[DRE-commits] [gitlab] 03/06: make nginx optional, use ucf for conf files
Praveen Arimbrathodiyil
praveen at moszumanska.debian.org
Fri Apr 8 14:03:54 UTC 2016
This is an automated email from the git hooks/post-receive script.
praveen pushed a commit to branch master
in repository gitlab.
commit 39a2bfd88a161950af0b2e4b21c10ef338f13fdc
Author: Praveen Arimbrathodiyil <praveen at debian.org>
Date: Fri Apr 8 17:00:57 2016 +0530
make nginx optional, use ucf for conf files
---
debian/changelog | 9 +++
debian/conf/gitlab-debian.conf | 5 ++
debian/control | 1 +
debian/install | 4 +-
debian/postinst | 83 ++++++++++++++++++++-------
debian/postrm | 126 +++++++++++++++++++++++++++++++++++++++++
debian/rake-tasks.sh | 13 -----
7 files changed, 204 insertions(+), 37 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index b047eca..296ff92 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+gitlab (8.5.8+dfsg-5) UNRELEASED; urgency=medium
+
+ * Make nginx optional (Closes: #819260)
+ * Manage nginx configuration via ucf (Closes: #819262)
+ * Manage gitlab-debian.conf and gitlab.yml via ucf
+ * Make postinst more verbose
+
+ -- Pirate Praveen <praveen at debian.org> Fri, 08 Apr 2016 01:10:02 +0530
+
gitlab (8.5.8+dfsg-4) unstable; urgency=medium
* Tighten version requirements for dependencies
diff --git a/debian/conf/gitlab-debian.conf b/debian/conf/gitlab-debian.conf
index af98cfa..1d05bc0 100644
--- a/debian/conf/gitlab-debian.conf
+++ b/debian/conf/gitlab-debian.conf
@@ -4,6 +4,10 @@ gitlab_user=gitlab
gitlab_app_root=/usr/share/gitlab
gitlab_data_dir=/var/lib/gitlab
gitlab_scripts=/usr/lib/gitlab/scripts
+gitlab_yml_private=/var/lib/gitlab/gitlab.yml
+gitlab_yml=/etc/gitlab/gitlab.yml
+gitlab_debian_conf_private=/var/lib/gitlab/gitlab-debian.conf
+gitlab_debian_conf=/etc/gitlab/gitlab-debian.conf
gitlab_nginx_log=/var/log/gitlab
gitlab_ssl_path=/etc/gitlab/ssl
gitlab_shell_root=/usr/share/gitlab-shell
@@ -13,3 +17,4 @@ gitlab_pid_path=/run/gitlab
nginx_user=www-data
nginx_conf_example=/usr/share/doc/gitlab/nginx.conf.example
nginx_ssl_conf_example_gz=/usr/share/doc/gitlab/nginx.ssl.conf.example.gz
+nginx_site_private=/var/lib/gitlab/nginx.conf
diff --git a/debian/control b/debian/control
index 3424f91..0fc32b3 100644
--- a/debian/control
+++ b/debian/control
@@ -28,6 +28,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ruby | ruby-interpreter,
nginx | httpd,
postfix | exim4 | mail-transport-agent,
openssh-client,
+ ucf,
gitlab-shell (>= 2.6.10~),
gitlab-workhorse (>= 0.6.2~),
ruby-rails (>= 2:4.2.5.2~),
diff --git a/debian/install b/debian/install
index bebc1bb..38b88f9 100644
--- a/debian/install
+++ b/debian/install
@@ -1,9 +1,9 @@
debian/conf/gitlab etc/default
debian/conf/unicorn.rb etc/gitlab
debian/conf/database.yml etc/gitlab
-debian/conf/gitlab.yml etc/gitlab
+debian/conf/gitlab.yml var/lib/gitlab
debian/conf/resque.yml etc/gitlab
-debian/conf/gitlab-debian.conf etc/gitlab
+debian/conf/gitlab-debian.conf var/lib/gitlab
debian/conf/*.target lib/systemd/system
debian/conf/*.service lib/systemd/system
debian/conf/smtp_settings.rb etc/gitlab/initializers
diff --git a/debian/postinst b/debian/postinst
index 2604849..0969b1b 100755
--- a/debian/postinst
+++ b/debian/postinst
@@ -33,8 +33,11 @@ case "$1" in
# Read and export debian specific configuration
# Only exported variables will be passed on to gitlab app
- gitlab_debian_conf=/etc/gitlab/gitlab-debian.conf
- export $(cat ${gitlab_debian_conf})
+ gitlab_debian_conf_private=/var/lib/gitlab/gitlab-debian.conf
+ export $(cat ${gitlab_debian_conf_private})
+
+ # If /etc/gitlab/gitlab-debian.conf is already present, use it
+ test -f ${gitlab_debian_conf} && export $(cat ${gitlab_debian_conf})
# Create gitlab user
. /usr/lib/gitlab/scripts/adduser.sh
@@ -45,6 +48,7 @@ case "$1" in
gitlab_uploads_path=${gitlab_data_dir}/public/uploads
# Create directories and change ownership
+ echo "Creating runtime directories for gitlab..."
