diff options
| author | Matthias Fechner <mfechner@FreeBSD.org> | 2024-04-12 10:22:39 +0000 |
|---|---|---|
| committer | Matthias Fechner <mfechner@FreeBSD.org> | 2024-04-21 10:57:57 +0000 |
| commit | 24ea305bffad4315fcc95fe4006d42801ffc1f5d (patch) | |
| tree | db89645f41c98899b318203327570df44f589e1a /www/gitlab | |
| parent | 57f32d81a27b7da8d29819f74477393ea258b2ef (diff) | |
| download | ports-24ea305bffad4315fcc95fe4006d42801ffc1f5d.tar.gz ports-24ea305bffad4315fcc95fe4006d42801ffc1f5d.zip | |
www/gitlab-ce: rename port to gitlab in preparation to add flavor support
Diffstat (limited to 'www/gitlab')
| -rw-r--r-- | www/gitlab/Makefile | 463 | ||||
| -rw-r--r-- | www/gitlab/distinfo | 3 | ||||
| -rw-r--r-- | www/gitlab/files/extra-patch-Gemfile-kerberos-off | 11 | ||||
| -rw-r--r-- | www/gitlab/files/gitlab.in | 570 | ||||
| -rw-r--r-- | www/gitlab/files/patch-Gemfile | 254 | ||||
| -rw-r--r-- | www/gitlab/files/patch-bin_background__jobs | 11 | ||||
| -rw-r--r-- | www/gitlab/files/patch-config_database.yml.postgresql | 64 | ||||
| -rw-r--r-- | www/gitlab/files/patch-config_gitlab.yml.example | 130 | ||||
| -rw-r--r-- | www/gitlab/files/patch-config_initializers_1__settings.rb | 15 | ||||
| -rw-r--r-- | www/gitlab/files/patch-config_initializers_sprockets__patch.rb | 11 | ||||
| -rw-r--r-- | www/gitlab/files/patch-config_puma.rb.example | 49 | ||||
| -rw-r--r-- | www/gitlab/files/patch-lib_support_nginx_gitlab | 20 | ||||
| -rw-r--r-- | www/gitlab/files/patch-lib_support_nginx_gitlab-ssl | 20 | ||||
| -rw-r--r-- | www/gitlab/files/patch-lib_tasks_gitlab_setup.rake | 12 | ||||
| -rw-r--r-- | www/gitlab/files/patch-vendor_gems_bundler-checksum_bundler-checksum.gemspec | 11 | ||||
| -rw-r--r-- | www/gitlab/pkg-descr | 6 | ||||
| -rw-r--r-- | www/gitlab/pkg-message | 33 |
17 files changed, 1683 insertions, 0 deletions
diff --git a/www/gitlab/Makefile b/www/gitlab/Makefile new file mode 100644 index 000000000000..a5ad13f61be7 --- /dev/null +++ b/www/gitlab/Makefile @@ -0,0 +1,463 @@ +PORTNAME= gitlab-ce +PORTVERSION= 16.10.2 +DISTVERSIONPREFIX= v +PORTREVISION= 2 +CATEGORIES= www devel + +# include patch to fix database migration +#https://gitlab.com/gitlab-org/gitlab/-/merge_requests/138018.patch +#PATCH_SITES= https://gitlab.com/gitlab-org/gitlab/-/merge_requests/ +#PATCHFILES+= 138018.patch:-p1 # https://gitlab.com/gitlab-org/gitlab/-/merge_requests/138018 + +MAINTAINER= mfechner@FreeBSD.org +COMMENT= Web GUI for managing git repositories +WWW= https://gitlab.com/ + +LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/LICENSE + +# the rubygems of RUN_DEPENDS matches the order of the Gemfile +# which makes maintaining this long list much easier! +# devel/rubygem-parser is required for database upgrade process +# see https://gitlab.com/gitlab-org/gitlab/-/issues/350866 +# mail/rubygem-net-smtp is required as ruby 3.1 removed it +# textproc/rubygem-psych3 is required as ruby 3.1 applied an update to psych 4.0 which has breaking changes +# mail/rubygem-net-pop is required as ruby 3.1 removed it +MY_DEPENDS= git>=2.41.0:devel/git \ + gitaly>=${PORTVERSION}:devel/gitaly \ + gitlab-elasticsearch-indexer>=4.8.0:textproc/gitlab-elasticsearch-indexer \ + gitlab-agent>=16.10.1:net/gitlab-agent \ + gitlab-pages>=${PORTVERSION}:www/gitlab-pages \ + gitlab-shell>=14.34.0:devel/gitlab-shell \ + gitlab-workhorse>=${PORTVERSION}:www/gitlab-workhorse \ + redis>=6.2.11:databases/redis \ + yarn${NODEJS_SUFFIX}>=1.10.0:www/yarn${NODEJS_SUFFIX} \ + gtar>0:archivers/gtar \ + bash>0:shells/bash \ + rubygem-net-smtp>=0:mail/rubygem-net-smtp \ + rubygem-net-pop>=0:mail/rubygem-net-pop \ + rubygem-psych3>=3.1<4:textproc/rubygem-psych3 \ + rubygem-rails70>=7.0.8.1<7.1:www/rubygem-rails70 \ + rubygem-bootsnap>=1.18.3<1.19:devel/rubygem-bootsnap \ + rubygem-openssl>=3.0<4:security/rubygem-openssl \ + rubygem-ipaddr>=1.2.5<1.3:net/rubygem-ipaddr \ + rubygem-responders-rails70>=3.0<4.0:www/rubygem-responders-rails70 \ + rubygem-sprockets3>=3.7<3.8:devel/rubygem-sprockets3 \ + rubygem-view_component-rails70>=3.11.0<3.12:devel/rubygem-view_component-rails70 \ + rubygem-pg>=1.5.6<1.6:databases/rubygem-pg \ + rubygem-neighbor>=0.2.3<0.3:databases/rubygem-neighbor \ + rubygem-rugged>=1.6<2:devel/rubygem-rugged \ + rubygem-faraday1>=1.10.0<3:www/rubygem-faraday1 \ + rubygem-marginalia>=1.11.1<1.12:databases/rubygem-marginalia \ + rubygem-declarative_policy>=1.1.0<1.2:security/rubygem-declarative_policy \ + rubygem-devise-rails70>=4.9.3<4.10:devel/rubygem-devise-rails70 \ + rubygem-bcrypt>=3.1.14<3.2:security/rubygem-bcrypt \ + rubygem-doorkeeper-rails70>=5.6.6<6:security/rubygem-doorkeeper-rails70 \ + rubygem-doorkeeper-openid_connect>=1.8.7<2:security/rubygem-doorkeeper-openid_connect \ + rubygem-rexml>=3.2.6<3.3:textproc/rubygem-rexml \ + rubygem-ruby-saml115>=1.15.0<1.16:security/rubygem-ruby-saml115 \ + rubygem-omniauth>=2.1.0<3:security/rubygem-omniauth \ + rubygem-omniauth-auth0>=3.1.0<3.2.0:net/rubygem-omniauth-auth0 \ + rubygem-omniauth-azure-activedirectory-v2>=2.0<3:net/rubygem-omniauth-azure-activedirectory-v2 \ + rubygem-omniauth-dingtalk-oauth2>=1.0.1<2:security/rubygem-omniauth-dingtalk-oauth2 \ + rubygem-omniauth-alicloud>=3.0.0<3.1:security/rubygem-omniauth-alicloud \ + rubygem-omniauth-facebook>=4.0.0:net/rubygem-omniauth-facebook \ + rubygem-omniauth-github>=2.0.1<2.1:net/rubygem-omniauth-github \ + rubygem-omniauth-google-oauth2>=1.1<2:net/rubygem-omniauth-google-oauth2 \ + rubygem-omniauth-oauth2-generic>=0.2.2<0.3.0:security/rubygem-omniauth-oauth2-generic \ + rubygem-omniauth-saml>=2.1.0<3:security/rubygem-omniauth-saml \ + rubygem-omniauth-shibboleth-redux>=2.0<3:security/rubygem-omniauth-shibboleth-redux \ + rubygem-omniauth-twitter>=1.4<2.0:net/rubygem-omniauth-twitter \ + rubygem-omniauth_openid_connect>=0.6.1<0.7.0:net/rubygem-omniauth_openid_connect \ + rubygem-openid_connect>=1.3.1<1.3.2:net/rubygem-openid_connect \ + rubygem-omniauth-atlassian-oauth2>=0.2.0<0.3:security/rubygem-omniauth-atlassian-oauth2 \ + rubygem-rack-oauth21>=1.21.3<1.22.0:security/rubygem-rack-oauth21 \ + rubygem-jwt>=2.5<3:www/rubygem-jwt \ + rubygem-gssapi>=1.3.1<1.4:security/rubygem-gssapi \ + rubygem-recaptcha>=5.12<6.0:devel/rubygem-recaptcha \ + rubygem-akismet>=3.0<4.0:devel/rubygem-akismet \ + rubygem-invisible_captcha>=2.1.0<2.2.0:graphics/rubygem-invisible_captcha \ + rubygem-devise-two-factor41-rails70>=4.1.1<4.2:security/rubygem-devise-two-factor41-rails70 \ + rubygem-rqrcode>=2.2.0<3:www/rubygem-rqrcode \ + rubygem-validates_hostname>=1.0.13<1.1.0:dns/rubygem-validates_hostname \ + rubygem-rubyzip>=2.3.2<2.4:archivers/rubygem-rubyzip \ + rubygem-acme-client>=2.0.9<3:security/rubygem-acme-client \ + rubygem-browser>=5.3.1<5.4:www/rubygem-browser \ + rubygem-ohai>=18.1<19:sysutils/rubygem-ohai \ + rubygem-gpgme>=2.0.23<2.1.0:security/rubygem-gpgme \ + rubygem-gitlab_omniauth-ldap>=2.2.0<2.3.0:net/rubygem-gitlab_omniauth-ldap \ + rubygem-net-ldap017>=0.17.1<0.18:net/rubygem-net-ldap017 \ + rubygem-grape>=2.0.0<2.1:devel/rubygem-grape \ + rubygem-grape-entity>=0.10.2<0.11.0,1:devel/rubygem-grape-entity \ + rubygem-grape-swagger>=2.0.1<2.1:devel/rubygem-grape-swagger \ + rubygem-grape-swagger-entity>=0.5.1<0.6:devel/rubygem-grape-swagger-entity \ + rubygem-grape-path-helpers>=2.0.1<2.1:devel/rubygem-grape-path-helpers \ + rubygem-rack-cors>=2.0.1<2.1:www/rubygem-rack-cors \ + rubygem-graphql>=2.2.5<2.3:devel/rubygem-graphql \ + rubygem-graphql-docs>=4.0.0<4.1.0:devel/rubygem-graphql-docs \ + rubygem-graphiql-rails>=1.8.0<1.9:devel/rubygem-graphiql-rails \ + rubygem-apollo_upload_server>=2.1.5<2.2:net/rubygem-apollo_upload_server \ + rubygem-graphlient>=0.6.0<0.7:devel/rubygem-graphlient \ + rubygem-ffaker>=2.10<3:devel/rubygem-ffaker \ + rubygem-hashie>=5.0.0<5.1:devel/rubygem-hashie \ + rubygem-kaminari-rails70>=1.2.2<1.3:www/rubygem-kaminari-rails70 \ + rubygem-hamlit>=2.15.0<2.16:www/rubygem-hamlit \ + rubygem-carrierwave1>=1.3.4<2.0:www/rubygem-carrierwave1 \ + rubygem-mini_magick410>=4.10.1<4.11:graphics/rubygem-mini_magick410 \ + rubygem-fog-aws>=3.18<4:net/rubygem-fog-aws \ + rubygem-fog-core210>=2.1.0<2.1.1:devel/rubygem-fog-core210 \ + rubygem-fog-google>=1.19<2:net/rubygem-fog-google \ + rubygem-fog-local>=0.8<1.0:net/rubygem-fog-local \ + rubygem-fog-aliyun>=0.4<1.0:net/rubygem-fog-aliyun \ + rubygem-gitlab-fog-azure-rm>=1.8.0<1.9:net/rubygem-gitlab-fog-azure-rm \ + rubygem-google-apis-storage_v1>=0.29<1:devel/rubygem-google-apis-storage_v1 \ + rubygem-google-cloud-storage145>=1.45.0<1.46:net/rubygem-google-cloud-storage145 \ + rubygem-google-apis-core>=0.11.2<2:devel/rubygem-google-apis-core \ + rubygem-google-apis-compute_v1_057>=0.57.0<0.58:devel/rubygem-google-apis-compute_v1_057 \ + rubygem-google-apis-container_v1>=0.43.0<0.44:devel/rubygem-google-apis-container_v1 \ + rubygem-google-apis-container_v1beta1>=0.43.0<0.44:devel/rubygem-google-apis-container_v1beta1 \ + rubygem-google-apis-cloudbilling_v1>=0.21.0<0.22:devel/rubygem-google-apis-cloudbilling_v1 \ + rubygem-google-apis-cloudresourcemanager_v1>=0.31.0<0.32:devel/rubygem-google-apis-cloudresourcemanager_v1 \ + rubygem-google-apis-iam_v1>=0.36.0<0.37:devel/rubygem-google-apis-iam_v1 \ + rubygem-google-apis-serviceusage_v1>=0.28.0<0.29:devel/rubygem-google-apis-serviceusage_v1 \ + rubygem-google-apis-sqladmin_v1beta4_041>=0.41.0<0.42:devel/rubygem-google-apis-sqladmin_v1beta4_041 \ + rubygem-google-apis-androidpublisher_v3034>=0.34.0<0.35:devel/rubygem-google-apis-androidpublisher_v3034 \ + rubygem-googleauth>=1.8.1<2:security/rubygem-googleauth \ + rubygem-google-cloud-artifact_registry-v1>=0.11.0<0.12:textproc/rubygem-google-cloud-artifact_registry-v1 \ + rubygem-google-cloud-compute-v1>=2.6.0<2.7:net/rubygem-google-cloud-compute-v1 \ + rubygem-seed-fu>=2.3.7<2.4.0:databases/rubygem-seed-fu \ + rubygem-elasticsearch-model713>=7.2<8:textproc/rubygem-elasticsearch-model713 \ + rubygem-elasticsearch-rails>=7.2<8:textproc/rubygem-elasticsearch-rails \ + rubygem-elasticsearch-api713>=7.13.3<7.13.4:textproc/rubygem-elasticsearch-api713 \ + rubygem-aws-sdk-core>=3.191.3<4:devel/rubygem-aws-sdk-core \ + rubygem-aws-sdk-cloudformation>=1<2:devel/rubygem-aws-sdk-cloudformation \ + rubygem-aws-sdk-s3>=1.144.0<2:devel/rubygem-aws-sdk-s3 \ + rubygem-faraday_middleware-aws-sigv403>=0.3.0<0.4:devel/rubygem-faraday_middleware-aws-sigv403 \ + rubygem-typhoeus>=1.4.0<1.5:www/rubygem-typhoeus \ + rubygem-html-pipeline>=2.14.3<2.15:textproc/rubygem-html-pipeline \ + rubygem-deckar01-task_list>=2.3.4<2.4:www/rubygem-deckar01-task_list \ + rubygem-gitlab-markup>=1.9.0<1.10.0:textproc/rubygem-gitlab-markup \ + rubygem-commonmarker0>=0.23.10<0.24:textproc/rubygem-commonmarker0 \ + rubygem-kramdown23>=2.3.1<2.4:textproc/rubygem-kramdown23 \ + rubygem-redcloth>=4.3.3<4.4.0:www/rubygem-redcloth \ + rubygem-org-ruby>=0.9.12<0.10.0:textproc/rubygem-org-ruby \ + rubygem-creole>=0.5.0<0.6.0:textproc/rubygem-creole \ + rubygem-wikicloth081>=0.8.1<0.8.2:textproc/rubygem-wikicloth081 \ + rubygem-asciidoctor>=2.0.18<2.1.0:textproc/rubygem-asciidoctor \ + rubygem-asciidoctor-include-ext>=0.4.0<0.5.0:textproc/rubygem-asciidoctor-include-ext \ + rubygem-asciidoctor-plantuml00>=0.0.16<0.1:textproc/rubygem-asciidoctor-plantuml00 \ + rubygem-asciidoctor-kroki>=0.8.0<0.9:textproc/rubygem-asciidoctor-kroki \ + rubygem-rouge>=4.2.0<4.3:textproc/rubygem-rouge \ + rubygem-truncato>=0.7.12<0.8.0:textproc/rubygem-truncato \ + rubygem-nokogiri>=1.16<2:textproc/rubygem-nokogiri \ + rubygem-gitlab-glfm-markdown>=0.0.13<0.1:textproc/rubygem-gitlab-glfm-markdown \ + rubygem-icalendar>=0:devel/rubygem-icalendar \ + rubygem-diffy>=3.4<4:textproc/rubygem-diffy \ + rubygem-rack22>=2.2.8.1,3<2.3,3:www/rubygem-rack22 \ + rubygem-rack-timeout>=0.6.3<0.7:www/rubygem-rack-timeout \ + rubygem-puma>=6.4<7:www/rubygem-puma \ + rubygem-sd_notify>=0.1.1<0.2:devel/rubygem-sd_notify \ + rubygem-state_machines-activerecord08>=0.8.0<0.9.0:databases/rubygem-state_machines-activerecord08 \ + rubygem-acts-as-taggable-on>=10.0<11:www/rubygem-acts-as-taggable-on \ + rubygem-sidekiq71>=7.1.6<7.2:devel/rubygem-sidekiq71 \ + rubygem-sidekiq-cron-rails70>=1.12.0<1.13:devel/rubygem-sidekiq-cron-rails70 \ + rubygem-fugit18>=1.8.1<1.9:devel/rubygem-fugit18 \ + rubygem-httparty>=0.21.0<0.22:www/rubygem-httparty \ + rubygem-rainbow>=3.1.1<4.0:devel/rubygem-rainbow \ + rubygem-ruby-progressbar>=1.11<2:devel/rubygem-ruby-progressbar \ + rubygem-re2>=2.7.0<2.8:devel/rubygem-re2 \ + rubygem-semver_dialects>=2.0<3:devel/rubygem-semver_dialects \ + rubygem-version_sorter>=2.3<3:textproc/rubygem-version_sorter \ + rubygem-js_regex>=3.8<4.0:textproc/rubygem-js_regex \ + rubygem-device_detector>=0:devel/rubygem-device_detector \ + rubygem-redis-namespace110>=1.10.0<1.11:databases/rubygem-redis-namespace110 \ + rubygem-redis50>=5.0.0<5.1:databases/rubygem-redis50 \ + rubygem-redis-clustering50>=5.0.0<5.1:databases/rubygem-redis-clustering50 \ + rubygem-connection_pool>=2.4.1<3.0:net/rubygem-connection_pool \ + rubygem-redis-actionpack-rails70>=5.4.0<5.5:databases/rubygem-redis-actionpack-rails70 \ + rubygem-discordrb-webhooks>=3.5<4.0:net-im/rubygem-discordrb-webhooks \ + rubygem-jira-ruby>=2.3.0<2.4:devel/rubygem-jira-ruby \ + rubygem-atlassian-jwt>=0.2.1<0.3.0:www/rubygem-atlassian-jwt \ + rubygem-slack-messenger>=2.3.4<2.4.0:devel/rubygem-slack-messenger \ + rubygem-ruby-fogbugz>=0.3.0<0.4.0:devel/rubygem-ruby-fogbugz \ + rubygem-kubeclient>=4.11.0<4.12.0:www/rubygem-kubeclient \ + rubygem-ruby-openai37>=3.7<4:www/rubygem-ruby-openai37 \ + rubygem-circuitbox>=2.0.0<2.1:www/rubygem-circuitbox \ + rubygem-sanitize60>=6.0.2<6.1:textproc/rubygem-sanitize60 \ + rubygem-babosa>=2.0<3:textproc/rubygem-babosa \ + rubygem-loofah>=2.22.0<2.23:textproc/rubygem-loofah \ + rubygem-licensee>=9.16<10:devel/rubygem-licensee \ + rubygem-charlock_holmes>=0.7.7<0.8.0:textproc/rubygem-charlock_holmes \ + rubygem-ruby-magic>=0.6<1:devel/rubygem-ruby-magic \ + rubygem-fast_blank>=1.0.1<1.1:devel/rubygem-fast_blank \ + rubygem-gitlab-chronic>=0.10.5<0.11.0:devel/rubygem-gitlab-chronic \ + rubygem-gitlab_chronic_duration>=0.12<1:devel/rubygem-gitlab_chronic_duration \ + rubygem-rack-proxy>=0.7.7<0.8.0:www/rubygem-rack-proxy \ + rubygem-cssbundling-rails-rails70>=1.4.0<1.5:www/rubygem-cssbundling-rails-rails70 \ + rubygem-terser>=1.0.2<1.0.3:textproc/rubygem-terser \ + rubygem-addressable>=2.8<3:www/rubygem-addressable \ + rubygem-tanuki_emoji>=0.9<1:graphics/rubygem-tanuki_emoji \ + rubygem-gon-rails70>=6.4.0<6.5:www/rubygem-gon-rails70 \ + rubygem-request_store15>=1.5.1<1.6:devel/rubygem-request_store15 \ + rubygem-base32>=0.3.0<0.4.0:converters/rubygem-base32 \ + rubygem-gitlab-license>=2.4<3:devel/rubygem-gitlab-license \ + rubygem-rack-attack>=6.7.0<6.8:www/rubygem-rack-attack \ + rubygem-sentry-raven>=3.1<4.0:devel/rubygem-sentry-raven \ + rubygem-sentry-ruby>=5.10.0<5.11:devel/rubygem-sentry-ruby \ + rubygem-sentry-rails>=5.10.0<5.11:devel/rubygem-sentry-rails \ + rubygem-sentry-sidekiq>=5.10.0<5.11:devel/rubygem-sentry-sidekiq \ + rubygem-pg_query>=5.1.0<5.2:databases/rubygem-pg_query \ + rubygem-premailer-rails110-rails70>=1.10.3<1.11:mail/rubygem-premailer-rails110-rails70 \ + rubygem-gitlab-labkit>=0.35.1<0.36:devel/rubygem-gitlab-labkit \ + rubygem-thrift>=0.16.0:devel/rubygem-thrift \ + rubygem-rails-i18n-rails70>=7.0<8:devel/rubygem-rails-i18n-rails70 \ + rubygem-gettext_i18n_rails111>=1.11.0<1.12.0:devel/rubygem-gettext_i18n_rails111 \ + rubygem-gettext>=3.4<4:devel/rubygem-gettext \ + rubygem-batch-loader>=2.0.1<2.1:devel/rubygem-batch-loader \ + rubygem-peek-rails70>=1.1<2.0:devel/rubygem-peek-rails70 \ + rubygem-snowplow-tracker>=0.8.0<1:devel/rubygem-snowplow-tracker \ + rubygem-webrick>=1.8.1<1.9:www/rubygem-webrick \ + rubygem-prometheus-client-mmap>=1.1.1<2:devel/rubygem-prometheus-client-mmap \ + rubygem-warning>=1.3.0<1.4:devel/rubygem-warning \ + rubygem-gitlab-dangerfiles>=4.7.0<4.8:devel/rubygem-gitlab-dangerfiles \ + rubygem-license_finder>=7.0.0<8:devel/rubygem-license_finder \ + rubygem-rspec>=3.0<4:devel/rubygem-rspec \ + rubygem-octokit>=8.0<9:net/rubygem-octokit \ + rubygem-gitlab-mail_room>=0.0.24<0.1.0:mail/rubygem-gitlab-mail_room \ + rubygem-email_reply_trimmer>=0.1<1.0:mail/rubygem-email_reply_trimmer \ + rubygem-html2text>=0:textproc/rubygem-html2text \ + rubygem-stackprof>=0.2.25<0.3:devel/rubygem-stackprof \ + rubygem-rbtrace>=0.4.14<1.0:devel/rubygem-rbtrace \ + rubygem-memory_profiler>=1.0<2.0:devel/rubygem-memory_profiler \ + rubygem-activerecord-explain-analyze>=0.1<1.0:databases/rubygem-activerecord-explain-analyze \ + rubygem-oauth2>=2.0<3:net/rubygem-oauth2 \ + rubygem-health_check-rails70>=3.0<4:devel/rubygem-health_check-rails70 \ + rubygem-vmstat>=2.3.0<2.4.0:sysutils/rubygem-vmstat \ + rubygem-sys-filesystem>=1.4.3<1.5:sysutils/rubygem-sys-filesystem \ + rubygem-net-ntp>0:net/rubygem-net-ntp \ + rubygem-ssh_data>=1.3<2:security/rubygem-ssh_data \ + rubygem-spamcheck>=1.3.0<1.4:net/rubygem-spamcheck \ + rubygem-gitaly>=16.10.0.pre.rc1<16.11.0:net/rubygem-gitaly \ + rubygem-kas-grpc>=0.4.0,1<0.5.0,1:net/rubygem-kas-grpc \ + rubygem-grpc>=1.60.0<2:net/rubygem-grpc \ + rubygem-google-protobuf>=3.25.3<4:devel/rubygem-google-protobuf \ + rubygem-toml-rb>=2.2.0<3:www/rubygem-toml-rb \ + rubygem-flipper026>=0.26.2<0.27:devel/rubygem-flipper026 \ + rubygem-flipper-active_record-rails70>=0.26.2<0.27:databases/rubygem-flipper-active_record-rails70 \ + rubygem-flipper-active_support_cache_store-rails70>=0.26.2<0.27:devel/rubygem-flipper-active_support_cache_store-rails70 \ + rubygem-unleash>=3.2.2<3.3:devel/rubygem-unleash \ + rubygem-gitlab-experiment>=0.9.1<0.10:devel/rubygem-gitlab-experiment \ + rubygem-lograge-rails70>=0.11.2<1.0:www/rubygem-lograge-rails70 \ + rubygem-grape_logging>=1.8.4<2.0:devel/rubygem-grape_logging \ + rubygem-gitlab-net-dns>=0.9.2<0.10:dns/rubygem-gitlab-net-dns \ + rubygem-countries>=4.1.3<4.2.0:devel/rubygem-countries \ + rubygem-retriable>=3.1.2<3.2.0:devel/rubygem-retriable \ + rubygem-lru_redux>0:devel/rubygem-lru_redux \ + rubygem-mail>=2.8.1<2.8.2,2:mail/rubygem-mail \ + rubygem-lockbox>=1.3.0<1.4:security/rubygem-lockbox \ + rubygem-valid_email>=0.1<1:mail/rubygem-valid_email \ + rubygem-jsonb_accessor>=1.3.10<1.4:www/rubygem-jsonb_accessor \ + rubygem-json26>=2.6.3<2.7:devel/rubygem-json26 \ + rubygem-json_schemer>=0.2.18<0.3:devel/rubygem-json_schemer \ + rubygem-oj313>=3.13.21<3.14:devel/rubygem-oj313 \ + rubygem-oj-introspect>=0.7<1:devel/rubygem-oj-introspect \ + rubygem-multi_json114>=1.14.1<1.15:devel/rubygem-multi_json114 \ + rubygem-yajl-ruby>=1.4.3<1.5:devel/rubygem-yajl-ruby \ + rubygem-webauthn>=3.0<4:security/rubygem-webauthn \ + rubygem-ipaddress>=0.8.3<0.9:net/rubygem-ipaddress \ + rubygem-parslet1>=1.8<2:textproc/rubygem-parslet1 \ + rubygem-ed25519>=1.3.0<1.4:security/rubygem-ed25519 \ + rubygem-parser>=3.2.2.4:devel/rubygem-parser \ + rubygem-cvss-suite>=3.0.1<3.1:security/rubygem-cvss-suite \ + rubygem-arr-pm>=0.0.12<0.1:devel/rubygem-arr-pm \ + rubygem-devfile>=0.0.25.p.a1<0.0.25:net/rubygem-devfile \ + rubygem-CFPropertyList>=3.0.0<3.1:devel/rubygem-CFPropertyList \ + rubygem-app_store_connect>=0:net/rubygem-app_store_connect \ + rubygem-telesignenterprise>=2.2<3:devel/rubygem-telesignenterprise \ + rubygem-net-protocol01>=0.1.3<0.2:net/rubygem-net-protocol01 \ + rubygem-net-http011>=0.1.1<0.1.2:www/rubygem-net-http011 \ + rubygem-duo_api>=1.3<2:security/rubygem-duo_api \ + rubygem-gitlab-sdk>=0.3.0<0.4:devel/rubygem-gitlab-sdk \ + rubygem-google-cloud-profiler-v2>=0.3<1:textproc/rubygem-google-cloud-profiler-v2 \ + rubygem-parallel>=1.22<2:sysutils/rubygem-parallel + +BUILD_DEPENDS= gem:devel/ruby-gems \ + ${MY_DEPENDS} + +RUN_DEPENDS= ${MY_DEPENDS} + +USES= go:modules nodejs:env ruby shebangfix + +USE_GITLAB= yes +GL_ACCOUNT= gitlab-org +GL_PROJECT= gitlab-foss +USE_RC_SUBR= gitlab + +SHEBANG_FILES= scripts/build_qa_image \ + scripts/build_gdk_image \ + scripts/db_tasks \ + scripts/rails-update-bisect \ + scripts/generate-e2e-pipeline \ + scripts/frontend/execute-on-staged-files.sh \ + scripts/frontend/start_storybook.sh \ + scripts/partitioning/generate-fk \ + scripts/validate-monorepo-gem \ + .lefthook/pre-push/merge_conflicts \ + qa/gdk/entrypoint \ + qa/bin/test + +CONFLICTS_INSTALL= gitolite \ + gitolite2 \ + gogs \ + gitea \ + gitosis + +NO_ARCH= yes +NO_BUILD= yes + +USERS= git +GROUPS= git + +OPTIONS_DEFINE= KERBEROS +OPTIONS_DEFAULT= KERBEROS + +KERBEROS_BUILD_DEPENDS= rubygem-timfel-krb5-auth>=0.8<1:security/rubygem-timfel-krb5 +KERBEROS_RUN_DEPENDS= rubygem-timfel-krb5-auth>=0.8<1:security/rubygem-timfel-krb5 +KERBEROS_EXTRA_PATCHES_OFF= ${FILESDIR}/extra-patch-Gemfile-kerberos-off + +post-patch: + ${REINPLACE_CMD} -e "s|%%PREFIX%%|${PREFIX}|" ${WRKSRC}/config/gitlab.yml.example \ + ${WRKSRC}/config/puma.rb.example \ + ${WRKSRC}/lib/support/nginx/gitlab \ + ${WRKSRC}/lib/support/nginx/gitlab-ssl + # Remove symlink a create a file with content + ${RM} ${WRKSRC}/GITLAB_WORKHORSE_VERSION + ${ECHO} ${PORTVERSION} > ${WRKSRC}/GITLAB_WORKHORSE_VERSION + +do-install: + ${CP} ${WRKSRC}/config/database.yml.postgresql ${WRKSRC}/config/database.yml.sample + (cd ${WRKSRC} && ${RM} Gemfile.lock && bundle install --local) + ${RM} -R ${WRKSRC}/workhorse + # Has only a Gemfile.lock, so remove it, is maybe fixed by a newer version + ${RM} -R ${WRKSRC}/vendor/gems/omniauth-google-oauth2 + ${FIND} ${WRKSRC} -name '*.orig' -delete + ${FIND} ${WRKSRC} -name '*.bak' -delete + ${FIND} ${WRKSRC} -name '*.gitkeep' -delete + ${FIND} ${WRKSRC} -name '*.gitignore' -delete + ${FIND} ${WRKSRC} -name "Gemfile.lock" -delete + ${MV} ${WRKSRC}/config/initializers/relative_url.rb.sample ${WRKSRC}/config/initializers/relative_url.rb.example + # get files for workdir with: find . -name "*.example" + ${MV} ${WRKSRC}/config/puma.rb.example ${WRKSRC}/config/puma.rb.sample + ${MV} ${WRKSRC}/config/secrets.yml.example ${WRKSRC}/config/secrets.yml.sample + ${MV} ${WRKSRC}/config/sidekiq.yml.example ${WRKSRC}/config/sidekiq.yml.sample + ${MV} ${WRKSRC}/config/cable.yml.example ${WRKSRC}/config/cable.yml.sample + ${MV} ${WRKSRC}/config/gitlab.yml.example ${WRKSRC}/config/gitlab.yml.sample + ${MV} ${WRKSRC}/config/initializers/devise_password_length.rb.example ${WRKSRC}/config/initializers/devise_password_length.rb.sample + ${MV} ${WRKSRC}/config/resque.yml.example ${WRKSRC}/config/resque.yml.sample + ${MV} ${WRKSRC}/lib/support/nginx/gitlab ${WRKSRC}/lib/support/nginx/gitlab.sample + ${MV} ${WRKSRC}/lib/support/nginx/gitlab-ssl ${WRKSRC}/lib/support/nginx/gitlab-ssl.sample + ${MV} ${WRKSRC}/public/robots.txt ${WRKSRC}/public/robots.txt.sample + ${MKDIR} ${STAGEDIR}${PREFIX}/www/${PORTNAME}/app/assets/builds + ${MKDIR} ${STAGEDIR}${PREFIX}/www/${PORTNAME}/public/assets + ${MKDIR} ${STAGEDIR}${PREFIX}/www/${PORTNAME}/public/uploads + ${MKDIR} ${STAGEDIR}${PREFIX}/www/${PORTNAME}/tmp/cache + ${MKDIR} ${STAGEDIR}${PREFIX}/www/${PORTNAME}/tmp/sessions + ${MKDIR} ${STAGEDIR}${PREFIX}/www/${PORTNAME}/tmp/backups + ${MKDIR} ${STAGEDIR}${PREFIX}/www/${PORTNAME}/tmp/sockets/private/internal + ${MKDIR} ${STAGEDIR}${PREFIX}/www/${PORTNAME}/shared/tmp + ${MKDIR} ${STAGEDIR}${PREFIX}/www/${PORTNAME}/shared/artifacts/tmp/work + ${MKDIR} ${STAGEDIR}${PREFIX}/www/${PORTNAME}/vendor/assets/stylesheets + ${MKDIR} ${STAGEDIR}${PREFIX}/www/${PORTNAME}/workhorse/changelogs/unreleased + # Skip file having an executable bit + (cd ${WRKSRC} && ${COPYTREE_SHARE} . ${STAGEDIR}${PREFIX}/www/${PORTNAME} "-not ( -type f -perm -a=x )") + # now copy all files having an execution bit and preserve to x bit (this fixes some issues we saw) + (cd ${WRKSRC} && ${COPYTREE_BIN} . ${STAGEDIR}${PREFIX}/www/${PORTNAME} "-type f -perm -a=x") + +post-install: + ${FIND} -s ${STAGEDIR}${WWWDIR} -not -type d | ${SORT} | \ + ${SED} -e 's#^${STAGEDIR}${PREFIX}/##' | \ + ${SED} -E -e '/sample$$/ s#^#@sample #; \ + /secrets.yml.sample$$/ s#^@sample #@sample(git,www,0600) #; \ + s#${WWWDIR_REL}/bin#@(git,,544) ${WWWDIR_REL}/bin#; \ + /db\/schema.rb$$|gitlab.po$$|gitlab.pot$$|gitlab.po.time_stamp$$|locale\/index.js$$/ s#^#@(git,,) #;' >> ${TMPPLIST} + @${ECHO_CMD} "@owner git" >> ${TMPPLIST} + @${ECHO_CMD} "@group www" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(git,git) ${WWWDIR_REL}/" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/app/assets/builds/" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/app/assets/images/auth_buttons/" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/app/assets/javascripts/locale/" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/app/assets/javascripts/pipeline_wizard/templates/" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(git,git,554) ${WWWDIR_REL}/bin" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/config" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/builds" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/lib/assets" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/bg" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/de" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/eo" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/es" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/fil_PH" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/fr" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/id_ID" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/it" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/ja" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/ko" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/nl_NL" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/pl_PL" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/pt_BR" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/ru" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/tr_TR" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/uk" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/zh_CN" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/zh_HK" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/locale/zh_TW" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,744) ${WWWDIR_REL}/log" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/public" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/public/assets" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/public/uploads" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/api/2_plan" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/api/4_verify" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/api/5_package" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/api/6_release" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/api/7_configure" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/api/8_monitor" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/browser_ui/5_package" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/qa/specs/features/browser_ui/8_monitor" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/qa/tmp" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/spec/support/gitlab-git-test.git/refs/heads" >> ${TMPPLIST} + @${ECHO_CMD} "@dir ${WWWDIR_REL}/spec/support/gitlab-git-test.git/refs/tags" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,755) ${WWWDIR_REL}/shared" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/artifacts" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/artifacts/tmp" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/artifacts/tmp/cache" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/artifacts/tmp/uploads" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/artifacts/tmp/work" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/ci_secure_files" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/shared/packages" >> ${TMPPLIST} + @${ECHO_CMD} "@group gitlab-pages" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/shared/pages" >> ${TMPPLIST} + @${ECHO_CMD} "@group www" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/terraform_state" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/tmp" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/lfs-objects" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,700) ${WWWDIR_REL}/shared/registry" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/backups" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/cache" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/feature_flags" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/pids" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/prometheus_multiproc_dir" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/prometheus_multiproc_dir/puma" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/prometheus_multiproc_dir/sidekiq" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/prometheus_multiproc_dir/unicorn" >> ${TMPPLIST} + #@${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/run" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/sessions" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/sockets" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/sockets/private" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/tmp/sockets/private/internal" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/vendor" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/vendor/assets" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/vendor/assets/stylesheets" >> ${TMPPLIST} + @${ECHO_CMD} "@dir(,,770) ${WWWDIR_REL}/workhorse/changelogs/unreleased" >> ${TMPPLIST} + +.include <bsd.port.mk> diff --git a/www/gitlab/distinfo b/www/gitlab/distinfo new file mode 100644 index 000000000000..a097d6a3fc85 --- /dev/null +++ b/www/gitlab/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1712813287 +SHA256 (gitlab-foss-v16.10.2.tar.bz2) = 117c12aa5ef92a1f0e8e5027ee0f44694aabb5b9948636de4b3c2d495af3b61b +SIZE (gitlab-foss-v16.10.2.tar.bz2) = 101864036 diff --git a/www/gitlab/files/extra-patch-Gemfile-kerberos-off b/www/gitlab/files/extra-patch-Gemfile-kerberos-off new file mode 100644 index 000000000000..b6cbffee72e0 --- /dev/null +++ b/www/gitlab/files/extra-patch-Gemfile-kerberos-off @@ -0,0 +1,11 @@ +--- Gemfile.orig ++++ Gemfile +@@ -96,7 +96,7 @@ + + # Kerberos authentication. EE-only + gem 'gssapi', '~> 1.3.1', group: :kerberos # rubocop:todo Gemfile/MissingFeatureCategory +-gem 'timfel-krb5-auth', '~> 0.8', group: :kerberos # rubocop:todo Gemfile/MissingFeatureCategory ++#gem 'timfel-krb5-auth', '~> 0.8', group: :kerberos # rubocop:todo Gemfile/MissingFeatureCategory + + # Spam and anti-bot protection + gem 'recaptcha', '~> 5.12', require: 'recaptcha/rails' # rubocop:todo Gemfile/MissingFeatureCategory diff --git a/www/gitlab/files/gitlab.in