.root (i.e. root of the GitLab app).
-      # key_file: /home/git/gitlab/.gitlab_smime_key
+      # key_file: /srv/www/vhosts/gitlab-ce/.gitlab_smime_key
       # S/MIME public certificate key in PEM format, will be attached to signed messages
       # Default is '.gitlab_smime_cert' relative to Rails.root (i.e. root of the GitLab app).
-      # cert_file: /home/git/gitlab/.gitlab_smime_cert
+      # cert_file: /srv/www/vhosts/gitlab-ce/.gitlab_smime_cert
 
     # Email server smtp settings are in config/initializers/smtp_settings.rb.sample
 
@@ -204,6 +206,7 @@ production: &base
     enabled: true
     # The location where build artifacts are stored (default: shared/artifacts).
     # path: shared/artifacts
+    # path: /srv/gitlab/artifacts
     # object_store:
     #   enabled: false
     #   remote_directory: artifacts # The bucket name
@@ -240,6 +243,7 @@ production: &base
     enabled: true
     # The location where LFS objects are stored (default: shared/lfs-objects).
     # storage_path: shared/lfs-objects
+    #storage_path: /srv/gitlab/lfs-objects
     object_store:
       enabled: false
       remote_directory: lfs-objects # Bucket name
@@ -326,6 +330,7 @@ production: &base
     access_control: false
     # The location where pages are stored (default: shared/pages).
     # path: shared/pages
+    path: /srv/gitlab-pages
 
     # The domain under which the pages are served:
     # http://group.example.com/project
@@ -339,7 +344,7 @@ production: &base
 
     # File that contains the shared secret key for verifying access for gitlab-pages.
     # Default is '.gitlab_pages_secret' relative to Rails.root (i.e. root of the GitLab app).
-    # secret_file: /home/git/gitlab/.gitlab_pages_secret
+    # secret_file: /srv/www/vhosts/gitlab-ce/.gitlab_pages_shared_secret
 
   ## Mattermost
   ## For enabling Add to Mattermost button
@@ -518,6 +523,7 @@ production: &base
 
     # The location where build traces are stored (default: builds/). Relative paths are relative to Rails.root
     # builds_path: builds/
+    builds_path: /srv/gitlab/builds/
 
   #
   # 3. Auth settings
@@ -926,11 +932,12 @@ production: &base
   # Shared file storage settings
   shared:
     # path: /mnt/gitlab # Default: shared
+    path: /srv/gitlab/shared/
 
   # Gitaly settings
   gitaly:
     # Path to the directory containing Gitaly client executables.
-    client_path: /home/git/gitaly
+    client_path: /usr/lib/gitlab/gitaly
     # Default Gitaly authentication token. Can be overridden per storage. Can
     # be left blank when Gitaly is running locally on a Unix socket, which
     # is the normal way to deploy Gitaly.
@@ -948,8 +955,8 @@ production: &base
     # real path not the symlink.
     storages: # You must have at least a `default` storage path.
       default:
-        path: /home/git/repositories/
-        gitaly_address: unix:/home/git/gitlab/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port).
+        path: /srv/gitlab/repositories/
+        gitaly_address: unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port).
         # gitaly_token: 'special token' # Optional: override global gitaly.token for this storage.
 
   ## Backup settings
@@ -995,12 +1002,12 @@ production: &base
 
   ## GitLab Shell settings
   gitlab_shell:
-    path: /home/git/gitlab-shell/
-    authorized_keys_file: /home/git/.ssh/authorized_keys
+    path: /usr/lib/gitlab/shell/
+    authorized_keys_file: /srv/gitlab/.ssh/authorized_keys
 
     # File that contains the secret key for verifying access for gitlab-shell.
     # Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app).
-    # secret_file: /home/git/gitlab/.gitlab_shell_secret
+    # secret_file: /srv/www/vhosts/gitlab-ce/.gitlab_shell_secret
 
     # Git over HTTP
     upload_pack: true
@@ -1015,11 +1022,11 @@ production: &base
   workhorse:
     # File that contains the secret key for verifying access for gitlab-workhorse.
     # Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app).
-    # secret_file: /home/git/gitlab/.gitlab_workhorse_secret
+    # secret_file: /srv/www/vhosts/gitlab-ce/.gitlab_workhorse_secret
 
