Skip to content
Snippets Groups Projects
Commit 6357c044 authored by Achilleas Pipinellis's avatar Achilleas Pipinellis
Browse files

Clean up GitLab CI documentation references [ci skip]

parent 47afb191
No related branches found
No related tags found
1 merge request!534Huge clean up GitLab CI references
Hide whitespace changes
Inline Side-by-side
Showing
with 158 additions and 261 deletions
README.md
+ 14
10
View file @ 6357c044
@@ -16,12 +16,12 @@ The documentation overview is in the [readme in the doc directory](doc/README.md
 
## Omnibus fork
 
Omnibus GitLab is using a fork of [omnibus project](https://github.com/chef/omnibus). Fork is located at [gitlab.com](https://gitlab.com/gitlab-org/omnibus).
Omnibus GitLab is using a fork of [omnibus project](https://github.com/chef/omnibus).
Fork is located at [gitlab.com](https://gitlab.com/gitlab-org/omnibus).
 
## GitLab CI
 
To setup GitLab CI please see the [separate GitLab CI
documentation](doc/gitlab-ci/README.md).
To setup GitLab CI please see the [separate GitLab CI documentation](doc/gitlab-ci/README.md).
 
## Installation
 
@@ -29,10 +29,11 @@ Please follow the steps on the [downloads page][downloads].
 
### After installation
 
Your GitLab instance should reachable over HTTP at the IP or hostname of your server.
You can login as an admin user with username `root` and password `5iveL!fe`.
Your GitLab instance should reachable over HTTP at the IP or hostname of your
server. You can login as an admin user with username `root` and password `5iveL!fe`.
 
See [doc/maintenance/README.md](doc/maintenance/README.md) for useful commands to control/debug your GitLab instance.
See [doc/maintenance/README.md](doc/maintenance/README.md) for useful commands
to control/debug your GitLab instance.
 
### Configuration options
 
@@ -122,7 +123,8 @@ See [doc/settings/configuration.md](doc/settings/configuration.md#only-start-omn
 
### Updating
 
Instructions for updating your Omnibus installation and upgrading from a manual installation are in the [update doc](doc/update/README.md).
Instructions for updating your Omnibus installation and upgrading from a manual
installation are in the [update doc](doc/update/README.md).
 
### Uninstalling omnibus-gitlab
 
@@ -262,8 +264,10 @@ Depending on your platform, `gitlab-ctl reconfigure` will install SELinux
modules required to make GitLab work. These modules are listed in
[files/gitlab-selinux/README.md](files/gitlab-selinux/README.md).
 
NSA, if you're reading this, we'd really appreciate it if you could contribute back a SELinux profile for omnibus-gitlab :)
Of course, if anyone else is reading this, you're welcome to contribute the SELinux profile too.
NSA, if you're reading this, we'd really appreciate it if you could contribute
back a SELinux profile for omnibus-gitlab :)
Of course, if anyone else is reading this, you're welcome to contribute the
SELinux profile too.
 
### Logs
 
@@ -324,4 +328,4 @@ This omnibus installer project is based on the awesome work done by Chef in
[database.yml.mysql]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/database.yml.mysql
[svlogd]: http://smarden.org/runit/svlogd.8.html
[installation]: https://about.gitlab.com/installation/
[gitlab.rb.template]: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template
\ No newline at end of file
[gitlab.rb.template]: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template
doc/common_installation_problems/README.md
+ 1
24
View file @ 6357c044
@@ -35,30 +35,7 @@ Try [specifying](#configuring-the-external-url-for-gitlab) an `external_url` in
 
### GitLab CI shows GitLab login page
 
When you setup GitLab and GitLab CI on the same server you need to specify different urls:
```ruby
external_url 'http://gitlab.example.com'
ci_external_url 'http://ci.example.com'
```
DNS records for these two domains need to point to the same server.
If you've correctly set the DNS records and navigating in your browser to `http://ci.example.com` shows GitLab login page it is possible that the server internally cannot resolve the domains due to network/firewall restrictions.
Login to the server where GitLab and GitLab CI are installed and try querying the url, eg:
```bash
curl -v http://gitlab.example.com
```
If you don't get a response try adding a record in the server `hosts` file, eg in `/etc/hosts`:
```bash
127.0.0.1 gitlab.example.com
```
Depending on your setup you might need to add an entry for ci hostname too.
This section is deprecated for GitLab 8.0 and later versions.
 
