diff --git a/www/gitlab/Makefile b/www/gitlab/Makefile index ad9f4b7bfb87..0f2eae8a1f53 100644 --- a/www/gitlab/Makefile +++ b/www/gitlab/Makefile @@ -1,551 +1,551 @@ PORTNAME= gitlab-${FLAVOR:Uce} PORTVERSION= ${GITLAB_VERSION} DISTVERSIONPREFIX= v .if ${FLAVOR:U} == ee DISTVERSIONSUFFIX= -ee .endif PORTREVISION= ${GITLAB_PORTREVISION} # modify it in www/gitlab/Makefile.common CATEGORIES= www devel # include patch to fix database migration #https://gitlab.com/gitlab-org/gitlab/-/merge_requests/153560.patch #PATCH_SITES= https://gitlab.com/gitlab-org/gitlab/-/merge_requests/ #PATCHFILES+= 153560.patch:-p1 # https://gitlab.com/gitlab-org/gitlab/-/merge_requests/153560 MAINTAINER= mfechner@FreeBSD.org COMMENT= Web GUI for managing git repositories WWW= https://gitlab.com/ \ https://gitlab.com/gitlab-org/gitlab LICENSE= MIT LICENSE_FILE= ${WRKSRC}/LICENSE # the rubygems of RUN_DEPENDS matches the order of the Gemfile # which makes maintaining this long list much easier! # devel/rubygem-parser is required for database upgrade process # see https://gitlab.com/gitlab-org/gitlab/-/issues/350866 # mail/rubygem-net-smtp is required as ruby 3.1 removed it # textproc/rubygem-psych3 is required as ruby 3.1 applied an update to psych 4.0 which has breaking changes # mail/rubygem-net-pop is required as ruby 3.1 removed it MY_DEPENDS= git>=2.41.0:devel/git \ gitaly>=${GITLAB_VERSION}:devel/gitaly \ gitlab-elasticsearch-indexer>=5.3.0:textproc/gitlab-elasticsearch-indexer \ gitlab-agent>=${GITLAB_VERSION}:net/gitlab-agent \ gitlab-pages>=${GITLAB_VERSION}:www/gitlab-pages \ gitlab-shell>=14.39.0:devel/gitlab-shell \ gitlab-workhorse>=${GITLAB_VERSION}:www/gitlab-workhorse \ redis>=6.2.11:databases/redis \ yarn${NODEJS_SUFFIX}>=1.10.0:www/yarn${NODEJS_SUFFIX} \ gtar>0:archivers/gtar \ bash>0:shells/bash \ rubygem-net-smtp>=0:mail/rubygem-net-smtp \ rubygem-net-pop>=0:mail/rubygem-net-pop \ rubygem-psych3>=3.1<4:textproc/rubygem-psych3 \ rubygem-rails70>=7.0.8.4<7.1:www/rubygem-rails70 \ rubygem-bootsnap>=1.18.3<1.19:devel/rubygem-bootsnap \ rubygem-ffi>=1.17<2:devel/rubygem-ffi \ rubygem-openssl>=3.2.0<4:security/rubygem-openssl \ rubygem-ipaddr>=1.2.5<1.3:net/rubygem-ipaddr \ rubygem-responders-rails70>=3.0<4.0:www/rubygem-responders-rails70 \ rubygem-sprockets3>=3.7.0<3.8:devel/rubygem-sprockets3 \ rubygem-sprockets-rails-rails70>=3.5.1<3.6:devel/rubygem-sprockets-rails-rails70 \ rubygem-view_component-rails70>=3.14.0<3.15:devel/rubygem-view_component-rails70 \ rubygem-pg>=1.5.6<1.6:databases/rubygem-pg \ rubygem-neighbor>=0.3.2<0.4:databases/rubygem-neighbor \ rubygem-rugged>=1.6<2:devel/rubygem-rugged \ rubygem-faraday>=2<3:www/rubygem-faraday \ rubygem-faraday-retry>=2<3:www/rubygem-faraday-retry \ rubygem-logger15>=1.5.3<1.6:devel/rubygem-logger15 \ rubygem-marginalia>=1.11.1<1.12:databases/rubygem-marginalia \ rubygem-declarative_policy>=1.1.0<1.2:security/rubygem-declarative_policy \ rubygem-coverband>=6.1.2<6.1.3:www/rubygem-coverband \ rubygem-devise-rails70>=4.9.3<4.10:devel/rubygem-devise-rails70 \ rubygem-bcrypt>=3.1.14<3.2:security/rubygem-bcrypt \ rubygem-doorkeeper-rails70>=5.6.6<6:security/rubygem-doorkeeper-rails70 \ rubygem-doorkeeper-openid_connect>=1.8.7<2:security/rubygem-doorkeeper-openid_connect \ rubygem-doorkeeper-device_authorization_grant>=1.0.0<1.1:security/rubygem-doorkeeper-device_authorization_grant \ rubygem-rexml>=3.3.2<3.4:textproc/rubygem-rexml \ rubygem-ruby-saml>=1.17.0<1.18:security/rubygem-ruby-saml \ rubygem-omniauth>=2.1.0<3:security/rubygem-omniauth \ rubygem-omniauth-auth0>=3.1.0<3.2.0:net/rubygem-omniauth-auth0 \ rubygem-omniauth-azure-activedirectory-v2>=2.0<3:net/rubygem-omniauth-azure-activedirectory-v2 \ rubygem-omniauth-alicloud>=3.0.0<3.1:security/rubygem-omniauth-alicloud \ rubygem-omniauth-github>=2.0.1<2.1:net/rubygem-omniauth-github \ rubygem-omniauth-google-oauth2>=1.1<2:net/rubygem-omniauth-google-oauth2 \ rubygem-omniauth-oauth2-generic>=0.2.2<0.3.0:security/rubygem-omniauth-oauth2-generic \ rubygem-omniauth-saml>=2.2.1<3:security/rubygem-omniauth-saml \ rubygem-omniauth-shibboleth-redux>=2.0<3:security/rubygem-omniauth-shibboleth-redux \ rubygem-omniauth_openid_connect>=0.8.0<0.9:net/rubygem-omniauth_openid_connect \ rubygem-openid_connect>=2.3.0<2.4:net/rubygem-openid_connect \ rubygem-omniauth-atlassian-oauth2>=0.2.0<0.3:security/rubygem-omniauth-atlassian-oauth2 \ rubygem-rack-oauth2>=2.2.1<2.3:security/rubygem-rack-oauth2 \ rubygem-jwt>=2.5<3:www/rubygem-jwt \ rubygem-gssapi>=1.3.1<1.4:security/rubygem-gssapi \ rubygem-recaptcha>=5.12<6.0:devel/rubygem-recaptcha \ rubygem-akismet>=3.0<4.0:devel/rubygem-akismet \ rubygem-invisible_captcha>=2.1.0<2.2.0:graphics/rubygem-invisible_captcha \ rubygem-devise-two-factor41-rails70>=4.1.1<4.2:security/rubygem-devise-two-factor41-rails70 \ rubygem-rqrcode>=2.2.0<3:www/rubygem-rqrcode \ rubygem-validates_hostname>=1.0.13<1.1.0:dns/rubygem-validates_hostname \ rubygem-rubyzip>=2.3.2<2.4:archivers/rubygem-rubyzip \ rubygem-acme-client>=2.0.18<3:security/rubygem-acme-client \ rubygem-browser5>=5.3.1<5.4:www/rubygem-browser5 \ rubygem-ohai>=18.1<19:sysutils/rubygem-ohai \ rubygem-gpgme>=2.0.24<2.1.0:security/rubygem-gpgme \ rubygem-gitlab_omniauth-ldap>=2.2.0<2.3.0:net/rubygem-gitlab_omniauth-ldap \ rubygem-net-ldap017>=0.17.1<0.18:net/rubygem-net-ldap017 \ rubygem-grape20>=2.0.0<2.1:devel/rubygem-grape20 \ rubygem-grape-entity>=1.0.1<1.1,1:devel/rubygem-grape-entity \ rubygem-grape-swagger>=2.1.0<2.2:devel/rubygem-grape-swagger \ rubygem-grape-swagger-entity>=0.5.1<0.6:devel/rubygem-grape-swagger-entity \ rubygem-grape-path-helpers>=2.0.1<2.1:devel/rubygem-grape-path-helpers \ rubygem-rack-cors>=2.0.1<2.1:www/rubygem-rack-cors \ rubygem-graphql>=2.3.14<2.4:devel/rubygem-graphql \ rubygem-graphiql-rails>=1.10<1.11:devel/rubygem-graphiql-rails \ rubygem-apollo_upload_server>=2.1.6<2.2:net/rubygem-apollo_upload_server \ rubygem-graphlient>=0.8.0<0.9:devel/rubygem-graphlient \ rubygem-ffaker>=2.10<3:devel/rubygem-ffaker \ rubygem-hashie>=5.0.0<5.1:devel/rubygem-hashie \ rubygem-kaminari-rails70>=1.2.2<1.3:www/rubygem-kaminari-rails70 \ rubygem-hamlit>=2.15.0<2.16:www/rubygem-hamlit \ rubygem-carrierwave1>=1.3.4<2.0:www/rubygem-carrierwave1 \ rubygem-mini_magick4>=4.12<5:graphics/rubygem-mini_magick4 \ rubygem-fog-aws328>=3.26<4:net/rubygem-fog-aws328 \ rubygem-fog-core210>=2.1.0<2.1.1:devel/rubygem-fog-core210 \ rubygem-fog-google>=1.24.1<1.25:net/rubygem-fog-google \ rubygem-fog-local>=0.8<1.0:net/rubygem-fog-local \ rubygem-fog-aliyun>=0.4<1.0:net/rubygem-fog-aliyun \ rubygem-gitlab-fog-azure-rm>=2.1.0<2.2:net/rubygem-gitlab-fog-azure-rm \ rubygem-google-apis-storage_v1>=0.29<1:devel/rubygem-google-apis-storage_v1 \ rubygem-google-cloud-storage145>=1.45.0<1.46:net/rubygem-google-cloud-storage145 \ rubygem-google-apis-core>=0.11.2<2:devel/rubygem-google-apis-core \ rubygem-google-apis-compute_v1_057>=0.57.0<0.58:devel/rubygem-google-apis-compute_v1_057 \ rubygem-google-apis-container_v1>=0.43.0<0.44:devel/rubygem-google-apis-container_v1 \ rubygem-google-apis-container_v1beta1>=0.43.0<0.44:devel/rubygem-google-apis-container_v1beta1 \ rubygem-google-apis-cloudbilling_v1>=0.21.0<0.22:devel/rubygem-google-apis-cloudbilling_v1 \ rubygem-google-apis-cloudresourcemanager_v1>=0.31.0<0.32:devel/rubygem-google-apis-cloudresourcemanager_v1 \ rubygem-google-apis-iam_v1>=0.36.0<0.37:devel/rubygem-google-apis-iam_v1 \ rubygem-google-apis-serviceusage_v1>=0.28.0<0.29:devel/rubygem-google-apis-serviceusage_v1 \ rubygem-google-apis-sqladmin_v1beta4_041>=0.41.0<0.42:devel/rubygem-google-apis-sqladmin_v1beta4_041 \ rubygem-google-apis-androidpublisher_v3034>=0.34.0<0.35:devel/rubygem-google-apis-androidpublisher_v3034 \ rubygem-googleauth>=1.8.1<2:security/rubygem-googleauth \ rubygem-google-cloud-artifact_registry-v1>=0.11.0<0.12:textproc/rubygem-google-cloud-artifact_registry-v1 \ rubygem-google-cloud-compute-v1>=2.6.0<2.7:net/rubygem-google-cloud-compute-v1 \ rubygem-seed-fu>=2.3.7<2.4.0:databases/rubygem-seed-fu \ rubygem-elasticsearch-model713>=7.2<8:textproc/rubygem-elasticsearch-model713 \ rubygem-elasticsearch-rails7>=7.2<8:textproc/rubygem-elasticsearch-rails7 \ rubygem-elasticsearch-api7>=7.17.11<7.18:textproc/rubygem-elasticsearch-api7 \ rubygem-aws-sdk-core-gitlab>=3.206.0<3.207:devel/rubygem-aws-sdk-core-gitlab \ rubygem-aws-sdk-cloudformation-gitlab>=1<2:devel/rubygem-aws-sdk-cloudformation-gitlab \ rubygem-aws-sdk-s3-gitlab>=1.163.0<1.164:devel/rubygem-aws-sdk-s3-gitlab \ rubygem-faraday-typhoeus>=1.1<2:www/rubygem-faraday-typhoeus \ rubygem-faraday_middleware-aws-sigv4>=1.0.1<1.1:devel/rubygem-faraday_middleware-aws-sigv4 \ rubygem-typhoeus>=1.4.0<1.5:www/rubygem-typhoeus \ rubygem-html-pipeline>=2.14.3<2.15:textproc/rubygem-html-pipeline \ rubygem-deckar01-task_list>=2.3.4<2.4:www/rubygem-deckar01-task_list \ rubygem-gitlab-markup>=1.9.0<1.10.0:textproc/rubygem-gitlab-markup \ rubygem-commonmarker0>=0.23.10<0.24:textproc/rubygem-commonmarker0 \ rubygem-kramdown23>=2.3.1<2.4:textproc/rubygem-kramdown23 \ rubygem-redcloth>=4.3.3<4.4.0:www/rubygem-redcloth \ rubygem-org-ruby>=0.9.12<0.10.0:textproc/rubygem-org-ruby \ rubygem-creole>=0.5.0<0.6.0:textproc/rubygem-creole \ rubygem-wikicloth081>=0.8.1<0.8.2:textproc/rubygem-wikicloth081 \ rubygem-asciidoctor>=2.0.18<2.1.0:textproc/rubygem-asciidoctor \ rubygem-asciidoctor-include-ext>=0.4.0<0.5.0:textproc/rubygem-asciidoctor-include-ext \ rubygem-asciidoctor-plantuml00>=0.0.16<0.1:textproc/rubygem-asciidoctor-plantuml00 \ rubygem-asciidoctor-kroki>=0.10.0<0.11:textproc/rubygem-asciidoctor-kroki \ rubygem-rouge43>=4.3.0<4.4:textproc/rubygem-rouge43 \ rubygem-truncato>=0.7.12<0.8.0:textproc/rubygem-truncato \ rubygem-tty-prompt>=0.23<1:devel/rubygem-tty-prompt \ rubygem-nokogiri>=1.16<2:textproc/rubygem-nokogiri \ rubygem-gitlab-glfm-markdown>=0.0.21<0.1:textproc/rubygem-gitlab-glfm-markdown \ rubygem-icalendar>=2.10.2<2.11:devel/rubygem-icalendar \ rubygem-diffy>=3.4<4:textproc/rubygem-diffy \ rubygem-rack22>=2.2.9,3<2.3,3:www/rubygem-rack22 \ rubygem-rack-timeout>=0.7.0<0.8:www/rubygem-rack-timeout \ rubygem-puma>=6.4.3<7:www/rubygem-puma \ rubygem-sd_notify>=0.1.1<0.2:devel/rubygem-sd_notify \ rubygem-state_machines-activerecord08>=0.8.0<0.9.0:databases/rubygem-state_machines-activerecord08 \ rubygem-sidekiq72>=7.2.4<7.3:devel/rubygem-sidekiq72 \ rubygem-sidekiq-cron-rails70>=1.12.0<1.13:devel/rubygem-sidekiq-cron-rails70 \ rubygem-fugit18>=1.8.1<1.9:devel/rubygem-fugit18 \ rubygem-httparty021>=0.21.0<0.22:www/rubygem-httparty021 \ rubygem-rainbow>=3.1.1<4.0:devel/rubygem-rainbow \ rubygem-ruby-progressbar>=1.11<2:devel/rubygem-ruby-progressbar \ rubygem-re2>=2.7.0<2.8:devel/rubygem-re2 \ rubygem-semver_dialects>=3.0<4:devel/rubygem-semver_dialects \ rubygem-version_sorter>=2.3<3:textproc/rubygem-version_sorter \ rubygem-js_regex>=3.8<4.0:textproc/rubygem-js_regex \ rubygem-device_detector>=0:devel/rubygem-device_detector \ rubygem-redis-namespace>=1.11.0<1.12:databases/rubygem-redis-namespace \ rubygem-redis>=5.3.0<5.4:databases/rubygem-redis \ rubygem-redis-clustering>=5.3.0<5.4:databases/rubygem-redis-clustering \ rubygem-connection_pool>=2.4.1<3.0:net/rubygem-connection_pool \ rubygem-redis-actionpack-rails70>=5.4.0<5.5:databases/rubygem-redis-actionpack-rails70 \ rubygem-discordrb-webhooks>=3.5<4.0:net-im/rubygem-discordrb-webhooks \ rubygem-jira-ruby>=2.3.0<2.4:devel/rubygem-jira-ruby \ rubygem-atlassian-jwt>=0.2.1<0.3.0:www/rubygem-atlassian-jwt \ rubygem-slack-messenger>=2.3.5<2.4.0:devel/rubygem-slack-messenger \ rubygem-ruby-fogbugz>=0.3.0<0.4.0:devel/rubygem-ruby-fogbugz \ rubygem-kubeclient>=4.11.0<4.12.0:www/rubygem-kubeclient \ rubygem-ruby-openai37>=3.7<4:www/rubygem-ruby-openai37 \ rubygem-circuitbox>=2.0.0<2.1:www/rubygem-circuitbox \ rubygem-sanitize60>=6.0.2<6.1:textproc/rubygem-sanitize60 \ rubygem-babosa>=2.0<3:textproc/rubygem-babosa \ rubygem-loofah222>=2.22.0<2.23:textproc/rubygem-loofah222 \ rubygem-licensee>=9.16<10:devel/rubygem-licensee \ rubygem-charlock_holmes>=0.7.9<0.8:textproc/rubygem-charlock_holmes \ rubygem-ruby-magic>=0.6<1:devel/rubygem-ruby-magic \ rubygem-fast_blank>=1.0.1<1.1:devel/rubygem-fast_blank \ rubygem-gitlab-chronic>=0.10.5<0.11.0:devel/rubygem-gitlab-chronic \ rubygem-gitlab_chronic_duration>=0.12<1:devel/rubygem-gitlab_chronic_duration \ rubygem-rack-proxy>=0.7.7<0.8.0:www/rubygem-rack-proxy \ rubygem-cssbundling-rails-rails70>=1.4.1<1.5:www/rubygem-cssbundling-rails-rails70 \ rubygem-terser>=1.0.2<1.0.3:textproc/rubygem-terser \ rubygem-addressable>=2.8<3:www/rubygem-addressable \ rubygem-tanuki_emoji>=0.9<1:graphics/rubygem-tanuki_emoji \ rubygem-gon-rails70>=6.4.0<6.5:www/rubygem-gon-rails70 \ rubygem-request_store15>=1.5.1<1.6:devel/rubygem-request_store15 \ rubygem-base32>=0.3.0<0.4.0:converters/rubygem-base32 \ rubygem-gitlab-license>=2.5<3:devel/rubygem-gitlab-license \ rubygem-rack-attack>=6.7.0<6.8:www/rubygem-rack-attack \ rubygem-sentry-ruby>=5.19.0<5.20:devel/rubygem-sentry-ruby \ rubygem-sentry-rails>=5.19.0<5.20:devel/rubygem-sentry-rails \ rubygem-sentry-sidekiq>=5.19.0<5.20:devel/rubygem-sentry-sidekiq \ rubygem-pg_query>=5.1.0<5.2:databases/rubygem-pg_query \ rubygem-premailer-rails-rails70>=1.12.0<1.13:mail/rubygem-premailer-rails-rails70 \ rubygem-gitlab-labkit>=0.36.0<0.37:devel/rubygem-gitlab-labkit \ rubygem-thrift>=0.16.0:devel/rubygem-thrift \ rubygem-rails-i18n-rails70>=7.0.9<8:devel/rubygem-rails-i18n-rails70 \ rubygem-gettext_i18n_rails>=1.13.0<1.14:devel/rubygem-gettext_i18n_rails \ rubygem-gettext>=3.4<4:devel/rubygem-gettext \ rubygem-batch-loader>=2.0.5<2.1:devel/rubygem-batch-loader \ rubygem-tty-prompt>=0.23<1:devel/rubygem-tty-prompt \ rubygem-peek-rails70>=1.1<2.0:devel/rubygem-peek-rails70 \ rubygem-snowplow-tracker>=0.8.0<1:devel/rubygem-snowplow-tracker \ rubygem-webrick>=1.8.1<1.9:www/rubygem-webrick \ rubygem-prometheus-client-mmap>=1.1.1<2:devel/rubygem-prometheus-client-mmap \ rubygem-async212>=2.12.1<2.13:devel/rubygem-async212 \ rubygem-gitlab-security_report_schemas>=0.1.2.min15.0.0.max15.2.1<0.1.2.min15.0.0.max15.2.2:devel/rubygem-gitlab-security_report_schemas \ rubygem-opentelemetry-sdk>=1.5.0:devel/rubygem-opentelemetry-sdk \ rubygem-opentelemetry-exporter-otlp>=0.26.3:devel/rubygem-opentelemetry-exporter-otlp \ rubygem-opentelemetry-instrumentation-active_support>=0.6.0:devel/rubygem-opentelemetry-instrumentation-active_support \ rubygem-opentelemetry-instrumentation-action_pack>=0.9.0:devel/rubygem-opentelemetry-instrumentation-action_pack \ rubygem-opentelemetry-instrumentation-active_job>=0.7.7:devel/rubygem-opentelemetry-instrumentation-active_job \ rubygem-opentelemetry-instrumentation-active_record>=0.7.4:devel/rubygem-opentelemetry-instrumentation-active_record \ rubygem-opentelemetry-instrumentation-action_view>=0.7.2:devel/rubygem-opentelemetry-instrumentation-action_view \ rubygem-opentelemetry-instrumentation-aws_sdk>=0.5.4:devel/rubygem-opentelemetry-instrumentation-aws_sdk \ rubygem-opentelemetry-instrumentation-http>=0.23.4:devel/rubygem-opentelemetry-instrumentation-http \ rubygem-opentelemetry-instrumentation-concurrent_ruby>=0.21.4:devel/rubygem-opentelemetry-instrumentation-concurrent_ruby \ rubygem-opentelemetry-instrumentation-ethon>=0.21.8:devel/rubygem-opentelemetry-instrumentation-ethon \ rubygem-opentelemetry-instrumentation-excon>=0.22.4:devel/rubygem-opentelemetry-instrumentation-excon \ rubygem-opentelemetry-instrumentation-faraday>=0.24.6:devel/rubygem-opentelemetry-instrumentation-faraday \ rubygem-opentelemetry-instrumentation-grape>=0.2.0:devel/rubygem-opentelemetry-instrumentation-grape \ rubygem-opentelemetry-instrumentation-graphql>=0.28.4:devel/rubygem-opentelemetry-instrumentation-graphql \ rubygem-opentelemetry-instrumentation-http_client>=0.22.7:devel/rubygem-opentelemetry-instrumentation-http_client \ rubygem-opentelemetry-instrumentation-net_http>=0.22.7:devel/rubygem-opentelemetry-instrumentation-net_http \ rubygem-opentelemetry-instrumentation-pg>=0.28.0:devel/rubygem-opentelemetry-instrumentation-pg \ rubygem-opentelemetry-instrumentation-rack>=0.24.6:devel/rubygem-opentelemetry-instrumentation-rack \ rubygem-opentelemetry-instrumentation-rails>=0.31.2:devel/rubygem-opentelemetry-instrumentation-rails \ rubygem-opentelemetry-instrumentation-rake>=0.2.1:devel/rubygem-opentelemetry-instrumentation-rake \ rubygem-opentelemetry-instrumentation-redis>=0.25.7:devel/rubygem-opentelemetry-instrumentation-redis \ rubygem-opentelemetry-instrumentation-sidekiq>=0.25.7:devel/rubygem-opentelemetry-instrumentation-sidekiq \ rubygem-warning>=1.3.0<1.4:devel/rubygem-warning \ rubygem-gitlab-dangerfiles>=4.8.0<4.9:devel/rubygem-gitlab-dangerfiles \ rubygem-license_finder>=7.0.0<8:devel/rubygem-license_finder \ rubygem-rspec>=3.0<4:devel/rubygem-rspec \ rubygem-octokit>=9.0<10:net/rubygem-octokit \ rubygem-faraday-multipart>=1.0<2:www/rubygem-faraday-multipart \ rubygem-gitlab-mail_room>=0.0.24<0.1.0:mail/rubygem-gitlab-mail_room \ rubygem-email_reply_trimmer>=0.1<1.0:mail/rubygem-email_reply_trimmer \ rubygem-html2text>=0:textproc/rubygem-html2text \ rubygem-stackprof>=0.2.26<0.3:devel/rubygem-stackprof \ rubygem-rbtrace>=0.4.14<1.0:devel/rubygem-rbtrace \ rubygem-memory_profiler>=1.0<2.0:devel/rubygem-memory_profiler \ rubygem-activerecord-explain-analyze>=0.1<1.0:databases/rubygem-activerecord-explain-analyze \ rubygem-oauth2>=2.0<3:net/rubygem-oauth2 \ rubygem-health_check-rails70>=3.0<4:devel/rubygem-health_check-rails70 \ rubygem-vmstat>=2.3.0<2.4.0:sysutils/rubygem-vmstat \ rubygem-sys-filesystem14>=1.4.3<1.5:sysutils/rubygem-sys-filesystem14 \ rubygem-net-ntp>0:net/rubygem-net-ntp \ rubygem-ssh_data>=1.3<2:security/rubygem-ssh_data \ rubygem-spamcheck>=1.3.0<1.4:net/rubygem-spamcheck \ rubygem-gitaly>=17.4.0:net/rubygem-gitaly \ rubygem-gitlab-kas-grpc>=${GITLAB_VERSION}:net/rubygem-gitlab-kas-grpc \ rubygem-grpc>=1.63.0<2:net/rubygem-grpc \ rubygem-google-protobuf3>=3.25.3<4:devel/rubygem-google-protobuf3 \ rubygem-toml-rb>=2.2.0<3:www/rubygem-toml-rb \ rubygem-flipper026>=0.26.2<0.27:devel/rubygem-flipper026 \ rubygem-flipper-active_record-rails70>=0.26.2<0.27:databases/rubygem-flipper-active_record-rails70 \ rubygem-flipper-active_support_cache_store-rails70>=0.26.2<0.27:devel/rubygem-flipper-active_support_cache_store-rails70 \ rubygem-unleash>=3.2.2<3.3:devel/rubygem-unleash \ rubygem-gitlab-experiment>=0.9.1<0.10:devel/rubygem-gitlab-experiment \ rubygem-lograge-rails70>=0.11.2<1.0:www/rubygem-lograge-rails70 \ rubygem-grape_logging>=1.8.4<2.0:devel/rubygem-grape_logging \ rubygem-gitlab-net-dns>=0.9.2<0.10:dns/rubygem-gitlab-net-dns \ rubygem-countries>=4.1.3<4.2.0:devel/rubygem-countries \ rubygem-retriable>=3.1.2<3.2.0:devel/rubygem-retriable \ rubygem-lru_redux>0:devel/rubygem-lru_redux \ rubygem-mail>=2.8.1<2.8.2,2:mail/rubygem-mail \ rubygem-lockbox>=1.3.0<1.4:security/rubygem-lockbox \ rubygem-valid_email>=0.1<1:mail/rubygem-valid_email \ rubygem-jsonb_accessor>=1.3.10<1.4:www/rubygem-jsonb_accessor \ rubygem-json>=2.7.2<2.8:devel/rubygem-json \ rubygem-json_schemer>=2.3.0<2.4:devel/rubygem-json_schemer \ rubygem-oj313>=3.13.21<3.14:devel/rubygem-oj313 \ rubygem-oj-introspect>=0.7<1:devel/rubygem-oj-introspect \ rubygem-multi_json114>=1.14.1<1.15:devel/rubygem-multi_json114 \ rubygem-yajl-ruby>=1.4.3<1.5:devel/rubygem-yajl-ruby \ rubygem-webauthn>=3.0<4:security/rubygem-webauthn \ rubygem-ipaddress>=0.8.3<0.9:net/rubygem-ipaddress \ rubygem-parslet1>=1.8<2:textproc/rubygem-parslet1 \ rubygem-ed25519>=1.3.0<1.4:security/rubygem-ed25519 \ rubygem-parser>=3.3.0.5:devel/rubygem-parser \ rubygem-cvss-suite>=3.0.1<3.1:security/rubygem-cvss-suite \ rubygem-arr-pm>=0.0.12<0.1:devel/rubygem-arr-pm \ rubygem-devfile>=0.0.28.p.a1<0.0.29:net/rubygem-devfile \ rubygem-CFPropertyList>=3.0.0<3.1:devel/rubygem-CFPropertyList \ rubygem-app_store_connect>=0:net/rubygem-app_store_connect \ rubygem-telesignenterprise>=2.2<3:devel/rubygem-telesignenterprise \ rubygem-net-protocol01>=0.1.3<0.2:net/rubygem-net-protocol01 \ rubygem-net-http>=0.4.1<0.4.2:www/rubygem-net-http \ rubygem-duo_api>=1.3<2:security/rubygem-duo_api \ rubygem-gitlab-sdk>=0.3.0<0.4:devel/rubygem-gitlab-sdk \ rubygem-paper_trail>=15.0<16:devel/rubygem-paper_trail \ rubygem-i18n_data>=0.13.1<1:devel/rubygem-i18n_data \ rubygem-google-cloud-profiler-v2>=0.3<1:textproc/rubygem-google-cloud-profiler-v2 \ rubygem-parallel>=1.22<2:sysutils/rubygem-parallel \ rubygem-google-cloud-storage_transfer12>=1.2.0<1.3:net/rubygem-google-cloud-storage_transfer12 \ rubygem-minitest>=5.11<6:devel/rubygem-minitest BUILD_DEPENDS= gem:devel/ruby-gems \ ${MY_DEPENDS} RUN_DEPENDS= gmake>=4.4.1:devel/gmake \ ${MY_DEPENDS} FLAVORS= ce ee FLAVOR?