   ## GitLab Elasticsearch settings
   elasticsearch:
-    indexer_path: /home/git/gitlab-elasticsearch-indexer/
+    indexer_path: /srv/gitlab/gitlab-elasticsearch-indexer/
 
   ## Git settings
   # CAUTION!
Index: gitlab-ce/config/unicorn.rb.example
===================================================================
--- gitlab-ce.orig/config/unicorn.rb.example
+++ gitlab-ce/config/unicorn.rb.example
@@ -33,13 +33,14 @@ worker_processes 3
 
 # Help ensure your application will always spawn in the symlinked
 # "current" directory that Capistrano sets up.
-working_directory "/home/git/gitlab" # available in 0.94.0+
+working_directory "/srv/www/vhosts/gitlab-ce" # available in 0.94.0+
 
 # Listen on both a Unix domain socket and a TCP port.
 # If you are load-balancing multiple Unicorn masters, lower the backlog
 # setting to e.g. 64 for faster failover.
-listen "/home/git/gitlab/tmp/sockets/gitlab.socket", :backlog => 1024
-listen "127.0.0.1:8080", :tcp_nopush => true
+listen "/srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab.socket", :backlog => 1024
+listen "/srv/www/vhosts/gitlab-ce/tmp/sockets/unicorn.socket", :backlog => 1024
+listen "127.0.0.1:3003", :tcp_nopush => true
 
 # nuke workers after 30 seconds instead of 60 seconds (the default)
 #
@@ -59,13 +60,13 @@ listen "127.0.0.1:8080", :tcp_nopush =>
 timeout 60
 
 # feel free to point this anywhere accessible on the filesystem
-pid "/home/git/gitlab/tmp/pids/unicorn.pid"
+pid "/srv/www/vhosts/gitlab-ce/tmp/pids/unicorn.pid"
 
 # By default, the Unicorn logger will write to stderr.
 # Additionally, some applications/frameworks log to stderr or stdout,
 # so prevent them from going to /dev/null when daemonized here:
-stderr_path "/home/git/gitlab/log/unicorn.stderr.log"
-stdout_path "/home/git/gitlab/log/unicorn.stdout.log"
+stderr_path "/srv/www/vhosts/gitlab-ce/log/unicorn.stderr.log"
+stdout_path "/srv/www/vhosts/gitlab-ce/log/unicorn.stdout.log"
 
 # Save memory by sharing the application code among multiple Unicorn workers
 # with "preload_app true". See:
@@ -81,8 +82,8 @@ preload_app true
 # fast LAN.
 check_client_connection false
 
-require_relative "/home/git/gitlab/lib/gitlab/cluster/lifecycle_events"
-require_relative "/home/git/gitlab/lib/gitlab/log_timestamp_formatter.rb"
+require_relative "/srv/www/vhosts/gitlab-ce/lib/gitlab/cluster/lifecycle_events"
+require_relative "/srv/www/vhosts/gitlab-ce/lib/gitlab/log_timestamp_formatter.rb"
 
 before_exec do |server|
   # Signal application hooks that we're about to restart
Index: gitlab-ce/lib/support/nginx/gitlab
===================================================================
--- gitlab-ce.orig/lib/support/nginx/gitlab
+++ gitlab-ce/lib/support/nginx/gitlab
@@ -15,11 +15,14 @@
 ###################################
 ##
 ## See installation.md#using-https for additional HTTPS configuration details.
+upstream gitlab {
+  server unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab.socket fail_timeout=0;
+}
 
 upstream gitlab-workhorse {
   # GitLab socket file,
   # for Omnibus this would be: unix:/var/opt/gitlab/gitlab-workhorse/socket
-  server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
+  server unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
 }
 
 map $http_upgrade $connection_upgrade_gitlab {
@@ -28,7 +31,7 @@ map $http_upgrade $connection_upgrade_gi
 }
 