for i in ${gitlab_repo_path} ${gitlab_cache_path} ${gitlab_uploads_path}\
${gitlab_pid_path} ${gitlab_log_dir} ${gitlab_shell_log} ${gitlab_builds_log}; do
mkdir -p $i
@@ -56,6 +60,7 @@ case "$1" in
chown ${gitlab_user}:${nginx_user} -R ${gitlab_uploads_path}/.. ${gitlab_pid_path}
# Customize permissions
+ echo "Updating file permissions..."
chmod -R ug+rwX,o-rwx ${gitlab_repo_path}/
chmod -R ug-s ${gitlab_repo_path}/
find ${gitlab_repo_path}/ -type d -print0 | xargs -0 chmod g+s
@@ -72,19 +77,34 @@ case "$1" in
# Obtain hostname from debconf db
db_get gitlab/fqdn
if [ "${RET}" != "" ]; then
- if ! grep GITLAB_HOST ${gitlab_debian_conf}; then
+ if ! grep GITLAB_HOST ${gitlab_debian_conf_private}; then
+ echo "Configuring hostname and email..."
export GITLAB_HOST=${RET} # We need this to configure nginx below
- echo GITLAB_HOST=${RET} >> ${gitlab_debian_conf}
- echo GITLAB_EMAIL_FROM="no-reply@${RET}" >> ${gitlab_debian_conf}
- echo GITLAB_EMAIL_DISPLAY_NAME="Gitlab" >> ${gitlab_debian_conf}
- echo GITLAB_EMAIL_REPLY_TO="no-reply@${RET}" >> ${gitlab_debian_conf}
+ cat <<EOF >> ${gitlab_debian_conf_private}
+GITLAB_HOST=${RET}
+GITLAB_EMAIL_FROM="no-reply@${RET}"
+GITLAB_EMAIL_DISPLAY_NAME="Gitlab"
+GITLAB_EMAIL_REPLY_TO="no-reply@${RET}"
+EOF
fi
# Check if ssl option is selected
db_get gitlab/ssl
+ gl_proto="http"
if [ "${RET}" = "true" ]; then
- if ! grep GITLAB_HTTPS ${gitlab_debian_conf}; then
- echo GITLAB_HTTPS=${RET} >> ${gitlab_debian_conf}
+ echo "Configuring nginx with HTTPS..."
+ if ! grep GITLAB_HTTPS ${gitlab_debian_conf_private}; then
+ echo GITLAB_HTTPS=${RET} >> ${gitlab_debian_conf_private}
+ # Workaround for #813770
+ gl_proto="https"
+ echo "Configuring gitlab with HTTPS..."
+ sed -i "s/#port: 80/port: 443/" ${gitlab_yml_private}
+ sed -i "s/https: false/https: true/" ${gitlab_yml_private}
+ echo "Updating gitlab_url in gitlab-shell configuration..."
+ sed -i \
+ "s/gitlab_url: http*:\/\/.*/gitlab_url: ${gl_proto}:\/\/${GITLAB_HOST}/"\
+ ${gitlab_shell_root}/config.yml
+
fi
mkdir -p /etc/gitlab/ssl
if [ -f "${nginx_ssl_conf_example_gz}" ]; then
@@ -97,7 +117,8 @@ case "$1" in
# Check if letsencrypt option is selected
db_get gitlab/letsencrypt
if [ "${RET}" = "true" ]; then
- # Check if certificate is already present
+ echo "Configuring letsencrypt..."
