File gitlab-ce.default_config.patch of Package gitlab-ce
Index: gitlab-ce/config/gitlab.yml.example
===================================================================
--- gitlab-ce.orig/config/gitlab.yml.example
+++ gitlab-ce/config/gitlab.yml.example
@@ -84,11 +84,13 @@ production: &base
# Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
# user: git
+ user: gitlab
## Date & Time settings
# Uncomment and customize if you want to change the default time zone of GitLab application.
# To see all available zones, run `bundle exec rake time:zones:all RAILS_ENV=production`
# time_zone: 'UTC'
+ time_zone: 'UTC'
## Email settings
# Uncomment and set to false if you need to disable email sending from GitLab (default: true)
@@ -103,10 +105,10 @@ production: &base
# enabled: false
# S/MIME private key file in PEM format, unencrypted
# Default is '.gitlab_smime_key' relative to Rails.root (i.e. root of the GitLab app).
- # key_file: /home/git/gitlab/.gitlab_smime_key
+ # key_file: /srv/www/vhosts/gitlab-ce/.gitlab_smime_key
# S/MIME public certificate key in PEM format, will be attached to signed messages
# Default is '.gitlab_smime_cert' relative to Rails.root (i.e. root of the GitLab app).
- # cert_file: /home/git/gitlab/.gitlab_smime_cert
+ # cert_file: /srv/www/vhosts/gitlab-ce/.gitlab_smime_cert
# Email server smtp settings are in config/initializers/smtp_settings.rb.sample
@@ -204,6 +206,7 @@ production: &base
enabled: true
# The location where build artifacts are stored (default: shared/artifacts).
# path: shared/artifacts
+ # path: /srv/gitlab/artifacts
# object_store:
# enabled: false
# remote_directory: artifacts # The bucket name
@@ -240,6 +243,7 @@ production: &base
enabled: true
# The location where LFS objects are stored (default: shared/lfs-objects).
# storage_path: shared/lfs-objects
+ #storage_path: /srv/gitlab/lfs-objects
object_store:
enabled: false
remote_directory: lfs-objects # Bucket name
@@ -326,6 +330,7 @@ production: &base
access_control: false
# The location where pages are stored (default: shared/pages).
# path: shared/pages
+ path: /srv/gitlab-pages
# The domain under which the pages are served:
# http://group.example.com/project
@@ -339,7 +344,7 @@ production: &base
# File that contains the shared secret key for verifying access for gitlab-pages.
# Default is '.gitlab_pages_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_pages_secret
+ # secret_file: /srv/www/vhosts/gitlab-ce/.gitlab_pages_shared_secret
## Mattermost
## For enabling Add to Mattermost button
@@ -518,6 +523,7 @@ production: &base
# The location where build traces are stored (default: builds/). Relative paths are relative to Rails.root
# builds_path: builds/
+ builds_path: /srv/gitlab/builds/
#
# 3. Auth settings
@@ -926,11 +932,12 @@ production: &base
# Shared file storage settings
shared:
# path: /mnt/gitlab # Default: shared
+ path: /srv/gitlab/shared/
# Gitaly settings
gitaly:
# Path to the directory containing Gitaly client executables.
- client_path: /home/git/gitaly
+ client_path: /usr/lib/gitlab/gitaly
# Default Gitaly authentication token. Can be overridden per storage. Can
# be left blank when Gitaly is running locally on a Unix socket, which
# is the normal way to deploy Gitaly.
@@ -948,8 +955,8 @@ production: &base
# real path not the symlink.
storages: # You must have at least a `default` storage path.
default:
- path: /home/git/repositories/
- gitaly_address: unix:/home/git/gitlab/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port).
+ path: /srv/gitlab/repositories/
+ gitaly_address: unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port).