 ## NGINX 'combined' log format with filtered query strings
-log_format gitlab_access $remote_addr - $remote_user [$time_local] "$request_method $gitlab_filtered_request_uri $server_protocol" $status $body_bytes_sent "$gitlab_filtered_http_referer" "$http_user_agent";
+log_format gitlab_access '$remote_addr - $remote_user [$time_local] "$request_method $gitlab_filtered_request_uri $server_protocol" $status $body_bytes_sent "$gitlab_filtered_http_referer" "$http_user_agent"';
 
 ## Remove private_token from the request URI
 # In:  /foo?private_token=unfiltered&authenticity_token=unfiltered&feed_token=unfiltered&...
@@ -114,7 +117,7 @@ server {
   location ~ ^/(404|422|500|502|503)\.html$ {
     # Location to the GitLab's public directory,
     # for Omnibus this would be: /opt/gitlab/embedded/service/gitlab-rails/public.
-    root /home/git/gitlab/public;
+    root /srv/www/vhosts/gitlab-ce/public;
     internal;
   }
 
Index: gitlab-ce/lib/support/nginx/gitlab-ssl
===================================================================
--- gitlab-ce.orig/lib/support/nginx/gitlab-ssl
+++ gitlab-ce/lib/support/nginx/gitlab-ssl
@@ -19,11 +19,14 @@
 ###################################
 ##
 ## See installation.md#using-https for additional HTTPS configuration details.
+upstream gitlab {
+  server unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab.socket fail_timeout=0;
+}
 
 upstream gitlab-workhorse {
   # GitLab socket file,
   # for Omnibus this would be: unix:/var/opt/gitlab/gitlab-workhorse/socket
-  server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
+  server unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
 }
 
 map $http_upgrade $connection_upgrade_gitlab_ssl {
@@ -33,7 +36,7 @@ map $http_upgrade $connection_upgrade_gi
 
 
 ## NGINX 'combined' log format with filtered query strings
-log_format gitlab_ssl_access $remote_addr - $remote_user [$time_local] "$request_method $gitlab_ssl_filtered_request_uri $server_protocol" $status $body_bytes_sent "$gitlab_ssl_filtered_http_referer" "$http_user_agent";
+log_format gitlab_ssl_access '$remote_addr - $remote_user [$time_local] "$request_method $gitlab_ssl_filtered_request_uri $server_protocol" $status $body_bytes_sent "$gitlab_ssl_filtered_http_referer" "$http_user_agent"';
 