+ # Check if certificate is already present
if [ -e /etc/letsencrypt/live/${GITLAB_HOST}/fullchain.pem ]; then
echo "Let's encrypt certificate already present."
else
@@ -105,29 +126,47 @@ case "$1" in
/etc/gitlab/ssl/gitlab.crt
ln -sf /etc/letsencrypt/live/${GITLAB_HOST}/privkey.pem \
/etc/gitlab/ssl/gitlab.key
+
# Port 80 and 443 should be available for letsencrypt
- invoke-rc.d nginx stop
- letsencrypt -d ${GITLAB_HOST} certonly
+ if command -v nginx > /dev/null; then
+ echo "Stopping nginx for letsencrypt..."
+ invoke-rc.d nginx stop
+ fi
+
+ letsencrypt -d ${GITLAB_HOST} certonly || {
+ echo "letsencrypt auto configuration failed..."
+ echo "Stop your webserver and try running letsencrypt manually..."
+ echo "letsencrypt -d ${GITLAB_HOST} certonly"
+ }
fi
fi
fi
+ echo "Registering ${gitlab_yml} via ucf"
+ ucf --debconf-ok --three-way ${gitlab_yml_private} ${gitlab_yml}
+ ucfr gitlab ${gitlab_yml}
+ # Manage gitlab-debian.conf via ucf
+ echo "Registering ${gitlab_debian_conf} via ucf"
+ ucf --debconf-ok --three-way ${gitlab_debian_conf_private} ${gitlab_debian_conf}
+ ucfr gitlab ${gitlab_debian_conf}
+
if test -f ${nginx_conf_example}; then
nginx_site="/etc/nginx/sites-available/${GITLAB_HOST}"
- if test -f ${nginx_site}; then
- echo "${nginx_site} is already present, skipping nginx configuration"
- else
- sed -e "s/YOUR_SERVER_FQDN/${GITLAB_HOST}/"\
- ${nginx_conf_example} >/etc/nginx/sites-available/${GITLAB_HOST}
- ln -fs /etc/nginx/sites-available/${GITLAB_HOST} /etc/nginx/sites-enabled/
- rm -f ${nginx_conf_example_tmp}
- fi
+ sed -e "s/YOUR_SERVER_FQDN/${GITLAB_HOST}/"\
+ ${nginx_conf_example} >${nginx_site_private}
+ ucf --debconf-ok --three-way ${nginx_site_private} ${nginx_site}
+ ucfr gitlab ${nginx_site}
+ ln -fs ${nginx_site} /etc/nginx/sites-enabled/
+ rm -f ${nginx_conf_example_tmp}
else
echo "nginx example configuration file not found"
exit 1
fi
# Reload nginx
- invoke-rc.d nginx reload
+ if command -v nginx > /dev/null; then
+ echo "Reloading nginx configuration..."
+ invoke-rc.d nginx reload
+ fi
else
echo "Failed to retrieve fully qualified domain name"
exit 1
@@ -156,7 +195,7 @@ case "$1" in
echo "Verifying we have all required libraries..."
su ${gitlab_user} -s /bin/sh -c 'bundle install --local'
- echo "Running final rake tasks..."
+ echo "Running final rake tasks and tweaks..."
. /usr/lib/gitlab/scripts/rake-tasks.sh
diff --git a/debian/postrm b/debian/postrm
new file mode 100644
index 0000000..4a1debd
--- /dev/null
+++ b/debian/postrm
@@ -0,0 +1,126 @@
+#! /bin/sh
+# postrm.skeleton
+# Skeleton maintainer script showing all the possible cases.
+# Written by Charles Briscoe-Smith, March-June 1998. Public Domain.
+
+# Abort if any command returns an error value
+set -e
+
+# This script is called twice during the removal of the package; once
+# after the removal of the package's files from the system, and as
+# the final step in the removal of this package, after the package's
+# conffiles have been removed.
+
+# Ensure the menu system is updated
+
+# Read and export debian specific configuration
+# Only exported variables will be passed on to gitlab app
+echo "Reading gitlab-debian.conf..."
+gitlab_debian_conf=/etc/gitlab/gitlab-debian.conf
+test -f ${gitlab_debian_conf} && export $(cat ${gitlab_debian_conf})
+nginx_site="/etc/nginx/sites-available/${GITLAB_HOST}"
+
+test -f ${nginx_site} && echo "Found nginx site configuration at ${nginx_site}..."
+
+case "$1" in
+ remove)
+ # This package is being removed, but its configuration has not yet
+ # been purged.
+ :
+
+ # Remove diversion
+ # ldconfig is NOT needed during removal of a library, only during
+ # installation
+
+ ;;
+ purge)
+ # This package has previously been removed and is now having
+ # its configuration purged from the system.