### Emails are not being delivered
 
doc/gitlab-ci/README.md
+ 13
4
View file @ 6357c044
@@ -5,28 +5,37 @@ service on your GitLab server.
 
## Documentation version
 
Make sure you view this guide from the tag (version) of GitLab you would like to install. In most cases this should be the highest numbered production tag (without rc in it). You can select the tag in the version dropdown in the top left corner of GitLab (below the menu bar).
Make sure you view this guide from the tag (version) of GitLab you would like
to install. In most cases this should be the highest numbered production tag
(without rc in it). You can select the tag in the version dropdown in the top
left corner of GitLab (below the menu bar).
 
If the highest number stable branch is unclear please check the [GitLab Blog](https://about.gitlab.com/blog/) for installation guide links by version.
If the highest number stable branch is unclear please check the
[GitLab Blog](https://about.gitlab.com/blog/) for installation guide links by
version.
 
## Getting started
 
Starting with GitLab 8, GitLab CI is integrated into GitLab.
Starting with GitLab 8.0, GitLab CI is integrated into GitLab.
 
To see how to configure your project with GitLab CI, see the [GitLab CI quickstart documentation](http://doc.gitlab.com/ce/ci/quick_start/README.html).
 
## Running GitLab CI on its own server
 
This section is deprecated for GitLab 8.0 and later versions.
See [getting started](#getting-started).
 
## Manually (re)authorising GitLab CI with GitLab
 
This section is deprecated for GitLab 8.0 and later versions.
See [getting started](#getting-started).
 
### Authorise GitLab CI
 
This section is deprecated for GitLab 8.0 and later versions.
See [getting started](#getting-started).
 
### Reauthorise GitLab CI
 
See [getting started](#getting-started).
\ No newline at end of file
This section is deprecated for GitLab 8.0 and later versions.
See [getting started](#getting-started).
doc/maintenance/README.md
+ 3
9
View file @ 6357c044
# Maintenance commands
 
## After installation
 
### Get service status
@@ -61,19 +60,17 @@ Note that you cannot use a Unicorn reload to update the Ruby runtime.
 
### Invoking Rake tasks
 
To invoke a GitLab Rake task, use `gitlab-rake` (for GitLab) or
`gitlab-ci-rake` (for GitLab CI). For example:
To invoke a GitLab Rake task, use `gitlab-rake`. For example:
 
```shell
sudo gitlab-rake gitlab:check
sudo gitlab-ci-rake -T
```
 
Leave out 'sudo' if you are the 'git' user or the 'gitlab-ci' user.
Leave out 'sudo' if you are the 'git' user.
 
Contrary to with a traditional GitLab installation, there is no need to change
the user or the `RAILS_ENV` environment variable; this is taken care of by the
`gitlab-rake` and `gitlab-ci-rake` wrapper scripts.
`gitlab-rake` wrapper script.
 
### Starting a Rails console session
 
@@ -84,9 +81,6 @@ to inadvertently modify, corrupt or destroy data from the console.
```shell
# start a Rails console for GitLab
sudo gitlab-rails console
# start a Rails console for GitLab CI
sudo gitlab-ci-rails console
```
 
This will only work after you have run `gitlab-ctl reconfigure` at least once.
doc/settings/configuration.md
+ 2
9
View file @ 6357c044
@@ -6,7 +6,6 @@ GitLab and GitLab CI are configured by setting their relevant options in
New installations starting from GitLab 7.6, will have
all the options of the template listed in `/etc/gitlab/gitlab.rb` by default.
 
### Configuring the external URL for GitLab
 
In order for GitLab to display correct repository clone links to your users
@@ -140,15 +139,12 @@ git
# Web server user (required)
gitlab-www
 
# Redis user for GitLab or GitLab CI (only when using packaged Redis)
# Redis user for GitLab (only when using packaged Redis)
gitlab-redis
 
# Postgresql user (only when using packaged Postgresql)
gitlab-psql
 
# GitLab CI user (only when using GitLab CI)
gitlab-ci
# GitLab Mattermost user (only when using GitLab Mattermost)
mattermost
```
@@ -162,15 +158,12 @@ git
# Web server group (required)
gitlab-www
 
# Redis group for GitLab or GitLab CI (only when using packaged Redis)
# Redis group for GitLab (only when using packaged Redis)
gitlab-redis
 
# Postgresql group (only when using packaged Postgresql)
gitlab-psql
 
# GitLab CI group (only when using GitLab CI)
gitlab-ci
# GitLab Mattermost group (only when using GitLab Mattermost)
mattermost
```
doc/settings/database.md
+ 3
9
View file @ 6357c044
@@ -20,7 +20,7 @@ database you should create a backup before attempting this procedure.
 