= ${FLAVORS:[1]} USES= nodejs:env python:run ruby shebangfix USE_GITLAB= yes GL_ACCOUNT= gitlab-org .if ${FLAVOR:U} == ee GL_PROJECT= gitlab .else # ce GL_PROJECT= gitlab-foss .endif USE_RC_SUBR= gitlab SHEBANG_FILES= scripts/build_qa_image \ scripts/build_gdk_image \ scripts/db_tasks \ scripts/rails-update-bisect \ scripts/generate-e2e-pipeline \ scripts/frontend/execute-on-staged-files.sh \ scripts/frontend/start_storybook.sh \ scripts/partitioning/generate-fk \ scripts/validate-monorepo-gem \ .lefthook/gitleaks.sh \ .lefthook/pre-push/merge_conflicts \ qa/gdk/entrypoint \ qa/bin/test \ vendor/gems/bundler-checksum/test/project_with_checksum_lock/scripts/test CONFLICTS_INSTALL= gitolite \ gitolite2 \ gogs \ gitea \ gitosis # We install the CE and EE flavor in the same directory WWWDIR= ${PREFIX}/www/gitlab NO_ARCH= yes NO_BUILD= yes USERS= git GROUPS= git OPTIONS_DEFINE= KERBEROS OPTIONS_DEFAULT= KERBEROS KERBEROS_BUILD_DEPENDS= rubygem-timfel-krb5-auth>=0.8<1:security/rubygem-timfel-krb5 KERBEROS_RUN_DEPENDS= rubygem-timfel-krb5-auth>=0.8<1:security/rubygem-timfel-krb5 KERBEROS_EXTRA_PATCHES_OFF= ${FILESDIR}/extra-patch-Gemfile-kerberos-off post-patch: - ${REINPLACE_CMD} -e "s|%%PREFIX%%|${PREFIX}|" -e "s|%%WWWDIR%%|${WWWDIR}|" ${WRKSRC}/config/gitlab.yml.example \ + ${REINPLACE_CMD} -e "s|%%PREFIX%%|${PREFIX}|" -e "s|%%LOCALBASE%%|${LOCALBASE}|" -e "s|%%WWWDIR%%|${WWWDIR}|" ${WRKSRC}/config/gitlab.yml.example \ ${WRKSRC}/config/puma.rb.example \ ${WRKSRC}/lib/support/nginx/gitlab \ ${WRKSRC}/lib/support/nginx/gitlab-ssl # Remove symlink a create a file with content ${RM} ${WRKSRC}/GITLAB_WORKHORSE_VERSION ${ECHO} ${PORTVERSION} > ${WRKSRC}/GITLAB_WORKHORSE_VERSION do-install: ${CP} ${WRKSRC}/config/database.yml.postgresql ${WRKSRC}/config/database.yml.sample # TODO: Vendored gems are installing binaries not into STAGEDIR, this needs to be fixed. # As intermediate solution, the binaries are not disabled by patches #(cd ${WRKSRC} && ${RM} Gemfile.lock && bundle config set path ${STAGEDIR}${PREFIX}/lib/ruby/gems/${RUBY_VER} && ${WRK_ENV} ${GEM_ENV} bundle install --local) (cd ${WRKSRC} && bundle config set --local bin .bin) # should skip development and test, but does not work #(cd ${WRKSRC} && bundle config set --local without development test) #(cd ${WRKSRC} && cat .bundle/config) (cd ${WRKSRC} && ${RM} Gemfile.lock && ${WRK_ENV} ${GEM_ENV} bundle install --local) (cd ${WRKSRC} && bundle binstubs --all --path .bin) ${RM} -R ${WRKSRC}/workhorse # remove vendored sidekiq gem as it breaks gitlab 17.1.0 for FreeBSD # See also: https://gitlab.com/gitlab-org/gitlab/-/issues/468435 #${RM} -R ${WRKSRC}/vendor/gems/sidekiq-7.1.6 ${FIND} ${WRKSRC} -name '*.orig' -delete ${FIND} ${WRKSRC} -name '*.bak' -delete ${FIND} ${WRKSRC} -name '*.gitkeep' -delete ${FIND} ${WRKSRC} -name '*.gitignore' -delete ${FIND} ${WRKSRC} -name "Gemfile.lock" -delete ${MV} ${WRKSRC}/config/initializers/relative_url.rb.sample ${WRKSRC}/config/initializers/relative_url.rb.example # get files for workdir with: find . -name "*.example" | sort ${MV} ${WRKSRC}/config/cable.yml.example ${WRKSRC}/config/cable.yml.sample ${MV} ${WRKSRC}/config/gitlab.yml.example ${WRKSRC}/config/gitlab.yml.sample ${MV} ${WRKSRC}/config/initializers/devise_password_length.rb.example ${WRKSRC}/config/initializers/devise_password_length.rb.sample ${MV} ${WRKSRC}/config/puma.rb.example ${WRKSRC}/config/puma.rb.sample ${MV} ${WRKSRC}/config/redis.yml.example ${WRKSRC}/config/redis.yml.sample ${MV} ${WRKSRC}/config/resque.yml.example ${WRKSRC}/config/resque.yml.sample ${MV} ${WRKSRC}/config/secrets.yml.example ${WRKSRC}/config/secrets.yml.sample ${MV} ${WRKSRC}/config/session_store.yml.example ${WRKSRC}/config/session_store.yml.sample ${MV} ${WRKSRC}/config/sidekiq.yml.example ${WRKSRC}/config/sidekiq.yml.sample ${MV} ${WRKSRC}/lib/support/nginx/gitlab ${WRKSRC}/lib/support/nginx/gitlab.sample ${MV} ${WRKSRC}/lib/support/nginx/gitlab-ssl ${WRKSRC}/lib/support/nginx/gitlab-ssl.sample ${MV} ${WRKSRC}/public/robots.txt ${WRKSRC}/public/robots.txt.sample ${MKDIR} ${STAGEDIR}${WWWDIR}/app/assets/builds ${MKDIR} ${STAGEDIR}${WWWDIR}/config/helpers/tailwind ${MKDIR} ${STAGEDIR}${WWWDIR}/public/assets ${MKDIR} ${STAGEDIR}${WWWDIR}/public/uploads ${MKDIR} ${STAGEDIR}${WWWDIR}/tmp/cache ${MKDIR} ${STAGEDIR}${WWWDIR}/tmp/sessions ${MKDIR} ${STAGEDIR}${WWWDIR}/tmp/backups ${MKDIR} ${STAGEDIR}${WWWDIR}/tmp/sockets/private/internal ${MKDIR} ${STAGEDIR}${WWWDIR}/shared/tmp ${MKDIR} ${STAGEDIR}${WWWDIR}/shared/artifacts/tmp/work ${MKDIR} ${STAGEDIR}${WWWDIR}/vendor/assets/stylesheets ${MKDIR} ${STAGEDIR}${WWWDIR}/workhorse/changelogs/unreleased # Skip file having an executable bit (cd ${WRKSRC} && ${COPYTREE_SHARE} . ${STAGEDIR}${WWWDIR} "-not ( -type f -perm -a=x )") # now copy all files having an execution bit and preserve to x bit (this fixes some issues we saw) (cd ${WRKSRC} && ${COPYTREE_BIN} . ${STAGEDIR}${WWWDIR} "-type f -perm -a=x") post-install: ${FIND} -s ${STAGEDIR}${WWWDIR} -not -type d | ${SORT} | \ ${SED} -e 's#^${STAGEDIR}${PREFIX}/##' | \ ${SED} -E -e '/sample$$/ s#^#@sample #; \ /secrets.yml.sample$$/ s#^@sample #@sample(git,www,0600) #; \ s#${WWWDIR_REL}/bin#@(git,,544) ${WWWDIR_REL}/bin#; \ /db\/schema.rb$$|gitlab.po$$|gitlab.pot$$|gitlab.po.time_stamp$$|locale\/index.js$$/ s#^#@(git,,) #;' >> ${TMPPLIST} @${ECHO_CMD} "@owner git" >> ${TMPPLIST} @${ECHO_CMD} "@group www" >> ${TMPPLIST} @${ECHO_CMD} "@dir(git,git) ${WWWDIR_REL}/" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/app/assets/builds/" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/app/assets/images/auth_buttons/" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/app/assets/javascripts/locale/" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/app/assets/javascripts/pipeline_wizard/templates/" >> ${TMPPLIST} @${ECHO_CMD} "@dir(git,git,554) ${WWWDIR_REL}/bin" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/config" >> ${TMPPLIST} @${ECHO_CMD} "@dir(git,git,755) ${WWWDIR_REL}/config/helpers/tailwind" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/builds" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/lib/assets" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/bg" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/de" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/eo" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/es" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/fil_PH" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/fr" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/id_ID" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/it" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/ja" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/ko" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/nl_NL" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/pl_PL" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/pt_BR" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/ru" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/tr_TR" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/uk" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/zh_CN" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/zh_HK" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/zh_TW" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/log" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/public" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/public/assets" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/public/uploads" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/api/2_plan" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/api/4_verify" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/api/5_package" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/api/6_release" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/api/7_configure" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/api/8_monitor" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/browser_ui/5_package" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/browser_ui/8_monitor" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/tmp" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/spec/support/gitlab-git-test.git/refs/heads" >> ${TMPPLIST} @${ECHO_CMD} "@dir ${WWWDIR_REL}/spec/support/gitlab-git-test.git/refs/tags" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,755) ${WWWDIR_REL}/shared" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/artifacts" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/artifacts/tmp" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/artifacts/tmp/cache" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/artifacts/tmp/uploads" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/artifacts/tmp/work" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/ci_secure_files" >> ${TMPPLIST} # TODO: Maybe we need to add here a new dir: ${WWWDIR_REL}/shared/external-diffs @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/shared/packages" >> ${TMPPLIST} @${ECHO_CMD} "@group gitlab-pages" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/shared/pages" >> ${TMPPLIST} @${ECHO_CMD} "@group www" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/terraform_state" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/tmp" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/lfs-objects" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/registry" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/backups" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/cache" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/feature_flags" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/pids" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/prometheus_multiproc_dir" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/prometheus_multiproc_dir/puma" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/prometheus_multiproc_dir/sidekiq" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/prometheus_multiproc_dir/unicorn" >> ${TMPPLIST} #@${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/run" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/sessions" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/sockets" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/sockets/private" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/sockets/private/internal" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/vendor" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/vendor/assets" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/vendor/assets/stylesheets" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/workhorse/changelogs/unreleased" >> ${TMPPLIST} .if ${FLAVOR:U} == ee # Gitlab-ee version @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/gems/gitlab-backup-cli/tmp" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/qa/qa/specs/features/ee/api/4_verify" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/qa/qa/specs/features/ee/api/5_package" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/qa/qa/specs/features/ee/api/6_release" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/qa/qa/specs/features/ee/api/8_monitor" >> ${TMPPLIST} @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/qa/qa/specs/features/ee/browser_ui/7_configure" >> ${TMPPLIST} .endif .if !defined(_GITLAB_MAKESUM_GUARD) makesum: ${MAKE} -D_GITLAB_MAKESUM_GUARD makesum DISTINFO_FILE=${.CURDIR}/distinfo FLAVOR=ce ${MAKE} -D_GITLAB_MAKESUM_GUARD makesum DISTINFO_FILE=${.CURDIR}/distinfo.ee FLAVOR=ee ${CAT} ${.CURDIR}/distinfo.ee >> ${.CURDIR}/distinfo ${RM} ${.CURDIR}/distinfo.ee (cd ../../devel/gitaly && ${MAKE} makesum) (cd ../../net/gitlab-agent && ${MAKE} makesum) (cd ../../www/gitlab-pages && ${MAKE} makesum) (cd ../../www/gitlab-workhorse && ${MAKE} makesum) (cd ../../net/rubygem-gitlab-kas-grpc && ${MAKE} makesum) .endif .include "${.CURDIR}/Makefile.common" .include diff --git a/www/gitlab/files/gitlab.in b/www/gitlab/files/gitlab.in index 3087d86fb25a..a386086fb70c 100644 --- a/www/gitlab/files/gitlab.in +++ b/www/gitlab/files/gitlab.in @@ -1,572 +1,572 @@ #! /bin/sh ### BEGIN INIT INFO # Provides: gitlab # Required-Start: $local_fs $remote_fs $network $syslog redis-server # Required-Stop: $local_fs $remote_fs $network $syslog # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: GitLab git repository management # Description: GitLab git repository management # chkconfig: - 85 14 ### END INIT INFO # Maintainer: Matthias Fechner # Based on work of: @charlienewey, rovanion.luckey@gmail.com, @randx, @tz # PROVIDE: gitlab # REQUIRE: LOGIN redis # KEYWORD: shutdown # # Add the following line to /etc/rc.conf to enable GitLab: # # gitlab_enable="YES" PATH="/sbin:/bin:/usr/sbin:/usr/bin:%%LOCALBASE%%/sbin:%%LOCALBASE%%/bin" . /etc/rc.subr name=gitlab rcvar=gitlab_enable extra_commands=status status_cmd="print_status" start_cmd="start_gitlab" stop_cmd="stop_gitlab" restart_cmd="restart_gitlab" service_args="$@" restart_precmd=${name}_init start_precmd=${name}_init stop_precmd=${name}_init : ${gitlab_enable:="NO"} : ${gitlab_authBackend:="http://127.0.0.1:8080"} : ${gitlab_workhorse_tcp:="NO"} : ${gitlab_workhorse_addr:="127.0.0.1:8181"} : ${gitlab_mail_room_enable:="NO"} : ${gitlab_allow_conflicts:="NO"} : ${gitlab_wait:="120"} : ${gitlab_svcj_options:="net_basic"} load_rc_config $name ### Environment variables RAILS_ENV=${RAILS_ENV:-'production'} SIDEKIQ_WORKERS=${SIDEKIQ_WORKERS:-1} USE_WEB_SERVER=${USE_WEB_SERVER:-'puma'} case "${USE_WEB_SERVER}" in puma|unicorn) use_web_server="$USE_WEB_SERVER" ;; *) echo "Unsupported web server '${USE_WEB_SERVER}' (Allowed: 'puma', 'unicorn')" 1>&2 exit 1 ;; esac # Script variable names should be lower-case not to conflict with # internal /bin/sh variables such as PATH, EDITOR or SHELL. app_user="git" app_root="%%WWWDIR%%" pid_path="$app_root/tmp/pids" socket_path="$app_root/tmp/sockets" rails_socket="$socket_path/gitlab.socket" web_server_pid_path="$pid_path/$use_web_server.pid" if checkyesno gitlab_mail_room_enable; then mail_room_enabled=true else mail_room_enabled=false fi mail_room_pid_path="$pid_path/mail_room.pid" gitlab_workhorse_dir=$(cd $app_root/../gitlab-workhorse 2> /dev/null && pwd) gitlab_workhorse_pid_path="$pid_path/gitlab-workhorse.pid" if checkyesno gitlab_workhorse_tcp; then gitlab_workhorse_listen="-listenNetwork tcp -listenAddr $gitlab_workhorse_addr" else gitlab_workhorse_listen="-listenNetwork unix -listenAddr $socket_path/gitlab-workhorse.socket" fi gitlab_workhorse_options="-listenUmask 0 $gitlab_workhorse_listen -authBackend $gitlab_authBackend -authSocket $rails_socket -documentRoot $app_root/public" gitlab_workhorse_log="$app_root/log/gitlab-workhorse.log" gitlab_pages_enabled=false gitlab_pages_dir=$(cd $app_root/../gitlab-pages 2> /dev/null && pwd) gitlab_pages_pid_path="$pid_path/gitlab-pages.pid" gitlab_pages_options="-pages-domain example.com -pages-root $app_root/shared/pages -listen-proxy 127.0.0.1:8090" gitlab_pages_log="$app_root/log/gitlab-pages.log" -shell_path="%%PREFIX%%/bin/bash" +shell_path="%%LOCALBASE%%/bin/bash" gitaly_enabled=true -gitaly_dir="%%PREFIX%%/share/gitaly" +gitaly_dir="%%LOCALBASE%%/share/gitaly" gitaly_pid_path="$pid_path/gitaly.pid" gitaly_log="$app_root/log/gitaly.log" sidekiq_pid_path="$pid_path/sidekiq-cluster.pid" ### Init Script functions ## Gets the pids from the files check_pids(){ if ! mkdir -p "$pid_path"; then echo "Could not create the path $pid_path needed to store the pids." exit 1 fi # If there exists a file which should hold the value of the web server pid: read it. if [ -f "$web_server_pid_path" ]; then wpid=$(cat "$web_server_pid_path") else wpid=0 fi if [ -f "$sidekiq_pid_path" ]; then spid=$(cat "$sidekiq_pid_path") else spid=0 fi if [ -f "$gitlab_workhorse_pid_path" ]; then hpid=$(cat "$gitlab_workhorse_pid_path") else hpid=0 fi if [ "$mail_room_enabled" = true ]; then if [ -f "$mail_room_pid_path" ]; then mpid=$(cat "$mail_room_pid_path") else mpid=0 fi fi if [ "$gitlab_pages_enabled" = true ]; then if [ -f "$gitlab_pages_pid_path" ]; then gppid=$(cat "$gitlab_pages_pid_path") else gppid=0 fi fi if [ "$gitaly_enabled" = true ]; then if [ -f "$gitaly_pid_path" ]; then gapid=$(cat "$gitaly_pid_path") else gapid=0 fi fi } gitlab_init(){ # Read configuration variable file if it is present test -f /etc/default/gitlab && . /etc/default/gitlab # Check if other colliding packages are installed if `/usr/sbin/pkg -N info -e gogs` && [ $? -eq 0 ]; then echo "WARNING: Gitlab cannot run together with gogs as both of them modify .ssh/authorized_keys" if checkyesno gitlab_allow_conflicts; then echo "but start as overwritten" else echo "you can overwrite this with: sysrc gitlab_allow_conflicts=YES" exit 1 fi fi if `/usr/sbin/pkg -N info -e "gitolite*"` && [ $? -eq 0 ]; then echo "WARNING: Gitlab cannot run together with gitolite as both of them modify .ssh/authorized_keys" if checkyesno gitlab_allow_conflicts; then echo "but start as overwritten" else echo "you can overwrite this with: sysrc gitlab_allow_conflicts=YES" exit 1 fi fi if `/usr/sbin/pkg -N info -e "*gitosis*"` && [ $? -eq 0 ]; then echo "WARNING: Gitlab cannot run together with py-gitosis as both of them modify .ssh/authorized_keys" if checkyesno gitlab_allow_conflicts; then echo "but start as overwritten" else echo "you can overwrite this with: sysrc gitlab_allow_conflicts=YES" exit 1 fi fi if `/usr/sbin/pkg -N info -e gitea` && [ $? -eq 0 ]; then echo "WARNING: Gitlab cannot run together with gitea as both of them modify .ssh/authorized_keys" if checkyesno gitlab_allow_conflicts; then echo "but start as overwritten" else echo "you can overwrite this with: sysrc gitlab_allow_conflicts=YES" exit 1 fi fi # Switch to the app_user if it is not he/she who is running the script. if [ "$USER" != "$app_user" ]; then # Regenerate the Gemfile.lock for all related products # echo "Regenerate Gitlab Gemfile.lock" rm -f "${app_root}"/Gemfile.lock #su -l root -c "cd ${app_root} && %%LOCALBASE%%/bin/bundle config set --local without development test" if ! su -l root -c "cd ${app_root} && %%LOCALBASE%%/bin/bundle install --local --quiet"; then echo "Could not create Gemfile.lock for gitlab, please report this using FreeBSD Bugtracker, https://bugs.freebsd.org/" exit 1 fi chown git "${app_root}"/Gemfile.lock eval su - "$app_user" -c $(echo \")%%LOCALBASE%%/etc/rc.d/gitlab "${service_args}"$(echo \"); exit; fi # Switch to the gitlab path, exit on failure. if ! cd "$app_root" ; then echo "Failed to cd into $app_root, exiting!"; exit 1 fi # We use the pids in so many parts of the script it makes sense to always check them. # Only after start() is run should the pids change. Sidekiq sets its own pid. check_pids } ## Called when we have started the two processes and are waiting for their pid files. wait_for_pids(){ # We are sleeping a bit here mostly because sidekiq is slow at writing its pid i=0 while [ ! -f $web_server_pid_path ] || [ ! -f $sidekiq_pid_path ] || [ ! -f $gitlab_workhorse_pid_path ] || { [ "$mail_room_enabled" = true ] && [ ! -f $mail_room_pid_path ]; } || { [ "$gitlab_pages_enabled" = true ] && [ ! -f $gitlab_pages_pid_path ]; } || { [ "$gitaly_enabled" = true ] && [ ! -f $gitaly_pid_path ]; }; do echo -n "." if [ $((i)) = "$gitlab_wait" ]; then echo echo "Waited ${i}s for the processes to write their pids, something probably went wrong." exit 1; fi sleep 1 i=$((i+1)) done echo echo "Started in ${i}s." } ## Checks whether the different parts of the service are already running or not. check_status(){ check_pids # If the web server is running kill -0 $wpid returns true, or rather 0. # Checks of *_status should only check for == 0 or != 0, never anything else. if [ $wpid -ne 0 ]; then kill -0 "$wpid" 2>/dev/null web_status="$?" else web_status="-1" fi if [ $spid -ne 0 ]; then kill -0 "$spid" 2>/dev/null sidekiq_status="$?" else sidekiq_status="-1" fi if [ $hpid -ne 0 ]; then kill -0 "$hpid" 2>/dev/null gitlab_workhorse_status="$?" else gitlab_workhorse_status="-1" fi if [ "$mail_room_enabled" = true ]; then if [ $mpid -ne 0 ]; then kill -0 "$mpid" 2>/dev/null mail_room_status="$?" else mail_room_status="-1" fi fi if [ "$gitlab_pages_enabled" = true ]; then if [ $gppid -ne 0 ]; then kill -0 "$gppid" 2>/dev/null gitlab_pages_status="$?" else gitlab_pages_status="-1" fi fi if [ "$gitaly_enabled" = true ]; then if [ $gapid -ne 0 ]; then kill -0 "$gapid" 2>/dev/null gitaly_status="$?" else gitaly_status="-1" fi fi if [ $web_status = 0 ] && [ $sidekiq_status = 0 ] && [ $gitlab_workhorse_status = 0 ] && { [ "$mail_room_enabled" != true ] || [ $mail_room_status = 0 ]; } && { [ "$gitlab_pages_enabled" != true ] || [ $gitlab_pages_status = 0 ]; } && { [ "$gitaly_enabled" != true ] || [ $gitaly_status = 0 ]; }; then gitlab_status=0 else # http://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html # code 3 means 'program is not running' gitlab_status=3 fi } ## Check for stale pids and remove them if necessary. check_stale_pids(){ check_status # If there is a pid it is something else than 0, the service is running if # *_status is == 0. if [ "$wpid" != "0" ] && [ "$web_status" != "0" ]; then echo "Removing stale web server pid. This is most likely caused by the web server crashing the last time it ran." if ! rm "$web_server_pid_path"; then echo "Unable to remove stale pid, exiting." exit 1 fi fi if [ "$spid" != "0" ] && [ "$sidekiq_status" != "0" ]; then echo "Removing stale Sidekiq job dispatcher pid. This is most likely caused by Sidekiq crashing the last time it ran." if ! rm "$sidekiq_pid_path"; then echo "Unable to remove stale pid, exiting" exit 1 fi fi if [ "$hpid" != "0" ] && [ "$gitlab_workhorse_status" != "0" ]; then echo "Removing stale GitLab Workhorse pid. This is most likely caused by GitLab Workhorse crashing the last time it ran." if ! rm "$gitlab_workhorse_pid_path"; then echo "Unable to remove stale pid, exiting" exit 1 fi fi if [ "$mail_room_enabled" = true ] && [ "$mpid" != "0" ] && [ "$mail_room_status" != "0" ]; then echo "Removing stale MailRoom job dispatcher pid. This is most likely caused by MailRoom crashing the last time it ran." if ! rm "$mail_room_pid_path"; then echo "Unable to remove stale pid, exiting" exit 1 fi fi if [ "$gitlab_pages_enabled" = true ] && [ "$gppid" != "0" ] && [ "$gitlab_pages_status" != "0" ]; then echo "Removing stale GitLab Pages job