+ :
+
+ # we mimic dpkg as closely as possible, so we remove configuration
+ # files with dpkg backup extensions too:
+ ### Some of the following is from Tore Anderson:
+ for ext in '~' '%' .bak .ucf-new .ucf-old .ucf-dist; do
+ rm -f ${nginx_site}$ext
+ rm -f ${gitlab_debian_conf}$ext
+ rm -f ${gitlab_yml}$ext
+ done
+
+ # remove the configuration file itself
+ test -f ${nginx_site} && rm -f ${nginx_site}
+ test -f ${gitlab_debian_conf} && rm -f ${gitlab_debian_conf}
+ test -f ${gitlab_yml} && rm -f ${gitlab_yml}
+
+ # and finally clear it out from the ucf database
+ if which ucf >/dev/null; then
+ test -n "${nginx_site}" && ucf --purge ${nginx_site}
+ test -n "${gitlab_debian_conf}" && ucf --purge ${gitlab_debian_conf}
+ test -n "${gitlab_yml}" && ucf --purge ${gitlab_yml}
+ fi
+ if which ucfr >/dev/null; then
+ test -n "${nginx_site}" && ucfr --purge gitlab ${nginx_site}
+ test -n "${gitlab_debian_conf}" && ucfr --purge gitlab ${gitlab_debian_conf}
+ test -n "${gitlab_yml}" && ucfr --purge gitlab ${gitlab_yml}
+ fi
+
+ ;;
+ disappear)
+ if test "$2" != overwriter; then
+ echo "$0: undocumented call to \`postrm $*'" 1>&2
+ exit 0
+ fi
+ # This package has been completely overwritten by package $3
+ # (version $4). All our files are already gone from the system.
+ # This is a special case: neither "prerm remove" nor "postrm remove"
+ # have been called, because dpkg didn't know that this package would
+ # disappear until this stage.
+ :
+
+ ;;
+ upgrade)
+ # About to upgrade FROM THIS VERSION to version $2 of this package.
+ # "prerm upgrade" has been called for this version, and "preinst
+ # upgrade" has been called for the new version. Last chance to
+ # clean up.
+ :
+
+ ;;
+ failed-upgrade)
+ # About to upgrade from version $2 of this package TO THIS VERSION.
+ # "prerm upgrade" has been called for the old version, and "preinst
+ # upgrade" has been called for this version. This is only used if
+ # the previous version's "postrm upgrade" couldn't handle it and
+ # returned non-zero. (Fix old postrm bugs here.)
+ :
+
+ ;;
+ abort-install)
+ # Back out of an attempt to install this package. Undo the effects of
+ # "preinst install...". There are two sub-cases.
+ :
+
+ if test "${2+set}" = set; then
+ # When the install was attempted, version $2's configuration
+ # files were still on the system. Undo the effects of "preinst
+ # install $2".
+ :
+
+ else
+ # We were being installed from scratch. Undo the effects of
+ # "preinst install".
+ :
+
+ fi ;;
+ abort-upgrade)
+ # Back out of an attempt to upgrade this package from version $2
+ # TO THIS VERSION. Undo the effects of "preinst upgrade $2".
+ :
+
+ ;;
+ *) echo "$0: didn't understand being called with \`$1'" 1>&2
+ exit 0;;
+esac
+
+#DEBHELPER#
+exit 0
diff --git a/debian/rake-tasks.sh b/debian/rake-tasks.sh
index eec63a9..cbc78c6 100755
--- a/debian/rake-tasks.sh
+++ b/debian/rake-tasks.sh
@@ -51,19 +51,6 @@ else
invoke-rc.d gitlab start
fi
-# Workaround for #813770
-if [ "${GITLAB_HTTPS}" = "true" ]; then
- gl_proto="https"
- sed -i "s/#port: 80/port: 443/" ${gitlab_app_root}/config/gitlab.yml
- sed -i "s/https: false/https: true/" ${gitlab_app_root}/config/gitlab.yml
-else
- gl_proto="http"
-fi
-
-sed -i \
-"s/gitlab_url: http*:\/\/.*/gitlab_url: ${gl_proto}:\/\/${GITLAB_HOST}/"\
- ${gitlab_shell_root}/config.yml
-
# Check gitlab is configured correctly
su ${gitlab_user} -s /bin/sh -c 'bundle exec rake gitlab:check RAILS_ENV=production'
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/gitlab.git
More information about the Pkg-ruby-extras-commits
mailing list