First, set up your database server according to the [upstream GitLab
instructions](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/install/installation.md#5-database).
For manual GitLab CI database setup instructions see [the GitLab CI manual installation instructions](https://gitlab.com/gitlab-org/gitlab-ci/blob/master/doc/install/installation.md#4-prepare-the-database).
If you want to keep using an existing GitLab database you can skip this step.
 
### Configure omnibus-gitlab to connect to it
@@ -59,14 +59,8 @@ following command to import the schema and create the first admin user:
sudo gitlab-rake gitlab:setup
```
 
You can manually seed the GitLab CI database with the following command:
```shell
# Remove 'sudo' if you are the 'gitlab-ci' user
sudo gitlab-ci-rake setup
```
If you want to specify a password for the default `root` user, in `gitlab.rb` specify the `initial_root_password` setting:
If you want to specify a password for the default `root` user, in `gitlab.rb`
specify the `initial_root_password` setting:
 
```ruby
gitlab_rails['initial_root_password'] = 'nonstandardpassword'
doc/settings/gitlab.yml.md
+ 4
13
View file @ 6357c044
# Changing gitlab.yml and application.yml settings
 
Some of GitLab's features can be customized through
[gitlab.yml][gitlab.yml.example] and [application.yml (GitLab
CI)][application.yml.example]. If you want to change a `gitlab.yml` setting
[gitlab.yml][gitlab.yml.example]. If you want to change a `gitlab.yml` setting
with omnibus-gitlab, you need to do so via `/etc/gitlab/gitlab.rb`. The
translation works as follows. For a complete list of available options, visit the
[gitlab.rb.template](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template). New installations starting from GitLab 7.6, will have
[gitlab.rb.template][]. New installations starting from GitLab 7.6, will have
all the options of the template listed in `/etc/gitlab/gitlab.rb` by default.
 
In `gitlab.yml`, you will find structure like this:
@@ -28,19 +27,11 @@ Note that not all `gitlab.yml` settings can be changed via `gitlab.rb` yet; see
the [gitlab.yml ERB template][gitlab.yml.erb]. If you think an attribute is
missing please create a merge request on the omnibus-gitlab repository.
 
The same principle applies to GitLab CI's
[application.yml][application.yml.example]:
```ruby
gitlab_ci['gitlab_ci_all_broken_builds'] = false
```
Run `sudo gitlab-ctl reconfigure` for changes in `gitlab.rb` to take effect.
 
Do not edit the generated file in `/var/opt/gitlab/gitlab-rails/etc/gitlab.yml`
or `/var/opt/gitlab/gitlab-ci/etc/application.yml` since it will be overwritten
on the next `gitlab-ctl reconfigure` run.
since it will be overwritten on the next `gitlab-ctl reconfigure` run.
 
[gitlab.yml.example]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/gitlab.yml.example
[gitlab.yml.erb]: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb
[application.yml.example]: https://gitlab.com/gitlab-org/gitlab-ci/blob/master/config/application.yml.example
[gitlab.rb.template]: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template
doc/settings/logs.md
+ 1
2
View file @ 6357c044
@@ -91,10 +91,9 @@ By default the NGINX access logs will use the 'combined' NGINX
format, see
http://nginx.org/en/docs/http/ngx_http_log_module.html#log_format .
If you want to use a custom log format string you can specify it
in gitlab.rb.
in `/etc/gitlab/gitlab.rb`.
 
```
nginx['log_format'] = 'my format string $foo $bar'
ci_nginx['log_format'] = 'my format string $foo $bar'
mattermost_nginx['log_format'] = 'my format string $foo $bar'
```
doc/settings/nginx.md
+ 115
147
View file @ 6357c044
@@ -15,9 +15,6 @@ gitlab.example.com, add the following statement to `/etc/gitlab/gitlab.rb`:
```ruby
# note the 'https' below
external_url "https://gitlab.example.com"
# For GitLab CI:
ci_external_url "https://ci.example.com"
```
 
Because the hostname in our example is 'gitlab.example.com', omnibus-gitlab
@@ -35,11 +32,6 @@ sudo cp gitlab.example.com.key gitlab.example.com.crt /etc/gitlab/ssl/
Now run `sudo gitlab-ctl reconfigure`. When the reconfigure finishes your
GitLab instance should be reachable at `https://gitlab.example.com`.
 