# gitaly_token: 'special token' # Optional: override global gitaly.token for this storage.
## Backup settings
@@ -995,12 +1002,12 @@ production: &base
## GitLab Shell settings
gitlab_shell:
- path: /home/git/gitlab-shell/
- authorized_keys_file: /home/git/.ssh/authorized_keys
+ path: /usr/lib/gitlab/shell/
+ authorized_keys_file: /srv/gitlab/.ssh/authorized_keys
# File that contains the secret key for verifying access for gitlab-shell.
# Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_shell_secret
+ # secret_file: /srv/www/vhosts/gitlab-ce/.gitlab_shell_secret
# Git over HTTP
upload_pack: true
@@ -1015,11 +1022,11 @@ production: &base
workhorse:
# File that contains the secret key for verifying access for gitlab-workhorse.
# Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_workhorse_secret
+ # secret_file: /srv/www/vhosts/gitlab-ce/.gitlab_workhorse_secret
## GitLab Elasticsearch settings
elasticsearch:
- indexer_path: /home/git/gitlab-elasticsearch-indexer/
+ indexer_path: /srv/gitlab/gitlab-elasticsearch-indexer/
## Git settings
# CAUTION!
Index: gitlab-ce/config/unicorn.rb.example
===================================================================
--- gitlab-ce.orig/config/unicorn.rb.example
+++ gitlab-ce/config/unicorn.rb.example
@@ -33,13 +33,14 @@ worker_processes 3
# Help ensure your application will always spawn in the symlinked
# "current" directory that Capistrano sets up.
-working_directory "/home/git/gitlab" # available in 0.94.0+
+working_directory "/srv/www/vhosts/gitlab-ce" # available in 0.94.0+
# Listen on both a Unix domain socket and a TCP port.
# If you are load-balancing multiple Unicorn masters, lower the backlog
# setting to e.g. 64 for faster failover.
-listen "/home/git/gitlab/tmp/sockets/gitlab.socket", :backlog => 1024
-listen "127.0.0.1:8080", :tcp_nopush => true
+listen "/srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab.socket", :backlog => 1024
+listen "/srv/www/vhosts/gitlab-ce/tmp/sockets/unicorn.socket", :backlog => 1024
+listen "127.0.0.1:3003", :tcp_nopush => true
# nuke workers after 30 seconds instead of 60 seconds (the default)
#
@@ -59,13 +60,13 @@ listen "127.0.0.1:8080", :tcp_nopush =>
timeout 60
# feel free to point this anywhere accessible on the filesystem
-pid "/home/git/gitlab/tmp/pids/unicorn.pid"
+pid "/srv/www/vhosts/gitlab-ce/tmp/pids/unicorn.pid"
# By default, the Unicorn logger will write to stderr.
# Additionally, some applications/frameworks log to stderr or stdout,
# so prevent them from going to /dev/null when daemonized here:
-stderr_path "/home/git/gitlab/log/unicorn.stderr.log"
-stdout_path "/home/git/gitlab/log/unicorn.stdout.log"
+stderr_path "/srv/www/vhosts/gitlab-ce/log/unicorn.stderr.log"
+stdout_path "/srv/www/vhosts/gitlab-ce/log/unicorn.stdout.log"
# Save memory by sharing the application code among multiple Unicorn workers
# with "preload_app true". See:
@@ -81,8 +82,8 @@ preload_app true
# fast LAN.
check_client_connection false
-require_relative "/home/git/gitlab/lib/gitlab/cluster/lifecycle_events"
-require_relative "/home/git/gitlab/lib/gitlab/log_timestamp_formatter.rb"
+require_relative "/srv/www/vhosts/gitlab-ce/lib/gitlab/cluster/lifecycle_events"
+require_relative "/srv/www/vhosts/gitlab-ce/lib/gitlab/log_timestamp_formatter.rb"
before_exec do |server|
# Signal application hooks that we're about to restart
Index: gitlab-ce/lib/support/nginx/gitlab
===================================================================
--- gitlab-ce.orig/lib/support/nginx/gitlab
+++ gitlab-ce/lib/support/nginx/gitlab
@@ -15,11 +15,14 @@
###################################
##
## See installation.md#using-https for additional HTTPS configuration details.
+upstream gitlab {
+ server unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab.socket fail_timeout=0;
+}
upstream gitlab-workhorse {
# GitLab socket file,
# for Omnibus this would be: unix:/var/opt/gitlab/gitlab-workhorse/socket
- server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
+ server unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
}
map $http_upgrade $connection_upgrade_gitlab {
@@ -28,7 +31,7 @@ map $http_upgrade $connection_upgrade_gi
}
## NGINX 'combined' log format with filtered query strings
-log_format gitlab_access $remote_addr - $remote_user [$time_local] "$request_method $gitlab_filtered_request_uri $server_protocol" $status $body_bytes_sent "$gitlab_filtered_http_referer" "$http_user_agent";
+log_format gitlab_access '$remote_addr - $remote_user [$time_local] "$request_method $gitlab_filtered_request_uri $server_protocol" $status $body_bytes_sent "$gitlab_filtered_http_referer" "$http_user_agent"';
## Remove private_token from the request URI
# In: /foo?private_token=unfiltered&authenticity_token=unfiltered&feed_token=unfiltered&...
@@ -114,7 +117,7 @@ server {
location ~ ^/(404|422|500|502|503)\.html$ {
# Location to the GitLab's public directory,
# for Omnibus this would be: /opt/gitlab/embedded/service/gitlab-rails/public.
- root /home/git/gitlab/public;
+ root /srv/www/vhosts/gitlab-ce/public;
internal;
}
Index: gitlab-ce/lib/support/nginx/gitlab-ssl
===================================================================
--- gitlab-ce.orig/lib/support/nginx/gitlab-ssl
+++ gitlab-ce/lib/support/nginx/gitlab-ssl
@@ -19,11 +19,14 @@
###################################
##
## See installation.md#using-https for additional HTTPS configuration details.
+upstream gitlab {
+ server unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab.socket fail_timeout=0;
+}
upstream gitlab-workhorse {
# GitLab socket file,
# for Omnibus this would be: unix:/var/opt/gitlab/gitlab-workhorse/socket
- server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
+ server unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
}
map $http_upgrade $connection_upgrade_gitlab_ssl {
@@ -33,7 +36,7 @@ map $http_upgrade $connection_upgrade_gi
## NGINX 'combined' log format with filtered query strings
-log_format gitlab_ssl_access $remote_addr - $remote_user [$time_local] "$request_method $gitlab_ssl_filtered_request_uri $server_protocol" $status $body_bytes_sent "$gitlab_ssl_filtered_http_referer" "$http_user_agent";
+log_format gitlab_ssl_access '$remote_addr - $remote_user [$time_local] "$request_method $gitlab_ssl_filtered_request_uri $server_protocol" $status $body_bytes_sent "$gitlab_ssl_filtered_http_referer" "$http_user_agent"';
## Remove private_token from the request URI
# In: /foo?private_token=unfiltered&authenticity_token=unfiltered&feed_token=unfiltered&...
@@ -164,7 +167,7 @@ server {
location ~ ^/(404|422|500|502|503)\.html$ {
# Location to the GitLab's public directory,
# for Omnibus this would be: /opt/gitlab/embedded/service/gitlab-rails/public
- root /home/git/gitlab/public;
+ root /srv/www/vhosts/gitlab-ce/public;
internal;
}
}
Index: gitlab-ce/config/redis.cache.yml.example
===================================================================
--- gitlab-ce.orig/config/redis.cache.yml.example
+++ gitlab-ce/config/redis.cache.yml.example
@@ -2,7 +2,7 @@
# a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
#
development:
- url: redis://localhost:6379/10
+ #url: redis://localhost:6379/10
#
# url: redis://localhost:6380
# sentinels:
@@ -13,12 +13,12 @@ development:
# host: slave2
# port: 26380 # point to sentinel, not to redis port
test:
- url: redis://localhost:6379/10
+ #url: redis://localhost:6379/10
#
# url: redis://localhost:6380
production:
# Redis (single instance)
- url: unix:/var/run/redis/redis.cache.sock
+ #url: unix:/var/run/redis/redis.cache.sock
##
# Redis + Sentinel (for HA)
#
Index: gitlab-ce/config/redis.queues.yml.example
===================================================================
--- gitlab-ce.orig/config/redis.queues.yml.example
+++ gitlab-ce/config/redis.queues.yml.example
@@ -2,7 +2,7 @@
# a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
#
development:
- url: redis://localhost:6379/11
+ #url: redis://localhost:6379/11
#
# url: redis://localhost:6381
# sentinels:
@@ -13,12 +13,12 @@ development:
# host: slave2
# port: 26381 # point to sentinel, not to redis port
test:
- url: redis://localhost:6379/11
+ #url: redis://localhost:6379/11
#
# url: redis://localhost:6381
production:
# Redis (single instance)
- url: unix:/var/run/redis/redis.queues.sock
+ #url: unix:/var/run/redis/redis.queues.sock
##
# Redis + Sentinel (for HA)
#
Index: gitlab-ce/config/redis.shared_state.yml.example
===================================================================
--- gitlab-ce.orig/config/redis.shared_state.yml.example
+++ gitlab-ce/config/redis.shared_state.yml.example
@@ -2,7 +2,7 @@
# a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
#
development:
- url: redis://localhost:6379/12
+ #url: redis://localhost:6379/12
#
# url: redis://localhost:6382
# sentinels:
@@ -13,12 +13,12 @@ development:
# host: slave2
# port: 26382 # point to sentinel, not to redis port
test:
- url: redis://localhost:6379/12
+ #url: redis://localhost:6379/12
#
# url: redis://localhost:6382
production:
# Redis (single instance)
- url: unix:/var/run/redis/redis.shared_state.sock
+ #url: unix:/var/run/redis/redis.shared_state.sock
##
# Redis + Sentinel (for HA)
#
Index: gitlab-ce/config/resque.yml.example
===================================================================
--- gitlab-ce.orig/config/resque.yml.example
+++ gitlab-ce/config/resque.yml.example
@@ -2,7 +2,7 @@
# a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
#
development:
- url: redis://localhost:6379
+ #url: redis://localhost:6379
# sentinels:
# -
# host: localhost
@@ -11,10 +11,10 @@ development:
# host: slave2
# port: 26381 # point to sentinel, not to redis port
test:
- url: redis://localhost:6379
+ #url: redis://localhost:6379
production:
# Redis (single instance)
- url: unix:/var/run/redis/redis.sock
+ #url: unix:/var/run/redis/redis.sock
##
# Redis + Sentinel (for HA)
#
Index: gitlab-ce/config/puma.rb.example
===================================================================
--- gitlab-ce.orig/config/puma.rb.example
+++ gitlab-ce/config/puma.rb.example
@@ -5,11 +5,11 @@
# The default is "config.ru".
#
rackup 'config.ru'
-pidfile '/home/git/gitlab/tmp/pids/puma.pid'
-state_path '/home/git/gitlab/tmp/pids/puma.state'
+pidfile '/srv/www/vhosts/gitlab-ce/tmp/pids/puma.pid'
+state_path '/srv/www/vhosts/gitlab-ce/tmp/pids/puma.state'
-stdout_redirect '/home/git/gitlab/log/puma.stdout.log',
- '/home/git/gitlab/log/puma.stderr.log',
+stdout_redirect '/srv/www/vhosts/gitlab-ce/log/puma.stdout.log',
+ '/srv/www/vhosts/gitlab-ce/log/puma.stderr.log',
true
# Configure "min" to be the minimum number of threads to use to answer
@@ -31,12 +31,12 @@ queue_requests false
# Bind the server to "url". "tcp://", "unix://" and "ssl://" are the only
# accepted protocols.
-bind 'unix:///home/git/gitlab/tmp/sockets/gitlab.socket'
+bind 'unix:///srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab.socket'
workers 3
-require_relative "/home/git/gitlab/lib/gitlab/cluster/lifecycle_events"
-require_relative "/home/git/gitlab/lib/gitlab/cluster/puma_worker_killer_initializer"
+require_relative "/srv/www/vhosts/gitlab-ce/lib/gitlab/cluster/lifecycle_events"
+require_relative "/srv/www/vhosts/gitlab-ce/lib/gitlab/cluster/puma_worker_killer_initializer"
on_restart do
# Signal application hooks that we're about to restart