dispatcher pid. This is most likely caused by GitLab Pages crashing the last time it ran." if ! rm "$gitlab_pages_pid_path"; then echo "Unable to remove stale pid, exiting" exit 1 fi fi if [ "$gitaly_enabled" = true ] && [ "$gapid" != "0" ] && [ "$gitaly_status" != "0" ]; then echo "Removing stale Gitaly pid. This is most likely caused by Gitaly crashing the last time it ran." if ! rm "$gitaly_pid_path"; then echo "Unable to remove stale pid, exiting" exit 1 fi fi } ## If no parts of the service is running, bail out. exit_if_not_running(){ check_stale_pids if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; } && { [ "$gitlab_pages_enabled" != true ] || [ "$gitlab_pages_status" != "0" ]; } && { [ "$gitaly_enabled" != true ] || [ "$gitaly_status" != "0" ]; }; then echo "GitLab is not running." exit fi } ## Starts web server and Sidekiq if they're not running. start_gitlab() { check_stale_pids if [ "$web_status" != "0" ]; then echo "Starting GitLab web server ($use_web_server)" fi if [ "$sidekiq_status" != "0" ]; then echo "Starting GitLab Sidekiq" fi if [ "$gitlab_workhorse_status" != "0" ]; then echo "Starting GitLab Workhorse" fi if [ "$mail_room_enabled" = true ] && [ "$mail_room_status" != "0" ]; then echo "Starting GitLab MailRoom" fi if [ "$gitlab_pages_enabled" = true ] && [ "$gitlab_pages_status" != "0" ]; then echo "Starting GitLab Pages" fi if [ "$gitaly_enabled" = true ] && [ "$gitaly_status" != "0" ]; then echo "Starting Gitaly" fi # Then check if the service is running. If it is: don't start again. if [ "$web_status" = "0" ]; then echo "The web server already running with pid $wpid, not restarting." else # Remove old socket if it exists rm -f "$rails_socket" 2>/dev/null # Start the web server RAILS_ENV=$RAILS_ENV USE_WEB_SERVER=$use_web_server bin/web start fi # If sidekiq is already running, don't start it again. if [ "$sidekiq_status" = "0" ]; then echo "The Sidekiq job dispatcher is already running with pid $spid, not restarting" else RAILS_ENV=$RAILS_ENV SIDEKIQ_WORKERS=$SIDEKIQ_WORKERS bin/background_jobs start > /dev/null & fi if [ "$gitlab_workhorse_status" = "0" ]; then echo "The GitLab Workhorse is already running with pid $hpid, not restarting" else # No need to remove a socket, gitlab-workhorse does this itself. # Because gitlab-workhorse has multiple executables we need to fix # the PATH. $app_root/bin/daemon_with_pidfile $gitlab_workhorse_pid_path \ /usr/bin/env PATH=$gitlab_workhorse_dir:$PATH \ gitlab-workhorse $gitlab_workhorse_options \ >> $gitlab_workhorse_log 2>&1 & fi if [ "$mail_room_enabled" = true ]; then # If MailRoom is already running, don't start it again. if [ "$mail_room_status" = "0" ]; then echo "The MailRoom email processor is already running with pid $mpid, not restarting" else RAILS_ENV=$RAILS_ENV bin/mail_room start & fi fi if [ "$gitlab_pages_enabled" = true ]; then if [ "$gitlab_pages_status" = "0" ]; then echo "The GitLab Pages is already running with pid $gppid, not restarting" else $app_root/bin/daemon_with_pidfile $gitlab_pages_pid_path \ $gitlab_pages_dir/gitlab-pages $gitlab_pages_options \ >> $gitlab_pages_log 2>&1 & fi fi if [ "$gitaly_enabled" = true ]; then if [ "$gitaly_status" = "0" ]; then echo "Gitaly is already running with pid $gapid, not restarting" else $app_root/bin/daemon_with_pidfile $gitaly_pid_path \ $gitaly_dir/bin/gitaly $gitaly_dir/config.toml >> $gitaly_log 2>&1 & fi fi # Wait for the pids to be planted wait_for_pids # Finally check the status to tell wether or not GitLab is running print_status } ## Asks web server, Sidekiq and MailRoom if they would be so kind as to stop, if not kills them. stop_gitlab() { exit_if_not_running if [ "$web_status" = "0" ]; then echo "Shutting down GitLab web server" RAILS_ENV=$RAILS_ENV USE_WEB_SERVER=$use_web_server bin/web stop fi if [ "$sidekiq_status" = "0" ]; then echo "Shutting down GitLab Sidekiq" RAILS_ENV=$RAILS_ENV SIDEKIQ_WORKERS=$SIDEKIQ_WORKERS bin/background_jobs stop fi if [ "$gitlab_workhorse_status" = "0" ]; then echo "Shutting down GitLab Workhorse" kill -- $(cat $gitlab_workhorse_pid_path) fi if [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; then echo "Shutting down GitLab MailRoom" RAILS_ENV=$RAILS_ENV bin/mail_room stop fi if [ "$gitlab_pages_status" = "0" ]; then echo "Shutting down gitlab-pages" kill -- $(cat $gitlab_pages_pid_path) fi if [ "$gitaly_status" = "0" ]; then echo "Shutting down Gitaly" kill -- $(cat $gitaly_pid_path) fi # If something needs to be stopped, lets wait for it to stop. Never use SIGKILL in a script. while [ "$web_status" = "0" ] || [ "$sidekiq_status" = "0" ] || [ "$gitlab_workhorse_status" = "0" ] || { [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; } || { [ "$gitlab_pages_enabled" = true ] && [ "$gitlab_pages_status" = "0" ]; } || { [ "$gitaly_enabled" = true ] && [ "$gitaly_status" = "0" ]; }; do sleep 1 check_status printf "." if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; } && { [ "$gitlab_pages_enabled" != true ] || [ "$gitlab_pages_status" != "0" ]; } && { [ "$gitaly_enabled" != true ] || [ "$gitaly_status" != "0" ]; }; then printf "\n" break fi done sleep 1 # Cleaning up unused pids rm "$web_server_pid_path" 2>/dev/null # rm "$sidekiq_pid_path" 2>/dev/null # Sidekiq seems to be cleaning up its own pid. rm -f "$gitlab_workhorse_pid_path" if [ "$mail_room_enabled" = true ]; then rm "$mail_room_pid_path" 2>/dev/null fi rm -f "$gitlab_pages_pid_path" rm -f "$gitaly_pid_path" print_status } ## Prints the status of GitLab and its components. print_status() { check_status if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; } && { [ "$gitlab_pages_enabled" != true ] || [ "$gitlab_pages_status" != "0" ]; } && { [ "$gitaly_enabled" != true ] || [ "$gitaly_status" != "0" ]; }; then echo "GitLab is not running." return fi if [ "$web_status" = "0" ]; then echo "The GitLab web server with pid $wpid is running." else printf "The GitLab web server is \033[31mnot running\033[0m.\n" fi if [ "$sidekiq_status" = "0" ]; then echo "The GitLab Sidekiq job dispatcher with pid $spid is running." else printf "The GitLab Sidekiq job dispatcher is \033[31mnot running\033[0m.\n" fi if [ "$gitlab_workhorse_status" = "0" ]; then echo "The GitLab Workhorse with pid $hpid is running." else printf "The GitLab Workhorse is \033[31mnot running\033[0m.\n" fi if [ "$mail_room_enabled" = true ]; then if [ "$mail_room_status" = "0" ]; then echo "The GitLab MailRoom email processor with pid $mpid is running." else printf "The GitLab MailRoom email processor is \033[31mnot running\033[0m.\n" fi fi if [ "$gitlab_pages_enabled" = true ]; then if [ "$gitlab_pages_status" = "0" ]; then echo "The GitLab Pages with pid $gppid is running." else printf "The GitLab Pages is \033[31mnot running\033[0m.\n" fi fi if [ "$gitaly_enabled" = true ]; then if [ "$gitaly_status" = "0" ]; then echo "Gitaly with pid $gapid is running." else printf "Gitaly is \033[31mnot running\033[0m.\n" fi fi if [ "$web_status" = "0" ] && [ "$sidekiq_status" = "0" ] && [ "$gitlab_workhorse_status" = "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" = "0" ]; } && { [ "$gitlab_pages_enabled" != true ] || [ "$gitlab_pages_status" = "0" ]; } && { [ "$gitaly_enabled" != true ] || [ "$gitaly_status" = "0" ]; }; then printf "GitLab and all its components are \033[32mup and running\033[0m.\n" fi } ## Tells web server to reload its config and Sidekiq to restart reload_gitlab(){ exit_if_not_running if [ "$wpid" = "0" ];then echo "The GitLab web server Web server is not running thus its configuration can't be reloaded." exit 1 fi printf "Reloading GitLab web server configuration... " RAILS_ENV=$RAILS_ENV USE_WEB_SERVER=$use_web_server bin/web reload echo "Done." echo "Restarting GitLab Sidekiq since it isn't capable of reloading its config..." RAILS_ENV=$RAILS_ENV SIDEKIQ_WORKERS=$SIDEKIQ_WORKERS bin/background_jobs restart & /dev/null & if [ "$mail_room_enabled" != true ]; then echo "Restarting GitLab MailRoom since it isn't capable of reloading its config..." RAILS_ENV=$RAILS_ENV bin/mail_room restart fi wait_for_pids print_status } ## Restarts Sidekiq and web server. restart_gitlab(){ check_status if [ "$web_status" = "0" ] || [ "$sidekiq_status" = "0" ] || [ "$gitlab_workhorse" = "0" ] || { [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; } || { [ "$gitlab_pages_enabled" = true ] && [ "$gitlab_pages_status" = "0" ]; } || { [ "$gitaly_enabled" = true ] && [ "$gitaly_status" = "0" ]; }; then stop_gitlab fi start_gitlab } run_rc_command "$1" exit diff --git a/www/gitlab/files/patch-config_gitlab.yml.example b/www/gitlab/files/patch-config_gitlab.yml.example index de2730916655..872bcceb51d3 100644 --- a/www/gitlab/files/patch-config_gitlab.yml.example +++ b/www/gitlab/files/patch-config_gitlab.yml.example @@ -1,132 +1,132 @@ --- config/gitlab.yml.example.orig 2024-10-16 08:01:39 UTC +++ config/gitlab.yml.example @@ -473,7 +473,7 @@ production: &base ## GitLab Pages pages: enabled: false - access_control: false + access_control: true # The location where pages are stored (default: shared/pages). # path: shared/pages @@ -483,9 +483,9 @@ production: &base host: example.com port: 80 # Set to 443 if you serve the pages with HTTPS https: false # Set to true if you serve the pages with HTTPS - artifacts_server: true # Set to false if you want to disable online view of HTML artifacts - # external_http: ["1.1.1.1:80", "[2001::1]:80"] # If defined, enables custom domain support in GitLab Pages - # external_https: ["1.1.1.1:443", "[2001::1]:443"] # If defined, enables custom domain and certificate support in GitLab Pages + artifacts_server: false # Set to false if you want to disable online view of HTML artifacts + external_http: ["127.0.0.1:8090"] # If defined, enables custom domain support in GitLab Pages + # external_https: ["127.0.0.1:8090"] # If defined, enables custom domain and certificate support in GitLab Pages # File that contains the shared secret key for verifying access for gitlab-pages. # Default is '.gitlab_pages_secret' relative to Rails.root (i.e. root of the GitLab app). @@ -1210,13 +1210,13 @@ production: &base repositories: storages: # You must have at least a `default` storage path. default: - gitaly_address: unix:/home/git/gitlab/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port). + gitaly_address: unix:%%WWWDIR%%/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port). # gitaly_token: 'special token' # Optional: override global gitaly.token for this storage. ## Backup settings backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) - # gitaly_backup_path: /home/git/gitaly/_build/bin/gitaly-backup # Path of the gitaly-backup binary (default: searches $PATH) -+ gitaly_backup_path: %%PREFIX%%/share/gitaly/bin/gitaly-backup # Path of the gitaly-backup binary (default: searches $PATH) ++ gitaly_backup_path: %%LOCALBASE%%/share/gitaly/bin/gitaly-backup # Path of the gitaly-backup binary (default: searches $PATH) # archive_permissions: 0640 # Permissions for the resulting backup.tar file (default: 0600) # keep_time: 604800 # default: 0 (forever) (in seconds) # pg_schema: public # default: nil, it means that all schemas will be backed up @@ -1251,12 +1251,12 @@ production: &base ## GitLab Shell settings gitlab_shell: - path: /home/git/gitlab-shell/ - authorized_keys_file: /home/git/.ssh/authorized_keys -+ path: %%PREFIX%%/share/gitlab-shell/ -+ authorized_keys_file: %%PREFIX%%/git/.ssh/authorized_keys ++ path: %%LOCALBASE%%/share/gitlab-shell/ ++ authorized_keys_file: %%LOCALBASE%%/git/.ssh/authorized_keys # File that contains the secret key for verifying access for gitlab-shell. # Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app). - # secret_file: /home/git/gitlab/.gitlab_shell_secret + # secret_file: %%WWWDIR%%/.gitlab_shell_secret # Git over HTTP upload_pack: true @@ -1271,7 +1271,7 @@ production: &base workhorse: # File that contains the secret key for verifying access for gitlab-workhorse. # Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app). - # secret_file: /home/git/gitlab/.gitlab_workhorse_secret + # secret_file: %%WWWDIR%%/.gitlab_workhorse_secret topology_service: # enabled: false @@ -1287,7 +1287,7 @@ production: &base # enabled: true # File that contains the secret key for verifying access for gitlab-kas. # Default is '.gitlab_kas_secret' relative to Rails.root (i.e. root of the GitLab app). - # secret_file: /home/git/gitlab/.gitlab_kas_secret + # secret_file: %%WWWDIR%%/.gitlab_kas_secret # The URL to the external KAS API (used by the Kubernetes agents) # external_url: wss://kas.example.com @@ -1311,13 +1311,13 @@ production: &base ## GitLab Elasticsearch settings elasticsearch: - indexer_path: /home/git/gitlab-elasticsearch-indexer/ -+ indexer_path: %%PREFIX%%/bin/ ++ indexer_path: %%LOCALBASE%%/bin/ ## Git settings # CAUTION! # Use the default values unless you really know what you are doing git: - bin_path: /usr/bin/git -+ bin_path: %%PREFIX%%/bin/git ++ bin_path: %%LOCALBASE%%/bin/git ## Webpack settings # If enabled, this will tell rails to serve frontend assets from the webpack-dev-server running @@ -1338,18 +1338,18 @@ production: &base # Sidekiq exporter is a dedicated Prometheus metrics server optionally running alongside Sidekiq. sidekiq_exporter: - # enabled: true - # log_enabled: false - # address: localhost - # port: 8082 + enabled: true + log_enabled: false + address: localhost + port: 8082 # tls_enabled: false # tls_cert_path: /path/to/cert.pem # tls_key_path: /path/to/key.pem sidekiq_health_checks: - # enabled: true - # address: localhost - # port: 8092 + enabled: true + address: localhost + port: 8092 # Web exporter is a dedicated Prometheus metrics server optionally running alongside Puma. web_exporter: @@ -1582,13 +1582,13 @@ test: gitaly_address: unix:tmp/tests/gitaly/praefect.socket gitaly: - client_path: tmp/tests/gitaly/_build/bin -+ client_path: %%PREFIX%%/share/gitaly/bin ++ client_path: %%LOCALBASE%%/share/gitaly/bin token: secret workhorse: secret_file: tmp/gitlab_workhorse_test_secret backup: path: tmp/tests/backups - gitaly_backup_path: tmp/tests/gitaly/_build/bin/gitaly-backup -+ gitaly_backup_path: %%PREFIX%%/share/gitaly/bin/gitaly-backup ++ gitaly_backup_path: %%LOCALBASE%%/share/gitaly/bin/gitaly-backup gitlab_shell: path: tmp/tests/gitlab-shell/ authorized_keys_file: tmp/tests/authorized_keys