File gitlab-ce.default_config.patch of Package gitlab-ce
Index: gitlab-ce/config/gitlab.yml.example
===================================================================
--- gitlab-ce.orig/config/gitlab.yml.example
+++ gitlab-ce/config/gitlab.yml.example
@@ -92,12 +92,14 @@ production: &base
# Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
# user: git
+ user: gitlab
## Date & Time settings
# Uncomment and customize if you want to change the default time zone of GitLab application.
# To see all available time zones in a valid format, run `timedatectl list-timezones`
# on a Linux host, or 'TZInfo::Timezone.all_identifiers' in a Rails console.
# time_zone: 'UTC'
+ time_zone: 'UTC'
## Email settings
# Uncomment and set to false if you need to disable email sending from GitLab (default: true)
@@ -113,13 +115,13 @@ production: &base
# enabled: false
# S/MIME private key file in PEM format, unencrypted
# Default is '.gitlab_smime_key' relative to Rails.root (i.e. root of the GitLab app).
- # key_file: /home/git/gitlab/.gitlab_smime_key
+ # key_file: /srv/www/vhosts/gitlab-ce/.gitlab_smime_key
# S/MIME public certificate key in PEM format, will be attached to signed messages
# Default is '.gitlab_smime_cert' relative to Rails.root (i.e. root of the GitLab app).
- # cert_file: /home/git/gitlab/.gitlab_smime_cert
+ # cert_file: /srv/www/vhosts/gitlab-ce/.gitlab_smime_cert
# S/MIME extra CA public certificates in PEM format, will be attached to signed messages
# Optional
- # ca_certs_file: /home/git/gitlab/.gitlab_smime_ca_certs
+ # ca_certs_file: /srv/www/vhosts/gitlab-ce/.gitlab_smime_ca_certs
# Email server smtp settings are in config/initializers/smtp_settings.rb.sample
# File location to read encrypted SMTP secrets from
@@ -321,7 +323,7 @@ production: &base
# contains the shared secret key for verifying access for mailroom's
# incoming_email.
# Default is '.gitlab_mailroom_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_mailroom_secret
+ # secret_file: /srv/www/vhosts/gitlab-ce/.gitlab_mailroom_secret
# File location to read encrypted incoming email secrets from
# encrypted_secret_file: /mnt/gitlab/smtp.yaml.enc
@@ -362,6 +364,7 @@ production: &base
enabled: true
# The location where build artifacts are stored (default: shared/artifacts).
# path: shared/artifacts
+ # path: /srv/gitlab/artifacts
# object_store:
# enabled: false
# remote_directory: artifacts # The bucket name
@@ -396,6 +399,7 @@ production: &base
enabled: true
# The location where LFS objects are stored (default: shared/lfs-objects).
# storage_path: shared/lfs-objects
+ #storage_path: /srv/gitlab/lfs-objects
object_store:
enabled: false
remote_directory: lfs-objects # Bucket name
@@ -510,6 +514,7 @@ production: &base
access_control: false
# The location where pages are stored (default: shared/pages).
# path: shared/pages
+ path: /srv/gitlab-pages
# The domain under which the pages are served:
# http://group.example.com/project
@@ -524,7 +529,7 @@ production: &base
# File that contains the shared secret key for verifying access for gitlab-pages.
# Default is '.gitlab_pages_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_pages_secret
+ # secret_file: /srv/www/vhosts/gitlab-ce/.gitlab_pages_secret
object_store:
enabled: false
remote_directory: pages # The bucket name
@@ -772,6 +777,7 @@ production: &base
# The location where build traces are stored (default: builds/). Relative paths are relative to Rails.root
# builds_path: builds/
+ builds_path: /srv/gitlab/builds/
#
# 3. Auth settings
@@ -1232,6 +1238,7 @@ production: &base
# Shared file storage settings
shared:
# path: /mnt/gitlab # Default: shared
+ path: /srv/gitlab/shared/
# Encrypted Settings configuration
encrypted_settings:
@@ -1252,13 +1259,14 @@ production: &base
repositories:
storages: # You must have at least a `default` storage path.
default:
- gitaly_address: unix:/home/git/gitlab/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port).
+ path: /srv/gitlab/repositories/
+ gitaly_address: unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port).
# gitaly_token: 'special token' # Optional: override global gitaly.token for this storage.
## Backup settings
backup:
path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/)
- # gitaly_backup_path: /home/git/gitaly/_build/bin/gitaly-backup # Path of the gitaly-backup binary (default: searches $PATH)
+ gitaly_backup_path: /usr/lib/gitlab/gitaly/bin/gitaly-backup # Path of the gitaly-backup binary (default: searches $PATH)
# archive_permissions: 0640 # Permissions for the resulting backup.tar file (default: 0600)
# keep_time: 604800 # default: 0 (forever) (in seconds)
# pg_schema: public # default: nil, it means that all schemas will be backed up
@@ -1293,12 +1301,12 @@ production: &base
## GitLab Shell settings
gitlab_shell:
- path: /home/git/gitlab-shell/
- authorized_keys_file: /home/git/.ssh/authorized_keys
+ path: /usr/lib/gitlab/shell/
+ authorized_keys_file: /srv/gitlab/.ssh/authorized_keys
# File that contains the secret key for verifying access for gitlab-shell.
# Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_shell_secret
+ # secret_file: /srv/www/vhosts/gitlab-ce/.gitlab_shell_secret
# Git over HTTP
upload_pack: true
@@ -1313,7 +1321,7 @@ production: &base
workhorse:
# File that contains the secret key for verifying access for gitlab-workhorse.
# Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_workhorse_secret
+ # secret_file: /srv/www/vhosts/gitlab-ce/.gitlab_workhorse_secret
database_traffic_capture:
config:
@@ -1332,15 +1340,15 @@ production: &base
# skip_sequence_alteration: false
# topology_service_client:
# address: topology-service.gitlab.example.com:443
- # ca_file: /home/git/gitlab/config/topology-service-ca.pem
- # certificate_file: /home/git/gitlab/config/topology-service-cert.pem
- # private_key_file: /home/git/gitlab/config/topology-service-key.pem
+ # ca_file: /srv/www/vhosts/gitlab-ce/config/topology-service-ca.pem
+ # certificate_file: /srv/www/vhosts/gitlab-ce/config/topology-service-cert.pem
+ # private_key_file: /srv/www/vhosts/gitlab-ce/config/topology-service-key.pem
gitlab_kas:
# enabled: true
# File that contains the secret key for verifying access for gitlab-kas.
# Default is '.gitlab_kas_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_kas_secret
+ # secret_file: /srv/www/vhosts/gitlab-ce/.gitlab_kas_secret
# The URL to the external KAS API (used by the Kubernetes agents)
# external_url: wss://kas.example.com
@@ -1357,17 +1365,17 @@ production: &base
suggested_reviewers:
# File that contains the secret key for verifying access to GitLab internal API for Suggested Reviewers.
# Default is '.gitlab_suggested_reviewers_secret' relative to Rails.root (i.e. root of the GitLab app).
- # secret_file: /home/git/gitlab/.gitlab_suggested_reviewers_secret
+ # secret_file: /srv/www/vhosts/gitlab-ce/.gitlab_suggested_reviewers_secret
zoekt:
# Files that contain username and password for basic auth for Zoekt
# Default is '.gitlab_zoekt_username' and '.gitlab_zoekt_password' in Rails.root
- # username_file: /home/git/gitlab/.gitlab_zoekt_username
- # password_file: /home/git/gitlab/.gitlab_zoekt_password
+ # username_file: /srv/www/vhosts/gitlab-ce/.gitlab_zoekt_username
+ # password_file: /srv/www/vhosts/gitlab-ce/.gitlab_zoekt_password
## GitLab Elasticsearch settings
elasticsearch:
- indexer_path: /home/git/gitlab-elasticsearch-indexer/
+ indexer_path: /srv/gitlab/gitlab-elasticsearch-indexer/
## Git settings
# CAUTION!
Index: gitlab-ce/lib/support/nginx/gitlab
===================================================================
--- gitlab-ce.orig/lib/support/nginx/gitlab
+++ gitlab-ce/lib/support/nginx/gitlab
@@ -19,7 +19,7 @@
upstream gitlab-workhorse {
# GitLab socket file,
# for Omnibus this would be: unix:/var/opt/gitlab/gitlab-workhorse/sockets/socket
- server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
+ server unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
}
map $http_upgrade $connection_upgrade_gitlab {
@@ -114,7 +114,7 @@ server {
location ~ ^/(404|422|500|502|503)\.html$ {
# Location to the GitLab's public directory,
# for Omnibus this would be: /opt/gitlab/embedded/service/gitlab-rails/public.
- root /home/git/gitlab/public;
+ root /srv/www/vhosts/gitlab-ce/public;
internal;
}
Index: gitlab-ce/lib/support/nginx/gitlab-ssl
===================================================================
--- gitlab-ce.orig/lib/support/nginx/gitlab-ssl
+++ gitlab-ce/lib/support/nginx/gitlab-ssl
@@ -23,7 +23,7 @@
upstream gitlab-workhorse {
# GitLab socket file,
# for Omnibus this would be: unix:/var/opt/gitlab/gitlab-workhorse/sockets/socket
- server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
+ server unix:/srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
}
map $http_upgrade $connection_upgrade_gitlab_ssl {
@@ -161,7 +161,7 @@ server {
location ~ ^/(404|422|500|502|503)\.html$ {
# Location to the GitLab's public directory,
# for Omnibus this would be: /opt/gitlab/embedded/service/gitlab-rails/public
- root /home/git/gitlab/public;
+ root /srv/www/vhosts/gitlab-ce/public;
internal;
}
}
Index: gitlab-ce/config/resque.yml.example
===================================================================
--- gitlab-ce.orig/config/resque.yml.example
+++ gitlab-ce/config/resque.yml.example
@@ -2,7 +2,7 @@
# a merge request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
#
development:
- url: redis://localhost:6379
+ # url: redis://localhost:6379
# ssl_params:
# ca_path: "/path/to/dir/with/certs"
# ca_file: "/path/to/ca.crt"
@@ -16,10 +16,10 @@ development:
# host: replica2
# port: 26381 # point to sentinel, not to redis port
test:
- url: redis://localhost:6379
+ #url: redis://localhost:6379
production:
# Redis (single instance)
- url: unix:/var/run/redis/redis.sock
+ #url: unix:/var/run/redis/redis.sock
##
# Redis + Sentinel (for HA)
#
Index: gitlab-ce/config/puma.rb.example
===================================================================
--- gitlab-ce.orig/config/puma.rb.example
+++ gitlab-ce/config/puma.rb.example
@@ -5,11 +5,11 @@
# The default is "config.ru".
#
rackup 'config.ru'
-pidfile '/home/git/gitlab/tmp/pids/puma.pid'
-state_path '/home/git/gitlab/tmp/pids/puma.state'
+pidfile '/srv/www/vhosts/gitlab-ce/tmp/pids/puma.pid'
+state_path '/srv/www/vhosts/gitlab-ce/tmp/pids/puma.state'
-stdout_redirect '/home/git/gitlab/log/puma.stdout.log',
- '/home/git/gitlab/log/puma.stderr.log',
+stdout_redirect '/srv/www/vhosts/gitlab-ce/log/puma.stdout.log',
+ '/srv/www/vhosts/gitlab-ce/log/puma.stderr.log',
true
# Configure "min" to be the minimum number of threads to use to answer
@@ -31,11 +31,11 @@ queue_requests false
# Bind the server to "url". "tcp://", "unix://" and "ssl://" are the only
# accepted protocols.
-bind 'unix:///home/git/gitlab/tmp/sockets/gitlab.socket'
+bind 'unix:///srv/www/vhosts/gitlab-ce/tmp/sockets/gitlab.socket'
workers 3
-require_relative "/home/git/gitlab/lib/gitlab/cluster/lifecycle_events"
+require_relative "/srv/www/vhosts/gitlab-ce/lib/gitlab/cluster/lifecycle_events"
on_restart do
# Signal application hooks that we're about to restart
@@ -74,14 +74,14 @@ worker_timeout 60
wait_for_less_busy_worker ENV.fetch('PUMA_WAIT_FOR_LESS_BUSY_WORKER', 0.001).to_f
# Use json formatter
-require_relative "/home/git/gitlab/lib/gitlab/puma_logging/json_formatter"
+require_relative "/srv/www/vhosts/gitlab-ce/lib/gitlab/puma_logging/json_formatter"
json_formatter = Gitlab::PumaLogging::JSONFormatter.new
log_formatter do |str|
json_formatter.call(str)
end
-require_relative "/home/git/gitlab/lib/gitlab/puma/error_handler"
+require_relative "/srv/www/vhosts/gitlab-ce/lib/gitlab/puma/error_handler"
error_handler = Gitlab::Puma::ErrorHandler.new(ENV['RAILS_ENV'] == 'production')
Index: gitlab-ce/config/initializers/1_settings.rb
===================================================================
--- gitlab-ce.orig/config/initializers/1_settings.rb
+++ gitlab-ce/config/initializers/1_settings.rb
@@ -213,13 +213,13 @@ Settings.gitlab['email_smime'] = SmimeSi
Settings.gitlab['email_smtp_secret_file'] = Settings.absolute(Settings.gitlab['email_smtp_secret_file'] || File.join(Settings.encrypted_settings['path'], "smtp.yaml.enc"))
Settings.gitlab['base_url'] ||= Settings.__send__(:build_base_gitlab_url)
Settings.gitlab['url'] ||= Settings.__send__(:build_gitlab_url)
-Settings.gitlab['user'] ||= 'git'
+Settings.gitlab['user'] ||= 'gitlab'
# External configuration may cause the ssh user to differ from the GitLab user
Settings.gitlab['ssh_user'] ||= Settings.gitlab.user
Settings.gitlab['user_home'] ||= begin
Etc.getpwnam(Settings.gitlab['user']).dir
rescue ArgumentError # no user configured
- '/home/' + Settings.gitlab['user']
+ '/srv/' + Settings.gitlab['user']
end
Settings.gitlab['time_zone'] ||= nil
Settings.gitlab['signup_enabled'] ||= true if Settings.gitlab['signup_enabled'].nil?