The SSL certificate and key paths are derived the same way for GitLab CI. If
you write `ci_external_url "https://ci.example.com"` then `gitlab-ctl
reconfigure` will look for `/etc/gitlab/ssl/ci.example.com.crt` and
`/etc/gitlab/ssl/ci.example.com.key`.
If you are using a firewall you may have to open port 443 to allow inbound
HTTPS traffic.
 
@@ -67,13 +59,6 @@ external_url "https://gitlab.example.com"
nginx['redirect_http_to_https'] = true
```
 
To enable HTTP to HTTPS redirects for GitLab CI, use the `nginx_ci` directive.
```ruby
ci_external_url "https://ci.example.com"
ci_nginx['redirect_http_to_https'] = true
```
## Change the default port and the SSL certificate locations
 
If you need to use an HTTPS port other than the default (443), just specify it
@@ -83,18 +68,12 @@ as part of the external_url.
external_url "https://gitlab.example.com:2443"
```
 
The same syntax works for GitLab CI with `ci_external_url`.
To set the location of ssl certificates create `/etc/gitlab/ssl` directory, place the `.crt` and `.key` files in the directory and specify the following configuration:
 
```ruby
# For GitLab
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key"
# For GitLab CI
ci_nginx['ssl_certificate'] = "/etc/gitlab/ssl/ci.example.crt"
ci_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/ci.example.com.key"
```
 
Run `sudo gitlab-ctl reconfigure` for the change to take effect.
@@ -106,34 +85,62 @@ Omnibus-gitlab allows webserver access through user `gitlab-www` which resides
in the group with the same name. To allow an external webserver access to
GitLab, external webserver user needs to be added `gitlab-www` group.
 
To use another web server like Apache or an existing Nginx installation you will have to do
the following steps:
To use another web server like Apache or an existing Nginx installation you
will have to perform the following steps:
 
* Disable bundled Nginx by specifying in `/etc/gitlab/gitlab.rb`:
1. **Disable bundled Nginx**
 
```ruby
nginx['enable'] = false
In `/etc/gitlab/gitlab.rb` set:
 
# For GitLab CI, use the following:
ci_nginx['enable'] = false
```
```ruby
nginx['enable'] = false
```
 
* Check the username of the non-bundled web-server user. By default, omnibus-gitlab has no default setting for external webserver user.
You have to specify the external webserver user username in the configuration!
Let's say for example that webserver user is `www-data`.
In `/etc/gitlab/gitlab.rb` set:
1. **Set the username of the non-bundled web-server user**
 
```ruby
web_server['external_users'] = ['www-data']
```
By default, omnibus-gitlab has no default setting for the external webserver
user, you have to specify it in the configuration. For Debian/Ubuntu the
default user is `www-data` for both Apache/Nginx whereas for RHEL/CentOS
the Nginx user is `nginx`.
 
*This setting is an array so you can specify more than one user to be added to gitlab-www group.*
*Note: Make sure you have first installed Apache/Nginx so the webserver user is created, otherwise omnibus will fail while reconfiguring.*
 
Run `sudo gitlab-ctl reconfigure` for the change to take effect.
Let's say for example that the webserver user is `www-data`.
In `/etc/gitlab/gitlab.rb` set:
```ruby
web_server['external_users'] = ['www-data']
```
*Note: This setting is an array so you can specify more than one user to be added to gitlab-www group.*
Run `sudo gitlab-ctl reconfigure` for the change to take effect.
Note: if you are using SELinux and your web server runs under a restricted
SELinux profile you may have to [loosen the restrictions on your web
server](https://gitlab.com/gitlab-org/gitlab-recipes/tree/master/web-server/apache#selinux-modifications).
1. **(Optional) Set the right gitlab-workhorse settings if using Apache**
Apache cannot connect to a UNIX socket but instead needs to connect to a
TCP Port. To allow gitlab-workhorse to listen on TCP (by default port 8181)
edit `/etc/gitlab/gitlab.rb`:
```
gitlab_workhorse['listen_network'] = "tcp"
gitlab_workhorse['listen_addr'] = "localhost:8181"
```
 