b/www/gitlab/files/gitlab.in new file mode 100644 index 000000000000..1783a33acda9 --- /dev/null +++ b/www/gitlab/files/gitlab.in @@ -0,0 +1,570 @@ +#! /bin/sh + +### BEGIN INIT INFO +# Provides: gitlab +# Required-Start: $local_fs $remote_fs $network $syslog redis-server +# Required-Stop: $local_fs $remote_fs $network $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: GitLab git repository management +# Description: GitLab git repository management +# chkconfig: - 85 14 +### END INIT INFO + +# Maintainer: Matthias Fechner <mfechner@FreeBSD.org> +# Based on work of: @charlienewey, rovanion.luckey@gmail.com, @randx, @tz + +# PROVIDE: gitlab +# REQUIRE: LOGIN redis +# KEYWORD: shutdown +# +# Add the following line to /etc/rc.conf to enable GitLab: +# +# gitlab_enable="YES" + +PATH="/sbin:/bin:/usr/sbin:/usr/bin:%%LOCALBASE%%/sbin:%%LOCALBASE%%/bin" + +. /etc/rc.subr + +name=gitlab +rcvar=gitlab_enable +extra_commands=status + +status_cmd="print_status" +start_cmd="start_gitlab" +stop_cmd="stop_gitlab" +restart_cmd="restart_gitlab" +service_args="$@" +restart_precmd=${name}_init +start_precmd=${name}_init +stop_precmd=${name}_init + +: ${gitlab_enable:="NO"} +: ${gitlab_authBackend:="http://127.0.0.1:8080"} +: ${gitlab_workhorse_tcp:="NO"} +: ${gitlab_workhorse_addr:="127.0.0.1:8181"} +: ${gitlab_mail_room_enable:="NO"} +: ${gitlab_allow_conflicts:="NO"} +: ${gitlab_wait:="120"} + +load_rc_config $name + +### Environment variables +RAILS_ENV=${RAILS_ENV:-'production'} +SIDEKIQ_WORKERS=${SIDEKIQ_WORKERS:-1} +USE_WEB_SERVER=${USE_WEB_SERVER:-'puma'} + +case "${USE_WEB_SERVER}" in + puma|unicorn) + use_web_server="$USE_WEB_SERVER" + ;; + *) + echo "Unsupported web server '${USE_WEB_SERVER}' (Allowed: 'puma', 'unicorn')" 1>&2 + exit 1 + ;; +esac + + +# Script variable names should be lower-case not to conflict with +# internal /bin/sh variables such as PATH, EDITOR or SHELL. +app_user="git" +app_root="%%PREFIX%%/www/gitlab-ce" +pid_path="$app_root/tmp/pids" +socket_path="$app_root/tmp/sockets" +rails_socket="$socket_path/gitlab.socket" +web_server_pid_path="$pid_path/$use_web_server.pid" +if checkyesno gitlab_mail_room_enable; then + mail_room_enabled=true +else + mail_room_enabled=false +fi +mail_room_pid_path="$pid_path/mail_room.pid" +gitlab_workhorse_dir=$(cd $app_root/../gitlab-workhorse 2> /dev/null && pwd) +gitlab_workhorse_pid_path="$pid_path/gitlab-workhorse.pid" +if checkyesno gitlab_workhorse_tcp; then + gitlab_workhorse_listen="-listenNetwork tcp -listenAddr $gitlab_workhorse_addr" +else + gitlab_workhorse_listen="-listenNetwork unix -listenAddr $socket_path/gitlab-workhorse.socket" +fi +gitlab_workhorse_options="-listenUmask 0 $gitlab_workhorse_listen -authBackend $gitlab_authBackend -authSocket $rails_socket -documentRoot $app_root/public" +gitlab_workhorse_log="$app_root/log/gitlab-workhorse.log" +gitlab_pages_enabled=false +gitlab_pages_dir=$(cd $app_root/../gitlab-pages 2> /dev/null && pwd) +gitlab_pages_pid_path="$pid_path/gitlab-pages.pid" +gitlab_pages_options="-pages-domain example.com -pages-root $app_root/shared/pages -listen-proxy 127.0.0.1:8090" +gitlab_pages_log="$app_root/log/gitlab-pages.log" +shell_path="/bin/bash" +gitaly_enabled=true +gitaly_dir="%%PREFIX%%/share/gitaly" +gitaly_pid_path="$pid_path/gitaly.pid" +gitaly_log="$app_root/log/gitaly.log" +sidekiq_pid_path="$pid_path/sidekiq-cluster.pid" + +### Init Script functions +## Gets the pids from the files +check_pids(){ + if ! mkdir -p "$pid_path"; then + echo "Could not create the path $pid_path needed to store the pids." + exit 1 + fi + # If there exists a file which should hold the value of the web server pid: read it. + if [ -f "$web_server_pid_path" ]; then + wpid=$(cat "$web_server_pid_path") + else + wpid=0 + fi + if [ -f "$sidekiq_pid_path" ]; then + spid=$(cat "$sidekiq_pid_path") + else + spid=0 + fi + if [ -f "$gitlab_workhorse_pid_path" ]; then + hpid=$(cat "$gitlab_workhorse_pid_path") + else + hpid=0 + fi + if [ "$mail_room_enabled" = true ]; then + if [ -f "$mail_room_pid_path" ]; then + mpid=$(cat "$mail_room_pid_path") + else + mpid=0 + fi + fi + if [ "$gitlab_pages_enabled" = true ]; then + if [ -f "$gitlab_pages_pid_path" ]; then + gppid=$(cat "$gitlab_pages_pid_path") + else + gppid=0 + fi + fi + if [ "$gitaly_enabled" = true ]; then + if [ -f "$gitaly_pid_path" ]; then + gapid=$(cat "$gitaly_pid_path") + else + gapid=0 + fi + fi +} + + +gitlab_init(){ + # Read configuration variable file if it is present + test -f /etc/default/gitlab && . /etc/default/gitlab + + # Check if other colliding packages are installed + if `/usr/sbin/pkg -N info -e gogs` && [ $? -eq 0 ]; then + echo "WARNING: Gitlab cannot run together with gogs as both of them modify .ssh/authorized_keys" + if checkyesno gitlab_allow_conflicts; then + echo "but start as overwritten" + else + echo "you can overwrite this with: sysrc gitlab_allow_conflicts=YES" + exit 1 + fi + fi + if `/usr/sbin/pkg -N info -e "gitolite*"` && [ $? -eq 0 ]; then + echo "WARNING: Gitlab cannot run together with gitolite as both of them modify .ssh/authorized_keys" + if checkyesno gitlab_allow_conflicts; then + echo "but start as overwritten" + else + echo "you can overwrite this with: sysrc gitlab_allow_conflicts=YES" + exit 1 + fi + fi + if `/usr/sbin/pkg -N info -e "*gitosis*"` && [ $? -eq 0 ]; then + echo "WARNING: Gitlab cannot run together with py-gitosis as both of them modify .ssh/authorized_keys" + if checkyesno gitlab_allow_conflicts; then + echo "but start as overwritten" + else + echo "you can overwrite this with: sysrc gitlab_allow_conflicts=YES" + exit 1 + fi + fi + if `/usr/sbin/pkg -N info -e gitea` && [ $? -eq 0 ]; then + echo "WARNING: Gitlab cannot run together with gitea as both of them modify .ssh/authorized_keys" + if checkyesno gitlab_allow_conflicts; then + echo "but start as overwritten" + else + echo "you can overwrite this with: sysrc gitlab_allow_conflicts=YES" + exit 1 + fi + fi + + # Switch to the app_user if it is not he/she who is running the script. + if [ "$USER" != "$app_user" ]; then + # Regenerate the Gemfile.lock for all related products + # echo "Regenerate Gitlab Gemfile.lock" + rm -f "${app_root}"/Gemfile.lock + if ! su -l root -c "cd ${app_root} && %%LOCALBASE%%/bin/bundle install --local --quiet"; then + echo "Could not create Gemfile.lock for gitlab, please report this using FreeBSD Bugtracker, https://bugs.freebsd.org/" + exit 1 + fi + chown git "${app_root}"/Gemfile.lock + + eval su - "$app_user" -c $(echo \")%%LOCALBASE%%/etc/rc.d/gitlab "${service_args}"$(echo \"); exit; + fi + + # Switch to the gitlab path, exit on failure. + if ! cd "$app_root" ; then + echo "Failed to cd into $app_root, exiting!"; exit 1 + fi + + # We use the pids in so many parts of the script it makes sense to always check them. + # Only after start() is run should the pids change. Sidekiq sets its own pid. + check_pids +} + +## Called when we have started the two processes and are waiting for their pid files. +wait_for_pids(){ + # We are sleeping a bit here mostly because sidekiq is slow at writing its pid + i=0 + while [ ! -f $web_server_pid_path ] || [ ! -f $sidekiq_pid_path ] || [ ! -f $gitlab_workhorse_pid_path ] || { [ "$mail_room_enabled" = true ] && [ ! -f $mail_room_pid_path ]; } || { [ "$gitlab_pages_enabled" = true ] && [ ! -f $gitlab_pages_pid_path ]; } || { [ "$gitaly_enabled" = true ] && [ ! -f $gitaly_pid_path ]; }; do + echo -n "." + if [ $((i)) = "$gitlab_wait" ]; then + echo + echo "Waited ${i}s for the processes to write their pids, something probably went wrong." + exit 1; + fi + sleep 1 + i=$((i+1)) + done + echo + echo "Started in ${i}s." +} + +## Checks whether the different parts of the service are already running or not. +check_status(){ + check_pids + # If the web server is running kill -0 $wpid returns true, or rather 0. + # Checks of *_status should only check for == 0 or != 0, never anything else. + if [ $wpid -ne 0 ]; then + kill -0 "$wpid" 2>/dev/null + web_status="$?" + else + web_status="-1" + fi + if [ $spid -ne 0 ]; then + kill -0 "$spid" 2>/dev/null + sidekiq_status="$?" + else + sidekiq_status="-1" + fi + if [ $hpid -ne 0 ]; then + kill -0 "$hpid" 2>/dev/null + gitlab_workhorse_status="$?" + else + gitlab_workhorse_status="-1" + fi + if [ "$mail_room_enabled" = true ]; then + if [ $mpid -ne 0 ]; then + kill -0 "$mpid" 2>/dev/null + mail_room_status="$?" + else + mail_room_status="-1" + fi + fi + if [ "$gitlab_pages_enabled" = true ]; then + if [ $gppid -ne 0 ]; then + kill -0 "$gppid" 2>/dev/null + gitlab_pages_status="$?" + else + gitlab_pages_status="-1" + fi + fi + if [ "$gitaly_enabled" = true ]; then + if [ $gapid -ne 0 ]; then + kill -0 "$gapid" 2>/dev/null + gitaly_status="$?" + else + gitaly_status="-1" + fi + fi + if [ $web_status = 0 ] && [ $sidekiq_status = 0 ] && [ $gitlab_workhorse_status = 0 ] && { [ "$mail_room_enabled" != true ] || [ $mail_room_status = 0 ]; } && { [ "$gitlab_pages_enabled" != true ] || [ $gitlab_pages_status = 0 ]; } && { [ "$gitaly_enabled" != true ] || [ $gitaly_status = 0 ]; }; then + gitlab_status=0 + else + # http://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html + # code 3 means 'program is not running' + gitlab_status=3 + fi +} + +## Check for stale pids and remove them if necessary. +check_stale_pids(){ + check_status + # If there is a pid it is something else than 0, the service is running if + # *_status is == 0. + if [ "$wpid" != "0" ] && [ "$web_status" != "0" ]; then + echo "Removing stale web server pid. This is most likely caused by the web server crashing the last time it ran." + if ! rm "$web_server_pid_path"; then + echo "Unable to remove stale pid, exiting." + exit 1 + fi + fi + if [ "$spid" != "0" ] && [ "$sidekiq_status" != "0" ]; then + echo "Removing stale Sidekiq job dispatcher pid. This is most likely caused by Sidekiq crashing the last time it ran." + if ! rm "$sidekiq_pid_path"; then + echo "Unable to remove stale pid, exiting" + exit 1 + fi + fi + if [ "$hpid" != "0" ] && [ "$gitlab_workhorse_status" != "0" ]; then + echo "Removing stale GitLab Workhorse pid. This is most likely caused by GitLab Workhorse crashing the last time it ran." + if ! rm "$gitlab_workhorse_pid_path"; then + echo "Unable to remove stale pid, exiting" + exit 1 + fi + fi + if [ "$mail_room_enabled" = true ] && [ "$mpid" != "0" ] && [ "$mail_room_status" != "0" ]; then + echo "Removing stale MailRoom job dispatcher pid. This is most likely caused by MailRoom crashing the last time it ran." + if ! rm "$mail_room_pid_path"; then + echo "Unable to remove stale pid, exiting" + exit 1 + fi + fi + if [ "$gitlab_pages_enabled" = true ] && [ "$gppid" != "0" ] && [ "$gitlab_pages_status" != "0" ]; then + echo "Removing stale GitLab Pages job dispatcher pid. This is most likely caused by GitLab Pages crashing the last time it ran." + if ! rm "$gitlab_pages_pid_path"; then + echo "Unable to remove stale pid, exiting" + exit 1 + fi + fi + if [ "$gitaly_enabled" = true ] && [ "$gapid" != "0" ] && [ "$gitaly_status" != "0" ]; then + echo "Removing stale Gitaly pid. This is most likely caused by Gitaly crashing the last time it ran." + if ! rm "$gitaly_pid_path"; then + echo "Unable to remove stale pid, exiting" + exit 1 + fi + fi +} + +## If no parts of the service is running, bail out. +exit_if_not_running(){ + check_stale_pids + if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; } && { [ "$gitlab_pages_enabled" != true ] || [ "$gitlab_pages_status" != "0" ]; } && { [ "$gitaly_enabled" != true ] || [ "$gitaly_status" != "0" ]; }; then + echo "GitLab is not running." + exit + fi +} + +## Starts web server and Sidekiq if they're not running. +start_gitlab() { + check_stale_pids + + if [ "$web_status" != "0" ]; then + echo "Starting GitLab web server ($use_web_server)" + fi + if [ "$sidekiq_status" != "0" ]; then + echo "Starting GitLab Sidekiq" + fi + if [ "$gitlab_workhorse_status" != "0" ]; then + echo "Starting GitLab Workhorse" + fi + if [ "$mail_room_enabled" = true ] && [ "$mail_room_status" != "0" ]; then + echo "Starting GitLab MailRoom" + fi + if [ "$gitlab_pages_enabled" = true ] && [ "$gitlab_pages_status" != "0" ]; then + echo "Starting GitLab Pages" + fi + if [ "$gitaly_enabled" = true ] && [ "$gitaly_status" != "0" ]; then + echo "Starting Gitaly" + fi + + # Then check if the service is running. If it is: don't start again. + if [ "$web_status" = "0" ]; then + echo "The web server already running with pid $wpid, not restarting." + else + # Remove old socket if it exists + rm -f "$rails_socket" 2>/dev/null + # Start the web server + RAILS_ENV=$RAILS_ENV USE_WEB_SERVER=$use_web_server bin/web start + fi + + # If sidekiq is already running, don't start it again. + if [ "$sidekiq_status" = "0" ]; then + echo "The Sidekiq job dispatcher is already running with pid $spid, not restarting" + else + RAILS_ENV=$RAILS_ENV SIDEKIQ_WORKERS=$SIDEKIQ_WORKERS bin/background_jobs start > /dev/null & + fi + + if [ "$gitlab_workhorse_status" = "0" ]; then + echo "The GitLab Workhorse is already running with pid $hpid, not restarting" + else + # No need to remove a socket, gitlab-workhorse does this itself. + # Because gitlab-workhorse has multiple executables we need to fix + # the PATH. + $app_root/bin/daemon_with_pidfile $gitlab_workhorse_pid_path \ + /usr/bin/env PATH=$gitlab_workhorse_dir:$PATH \ + gitlab-workhorse $gitlab_workhorse_options \ + >> $gitlab_workhorse_log 2>&1 & + fi + + if [ "$mail_room_enabled" = true ]; then + # If MailRoom is already running, don't start it again. + if [ "$mail_room_status" = "0" ]; then + echo "The MailRoom email processor is already running with pid $mpid, not restarting" + else + RAILS_ENV=$RAILS_ENV bin/mail_room start & + fi + fi + + if [ "$gitlab_pages_enabled" = true ]; then + if [ "$gitlab_pages_status" = "0" ]; then + echo "The GitLab Pages is already running with pid $gppid, not restarting" + else + $app_root/bin/daemon_with_pidfile $gitlab_pages_pid_path \ + $gitlab_pages_dir/gitlab-pages $gitlab_pages_options \ + >> $gitlab_pages_log 2>&1 & + fi + fi + + if [ "$gitaly_enabled" = true ]; then + if [ "$gitaly_status" = "0" ]; then + echo "Gitaly is already running with pid $gapid, not restarting" + else + $app_root/bin/daemon_with_pidfile $gitaly_pid_path \ + $gitaly_dir/bin/gitaly $gitaly_dir/config.toml >> $gitaly_log 2>&1 & + fi + fi + + # Wait for the pids to be planted + wait_for_pids + # Finally check the status to tell wether or not GitLab is running + print_status +} + +## Asks web server, Sidekiq and MailRoom if they would be so kind as to stop, if not kills them. +stop_gitlab() { + exit_if_not_running + + if [ "$web_status" = "0" ]; then + echo "Shutting down GitLab web server" + RAILS_ENV=$RAILS_ENV USE_WEB_SERVER=$use_web_server bin/web stop + fi + if [ "$sidekiq_status" = "0" ]; then + echo "Shutting down GitLab Sidekiq" + RAILS_ENV=$RAILS_ENV SIDEKIQ_WORKERS=$SIDEKIQ_WORKERS bin/background_jobs stop + fi + if [ "$gitlab_workhorse_status" = "0" ]; then + echo "Shutting down GitLab Workhorse" + kill -- $(cat $gitlab_workhorse_pid_path) + fi + if [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; then + echo "Shutting down GitLab MailRoom" + RAILS_ENV=$RAILS_ENV bin/mail_room stop + fi + if [ "$gitlab_pages_status" = "0" ]; then + echo "Shutting down gitlab-pages" + kill -- $(cat $gitlab_pages_pid_path) + fi + if [ "$gitaly_status" = "0" ]; then + echo "Shutting down Gitaly" + kill -- $(cat $gitaly_pid_path) + fi + + # If something needs to be stopped, lets wait for it to stop. Never use SIGKILL in a script. + while [ "$web_status" = "0" ] || [ "$sidekiq_status" = "0" ] || [ "$gitlab_workhorse_status" = "0" ] || { [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; } || { [ "$gitlab_pages_enabled" = true ] && [ "$gitlab_pages_status" = "0" ]; } || { [ "$gitaly_enabled" = true ] && [ "$gitaly_status" = "0" ]; }; do + sleep 1 + check_status + printf "." + if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; } && { [ "$gitlab_pages_enabled" != true ] || [ "$gitlab_pages_status" != "0" ]; } && { [ "$gitaly_enabled" != true ] || [ "$gitaly_status" != "0" ]; }; then + printf "\n" + break + fi + done + + sleep 1 + # Cleaning up unused pids + rm "$web_server_pid_path" 2>/dev/null + # rm "$sidekiq_pid_path" 2>/dev/null # Sidekiq seems to be cleaning up its own pid. + rm -f "$gitlab_workhorse_pid_path" + if [ "$mail_room_enabled" = true ]; then + rm "$mail_room_pid_path" 2>/dev/null + fi + rm -f "$gitlab_pages_pid_path" + rm -f "$gitaly_pid_path" + + print_status +} + +## Prints the status of GitLab and its components. +print_status() { + check_status + if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_workhorse_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; } && { [ "$gitlab_pages_enabled" != true ] || [ "$gitlab_pages_status" != "0" ]; } && { [ "$gitaly_enabled" != true ] || [ "$gitaly_status" != "0" ]; }; then + echo "GitLab is not running." + return + fi + if [ "$web_status" = "0" ]; then + echo "The GitLab web server with pid $wpid is running." + else + printf "The GitLab web server is \033[31mnot running\033[0m.\n" + fi + if [ "$sidekiq_status" = "0" ]; then + echo "The GitLab Sidekiq job dispatcher with pid $spid is running." + else + printf "The GitLab Sidekiq job dispatcher is \033[31mnot running\033[0m.\n" + fi + if [ "$gitlab_workhorse_status" = "0" ]; then + echo "The GitLab Workhorse with pid $hpid is running." + else + printf "The GitLab Workhorse is \033[31mnot running\033[0m.\n" + fi + if [ "$mail_room_enabled" = true ]; then + if [ "$mail_room_status" = "0" ]; then + echo "The GitLab MailRoom email processor with pid $mpid is running." + else + printf "The GitLab MailRoom email processor is \033[31mnot running\033[0m.\n" + fi + fi + if [ "$gitlab_pages_enabled" = true ]; then + if [ "$gitlab_pages_status" = "0" ]; then + echo "The GitLab Pages with pid $gppid is running." + else + printf "The GitLab Pages is \033[31mnot running\033[0m.\n" + fi + fi + if [ "$gitaly_enabled" = true ]; then + if [ "$gitaly_status" = "0" ]; then + echo "Gitaly with pid $gapid is running." + else + printf "Gitaly is \033[31mnot running\033[0m.\n" + fi + fi + if [ "$web_status" = "0" ] && [ "$sidekiq_status" = "0" ] && [ "$gitlab_workhorse_status" = "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" = "0" ]; } && { [ "$gitlab_pages_enabled" != true ] || [ "$gitlab_pages_status" = "0" ]; } && { [ "$gitaly_enabled" != true ] || [ "$gitaly_status" = "0" ]; }; then + printf "GitLab and all its components are \033[32mup and running\033[0m.\n" + fi +} + +## Tells web server to reload its config and Sidekiq to restart +reload_gitlab(){ + exit_if_not_running + if [ "$wpid" = "0" ];then + echo "The GitLab web server Web server is not running thus its configuration can't be reloaded." + exit 1 + fi + printf "Reloading GitLab web server configuration... " + RAILS_ENV=$RAILS_ENV USE_WEB_SERVER=$use_web_server bin/web reload + echo "Done." + + echo "Restarting GitLab Sidekiq since it isn't capable of reloading its config..." + RAILS_ENV=$RAILS_ENV SIDEKIQ_WORKERS=$SIDEKIQ_WORKERS bin/background_jobs restart & /dev/null & + + if [ "$mail_room_enabled" != true ]; then + echo "Restarting GitLab MailRoom since it isn't capable of reloading its config..." + RAILS_ENV=$RAILS_ENV bin/mail_room restart + fi + + wait_for_pids + print_status +} + +## Restarts Sidekiq and web server. +restart_gitlab(){ + check_status + if [ "$web_status" = "0" ] || [ "$sidekiq_status" = "0" ] || [ "$gitlab_workhorse" = "0" ] || { [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; } || { [ "$gitlab_pages_enabled" = true ] && [ "$gitlab_pages_status" = "0" ]; } || { [ "$gitaly_enabled" = true ] && [ "$gitaly_status" = "0" ]; }; then + stop_gitlab + fi + start_gitlab +} + +run_rc_command "$1" + +exit diff --git a/www/gitlab/files/patch-Gemfile b/www/gitlab/files/patch-Gemfile new file mode 100644 index 000000000000..ce181c3a12c6 --- /dev/null +++ b/www/gitlab/files/patch-Gemfile @@ -0,0 +1,254 @@ +--- Gemfile.orig 2024-03-27 08:20:26 UTC ++++ Gemfile +@@ -58,7 +58,7 @@ gem 'neighbor', '~> 0.2.3' # rubocop:todo Gemfile/Miss + + gem 'rugged', '~> 1.6' # rubocop:todo Gemfile/MissingFeatureCategory + +-gem 'faraday', '~> 1.0' # rubocop:todo Gemfile/MissingFeatureCategory ++gem 'faraday', '>= 1.0' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'marginalia', '~> 1.11.1' # rubocop:todo Gemfile/MissingFeatureCategory + + # Authorization +@@ -78,8 +78,8 @@ gem 'omniauth-azure-activedirectory-v2', '~> 2.0' # ru + gem 'omniauth-azure-oauth2', '~> 0.0.9', path: 'vendor/gems/omniauth-azure-oauth2' # See gem README.md # rubocop:todo Gemfile/MissingFeatureCategory + gem 'omniauth-dingtalk-oauth2', '~> 1.0' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'omniauth-alicloud', '~> 3.0.0' # rubocop:todo Gemfile/MissingFeatureCategory +-gem 'omniauth-facebook', '~> 4.0.0' # rubocop:todo Gemfile/MissingFeatureCategory +-gem 'omniauth-github', '2.0.1' # rubocop:todo Gemfile/MissingFeatureCategory ++gem 'omniauth-facebook', '>= 4.0.0' # rubocop:todo Gemfile/MissingFeatureCategory ++gem 'omniauth-github', '~> 2.0.1' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'omniauth-gitlab', '~> 4.0.0', path: 'vendor/gems/omniauth-gitlab' # See vendor/gems/omniauth-gitlab/README.md # rubocop:todo Gemfile/MissingFeatureCategory + gem 'omniauth-google-oauth2', '~> 1.1' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'omniauth-oauth2-generic', '~> 0.2.2' # rubocop:todo Gemfile/MissingFeatureCategory +@@ -90,7 +90,7 @@ gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/o + gem 'omniauth_openid_connect', '~> 0.6.1' # rubocop:todo Gemfile/MissingFeatureCategory + # Locked until Ruby 3.0 upgrade since upgrading will pull in an updated net-smtp gem. + # See https://docs.gitlab.com/ee/development/emails.html#rationale. +-gem 'openid_connect', '= 1.3.0' # rubocop:todo Gemfile/MissingFeatureCategory ++gem 'openid_connect', '= 1.3.1' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'omniauth-salesforce', '~> 1.0.5', path: 'vendor/gems/omniauth-salesforce' # See gem README.md # rubocop:todo Gemfile/MissingFeatureCategory + gem 'omniauth-atlassian-oauth2', '~> 0.2.0' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'rack-oauth2', '~> 1.21.3' # rubocop:todo Gemfile/MissingFeatureCategory +@@ -185,7 +185,7 @@ gem 'gitlab-fog-azure-rm', '~> 1.8.0', require: 'fog/a + gem 'google-apis-storage_v1', '~> 0.29' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'google-cloud-storage', '~> 1.45.0' # rubocop:todo Gemfile/MissingFeatureCategory + # We need >= 0.11.1 because that's when match_glob support is added to list_objects +-gem 'google-apis-core', '~> 0.11.0', '>= 0.11.1' # rubocop:todo Gemfile/MissingFeatureCategory ++gem 'google-apis-core', '~> 0.11', '>= 0.11.1' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'google-apis-compute_v1', '~> 0.57.0' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'google-apis-container_v1', '~> 0.43.0' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'google-apis-container_v1beta1', '~> 0.43.0' # rubocop:todo Gemfile/MissingFeatureCategory +@@ -196,7 +196,7 @@ gem 'google-apis-serviceusage_v1', '~> 0.28.0' # ruboc + gem 'google-apis-sqladmin_v1beta4', '~> 0.41.0' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'google-apis-androidpublisher_v3', '~> 0.34.0' # rubocop:todo Gemfile/MissingFeatureCategory + +-gem 'googleauth', '~> 1.8.1', feature_category: :shared ++gem 'googleauth', '~> 1.8', feature_category: :shared + gem 'google-cloud-artifact_registry-v1', '~> 0.11.0', feature_category: :shared + gem 'google-cloud-compute-v1', '~> 2.6.0', feature_category: :shared + +@@ -207,9 +207,9 @@ gem 'seed-fu', '~> 2.3.7' # rubocop:todo Gemfile/Missi + gem 'elasticsearch-model', '~> 7.2' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'elasticsearch-rails', '~> 7.2', require: 'elasticsearch/rails/instrumentation' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'elasticsearch-api', '7.13.3' # rubocop:todo Gemfile/MissingFeatureCategory +-gem 'aws-sdk-core', '~> 3.191.3' # rubocop:todo Gemfile/MissingFeatureCategory ++gem 'aws-sdk-core', '~> 3.191' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'aws-sdk-cloudformation', '~> 1' # rubocop:todo Gemfile/MissingFeatureCategory +-gem 'aws-sdk-s3', '~> 1.144.0' # rubocop:todo Gemfile/MissingFeatureCategory ++gem 'aws-sdk-s3', '~> 1.144' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'faraday_middleware-aws-sigv4', '~>0.3.0' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'typhoeus', '~> 1.4.0' # Used with Elasticsearch to support http keep-alive connections # rubocop:todo Gemfile/MissingFeatureCategory + +@@ -240,12 +240,12 @@ gem 'diffy', '~> 3.4' # rubocop:todo Gemfile/MissingFe + gem 'diff_match_patch', '~> 0.1.0', path: 'vendor/gems/diff_match_patch', feature_category: :team_planning + + # Application server +-gem 'rack', '~> 2.2.8.1' # rubocop:todo Gemfile/MissingFeatureCategory ++gem 'rack', '~> 2.2.8', '>= 2.2.8.1' # rubocop:todo Gemfile/MissingFeatureCategory + # https://github.com/zombocom/rack-timeout/blob/master/README.md#rails-apps-manually + gem 'rack-timeout', '~> 0.6.3', require: 'rack/timeout/base' # rubocop:todo Gemfile/MissingFeatureCategory + + group :puma do +- gem 'puma', '= 6.4.0', require: false, feature_category: :shared ++ gem 'puma', '~> 6.4.0', require: false, feature_category: :shared + gem 'sd_notify', '~> 0.1.0', require: false # rubocop:todo Gemfile/MissingFeatureCategory + end + +@@ -256,7 +256,7 @@ gem 'state_machines-activerecord', '~> 0.8.0' # ruboco + gem 'acts-as-taggable-on', '~> 10.0' # rubocop:todo Gemfile/MissingFeatureCategory + + # Background jobs +-gem 'sidekiq', path: 'vendor/gems/sidekiq-7.1.6', require: 'sidekiq' # rubocop:todo Gemfile/MissingFeatureCategory ++gem 'sidekiq', '~> 7.1.6', require: 'sidekiq' # rubocop:todo Gemfile/MissingFeatureCategory + gem 'sidekiq-cron', '~> 1.12.0', feature_category: :shared + gem 'gitlab-sidekiq-fetcher', path: 'vendor/gems/sidekiq-reliable-fetch', require: 'sidekiq-reliable-fetch' # rubocop:todo Gemfile/MissingFeatureCategory + +@@ -399,93 +399,10 @@ gem 'prometheus-client-mmap', '~> 1.1', '>= 1.1.1', re + + gem 'warning', '~> 1.3.0' # rubocop:todo Gemfile/MissingFeatureCategory + +-group :development do +- gem 'lefthook', '~> 1.5.6', require: false, feature_category: :tooling +- gem 'rubocop', feature_category: :tooling +- gem 'solargraph', '~> 0.47.2', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'letter_opener_web', '~> 2.0.0' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'lookbook', '~> 2.2' # rubocop:todo Gemfile/MissingFeatureCategory +- +- # Better errors handler +- gem 'better_errors', '~> 2.10.1' # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'sprite-factory', '~> 1.7' # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'listen', '~> 3.7' # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'ruby-lsp', "~> 0.14.4", require: false, feature_category: :tooling +- +- gem 'ruby-lsp-rails', "~> 0.3.0", feature_category: :tooling +- +- gem 'ruby-lsp-rspec', "~> 0.1.10", require: false, feature_category: :tooling +-end +- +-group :development, :test do +- gem 'deprecation_toolkit', '~> 1.5.1', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'bullet', '~> 7.1.2' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'parser', '~> 3.3', '>= 3.3.0.2' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'pry-byebug' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'pry-rails', '~> 0.3.9' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'pry-shell', '~> 0.6.4' # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'awesome_print', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'database_cleaner-active_record', '~> 2.1.0', feature_category: :database +- gem 'factory_bot_rails', '~> 6.4.3' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'rspec-rails', '~> 6.1.1', feature_category: :shared +- +- # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826) +- gem 'minitest', '~> 5.11.0' # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'spring', '~> 4.1.0' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'spring-commands-rspec', '~> 1.0.4' # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'gitlab-styles', '~> 11.0.0', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'haml_lint', '~> 0.53', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'bundler-audit', '~> 0.9.1', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- +- # Benchmarking & profiling +- gem 'benchmark-ips', '~> 2.11.0', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'benchmark-memory', '~> 0.1', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- +- # Profiling data from CI/CD pipelines +- gem 'influxdb-client', '~> 2.9', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'knapsack', '~> 1.22.0', feature_category: :tooling +- gem 'crystalball', '~> 0.7.0', require: false, feature_category: :tooling +- gem 'test_file_finder', '~> 0.2.1', feature_category: :tooling +- +- gem 'simple_po_parser', '~> 1.1.6', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'png_quantizator', '~> 0.2.1', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'parallel', '~> 1.19', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'sigdump', '~> 0.2.4', require: 'sigdump/setup' # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'pact', '~> 1.64' # rubocop:todo Gemfile/MissingFeatureCategory +- +- # For now we only use vite in development / test, and not for production builds +- # See: https://gitlab.com/gitlab-org/frontend/rfcs/-/issues/106 +- gem 'vite_rails', '~> 3.0.17', feature_category: :shared +- gem 'vite_ruby', '~> 3.5.0', feature_category: :shared +- +- gem 'gitlab-housekeeper', path: 'gems/gitlab-housekeeper', feature_category: :tooling +-end +- + group :development, :test, :danger do + gem 'gitlab-dangerfiles', '~> 4.7.0', require: false, feature_category: :tooling + end + +-group :development, :test, :coverage do +- gem 'simplecov', '~> 0.22', require: false, feature_category: :tooling +- gem 'simplecov-lcov', '~> 0.8.0', require: false, feature_category: :tooling +- gem 'simplecov-cobertura', '~> 2.1.0', require: false, feature_category: :tooling +- gem 'undercover', '~> 0.4.4', require: false, feature_category: :tooling +-end +- + # Gems required in omnibus-gitlab pipeline + group :development, :test, :omnibus do + gem 'license_finder', '~> 7.0', require: false # rubocop:todo Gemfile/MissingFeatureCategory +@@ -497,36 +414,6 @@ group :development, :test, :monorepo do + gem 'gitlab-rspec_flaky', path: 'gems/gitlab-rspec_flaky', feature_category: :tooling + end + +-group :test do +- gem 'fuubar', '~> 2.2.0' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'rspec-retry', '~> 0.6.2', feature_category: :tooling +- gem 'rspec_profiling', '~> 0.0.8', feature_category: :tooling +- gem 'rspec-benchmark', '~> 0.6.0', feature_category: :tooling +- gem 'rspec-parameterized', '~> 1.0', require: false, feature_category: :tooling +- gem 'os', '~> 1.1', '>= 1.1.4', feature_category: :tooling +- +- gem 'capybara', '~> 3.40' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'capybara-screenshot', '~> 1.0.26' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'selenium-webdriver', '~> 4.18', '>= 4.18.1' # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'graphlyte', '~> 1.0.0' # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'shoulda-matchers', '~> 5.1.0', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'email_spec', '~> 2.2.0' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'webmock', '~> 3.22.0' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'rails-controller-testing' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'concurrent-ruby', '~> 1.1' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'test-prof', '~> 1.3.1' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'rspec_junit_formatter' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'guard-rspec' # rubocop:todo Gemfile/MissingFeatureCategory +- gem 'axe-core-rspec', '~> 4.8.2', feature_category: :tooling +- +- # Moved in `test` because https://gitlab.com/gitlab-org/gitlab/-/issues/217527 +- gem 'derailed_benchmarks', require: false # rubocop:todo Gemfile/MissingFeatureCategory +- +- gem 'gitlab_quality-test_tooling', '~> 1.17.0', require: false, feature_category: :tooling +-end +- + gem 'octokit', '~> 8.0', feature_category: :importers + + gem 'gitlab-mail_room', '~> 0.0.24', require: 'mail_room', feature_category: :shared +@@ -564,7 +451,7 @@ gem 'gitaly', '~> 16.10.0-rc1', feature_category: :git + # KAS GRPC protocol definitions + gem 'kas-grpc', '~> 0.4.0', feature_category: :deployment_management + +-gem 'grpc', '~> 1.60.0' # rubocop:todo Gemfile/MissingFeatureCategory ++gem 'grpc', '~> 1.60' # rubocop:todo Gemfile/MissingFeatureCategory + + gem 'google-protobuf', '~> 3.25', '>= 3.25.3' # rubocop:todo Gemfile/MissingFeatureCategory + +@@ -585,7 +472,7 @@ gem 'grape_logging', '~> 1.8', '>= 1.8.4', feature_cat + gem 'gitlab-net-dns', '~> 0.9.2' # rubocop:todo Gemfile/MissingFeatureCategory + + # Countries list +-gem 'countries', '~> 4.0.0' # rubocop:todo Gemfile/MissingFeatureCategory ++gem 'countries', '~> 4.0' # rubocop:todo Gemfile/MissingFeatureCategory + + gem 'retriable', '~> 3.1.2' # rubocop:todo Gemfile/MissingFeatureCategory + +@@ -651,6 +538,7 @@ gem 'app_store_connect' # rubocop:todo Gemfile/Missing + gem 'telesignenterprise', '~> 2.2' # rubocop:todo Gemfile/MissingFeatureCategory + + # BufferedIO patch ++ + # Updating this version will require updating scripts/allowed_warnings.txt + gem 'net-protocol', '~> 0.1.3' # rubocop:todo Gemfile/MissingFeatureCategory + # Lock this until we make DNS rebinding work with the updated net-http: +@@ -658,5 +546,11 @@ gem 'net-protocol', '~> 0.1.3' # rubocop:todo Gemfile/ + gem 'net-http', '= 0.1.1' # rubocop:todo Gemfile/MissingFeatureCategory + + gem 'duo_api', '~> 1.3' # rubocop:todo Gemfile/MissingFeatureCategory ++ ++gem 'parser' ++gem 'net-smtp' ++gem 'net-pop' ++gem 'psych', '~> 3.1' ++ + + gem 'gitlab-sdk', '~> 0.3.0', feature_category: :application_instrumentation diff --git a/www/gitlab/files/patch-bin_background__jobs b/www/gitlab/files/patch-bin_background__jobs new file mode 100644 index 000000000000..552f9367a5ce --- /dev/null +++ b/www/gitlab/files/patch-bin_background__jobs @@ -0,0 +1,11 @@ +--- bin/background_jobs.orig 2021-12-01 10:42:56 UTC ++++ bin/background_jobs +@@ -58,7 +58,7 @@ start_sidekiq() + processes_args+=("${sidekiq_queues}") + done + +- ${cmd} bin/sidekiq-cluster "${processes_args[@]}" -P $sidekiq_pidfile -e $RAILS_ENV "$@" 2>&1 | tee -a $sidekiq_logfile ++ ${cmd} bin/sidekiq-cluster "${processes_args[@]}" -P $sidekiq_pidfile -e $RAILS_ENV "$@" 2>&1 >> $sidekiq_logfile + } + + cleanup() diff --git a/www/gitlab/files/patch-config_database.yml.postgresql b/www/gitlab/files/patch-config_database.yml.postgresql new file mode 100644 index 000000000000..c0b66431bfeb --- /dev/null +++ b/www/gitlab/files/patch-config_database.yml.postgresql @@ -0,0 +1,64 @@ +--- config/database.yml.postgresql.orig 2023-09-21 08:56:19 UTC ++++ config/database.yml.postgresql +@@ -26,13 +26,6 @@ production: + username: git + password: "secure password" + host: localhost +- geo: +- adapter: postgresql +- encoding: unicode +- database: gitlabhq_geo_production +- username: git +- password: "secure password" +- host: localhost + + # + # Development specific +@@ -57,13 +50,6 @@ development: + host: localhost + variables: + statement_timeout: 15s +- geo: +- adapter: postgresql +- encoding: unicode +- database: gitlabhq_geo_development +- username: postgres +- password: "secure password" +- host: localhost + + # + # Staging specific +@@ -84,13 +70,6 @@ staging: + username: git + password: "secure password" + host: localhost +- geo: +- adapter: postgresql +- encoding: unicode +- database: gitlabhq_geo_staging +- username: git +- password: "secure password" +- host: localhost + + # Warning: The database defined as "test" will be erased and + # re-generated from your development database when you run "rake". +@@ -119,19 +98,3 @@ test: &test + reaping_frequency: nil + variables: + statement_timeout: 15s +- geo: +- adapter: postgresql +- encoding: unicode +- database: gitlabhq_geo_test +- username: postgres +- password: +- host: localhost +- reaping_frequency: nil +- embedding: +- adapter: postgresql +- encoding: unicode +- database: gitlabhq_embedding_test +- username: postgres +- password: +- host: localhost +- reaping_frequency: nil diff --git a/www/gitlab/files/patch-config_gitlab.yml.example b/www/gitlab/files/patch-config_gitlab.yml.example new file mode 100644 index 000000000000..1b5556be240b --- /dev/null +++ b/www/gitlab/files/patch-config_gitlab.yml.example @@ -0,0 +1,130 @@ +--- config/gitlab.yml.example.orig 2024-02-14 14:42:02 UTC ++++ config/gitlab.yml.example +@@ -463,7 +463,7 @@ production: &base + ## GitLab Pages + pages: + enabled: false +- access_control: false ++ access_control: true + # The location where pages are stored (default: shared/pages). + # path: shared/pages + +@@ -473,9 +473,9 @@ production: &base + host: example.com + port: 80 # Set to 443 if you serve the pages with HTTPS + https: false # Set to true if you serve the pages with HTTPS +- artifacts_server: true # Set to false if you want to disable online view of HTML artifacts +- # external_http: ["1.1.1.1:80", "[2001::1]:80"] # If defined, enables custom domain support in GitLab Pages +- # external_https: ["1.1.1.1:443", "[2001::1]:443"] # If defined, enables custom domain and certificate support in GitLab Pages ++ artifacts_server: false # Set to false if you want to disable online view of HTML artifacts ++ external_http: ["127.0.0.1:8090"] # If defined, enables custom domain support in GitLab Pages ++ # external_https: ["127.0.0.1:8090"] # If defined, enables custom domain and certificate support in GitLab Pages + + # File that contains the shared secret key for verifying access for gitlab-pages. + # Default is '.gitlab_pages_secret' relative to Rails.root (i.e. root of the GitLab app). +@@ -1209,13 +1209,13 @@ production: &base + repositories: + storages: # You must have at least a `default` storage path. + default: +- gitaly_address: unix:/home/git/gitlab/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port). ++ gitaly_address: unix:%%PREFIX%%/www/gitlab-ce/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port). TLS connections are also supported using the system certificate pool (eg: tls://host:port). + # gitaly_token: 'special token' # Optional: override global gitaly.token for this storage. + + ## Backup settings + backup: + path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) +- # gitaly_backup_path: /home/git/gitaly/_build/bin/gitaly-backup # Path of the gitaly-backup binary (default: searches $PATH) ++ gitaly_backup_path: %%PREFIX%%/share/gitaly/bin/gitaly-backup # Path of the gitaly-backup binary (default: searches $PATH) + # archive_permissions: 0640 # Permissions for the resulting backup.tar file (default: 0600) + # keep_time: 604800 # default: 0 (forever) (in seconds) + # pg_schema: public # default: nil, it means that all schemas will be backed up +@@ -1250,12 +1250,12 @@ production: &base + + ## GitLab Shell settings + gitlab_shell: +- path: /home/git/gitlab-shell/ +- authorized_keys_file: /home/git/.ssh/authorized_keys ++ path: %%PREFIX%%/share/gitlab-shell/ ++ authorized_keys_file: %%PREFIX%%/git/.ssh/authorized_keys + + # File that contains the secret key for verifying access for gitlab-shell. + # Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app). +- # secret_file: /home/git/gitlab/.gitlab_shell_secret ++ # secret_file: %%PREFIX%%/www/gitlab-ce/.gitlab_shell_secret + + # Git over HTTP + upload_pack: true +@@ -1270,13 +1270,13 @@ production: &base + workhorse: + # File that contains the secret key for verifying access for gitlab-workhorse. + # Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app). +- # secret_file: /home/git/gitlab/.gitlab_workhorse_secret ++ # secret_file: %%PREFIX%%/www/gitlab-ce/.gitlab_workhorse_secret + + gitlab_kas: + # enabled: true + # File that contains the secret key for verifying access for gitlab-kas. + # Default is '.gitlab_kas_secret' relative to Rails.root (i.e. root of the GitLab app). +- # secret_file: /home/git/gitlab/.gitlab_kas_secret ++ # secret_file: %%PREFIX%%/www/gitlab-ce/.gitlab_kas_secret + + # The URL to the external KAS API (used by the Kubernetes agents) + # external_url: wss://kas.example.com +@@ -1300,13 +1300,13 @@ production: &base + + ## GitLab Elasticsearch settings + elasticsearch: +- indexer_path: /home/git/gitlab-elasticsearch-indexer/ ++ indexer_path: %%PREFIX%%/bin/ + + ## Git settings + # CAUTION! + # Use the default values unless