 ## Remove private_token from the request URI
 # In:  /foo?private_token=unfiltered&authenticity_token=unfiltered&feed_token=unfiltered&...
@@ -164,7 +167,7 @@ server {
   location ~ ^/(404|422|500|502|503)\.html$ {
     # Location to the GitLab's public directory,
     # for Omnibus this would be: /opt/gitlab/embedded/service/gitlab-rails/public
-    root /home/git/gitlab/public;
+    root /srv/www/vhosts/gitlab-ce/public;
     internal;
   }
 }
Index: gitlab-ce/config/redis.cache.yml.example
===================================================================
--- gitlab-ce.orig/config/redis.cache.yml.example
+++ gitlab-ce/config/redis.cache.yml.example
@@ -2,7 +2,7 @@
 # a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
 #
 development:
-  url: redis://localhost:6379/10
+  #url: redis://localhost:6379/10
   #
   # url: redis://localhost:6380
   # sentinels:
@@ -13,12 +13,12 @@ development:
   #     host: slave2
   #     port: 26380 # point to sentinel, not to redis port
 test:
-  url: redis://localhost:6379/10
+  #url: redis://localhost:6379/10
   #
   # url: redis://localhost:6380
 production:
   # Redis (single instance)
-  url: unix:/var/run/redis/redis.cache.sock
+  #url: unix:/var/run/redis/redis.cache.sock
   ##
   # Redis + Sentinel (for HA)
   #
Index: gitlab-ce/config/redis.queues.yml.example
===================================================================
--- gitlab-ce.orig/config/redis.queues.yml.example
+++ gitlab-ce/config/redis.queues.yml.example
@@ -2,7 +2,7 @@
 # a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
 #
 development:
-  url: redis://localhost:6379/11
+  #url: redis://localhost:6379/11
   #
   # url: redis://localhost:6381
   # sentinels:
@@ -13,12 +13,12 @@ development:
   #     host: slave2
   #     port: 26381 # point to sentinel, not to redis port
 test:
-  url: redis://localhost:6379/11
+  #url: redis://localhost:6379/11
   #
   # url: redis://localhost:6381
 production:
   # Redis (single instance)
-  url: unix:/var/run/redis/redis.queues.sock
+  #url: unix:/var/run/redis/redis.queues.sock
   ##
   # Redis + Sentinel (for HA)
   #
Index: gitlab-ce/config/redis.shared_state.yml.example
===================================================================
--- gitlab-ce.orig/config/redis.shared_state.yml.example
+++ gitlab-ce/config/redis.shared_state.yml.example
@@ -2,7 +2,7 @@
 # a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
 #
 development:
-  url: redis://localhost:6379/12
+  #url: redis://localhost:6379/12
   #
   # url: redis://localhost:6382
   # sentinels:
@@ -13,12 +13,12 @@ development:
   #     host: slave2
   #     port: 26382 # point to sentinel, not to redis port
 test:
-  url: redis://localhost:6379/12
+  #url: redis://localhost:6379/12
   #
   # url: redis://localhost:6382
 production:
   # Redis (single instance)
-  url: unix:/var/run/redis/redis.shared_state.sock
+  #url: unix:/var/run/redis/redis.shared_state.sock
   ##
   # Redis + Sentinel (for HA)
   #
Index: gitlab-ce/config/resque.yml.example
===================================================================
--- gitlab-ce.orig/config/resque.yml.example
+++ gitlab-ce/config/resque.yml.example
@@ -2,7 +2,7 @@
 # a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
 #
 development:
-  url: redis://localhost:6379
+  #url: redis://localhost:6379
   # sentinels:
   #   -
   #     host: localhost
@@ -11,10 +11,10 @@ development:
   #     host: slave2
   #     port: 26381 # point to sentinel, not to redis port
 test:
-  url: redis://localhost:6379
+  #url: redis://localhost:6379
 production:
   # Redis (single instance)
-  url: unix:/var/run/redis/redis.sock
+  #url: unix:/var/run/redis/redis.sock
   ##
   # Redis + Sentinel (for HA)
   #
Index: gitlab-ce/config/puma.rb.example
===================================================================
--- gitlab-ce.orig/config/puma.rb.example
+++ gitlab-ce/config/puma.rb.example
@@ -5,11 +5,11 @@
 # The default is "config.ru".
 #
 rackup 'config.ru'
-pidfile '/home/git/gitlab/tmp/pids/puma.pid'
-state_path '/home/git/gitlab/tmp/pids/puma.state'
+pidfile '/srv/www/vhosts/gitlab-ce/tmp/pids/puma.pid'
+state_path '/srv/www/vhosts/gitlab-ce/tmp/pids/puma.state'
 
-stdout_redirect '/home/git/gitlab/log/puma.stdout.log',
-  '/home/git/gitlab/log/puma.stderr.log',
+stdout_redirect '/srv/www/vhosts/gitlab-ce/log/puma.stdout.log',
+  '/srv/www/vhosts/gitlab-ce/log/puma.stderr.log',
   true
 
 # Configure "min" to be the minimum number of threads to use to answer
@@ -31,12 +31,12 @@ queue_requests false
 
 # Bind the server to "url". "tcp://", "unix://" and "ssl://" are the only
 # accepted protocols.
-bind 'unix:///home/git/gitlab/tmp/sockets/gitlab.socket'
+bind 'unix:///srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab.socket'
 
 workers 3
 
-require_relative "/home/git/gitlab/lib/gitlab/cluster/lifecycle_events"
-require_relative "/home/git/gitlab/lib/gitlab/cluster/puma_worker_killer_initializer"
+require_relative "/srv/www/vhosts/gitlab-ce/lib/gitlab/cluster/lifecycle_events"
+require_relative "/srv/www/vhosts/gitlab-ce/lib/gitlab/cluster/puma_worker_killer_initializer"
 
 on_restart do
   # Signal application hooks that we're about to restart