Note: if you are using SELinux and your web server runs under a restricted
SELinux profile you may have to [loosen the restrictions on your web
server](https://gitlab.com/gitlab-org/gitlab-recipes/tree/master/web-server/apache#selinux-modifications).
Run `sudo gitlab-ctl reconfigure` for the change to take effect.
1. **Download the right web server configs**
Go to [GitLab recipes repository][recipes-web] and look for the omnibus
configs in the webserver directory of your choice. Make sure you pick the
right configuration file depending whether you choose to serve GitLab with
SSL or not. The only thing you need to change is `YOUR_SERVER_FQDN` with
your own FQDN and if you use SSL, the location where your SSL keys currently
reside. You also might need to change the location of your log files.
 
## Setting the NGINX listen address or addresses
 
@@ -144,8 +151,6 @@ You can change the list of addresses in `/etc/gitlab/gitlab.rb`.
nginx['listen_addresses'] = ["0.0.0.0", "[::]"] # listen on all IPv4 and IPv6 addresses
```
 
For GitLab CI, use the `ci_nginx['listen_addresses']` setting.
## Setting the NGINX listen port
 
By default NGINX will listen on the port specified in `external_url` or
@@ -157,12 +162,6 @@ something else. For example, to use port 8080:
nginx['listen_port'] = 8080
```
 
Similarly, for GitLab CI:
```ruby
ci_nginx['listen_port'] = 8081
```
## Supporting proxied SSL
 
By default NGINX will auto-detect whether to use SSL if `external_url`
@@ -175,22 +174,16 @@ the `listen_https` option:
nginx['listen_https'] = false
```
 
Similarly, for GitLab CI:
```ruby
ci_nginx['listen_https'] = false
```
Note that you may need to configure your reverse proxy to forward certain
headers (e.g. `Host`, `X-Forwarded-Ssl`, `X-Forwarded-For`, `X-Forwarded-Port`) to GitLab. You
may see improper redirections or errors (e.g. "422 Unprocessable Entity",
"Can't verify CSRF token authenticity") if you forget this step. For more
information, see:
headers (e.g. `Host`, `X-Forwarded-Ssl`, `X-Forwarded-For`, `X-Forwarded-Port`)
to GitLab. You may see improper redirections or errors (e.g. "422 Unprocessable
Entity", "Can't verify CSRF token authenticity") if you forget this step. For
more information, see:
 
http://stackoverflow.com/questions/16042647/whats-the-de-facto-standard-for-a-reverse-proxy-to-tell-the-backend-ssl-is-used
https://wiki.apache.org/couchdb/Nginx_As_a_Reverse_Proxy
* http://stackoverflow.com/questions/16042647/whats-the-de-facto-standard-for-a-reverse-proxy-to-tell-the-backend-ssl-is-used
* https://wiki.apache.org/couchdb/Nginx_As_a_Reverse_Proxy
 
## Using custom ssl ciphers
## Using custom SSL ciphers
 
By default GitLab is using SSL ciphers that are combination of testing on gitlab.com and various best practices contributed by the GitLab community.
 
@@ -200,11 +193,7 @@ However, you can change the ssl ciphers by adding to `gitlab.rb`:
nginx['ssl_ciphers'] = "CIPHER:CIPHER1"
```
 
and running reconfigure. Similar, for GitLab CI:
```ruby
ci_nginx['ssl_ciphers'] = "CIPHER:CIPHER1"
```
and running reconfigure.
 
You can also enable `ssl_dhparam` directive.
 