you really know what you are doing + git: +- bin_path: /usr/bin/git ++ bin_path: %%PREFIX%%/bin/git + + ## Webpack settings + # If enabled, this will tell rails to serve frontend assets from the webpack-dev-server running +@@ -1327,18 +1327,18 @@ production: &base + + # Sidekiq exporter is a dedicated Prometheus metrics server optionally running alongside Sidekiq. + sidekiq_exporter: +- # enabled: true +- # log_enabled: false +- # address: localhost +- # port: 8082 ++ enabled: true ++ log_enabled: false ++ address: localhost ++ port: 8082 + # tls_enabled: false + # tls_cert_path: /path/to/cert.pem + # tls_key_path: /path/to/key.pem + + sidekiq_health_checks: +- # enabled: true +- # address: localhost +- # port: 8092 ++ enabled: true ++ address: localhost ++ port: 8092 + + # Web exporter is a dedicated Prometheus metrics server optionally running alongside Puma. + web_exporter: +@@ -1563,13 +1563,13 @@ test: + gitaly_address: unix:tmp/tests/gitaly/praefect.socket + + gitaly: +- client_path: tmp/tests/gitaly/_build/bin ++ client_path: %%PREFIX%%/share/gitaly/bin + token: secret + workhorse: + secret_file: tmp/gitlab_workhorse_test_secret + backup: + path: tmp/tests/backups +- gitaly_backup_path: tmp/tests/gitaly/_build/bin/gitaly-backup ++ gitaly_backup_path: %%PREFIX%%/share/gitaly/bin/gitaly-backup + gitlab_shell: + path: tmp/tests/gitlab-shell/ + authorized_keys_file: tmp/tests/authorized_keys diff --git a/www/gitlab/files/patch-config_initializers_1__settings.rb b/www/gitlab/files/patch-config_initializers_1__settings.rb new file mode 100644 index 000000000000..9d1d73bbf17c --- /dev/null +++ b/www/gitlab/files/patch-config_initializers_1__settings.rb @@ -0,0 +1,15 @@ +--- config/initializers/1_settings.rb.orig 2023-11-15 09:14:25 UTC ++++ config/initializers/1_settings.rb +@@ -208,11 +208,7 @@ Settings.gitlab['url'] ||= Settings.__send__(:build_gi + Settings.gitlab['user'] ||= 'git' + # External configuration may cause the ssh user to differ from the GitLab user + Settings.gitlab['ssh_user'] ||= Settings.gitlab.user +-Settings.gitlab['user_home'] ||= begin +- Etc.getpwnam(Settings.gitlab['user']).dir +-rescue ArgumentError # no user configured +- '/home/' + Settings.gitlab['user'] +-end ++Settings.gitlab['user_home'] ||= '/usr/local/git' + Settings.gitlab['time_zone'] ||= nil + Settings.gitlab['signup_enabled'] ||= true if Settings.gitlab['signup_enabled'].nil? + Settings.gitlab['signin_enabled'] ||= true if Settings.gitlab['signin_enabled'].nil? diff --git a/www/gitlab/files/patch-config_initializers_sprockets__patch.rb b/www/gitlab/files/patch-config_initializers_sprockets__patch.rb new file mode 100644 index 000000000000..fa1976f8892d --- /dev/null +++ b/www/gitlab/files/patch-config_initializers_sprockets__patch.rb @@ -0,0 +1,11 @@ +--- config/initializers/sprockets_patch.rb.orig 2024-04-02 08:17:37 UTC ++++ config/initializers/sprockets_patch.rb +@@ -8,7 +8,7 @@ + + require 'sprockets/utils' + +-unless Gem::Version.new(Sprockets::VERSION) == Gem::Version.new('3.7.2') ++unless Gem::Version.new(Sprockets::VERSION) == Gem::Version.new('3.7.3') + raise 'New version of Sprockets detected. This patch can likely be removed.' + end + diff --git a/www/gitlab/files/patch-config_puma.rb.example b/www/gitlab/files/patch-config_puma.rb.example new file mode 100644 index 000000000000..ca75ff90f250 --- /dev/null +++ b/www/gitlab/files/patch-config_puma.rb.example @@ -0,0 +1,49 @@ +--- config/puma.rb.example.orig 2023-10-20 08:41:39 UTC ++++ config/puma.rb.example +@@ -5,11 +5,11 @@ + # The default is "config.ru". + # + rackup 'config.ru' +-pidfile '/home/git/gitlab/tmp/pids/puma.pid' +-state_path '/home/git/gitlab/tmp/pids/puma.state' ++pidfile '%%PREFIX%%/www/gitlab-ce/tmp/pids/puma.pid' ++state_path '%%PREFIX%%/www/gitlab-ce/tmp/pids/puma.state' + +-stdout_redirect '/home/git/gitlab/log/puma.stdout.log', +- '/home/git/gitlab/log/puma.stderr.log', ++stdout_redirect '%%PREFIX%%/www/gitlab-ce/log/puma.stdout.log', ++ '%%PREFIX%%/www/gitlab-ce/log/puma.stderr.log', + true + + # Configure "min" to be the minimum number of threads to use to answer +@@ -31,11 +31,11 @@ queue_requests false + + # Bind the server to "url". "tcp://", "unix://" and "ssl://" are the only + # accepted protocols. +-bind 'unix:///home/git/gitlab/tmp/sockets/gitlab.socket' ++bind 'unix://%%PREFIX%%/www/gitlab-ce/tmp/sockets/gitlab.socket' + + workers 3 + +-require_relative "/home/git/gitlab/lib/gitlab/cluster/lifecycle_events" ++require_relative "%%PREFIX%%/www/gitlab-ce/lib/gitlab/cluster/lifecycle_events" + + on_restart do + # Signal application hooks that we're about to restart +@@ -74,14 +74,14 @@ worker_timeout 60 + wait_for_less_busy_worker ENV.fetch('PUMA_WAIT_FOR_LESS_BUSY_WORKER', 0.001).to_f + + # Use json formatter +-require_relative "/home/git/gitlab/lib/gitlab/puma_logging/json_formatter" ++require_relative "%%PREFIX%%/www/gitlab-ce/lib/gitlab/puma_logging/json_formatter" + + json_formatter = Gitlab::PumaLogging::JSONFormatter.new + log_formatter do |str| + json_formatter.call(str) + end + +-require_relative "/home/git/gitlab/lib/gitlab/puma/error_handler" ++require_relative "%%PREFIX%%/www/gitlab-ce/lib/gitlab/puma/error_handler" + + error_handler = Gitlab::Puma::ErrorHandler.new(ENV['RAILS_ENV'] == 'production') + diff --git a/www/gitlab/files/patch-lib_support_nginx_gitlab b/www/gitlab/files/patch-lib_support_nginx_gitlab new file mode 100644 index 000000000000..5eaaaf9163d3 --- /dev/null +++ b/www/gitlab/files/patch-lib_support_nginx_gitlab @@ -0,0 +1,20 @@ +--- lib/support/nginx/gitlab.orig 2020-11-20 12:00:55 UTC ++++ lib/support/nginx/gitlab +@@ -19,7 +19,7 @@ + upstream gitlab-workhorse { + # GitLab socket file, + # for Omnibus this would be: unix:/var/opt/gitlab/gitlab-workhorse/sockets/socket +- server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0; ++ server unix:%%PREFIX%%/www/gitlab-ce/tmp/sockets/gitlab-workhorse.socket fail_timeout=0; + } + + map $http_upgrade $connection_upgrade_gitlab { +@@ -114,7 +114,7 @@ server { + location ~ ^/(404|422|500|502|503)\.html$ { + # Location to the GitLab's public directory, + # for Omnibus this would be: /opt/gitlab/embedded/service/gitlab-rails/public. +- root /home/git/gitlab/public; ++ root %%PREFIX%%/www/gitlab-ce/public; + internal; + } + diff --git a/www/gitlab/files/patch-lib_support_nginx_gitlab-ssl b/www/gitlab/files/patch-lib_support_nginx_gitlab-ssl new file mode 100644 index 000000000000..cdcc25d5e278 --- /dev/null +++ b/www/gitlab/files/patch-lib_support_nginx_gitlab-ssl @@ -0,0 +1,20 @@ +--- lib/support/nginx/gitlab-ssl.orig 2023-04-05 16:11:51 UTC ++++ lib/support/nginx/gitlab-ssl +@@ -23,7 +23,7 @@ + upstream gitlab-workhorse { + # GitLab socket file, + # for Omnibus this would be: unix:/var/opt/gitlab/gitlab-workhorse/sockets/socket +- server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0; ++ server unix:%%PREFIX%%/www/gitlab-ce/tmp/sockets/gitlab-workhorse.socket fail_timeout=0; + } + + map $http_upgrade $connection_upgrade_gitlab_ssl { +@@ -161,7 +161,7 @@ server { + location ~ ^/(404|422|500|502|503)\.html$ { + # Location to the GitLab's public directory, + # for Omnibus this would be: /opt/gitlab/embedded/service/gitlab-rails/public +- root /home/git/gitlab/public; ++ root %%PREFIX%%/www/gitlab-ce/public; + internal; + } + } diff --git a/www/gitlab/files/patch-lib_tasks_gitlab_setup.rake b/www/gitlab/files/patch-lib_tasks_gitlab_setup.rake new file mode 100644 index 000000000000..a48612b6397c --- /dev/null +++ b/www/gitlab/files/patch-lib_tasks_gitlab_setup.rake @@ -0,0 +1,12 @@ +--- lib/tasks/gitlab/setup.rake.orig 2021-02-19 09:35:35 UTC ++++ lib/tasks/gitlab/setup.rake +@@ -3,7 +3,8 @@ + namespace :gitlab do + desc "GitLab | Setup production application" + task setup: :gitlab_environment do +- check_gitaly_connection ++ # Remove this check, see https://gitlab.com/gitlab-org/gitlab-ce/issues/47483 ++ #check_gitaly_connection + setup_db + end + diff --git a/www/gitlab/files/patch-vendor_gems_bundler-checksum_bundler-checksum.gemspec b/www/gitlab/files/patch-vendor_gems_bundler-checksum_bundler-checksum.gemspec new file mode 100644 index 000000000000..fb1f554cb0c8 --- /dev/null +++ b/www/gitlab/files/patch-vendor_gems_bundler-checksum_bundler-checksum.gemspec @@ -0,0 +1,11 @@ +--- vendor/gems/bundler-checksum/bundler-checksum.gemspec.orig 2022-10-18 20:30:55 UTC ++++ vendor/gems/bundler-checksum/bundler-checksum.gemspec +@@ -15,7 +15,7 @@ Gem::Specification.new do |spec| + + spec.files = Dir['bin/*', 'lib/**/*.rb'] + spec.bindir = 'bin' +- spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) } ++# spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) } + spec.require_paths = ['lib'] + + spec.add_dependency 'bundler' diff --git a/www/gitlab/pkg-descr b/www/gitlab/pkg-descr new file mode 100644 index 000000000000..15276170b339 --- /dev/null +++ b/www/gitlab/pkg-descr @@ -0,0 +1,6 @@ +GitLab is version control for your server. +Upgrade manual: +https://gitlab.fechner.net/mfechner/Gitlab-docu/tree/master/update + +Install manual: +https://gitlab.fechner.net/mfechner/Gitlab-docu/tree/master/install diff --git a/www/gitlab/pkg-message b/www/gitlab/pkg-message new file mode 100644 index 000000000000..5e98f2054fa2 --- /dev/null +++ b/www/gitlab/pkg-message @@ -0,0 +1,33 @@ +[ +{ + message: <<EOM +Gitlab was installed successfully. + +You now need to set up the various components of Gitlab, so please +follow the instructions in the guide at: + +https://gitlab.fechner.net/mfechner/Gitlab-docu/blob/master/install/16.10-freebsd.md +EOM + type: install +} +{ + message: "!! WARNING: Please make sure you read in UPDATING entry 20190423 !!" + maximum_version: "11.9.7" + type: upgrade +} +{ + message: <<EOM +If you just installed an major upgrade of GitLab, for example you +switched from 14.5.x to 14.6.x, please follow the instructions in the guide at: + +https://gitlab.fechner.net/mfechner/Gitlab-docu/blob/master/update/16.9-16.10-freebsd.md + +If you just installed an minor upgrade of GitLab please follow +the instructions in the guide at: + +https://gitlab.fechner.net/mfechner/Gitlab-docu/blob/master/update/freebsd_patch_versions.md +EOM + type: upgrade +} +] + |