@@ -214,11 +203,7 @@ First, generate `dhparams.pem` with `openssl dhparam -out dhparams.pem 2048`. Th
nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem"
```
 
After the change run `sudo gitlab-ctl reconfigure`. Similar, for GitLab CI:
```ruby
ci_nginx['ssl_dhparam'] = "/etc/gitlab/ssl/ci_dhparams.pem"
```
After the change run `sudo gitlab-ctl reconfigure`.
 
## Inserting custom NGINX settings into the GitLab server block
 
@@ -228,9 +213,6 @@ some reason you can use the following setting.
```ruby
# Example: block raw file downloads from a specific repository
nginx['custom_gitlab_server_config'] = "location ^~ /foo-namespace/bar-project/raw/ {\n deny all;\n}\n"
# You can do the same for GitLab-CI
ci_nginx['custom_gitlab_ci_server_config'] = "some settings"
```
 
Run `gitlab-ctl reconfigure` to rewrite the NGINX configuration and restart
@@ -264,9 +246,6 @@ Nginx and Unicorn:
# Disable the built-in nginx
nginx['enable'] = false
 
# Disable the built-in nginx for Gitlab CI
ci_nginx['enable'] = false
# Disable the built-in unicorn
unicorn['enable'] = false
 
@@ -279,13 +258,11 @@ Make sure you run `sudo gitlab-ctl reconfigure` for the changes to take effect.
### Vhost (server block)
 
Then, in your custom Passenger/Nginx installation, create the following site
configuration files:
#### Gitlab
configuration file:
 
```
upstream gitlab-git-http-server {
server unix://var/opt/gitlab/gitlab-git-http-server/socket fail_timeout=0;
upstream gitlab-workhorse {
server unix://var/opt/gitlab/gitlab-workhorse/socket fail_timeout=0;
}
 
server {
@@ -314,10 +291,41 @@ server {
passenger_enabled on;
passenger_min_instances 1;
 
location ~ [-\/\w\.]+\.git\/ {
## If you use HTTPS make sure you disable gzip compression
## to be safe against BREACH attack.
gzip off;
location ~ ^/[\w\.-]+/[\w\.-]+/(info/refs|git-upload-pack|git-receive-pack)$ {
# 'Error' 418 is a hack to re-use the @gitlab-workhorse block
error_page 418 = @gitlab-workhorse;
return 418;
}
location ~ ^/[\w\.-]+/[\w\.-]+/repository/archive {
# 'Error' 418 is a hack to re-use the @gitlab-workhorse block
error_page 418 = @gitlab-workhorse;
return 418;
}
location ~ ^/api/v3/projects/.*/repository/archive {
# 'Error' 418 is a hack to re-use the @gitlab-workhorse block
error_page 418 = @gitlab-workhorse;
return 418;
}
# Build artifacts should be submitted to this location
location ~ ^/[\w\.-]+/[\w\.-]+/builds/download {
client_max_body_size 0;
# 'Error' 418 is a hack to re-use the @gitlab-workhorse block
error_page 418 = @gitlab-workhorse;
return 418;
}
# Build artifacts should be submitted to this location
location ~ /ci/api/v1/builds/[0-9]+/artifacts {
client_max_body_size 0;
# 'Error' 418 is a hack to re-use the @gitlab-workhorse block
error_page 418 = @gitlab-workhorse;
return 418;
}
location @gitlab-workhorse {
 
## https://github.com/gitlabhq/gitlabhq/issues/694
## Some requests take more than 30 seconds.
@@ -328,77 +336,36 @@ server {
# Do not buffer Git HTTP responses
proxy_buffering off;
 
# The following settings only work with NGINX 1.7.11 or newer
#
# Pass chunked request bodies to gitlab-git-http-server as-is
# proxy_request_buffering off;
# proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://gitlab-git-http-server;
}
error_page 502 /502.html;
}
```
For a typical Passenger installation this file should probably
be located at `/etc/nginx/sites-available/gitlab` and symlinked to
`/etc/nginx/sites-enabled/gitlab`.
#### Gitlab CI
 
```
upstream gitlab_ci {
server unix:/var/opt/gitlab/gitlab-ci/sockets/gitlab.socket;
}
proxy_pass http://gitlab-workhorse;
 
server {
listen *:80;
server_name ci.example.com;
server_tokens off;
root /opt/gitlab/embedded/service/gitlab-ci/public;
client_max_body_size 250m;
access_log /var/log/gitlab/nginx/gitlab_ci_access.log;
error_log /var/log/gitlab/nginx/gitlab_ci_error.log;
location / {
## Serve static files from defined root folder.
## @gitlab_ci is a named location for the upstream fallback, see below.
try_files $uri $uri/index.html $uri.html @gitlab_ci;
## The following settings only work with NGINX 1.7.11 or newer
#
## Pass chunked request bodies to gitlab-workhorse as-is
# proxy_request_buffering off;
# proxy_http_version 1.1;
}
 
## If a file, which is not found in the root folder is requested,
## then the proxy passes the request to the upsteam (gitlab-ci unicorn).
location @gitlab_ci {
## https://github.com/gitlabhq/gitlabhq/issues/694
## Some requests take more than 30 seconds.
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://gitlab_ci;
## Enable gzip compression as per rails guide:
## http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression
## WARNING: If you are using relative urls remove the block below
## See config/application.rb under "Relative url support" for the list of
## other files that need to be changed for relative url support
location ~ ^/(assets)/ {
root /opt/gitlab/embedded/service/gitlab-rails/public;
gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
}
 
error_page 502 /502.html;
}
```
 
For a typical Passenger installation this file should probably
be located at `/etc/nginx/sites-available/gitlab_ci` and symlinked to
`/etc/nginx/sites-enabled/gitlab_ci`.
#### Warning
 
To ensure that user uploads are accessible your Nginx user (usually `www-data`)
@@ -414,7 +381,8 @@ Other than the Passenger configuration in place of Unicorn and the lack of HTTPS
(although this could be enabled) these files are mostly identical to :
 
- [bundled Gitlab Nginx configuration](files/gitlab-cookbooks/gitlab/templates/default/nginx-gitlab-http.conf.erb)
- [bundled Gitlab CI Nginx configuration](files/gitlab-cookbooks/gitlab/templates/default/nginx-gitlab-ci-http.conf.erb)
 
Don't forget to restart Nginx to load the new configuration (on Debian-based
systems `sudo service nginx restart`).
\ No newline at end of file
systems `sudo service nginx restart`).
[recipes-web]: https://gitlab.com/gitlab-org/gitlab-recipes/tree/master/web-server
doc/settings/redis.md
+ 0
12
View file @ 6357c044
@@ -17,18 +17,6 @@ gitlab_rails['redis_port'] = 6380
gitlab_rails['redis_socket'] = '/tmp/redis.sock' # defaults to /var/opt/gitlab/redis/redis.socket
```
 
For GitLab CI, use `ci_redis` and `gitlab_ci` instead:
```ruby
ci_redis['enable'] = false
gitlab_ci['redis_host'] = 'ci-redis.example.com'
```
Note that GitLab and GitLab CI are not designed to share a single Redis
instance. This is why omnibus-gitlab has separate `redis` and `ci_redis`
services.
## Making a bundled Redis instance reachable via TCP
 
Use the following settings if you want to make one of the Redis instances
doc/settings/smtp.md
+ 2
15
View file @ 6357c044
@@ -22,26 +22,12 @@ gitlab_rails['gitlab_email_from'] = 'gitlab@example.com'
gitlab_rails['gitlab_email_reply_to'] = 'noreply@example.com'
```
 
## GitLab CI
To change GitLab CI email configuration (e.g. use SMTP), use `gitlab_ci` instead
of `gitlab_rails`.
```ruby
# in /etc/gitlab/gitlab.rb
gitlab_ci['gitlab_ci_email_from'] = 'gitlab-ci@example.com'
gitlab_ci['smtp_enable'] = true
gitlab_ci['smtp_address'] = "smtp.server"
# etc.
```
## Example configuration
### SMTP on localhost
This configuration, which simply enables SMTP and otherwise uses the default settings, can be used for an MTA running on localhost that does not provide a `sendmail` interface or that provides a `sendmail` interface that is incompatible with GitLab, such as Exim.
 
```ruby
gitlab_rails['smtp_enable'] = true
gitlab_ci['smtp_enable'] = true
```
 
### Gmail
@@ -92,4 +78,5 @@ gitlab_rails['smtp_enable_starttls_auto'] = true
 
### More examples are welcome
 
If you have figured out an example configuration yourself please send a merge request to save other people time.
\ No newline at end of file
If you have figured out an example configuration yourself please send a Merge
Request to save other people time.
doc/settings/unicorn.md
+ 0
7
View file @ 6357c044
@@ -8,10 +8,3 @@ reconfigure for the change to take effect.
unicorn['worker_processes'] = 3
unicorn['worker_timeout'] = 60
```
To adjust Unicorn settings for GitLab CI, use the `ci_unicorn` directive in
`/etc/gitlab/gitlab.rb`.
```ruby
ci_unicorn['worker_processes'] = 3
```
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment