Installation of Gitlab 7.1.1 package does not succeed on Debian 7.6
The Installation of the latest gitlab package does not succeed on my fresh server installation (vserver with a minimal image = no webserver, no database server, etc.).
omnibus-gitlab version gitlab 7.1.1-omnibus-1
Operating System: Debian 7.6 wheezy
I followed tge steps of the package installation website:
Step 1: OpenSSH installation
# sudo apt-get install openssh-server
Reading package lists... Done
Building dependency tree
Reading state information... Done
openssh-server is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.Step 2: postfix installation
# sudo apt-get install postfix
Reading package lists... Done
Building dependency tree
Reading state information... Done
postfix is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.Step 3: gitlab package installation
# sudo dpkg -i gitlab_7.1.1-omnibus-1_amd64.deb
Selecting previously unselected package gitlab.
(Reading database ... 20249 files and directories currently installed.)
Unpacking gitlab (from gitlab_7.1.1-omnibus-1_amd64.deb) ...
Setting up gitlab (7.1.1-omnibus-1) ...
Thank you for installing GitLab!
You can configure GitLab for your system by running the following command:
sudo gitlab-ctl reconfigure
Step 4: host configuration
Adapted it to my domain.
Step 5: gitlab reconfigure
# sudo gitlab-ctl reconfigure
Starting Chef Client, version 11.12.2
Compiling Cookbooks...
Recipe: gitlab::default
* directory[/etc/gitlab] action create
- change mode from '0755' to '0775'
[2014-08-08T09:37:49+00:00] WARN: Cloning resource attributes for directory[/var/opt/gitlab/gitlab-rails/etc] from prior resource (CHEF-3694)
[2014-08-08T09:37:49+00:00] WARN: Previous directory[/var/opt/gitlab/gitlab-rails/etc]: /opt/gitlab/embedded/cookbooks/gitlab/recipes/gitlab-rails.rb:37:in `block in from_file'
[2014-08-08T09:37:49+00:00] WARN: Current directory[/var/opt/gitlab/gitlab-rails/etc]: /opt/gitlab/embedded/cookbooks/gitlab/definitions/unicorn_config.rb:21:in `block in from_file'
[2014-08-08T09:37:49+00:00] WARN: Cloning resource attributes for service[unicorn] from prior resource (CHEF-3694)
[2014-08-08T09:37:49+00:00] WARN: Previous service[unicorn]: /opt/gitlab/embedded/cookbooks/gitlab/recipes/default.rb:58:in `block in from_file'
[2014-08-08T09:37:49+00:00] WARN: Current service[unicorn]: /opt/gitlab/embedded/cookbooks/runit/definitions/runit_service.rb:191:in `block in from_file'
[2014-08-08T09:37:49+00:00] WARN: Cloning resource attributes for service[sidekiq] from prior resource (CHEF-3694)
[2014-08-08T09:37:49+00:00] WARN: Previous service[sidekiq]: /opt/gitlab/embedded/cookbooks/gitlab/recipes/default.rb:58:in `block in from_file'
[2014-08-08T09:37:49+00:00] WARN: Current service[sidekiq]: /opt/gitlab/embedded/cookbooks/runit/definitions/runit_service.rb:191:in `block in from_file'
Converging 150 resources
* directory[/etc/gitlab] action nothing (skipped due to action :nothing)
* directory[/var/opt/gitlab] action create
- create new directory /var/opt/gitlab
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
Recipe: gitlab::users
* group[git] action create
- create group[git]
* user[git] action create
- create user user[git]
* template[/var/opt/gitlab/.gitconfig] action create
- create new file /var/opt/gitlab/.gitconfig
- update content in file /var/opt/gitlab/.gitconfig from none to fead4b
--- /var/opt/gitlab/.gitconfig 2014-08-08 09:37:50.283296303 +0000
+++ /tmp/chef-rendered-template20140808-7887-76zx1x 2014-08-08 09:37:50.284296318 +0000
@@ -1 +1,10 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+[user]
+ name = GitLab
+ email = gitlab@gitlab-next.lab0.de
+[core]
+ autocrlf = input
- change mode from '' to '0644'
- change owner from '' to 'git'
- change group from '' to 'git'
Recipe: gitlab::gitlab-shell
* directory[/var/opt/gitlab/git-data/repositories] action create
- create new directory /var/opt/gitlab/git-data/repositories
- change mode from '' to '02770'
- change owner from '' to 'git'
- change group from '' to 'git'
* directory[/var/opt/gitlab/.ssh] action create
- create new directory /var/opt/gitlab/.ssh
- change mode from '' to '0700'
- change owner from '' to 'git'
- change group from '' to 'git'
* file[/var/opt/gitlab/.ssh/authorized_keys] action create
- create new file /var/opt/gitlab/.ssh/authorized_keys
- change mode from '' to '0600'
- change owner from '' to 'git'
- change group from '' to 'git'
* file[/opt/gitlab/embedded/service/gitlab-shell/authorized_keys.lock] action create
- create new file /opt/gitlab/embedded/service/gitlab-shell/authorized_keys.lock
- change owner from '' to 'git'
- change group from '' to 'git'
* execute[chcon --recursive --type ssh_home_t /var/opt/gitlab/.ssh] action run (skipped due to only_if)
* directory[/var/log/gitlab/gitlab-shell/] action create
- create new directory /var/log/gitlab/gitlab-shell/
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[/var/opt/gitlab/gitlab-shell] action create
- create new directory /var/opt/gitlab/gitlab-shell
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[/var/opt/gitlab/git-data] action create
- change mode from '0755' to '0700'
- change owner from 'root' to 'git'
* template[/var/opt/gitlab/gitlab-shell/config.yml] action create
- create new file /var/opt/gitlab/gitlab-shell/config.yml
- update content in file /var/opt/gitlab/gitlab-shell/config.yml from none to 4d0c19
--- /var/opt/gitlab/gitlab-shell/config.yml 2014-08-08 09:37:50.322296878 +0000
+++ /tmp/chef-rendered-template20140808-7887-j6nydq 2014-08-08 09:37:50.323296892 +0000
@@ -1 +1,46 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+# GitLab user. git by default
+user: git
+
+# Url to gitlab instance. Used for api calls. Should end with a slash.
+gitlab_url: "http://127.0.0.1:8080"
+
+http_settings:
+# user: someone
+# password: somepass
+# ca_file: /etc/ssl/cert.pem
+# ca_path: /etc/pki/tls/certs
+ self_signed_cert: false
+
+# Repositories path
+# Give the canonicalized absolute pathname,
+# REPOS_PATH MUST NOT CONTAIN ANY SYMLINK!!!
+# Check twice that none of the components is a symlink, including "/home".
+repos_path: "/var/opt/gitlab/git-data/repositories"
+
+# File used as authorized_keys for gitlab user
+auth_file: "/var/opt/gitlab/.ssh/authorized_keys"
+
+# Redis settings used for pushing commit notices to gitlab
+redis:
+ bin: /opt/gitlab/embedded/bin/redis-cli
+ host: 127.0.0.1
+ port: 6379
+ # socket: /tmp/redis.socket # Only define this if you want to use sockets
+ namespace: resque:gitlab
+
+# Log file.
+# Default is gitlab-shell.log in the root directory.
+log_file: "/var/log/gitlab/gitlab-shell/gitlab-shell.log"
+
+# Log level. INFO by default
+log_level: INFO
+
+# Audit usernames.
+# Set to true to see real usernames in the logs instead of key ids, which is easier to follow, but
+# incurs an extra API call on every gitlab-shell command.
+audit_usernames: false
* link[/opt/gitlab/embedded/service/gitlab-shell/config.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-shell/config.yml to /var/opt/gitlab/gitlab-shell/config.yml
Recipe: gitlab::gitlab-rails
* directory[/var/opt/gitlab/gitlab-rails] action create
- create new directory /var/opt/gitlab/gitlab-rails
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[/var/opt/gitlab/gitlab-rails/etc] action create
- create new directory /var/opt/gitlab/gitlab-rails/etc
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[/var/opt/gitlab/gitlab-rails/working] action create
- create new directory /var/opt/gitlab/gitlab-rails/working
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[/var/opt/gitlab/gitlab-rails/tmp] action create
- create new directory /var/opt/gitlab/gitlab-rails/tmp
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[/var/opt/gitlab/gitlab-rails/uploads] action create
- create new directory /var/opt/gitlab/gitlab-rails/uploads
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[/var/opt/gitlab/backups] action create
- create new directory /var/opt/gitlab/backups
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[/var/log/gitlab/gitlab-rails] action create
- create new directory /var/log/gitlab/gitlab-rails
- change mode from '' to '0700'
- change owner from '' to 'git'
* template[/var/opt/gitlab/gitlab-rails/etc/secret] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/secret
- update content in file /var/opt/gitlab/gitlab-rails/etc/secret from none to 2e25d3
--- /var/opt/gitlab/gitlab-rails/etc/secret 2014-08-08 09:37:50.339297128 +0000
+++ /tmp/chef-rendered-template20140808-7887-15hg4fy 2014-08-08 09:37:50.340297143 +0000
@@ -1 +1,2 @@
+6c2e28e47fb1e884c30aff12236514e46e68f125771633bb99343d078277da82ef89b66f71580015675cc07dd74fba2456894efa98b5e327a06b19af489a290c
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
* link[/opt/gitlab/embedded/service/gitlab-rails/.secret] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/.secret to /var/opt/gitlab/gitlab-rails/etc/secret
* template[/var/opt/gitlab/gitlab-rails/etc/database.yml] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/database.yml
- update content in file /var/opt/gitlab/gitlab-rails/etc/database.yml from none to f27e0e
--- /var/opt/gitlab/gitlab-rails/etc/database.yml 2014-08-08 09:37:50.344297202 +0000
+++ /tmp/chef-rendered-template20140808-7887-94lynl 2014-08-08 09:37:50.345297216 +0000
@@ -1 +1,15 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+production:
+ adapter: postgresql
+ encoding: unicode
+ database: gitlabhq_production
+ pool: 10
+ username: 'gitlab'
+ password:
+ host:
+ port: 5432
+ socket:
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
* link[/opt/gitlab/embedded/service/gitlab-rails/config/database.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/config/database.yml to /var/opt/gitlab/gitlab-rails/etc/database.yml
* template[/var/opt/gitlab/gitlab-rails/etc/resque.yml] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/resque.yml
- update content in file /var/opt/gitlab/gitlab-rails/etc/resque.yml from none to 8655f7
--- /var/opt/gitlab/gitlab-rails/etc/resque.yml 2014-08-08 09:37:50.349297276 +0000
+++ /tmp/chef-rendered-template20140808-7887-u8onqc 2014-08-08 09:37:50.350297291 +0000
@@ -1 +1,2 @@
+production: redis://127.0.0.1:6379
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
* link[/opt/gitlab/embedded/service/gitlab-rails/config/resque.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/config/resque.yml to /var/opt/gitlab/gitlab-rails/etc/resque.yml
* template[/var/opt/gitlab/gitlab-rails/etc/aws.yml] action delete (up to date)
* link[/opt/gitlab/embedded/service/gitlab-rails/config/aws.yml] action delete (up to date)
* template[/var/opt/gitlab/gitlab-rails/etc/smtp_settings.rb] action delete (up to date)
* link[/opt/gitlab/embedded/service/gitlab-rails/config/initializers/smtp_settings.rb] action delete (up to date)
* template[/var/opt/gitlab/gitlab-rails/etc/gitlab.yml] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/gitlab.yml
- update content in file /var/opt/gitlab/gitlab-rails/etc/gitlab.yml from none to 14308a
--- /var/opt/gitlab/gitlab-rails/etc/gitlab.yml 2014-08-08 09:37:50.355297364 +0000
+++ /tmp/chef-rendered-template20140808-7887-4rxjwk 2014-08-08 09:37:50.359297422 +0000
@@ -1 +1,248 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+production: &base
+ #
+ # 1. GitLab app settings
+ # ==========================
+
+ ## GitLab settings
+ gitlab:
+ ## Web server settings (note: host is the FQDN, do not include http://)
+ host: gitlab-next.lab0.de
+ port: 80
+ https: false
+
+ # Uncommment this line below if your ssh host is different from HTTP/HTTPS one
+ # (you'd obviously need to replace ssh.host_example.com with your own host).
+ # Otherwise, ssh host will be set to the `host:` value above
+ # ssh_host: ssh.host_example.com
+
+ # WARNING: See config/application.rb under "Relative url support" for the list of
+ # other files that need to be changed for relative url support
+ # relative_url_root: /gitlab
+
+ # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
+ user: git
+
+ ## Email settings
+ # Email address used in the "From" field in mails sent by GitLab
+ email_from: gitlab@gitlab-next.lab0.de
+
+ # Email server smtp settings are in [a separate file](initializers/smtp_settings.rb.sample).
+
+ ## User settings
+ default_projects_limit: 10
+ default_can_create_group: # default: true
+ username_changing_enabled: # default: true - User can change her username/namespace
+ ## Default theme
+ ## BASIC = 1
+ ## MARS = 2
+ ## MODERN = 3
+ ## GRAY = 4
+ ## COLOR = 5
+ default_theme: # default: 2
+
+ ## Users can create accounts
+ # This also allows normal users to sign up for accounts themselves
+ # default: false - By default GitLab administrators must create all new accounts
+ signup_enabled:
+ #
+ ## Standard login settings
+ # The standard login can be disabled to force login via LDAP
+ # default: true - If set to false the standard login form won't be shown on the sign-in page
+ signin_enabled:
+
+ # Restrict setting visibility levels for non-admin users.
+ # The default is to allow all levels.
+ restricted_visibility_levels:
+
+ ## Automatic issue closing
+ # If a commit message matches this regular expression, all issues referenced from the matched text will be closed.
+ # This happens when the commit is pushed or merged into the default branch of a project.
+ # When not specified the default issue_closing_pattern as specified below will be used.
+ # issue_closing_pattern: '([Cc]lose[sd]|[Ff]ixe[sd]) +#\d+'
+
+ ## Default project features settings
+ default_projects_features:
+ issues: true
+ merge_requests: true
+ wiki: true
+ snippets: false
+ visibility_level: "private" # can be "private" | "internal" | "public"
+
+ ## Repository downloads directory
+ # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory.
+ # The default is 'tmp/repositories' relative to the root of the Rails app.
+ repository_downloads_path:
+
+ ## External issues trackers
+ issues_tracker:
+
+
+ ## Gravatar
+ gravatar:
+ enabled: true # Use user avatar image from Gravatar.com (default: true)
+ # gravatar urls: possible placeholders: %{hash} %{size} %{email}
+ plain_url: # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=mm
+ ssl_url: # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=mm
+
+ #
+ # 2. Auth settings
+ # ==========================
+
+ ## LDAP settings
+ # You can inspect a sample of the LDAP users with login access by running:
+ # bundle exec rake gitlab:ldap:check RAILS_ENV=production
+ ldap:
+ enabled: false
+ host:
+ port:
+ uid:
+ method: # "tls" or "ssl" or "plain"
+ bind_dn:
+ password:
+ # If allow_username_or_email_login is enabled, GitLab will ignore everything
+ # after the first '@' in the LDAP username submitted by the user on login.
+ #
+ # Example:
+ # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
+ # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
+ #
+ # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
+ # disable this setting, because the userPrincipalName contains an '@'.
+ allow_username_or_email_login:
+
+ # Base where we can search for users
+ #
+ # Ex. ou=People,dc=gitlab,dc=example
+ #
+ base:
+
+ # Filter LDAP users
+ #
+ # Format: RFC 4515
+ # Ex. (employeeType=developer)
+ #
+ user_filter:
+
+ # Base where we can search for groups
+ #
+ # Ex. ou=Groups,dc=gitlab,dc=example
+ #
+ group_base:
+
+ # LDAP group of users who should be admins in GitLab
+ #
+ # Ex. GLAdmins
+ #
+ admin_group:
+
+ # Name of attribute which holds a ssh public key of the user object.
+ # If false or nil, SSH key syncronisation will be disabled.
+ #
+ # Ex. sshpublickey
+ #
+ sync_ssh_keys:
+
+ ## OmniAuth settings
+ omniauth:
+ # Allow login via Twitter, Google, etc. using OmniAuth providers
+ enabled: false
+
+ # CAUTION!
+ # This allows users to login without having a user account first (default: false).
+ # User accounts will be created automatically when authentication was successful.
+ allow_single_sign_on:
+ # Locks down those users until they have been cleared by the admin (default: true).
+ block_auto_created_users:
+
+ ## Auth providers
+ # Uncomment the following lines and fill in the data of the auth provider you want to use
+ # If your favorite auth provider is not listed you can use others:
+ # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Working-custom-omniauth-provider-configurations
+ # The 'app_id' and 'app_secret' parameters are always passed as the first two
+ # arguments, followed by optional 'args' which can be either a hash or an array.
+ # Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html
+ providers:
+ # - { name: 'google_oauth2', app_id: 'YOUR APP ID',
+ # app_secret: 'YOUR APP SECRET',
+ # args: { access_type: 'offline', approval_prompt: '' } }
+ # - { name: 'twitter', app_id: 'YOUR APP ID',
+ # app_secret: 'YOUR APP SECRET'}
+ # - { name: 'github', app_id: 'YOUR APP ID',
+ # app_secret: 'YOUR APP SECRET',
+ # args: { scope: 'user:email' } }
+
+
+
+ #
+ # 3. Advanced settings
+ # ==========================
+
+ # GitLab Satellites
+ satellites:
+ # Relative paths are relative to Rails.root (default: tmp/repo_satellites/)
+ path: /var/opt/gitlab/git-data/gitlab-satellites
+
+ ## Backup settings
+ backup:
+ path: "/var/opt/gitlab/backups" # Relative paths are relative to Rails.root (default: tmp/backups/)
+ keep_time: # default: 0 (forever) (in seconds)
+
+ ## GitLab Shell settings
+ gitlab_shell:
+ path: /opt/gitlab/embedded/service/gitlab-shell/
+
+ # REPOS_PATH MUST NOT BE A SYMLINK!!!
+ repos_path: /var/opt/gitlab/git-data/repositories
+ hooks_path: /opt/gitlab/embedded/service/gitlab-shell/hooks/
+
+ # Git over HTTP
+ upload_pack: true
+ receive_pack: true
+
+ # If you use non-standard ssh port you need to specify it
+ ssh_port: 22
+
+ ## Git settings
+ # CAUTION!
+ # Use the default values unless you really know what you are doing
+ git:
+ bin_path: /opt/gitlab/embedded/bin/git
+ # The next value is the maximum memory size grit can use
+ # Given in number of bytes per git object (e.g. a commit)
+ # This value can be increased if you have very large commits
+ max_size: 20971520
+ # Git timeout to read a commit, in seconds
+ timeout: 10
+
+ #
+ # 4. Extra customization
+ # ==========================
+
+ extra:
+
+
+
+development:
+ <<: *base
+
+test:
+ <<: *base
+ gravatar:
+ enabled: true
+ gitlab:
+ host: localhost
+ port: 80
+ issues_tracker:
+ redmine:
+ title: "Redmine"
+ project_url: "http://redmine/projects/:issues_tracker_id"
+ issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
+ new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
+
+staging:
+ <<: *base
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
* link[/opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml to /var/opt/gitlab/gitlab-rails/etc/gitlab.yml
* template[/var/opt/gitlab/gitlab-rails/etc/rack_attack.rb] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/rack_attack.rb
- update content in file /var/opt/gitlab/gitlab-rails/etc/rack_attack.rb from none to aadb73
--- /var/opt/gitlab/gitlab-rails/etc/rack_attack.rb 2014-08-08 09:37:50.369297570 +0000
+++ /tmp/chef-rendered-template20140808-7887-1jn3deb 2014-08-08 09:37:50.370297585 +0000
@@ -1 +1,23 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+# 1. Rename this file to rack_attack.rb
+# 2. Review the paths_to_be_protected and add any other path you need protecting
+#
+
+paths_to_be_protected = [
+ "#{Rails.application.config.relative_url_root}/users/password",
+ "#{Rails.application.config.relative_url_root}/users/sign_in",
+ "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session.json",
+ "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session",
+ "#{Rails.application.config.relative_url_root}/users",
+ "#{Rails.application.config.relative_url_root}/users/confirmation"
+]
+
+unless Rails.env.test?
+ Rack::Attack.throttle('protected paths', limit: 10, period: 60.seconds) do |req|
+ req.ip if paths_to_be_protected.include?(req.path) && req.post?
+ end
+end
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
* link[/opt/gitlab/embedded/service/gitlab-rails/config/initializers/rack_attack.rb] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/config/initializers/rack_attack.rb to /var/opt/gitlab/gitlab-rails/etc/rack_attack.rb
* directory[/var/opt/gitlab/git-data/gitlab-satellites] action create
- create new directory /var/opt/gitlab/git-data/gitlab-satellites
- change mode from '' to '0750'
- change owner from '' to 'git'
- change group from '' to 'git'
* link[/opt/gitlab/embedded/service/gitlab-rails/tmp] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/tmp to /var/opt/gitlab/gitlab-rails/tmp
* link[/opt/gitlab/embedded/service/gitlab-rails/public/uploads] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/public/uploads to /var/opt/gitlab/gitlab-rails/uploads
* link[/opt/gitlab/embedded/service/gitlab-rails/log] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/log to /var/log/gitlab/gitlab-rails
* file[/opt/gitlab/embedded/service/gitlab-rails/db/schema.rb] action create
- change owner from 'root' to 'git'
* remote_file[/var/opt/gitlab/gitlab-rails/VERSION] action create
- create new file /var/opt/gitlab/gitlab-rails/VERSION
- update content in file /var/opt/gitlab/gitlab-rails/VERSION from none to 511a8b
--- /var/opt/gitlab/gitlab-rails/VERSION 2014-08-08 09:37:50.428298438 +0000
+++ /tmp/.VERSION20140808-7887-yp1wfl 2014-08-08 09:37:50.429298453 +0000
@@ -1 +1,2 @@
+7.1.1
* execute[chown -R git /opt/gitlab/embedded/service/gitlab-rails/public] action run
- execute chown -R git /opt/gitlab/embedded/service/gitlab-rails/public
* execute[clear the gitlab-rails cache] action nothing (skipped due to action :nothing)
Recipe: gitlab::default
* service[unicorn] action nothing (up to date)
* service[sidekiq] action nothing (up to date)
Recipe: runit::sysvinit
* execute[echo 'CS:123456:respawn:/opt/gitlab/embedded/bin/runsvdir-start' >> /etc/inittab] action run
- execute echo 'CS:123456:respawn:/opt/gitlab/embedded/bin/runsvdir-start' >> /etc/inittab
* execute[init q] action run
- execute init q
* execute[init q] action nothing (skipped due to action :nothing)
Recipe: gitlab::redis
* group[gitlab-redis] action create
- create group[gitlab-redis]
* user[gitlab-redis] action create
- create user user[gitlab-redis]
* directory[/var/opt/gitlab/redis] action create
- create new directory /var/opt/gitlab/redis
- change mode from '' to '0700'
- change owner from '' to 'gitlab-redis'
* directory[/var/log/gitlab/redis] action create
- create new directory /var/log/gitlab/redis
- change mode from '' to '0700'
- change owner from '' to 'gitlab-redis'
* template[/var/opt/gitlab/redis/redis.conf] action create
- create new file /var/opt/gitlab/redis/redis.conf
- update content in file /var/opt/gitlab/redis/redis.conf from none to 7231e9
--- /var/opt/gitlab/redis/redis.conf 2014-08-08 09:37:50.838304475 +0000
+++ /tmp/chef-rendered-template20140808-7887-z6fnbk 2014-08-08 09:37:50.840304505 +0000
@@ -1 +1,700 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+# Redis configuration file example
+
+# Note on units: when memory size is needed, it is possible to specify
+# it in the usual form of 1k 5GB 4M and so forth:
+#
+# 1k => 1000 bytes
+# 1kb => 1024 bytes
+# 1m => 1000000 bytes
+# 1mb => 1024*1024 bytes
+# 1g => 1000000000 bytes
+# 1gb => 1024*1024*1024 bytes
+#
+# units are case insensitive so 1GB 1Gb 1gB are all the same.
+
+# By default Redis does not run as a daemon. Use 'yes' if you need it.
+# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
+daemonize no
+
+# When running daemonized, Redis writes a pid file in /var/run/redis.pid by
+# default. You can specify a custom pid file location here.
+pidfile /var/run/redis.pid
+
+# Accept connections on the specified port, default is 6379.
+# If port 0 is specified Redis will not listen on a TCP socket.
+port 6379
+
+# By default Redis listens for connections from all the network interfaces
+# available on the server. It is possible to listen to just one or multiple
+# interfaces using the "bind" configuration directive, followed by one or
+# more IP addresses.
+#
+# Examples:
+#
+# bind 192.168.1.100 10.0.0.1
+bind 127.0.0.1
+
+# Specify the path for the unix socket that will be used to listen for
+# incoming connections. There is no default, so Redis will not listen
+# on a unix socket when not specified.
+#
+# unixsocket /tmp/redis.sock
+# unixsocketperm 755
+
+# Close the connection after a client is idle for N seconds (0 to disable)
+timeout 0
+
+# TCP keepalive.
+#
+# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence
+# of communication. This is useful for two reasons:
+#
+# 1) Detect dead peers.
+# 2) Take the connection alive from the point of view of network
+# equipment in the middle.
+#
+# On Linux, the specified value (in seconds) is the period used to send ACKs.
+# Note that to close the connection the double of the time is needed.
+# On other kernels the period depends on the kernel configuration.
+#
+# A reasonable value for this option is 60 seconds.
+tcp-keepalive 0
+
+# Specify the server verbosity level.
+# This can be one of:
+# debug (a lot of information, useful for development/testing)
+# verbose (many rarely useful info, but not a mess like the debug level)
+# notice (moderately verbose, what you want in production probably)
+# warning (only very important / critical messages are logged)
+loglevel notice
+
+# Specify the log file name. Also the emptry string can be used to force
+# Redis to log on the standard output. Note that if you use standard
+# output for logging but daemonize, logs will be sent to /dev/null
+logfile ""
+
+# To enable logging to the system logger, just set 'syslog-enabled' to yes,
+# and optionally update the other syslog parameters to suit your needs.
+# syslog-enabled no
+
+# Specify the syslog identity.
+# syslog-ident redis
+
+# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
+# syslog-facility local0
+
+# Set the number of databases. The default database is DB 0, you can select
+# a different one on a per-connection basis using SELECT <dbid> where
+# dbid is a number between 0 and 'databases'-1
+databases 16
+
+################################ SNAPSHOTTING #################################
+#
+# Save the DB on disk:
+#
+# save <seconds> <changes>
+#
+# Will save the DB if both the given number of seconds and the given
+# number of write operations against the DB occurred.
+#
+# In the example below the behaviour will be to save:
+# after 900 sec (15 min) if at least 1 key changed
+# after 300 sec (5 min) if at least 10 keys changed
+# after 60 sec if at least 10000 keys changed
+#
+# Note: you can disable saving at all commenting all the "save" lines.
+#
+# It is also possible to remove all the previously configured save
+# points by adding a save directive with a single empty string argument
+# like in the following example:
+#
+# save ""
+
+save 900 1
+save 300 10
+save 60 10000
+
+# By default Redis will stop accepting writes if RDB snapshots are enabled
+# (at least one save point) and the latest background save failed.
+# This will make the user aware (in an hard way) that data is not persisting
+# on disk properly, otherwise chances are that no one will notice and some
+# distater will happen.
+#
+# If the background saving process will start working again Redis will
+# automatically allow writes again.
+#
+# However if you have setup your proper monitoring of the Redis server
+# and persistence, you may want to disable this feature so that Redis will
+# continue to work as usually even if there are problems with disk,
+# permissions, and so forth.
+stop-writes-on-bgsave-error yes
+
+# Compress string objects using LZF when dump .rdb databases?
+# For default that's set to 'yes' as it's almost always a win.
+# If you want to save some CPU in the saving child set it to 'no' but
+# the dataset will likely be bigger if you have compressible values or keys.
+rdbcompression yes
+
+# Since version 5 of RDB a CRC64 checksum is placed at the end of the file.
+# This makes the format more resistant to corruption but there is a performance
+# hit to pay (around 10%) when saving and loading RDB files, so you can disable it
+# for maximum performances.
+#
+# RDB files created with checksum disabled have a checksum of zero that will
+# tell the loading code to skip the check.
+rdbchecksum yes
+
+# The filename where to dump the DB
+dbfilename dump.rdb
+
+# The working directory.
+#
+# The DB will be written inside this directory, with the filename specified
+# above using the 'dbfilename' configuration directive.
+#
+# The Append Only File will also be created inside this directory.
+#
+# Note that you must specify a directory here, not a file name.
+dir /var/opt/gitlab/redis
+
+################################# REPLICATION #################################
+
+# Master-Slave replication. Use slaveof to make a Redis instance a copy of
+# another Redis server. Note that the configuration is local to the slave
+# so for example it is possible to configure the slave to save the DB with a
+# different interval, or to listen to another port, and so on.
+#
+# slaveof <masterip> <masterport>
+
+# If the master is password protected (using the "requirepass" configuration
+# directive below) it is possible to tell the slave to authenticate before
+# starting the replication synchronization process, otherwise the master will
+# refuse the slave request.
+#
+# masterauth <master-password>
+
+# When a slave loses its connection with the master, or when the replication
+# is still in progress, the slave can act in two different ways:
+#
+# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will
+# still reply to client requests, possibly with out of date data, or the
+# data set may just be empty if this is the first synchronization.
+#
+# 2) if slave-serve-stale-data is set to 'no' the slave will reply with
+# an error "SYNC with master in progress" to all the kind of commands
+# but to INFO and SLAVEOF.
+#
+slave-serve-stale-data yes
+
+# You can configure a slave instance to accept writes or not. Writing against
+# a slave instance may be useful to store some ephemeral data (because data
+# written on a slave will be easily deleted after resync with the master) but
+# may also cause problems if clients are writing to it because of a
+# misconfiguration.
+#
+# Since Redis 2.6 by default slaves are read-only.
+#
+# Note: read only slaves are not designed to be exposed to untrusted clients
+# on the internet. It's just a protection layer against misuse of the instance.
+# Still a read only slave exports by default all the administrative commands
+# such as CONFIG, DEBUG, and so forth. To a limited extend you can improve
+# security of read only slaves using 'rename-command' to shadow all the
+# administrative / dangerous commands.
+slave-read-only yes
+
+# Slaves send PINGs to server in a predefined interval. It's possible to change
+# this interval with the repl_ping_slave_period option. The default value is 10
+# seconds.
+#
+# repl-ping-slave-period 10
+
+# The following option sets the replication timeout for:
+#
+# 1) Bulk transfer I/O during SYNC, from the point of view of slave.
+# 2) Master timeout from the point of view of slaves (data, pings).
+# 3) Slave timeout from the point of view of masters (REPLCONF ACK pings).
+#
+# It is important to make sure that this value is greater than the value
+# specified for repl-ping-slave-period otherwise a timeout will be detected
+# every time there is low traffic between the master and the slave.
+#
+# repl-timeout 60
+
+# Disable TCP_NODELAY on the slave socket after SYNC?
+#
+# If you select "yes" Redis will use a smaller number of TCP packets and
+# less bandwidth to send data to slaves. But this can add a delay for
+# the data to appear on the slave side, up to 40 milliseconds with
+# Linux kernels using a default configuration.
+#
+# If you select "no" the delay for data to appear on the slave side will
+# be reduced but more bandwidth will be used for replication.
+#
+# By default we optimize for low latency, but in very high traffic conditions
+# or when the master and slaves are many hops away, turning this to "yes" may
+# be a good idea.
+repl-disable-tcp-nodelay no
+
+# Set the replication backlog size. The backlog is a buffer that accumulates
+# slave data when slaves are disconnected for some time, so that when a slave
+# wants to reconnect again, often a full resync is not needed, but a partial
+# resync is enough, just passing the portion of data the slave missed while
+# disconnected.
+#
+# The biggest the replication backlog, the longer the time the slave can be
+# disconnected and later be able to perform a partial resynchronization.
+#
+# The backlog is only allocated once there is at least a slave connected.
+#
+# repl-backlog-size 1mb
+
+# After a master has no longer connected slaves for some time, the backlog
+# will be freed. The following option configures the amount of seconds that
+# need to elapse, starting from the time the last slave disconnected, for
+# the backlog buffer to be freed.
+#
+# A value of 0 means to never release the backlog.
+#
+# repl-backlog-ttl 3600
+
+# The slave priority is an integer number published by Redis in the INFO output.
+# It is used by Redis Sentinel in order to select a slave to promote into a
+# master if the master is no longer working correctly.
+#
+# A slave with a low priority number is considered better for promotion, so
+# for instance if there are three slaves with priority 10, 100, 25 Sentinel will
+# pick the one wtih priority 10, that is the lowest.
+#
+# However a special priority of 0 marks the slave as not able to perform the
+# role of master, so a slave with priority of 0 will never be selected by
+# Redis Sentinel for promotion.
+#
+# By default the priority is 100.
+slave-priority 100
+
+# It is possible for a master to stop accepting writes if there are less than
+# N slaves connected, having a lag less or equal than M seconds.
+#
+# The N slaves need to be in "online" state.
+#
+# The lag in seconds, that must be <= the specified value, is calculated from
+# the last ping received from the slave, that is usually sent every second.
+#
+# This option does not GUARANTEES that N replicas will accept the write, but
+# will limit the window of exposure for lost writes in case not enough slaves
+# are available, to the specified number of seconds.
+#
+# For example to require at least 3 slaves with a lag <= 10 seconds use:
+#
+# min-slaves-to-write 3
+# min-slaves-max-lag 10
+#
+# Setting one or the other to 0 disables the feature.
+#
+# By default min-slaves-to-write is set to 0 (feature disabled) and
+# min-slaves-max-lag is set to 10.
+
+################################## SECURITY ###################################
+
+# Require clients to issue AUTH <PASSWORD> before processing any other
+# commands. This might be useful in environments in which you do not trust
+# others with access to the host running redis-server.
+#
+# This should stay commented out for backward compatibility and because most
+# people do not need auth (e.g. they run their own servers).
+#
+# Warning: since Redis is pretty fast an outside user can try up to
+# 150k passwords per second against a good box. This means that you should
+# use a very strong password otherwise it will be very easy to break.
+#
+# requirepass foobared
+
+# Command renaming.
+#
+# It is possible to change the name of dangerous commands in a shared
+# environment. For instance the CONFIG command may be renamed into something
+# hard to guess so that it will still be available for internal-use tools
+# but not available for general clients.
+#
+# Example:
+#
+# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
+#
+# It is also possible to completely kill a command by renaming it into
+# an empty string:
+#
+# rename-command CONFIG ""
+#
+# Please note that changing the name of commands that are logged into the
+# AOF file or transmitted to slaves may cause problems.
+
+################################### LIMITS ####################################
+
+# Set the max number of connected clients at the same time. By default
+# this limit is set to 10000 clients, however if the Redis server is not
+# able to configure the process file limit to allow for the specified limit
+# the max number of allowed clients is set to the current file limit
+# minus 32 (as Redis reserves a few file descriptors for internal uses).
+#
+# Once the limit is reached Redis will close all the new connections sending
+# an error 'max number of clients reached'.
+#
+# maxclients 10000
+
+# Don't use more memory than the specified amount of bytes.
+# When the memory limit is reached Redis will try to remove keys
+# accordingly to the eviction policy selected (see maxmemmory-policy).
+#
+# If Redis can't remove keys according to the policy, or if the policy is
+# set to 'noeviction', Redis will start to reply with errors to commands
+# that would use more memory, like SET, LPUSH, and so on, and will continue
+# to reply to read-only commands like GET.
+#
+# This option is usually useful when using Redis as an LRU cache, or to set
+# an hard memory limit for an instance (using the 'noeviction' policy).
+#
+# WARNING: If you have slaves attached to an instance with maxmemory on,
+# the size of the output buffers needed to feed the slaves are subtracted
+# from the used memory count, so that network problems / resyncs will
+# not trigger a loop where keys are evicted, and in turn the output
+# buffer of slaves is full with DELs of keys evicted triggering the deletion
+# of more keys, and so forth until the database is completely emptied.
+#
+# In short... if you have slaves attached it is suggested that you set a lower
+# limit for maxmemory so that there is some free RAM on the system for slave
+# output buffers (but this is not needed if the policy is 'noeviction').
+#
+# maxmemory <bytes>
+
+# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
+# is reached. You can select among five behaviors:
+#
+# volatile-lru -> remove the key with an expire set using an LRU algorithm
+# allkeys-lru -> remove any key accordingly to the LRU algorithm
+# volatile-random -> remove a random key with an expire set
+# allkeys-random -> remove a random key, any key
+# volatile-ttl -> remove the key with the nearest expire time (minor TTL)
+# noeviction -> don't expire at all, just return an error on write operations
+#
+# Note: with any of the above policies, Redis will return an error on write
+# operations, when there are not suitable keys for eviction.
+#
+# At the date of writing this commands are: set setnx setex append
+# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd
+# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby
+# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby
+# getset mset msetnx exec sort
+#
+# The default is:
+#
+# maxmemory-policy volatile-lru
+
+# LRU and minimal TTL algorithms are not precise algorithms but approximated
+# algorithms (in order to save memory), so you can select as well the sample
+# size to check. For instance for default Redis will check three keys and
+# pick the one that was used less recently, you can change the sample size
+# using the following configuration directive.
+#
+# maxmemory-samples 3
+
+############################## APPEND ONLY MODE ###############################
+
+# By default Redis asynchronously dumps the dataset on disk. This mode is
+# good enough in many applications, but an issue with the Redis process or
+# a power outage may result into a few minutes of writes lost (depending on
+# the configured save points).
+#
+# The Append Only File is an alternative persistence mode that provides
+# much better durability. For instance using the default data fsync policy
+# (see later in the config file) Redis can lose just one second of writes in a
+# dramatic event like a server power outage, or a single write if something
+# wrong with the Redis process itself happens, but the operating system is
+# still running correctly.
+#
+# AOF and RDB persistence can be enabled at the same time without problems.
+# If the AOF is enabled on startup Redis will load the AOF, that is the file
+# with the better durability guarantees.
+#
+# Please check http://redis.io/topics/persistence for more information.
+
+appendonly no
+
+# The name of the append only file (default: "appendonly.aof")
+# appendfilename appendonly.aof
+
+# The fsync() call tells the Operating System to actually write data on disk
+# instead to wait for more data in the output buffer. Some OS will really flush
+# data on disk, some other OS will just try to do it ASAP.
+#
+# Redis supports three different modes:
+#
+# no: don't fsync, just let the OS flush the data when it wants. Faster.
+# always: fsync after every write to the append only log . Slow, Safest.
+# everysec: fsync only one time every second. Compromise.
+#
+# The default is "everysec", as that's usually the right compromise between
+# speed and data safety. It's up to you to understand if you can relax this to
+# "no" that will let the operating system flush the output buffer when
+# it wants, for better performances (but if you can live with the idea of
+# some data loss consider the default persistence mode that's snapshotting),
+# or on the contrary, use "always" that's very slow but a bit safer than
+# everysec.
+#
+# More details please check the following article:
+# http://antirez.com/post/redis-persistence-demystified.html
+#
+# If unsure, use "everysec".
+
+# appendfsync always
+appendfsync everysec
+# appendfsync no
+
+# When the AOF fsync policy is set to always or everysec, and a background
+# saving process (a background save or AOF log background rewriting) is
+# performing a lot of I/O against the disk, in some Linux configurations
+# Redis may block too long on the fsync() call. Note that there is no fix for
+# this currently, as even performing fsync in a different thread will block
+# our synchronous write(2) call.
+#
+# In order to mitigate this problem it's possible to use the following option
+# that will prevent fsync() from being called in the main process while a
+# BGSAVE or BGREWRITEAOF is in progress.
+#
+# This means that while another child is saving, the durability of Redis is
+# the same as "appendfsync none". In practical terms, this means that it is
+# possible to lose up to 30 seconds of log in the worst scenario (with the
+# default Linux settings).
+#
+# If you have latency problems turn this to "yes". Otherwise leave it as
+# "no" that is the safest pick from the point of view of durability.
+no-appendfsync-on-rewrite no
+
+# Automatic rewrite of the append only file.
+# Redis is able to automatically rewrite the log file implicitly calling
+# BGREWRITEAOF when the AOF log size grows by the specified percentage.
+#
+# This is how it works: Redis remembers the size of the AOF file after the
+# latest rewrite (if no rewrite has happened since the restart, the size of
+# the AOF at startup is used).
+#
+# This base size is compared to the current size. If the current size is
+# bigger than the specified percentage, the rewrite is triggered. Also
+# you need to specify a minimal size for the AOF file to be rewritten, this
+# is useful to avoid rewriting the AOF file even if the percentage increase
+# is reached but it is still pretty small.
+#
+# Specify a percentage of zero in order to disable the automatic AOF
+# rewrite feature.
+
+auto-aof-rewrite-percentage 100
+auto-aof-rewrite-min-size 64mb
+
+################################ LUA SCRIPTING ###############################
+
+# Max execution time of a Lua script in milliseconds.
+#
+# If the maximum execution time is reached Redis will log that a script is
+# still in execution after the maximum allowed time and will start to
+# reply to queries with an error.
+#
+# When a long running script exceed the maximum execution time only the
+# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be
+# used to stop a script that did not yet called write commands. The second
+# is the only way to shut down the server in the case a write commands was
+# already issue by the script but the user don't want to wait for the natural
+# termination of the script.
+#
+# Set it to 0 or a negative value for unlimited execution without warnings.
+lua-time-limit 5000
+
+################################## SLOW LOG ###################################
+
+# The Redis Slow Log is a system to log queries that exceeded a specified
+# execution time. The execution time does not include the I/O operations
+# like talking with the client, sending the reply and so forth,
+# but just the time needed to actually execute the command (this is the only
+# stage of command execution where the thread is blocked and can not serve
+# other requests in the meantime).
+#
+# You can configure the slow log with two parameters: one tells Redis
+# what is the execution time, in microseconds, to exceed in order for the
+# command to get logged, and the other parameter is the length of the
+# slow log. When a new command is logged the oldest one is removed from the
+# queue of logged commands.
+
+# The following time is expressed in microseconds, so 1000000 is equivalent
+# to one second. Note that a negative number disables the slow log, while
+# a value of zero forces the logging of every command.
+slowlog-log-slower-than 10000
+
+# There is no limit to this length. Just be aware that it will consume memory.
+# You can reclaim memory used by the slow log with SLOWLOG RESET.
+slowlog-max-len 128
+
+############################# Event notification ##############################
+
+# Redis can notify Pub/Sub clients about events happening in the key space.
+# This feature is documented at http://redis.io/topics/keyspace-events
+#
+# For instance if keyspace events notification is enabled, and a client
+# performs a DEL operation on key "foo" stored in the Database 0, two
+# messages will be published via Pub/Sub:
+#
+# PUBLISH __keyspace@0__:foo del
+# PUBLISH __keyevent@0__:del foo
+#
+# It is possible to select the events that Redis will notify among a set
+# of classes. Every class is identified by a single character:
+#
+# K Keyspace events, published with __keyspace@<db>__ prefix.
+# E Keyevent events, published with __keyevent@<db>__ prefix.
+# g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ...
+# $ String commands
+# l List commands
+# s Set commands
+# h Hash commands
+# z Sorted set commands
+# x Expired events (events generated every time a key expires)
+# e Evicted events (events generated when a key is evicted for maxmemory)
+# A Alias for g$lshzxe, so that the "AKE" string means all the events.
+#
+# The "notify-keyspace-events" takes as argument a string that is composed
+# by zero or multiple characters. The empty string means that notifications
+# are disabled at all.
+#
+# Example: to enable list and generic events, from the point of view of the
+# event name, use:
+#
+# notify-keyspace-events Elg
+#
+# Example 2: to get the stream of the expired keys subscribing to channel
+# name __keyevent@0__:expired use:
+#
+# notify-keyspace-events Ex
+#
+# By default all notifications are disabled because most users don't need
+# this feature and the feature has some overhead. Note that if you don't
+# specify at least one of K or E, no events will be delivered.
+notify-keyspace-events ""
+
+############################### ADVANCED CONFIG ###############################
+
+# Hashes are encoded using a memory efficient data structure when they have a
+# small number of entries, and the biggest entry does not exceed a given
+# threshold. These thresholds can be configured using the following directives.
+hash-max-ziplist-entries 512
+hash-max-ziplist-value 64
+
+# Similarly to hashes, small lists are also encoded in a special way in order
+# to save a lot of space. The special representation is only used when
+# you are under the following limits:
+list-max-ziplist-entries 512
+list-max-ziplist-value 64
+
+# Sets have a special encoding in just one case: when a set is composed
+# of just strings that happens to be integers in radix 10 in the range
+# of 64 bit signed integers.
+# The following configuration setting sets the limit in the size of the
+# set in order to use this special memory saving encoding.
+set-max-intset-entries 512
+
+# Similarly to hashes and lists, sorted sets are also specially encoded in
+# order to save a lot of space. This encoding is only used when the length and
+# elements of a sorted set are below the following limits:
+zset-max-ziplist-entries 128
+zset-max-ziplist-value 64
+
+# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
+# order to help rehashing the main Redis hash table (the one mapping top-level
+# keys to values). The hash table implementation Redis uses (see dict.c)
+# performs a lazy rehashing: the more operation you run into an hash table
+# that is rehashing, the more rehashing "steps" are performed, so if the
+# server is idle the rehashing is never complete and some more memory is used
+# by the hash table.
+#
+# The default is to use this millisecond 10 times every second in order to
+# active rehashing the main dictionaries, freeing memory when possible.
+#
+# If unsure:
+# use "activerehashing no" if you have hard latency requirements and it is
+# not a good thing in your environment that Redis can reply form time to time
+# to queries with 2 milliseconds delay.
+#
+# use "activerehashing yes" if you don't have such hard requirements but
+# want to free memory asap when possible.
+activerehashing yes
+
+# The client output buffer limits can be used to force disconnection of clients
+# that are not reading data from the server fast enough for some reason (a
+# common reason is that a Pub/Sub client can't consume messages as fast as the
+# publisher can produce them).
+#
+# The limit can be set differently for the three different classes of clients:
+#
+# normal -> normal clients
+# slave -> slave clients and MONITOR clients
+# pubsub -> clients subcribed to at least one pubsub channel or pattern
+#
+# The syntax of every client-output-buffer-limit directive is the following:
+#
+# client-output-buffer-limit <class> <hard limit> <soft limit> <soft seconds>
+#
+# A client is immediately disconnected once the hard limit is reached, or if
+# the soft limit is reached and remains reached for the specified number of
+# seconds (continuously).
+# So for instance if the hard limit is 32 megabytes and the soft limit is
+# 16 megabytes / 10 seconds, the client will get disconnected immediately
+# if the size of the output buffers reach 32 megabytes, but will also get
+# disconnected if the client reaches 16 megabytes and continuously overcomes
+# the limit for 10 seconds.
+#
+# By default normal clients are not limited because they don't receive data
+# without asking (in a push way), but just after a request, so only
+# asynchronous clients may create a scenario where data is requested faster
+# than it can read.
+#
+# Instead there is a default limit for pubsub and slave clients, since
+# subscribers and slaves receive data in a push fashion.
+#
+# Both the hard or the soft limit can be disabled by setting them to zero.
+client-output-buffer-limit normal 0 0 0
+client-output-buffer-limit slave 256mb 64mb 60
+client-output-buffer-limit pubsub 32mb 8mb 60
+
+# Redis calls an internal function to perform many background tasks, like
+# closing connections of clients in timeot, purging expired keys that are
+# never requested, and so forth.
+#
+# Not all tasks are performed with the same frequency, but Redis checks for
+# tasks to perform accordingly to the specified "hz" value.
+#
+# By default "hz" is set to 10. Raising the value will use more CPU when
+# Redis is idle, but at the same time will make Redis more responsive when
+# there are many keys expiring at the same time, and timeouts may be
+# handled with more precision.
+#
+# The range is between 1 and 500, however a value over 100 is usually not
+# a good idea. Most users should use the default of 10 and raise this up to
+# 100 only in environments where very low latency is required.
+hz 10
+
+# When a child rewrites the AOF file, if the following option is enabled
+# the file will be fsync-ed every 32 MB of data generated. This is useful
+# in order to commit the file to the disk more incrementally and avoid
+# big latency spikes.
+aof-rewrite-incremental-fsync yes
+
+################################## INCLUDES ###################################
+
+# Include one or more other config files here. This is useful if you
+# have a standard template that goes to all Redis server but also need
+# to customize a few per-server settings. Include files can include
+# other files, so use this wisely.
+#
+# include /path/to/local.conf
+# include /path/to/other.conf
- change mode from '' to '0644'
- change owner from '' to 'gitlab-redis'
* directory[/opt/gitlab/sv/redis] action create
- create new directory /opt/gitlab/sv/redis
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* directory[/opt/gitlab/sv/redis/log] action create
- create new directory /opt/gitlab/sv/redis/log
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* directory[/opt/gitlab/sv/redis/log/main] action create
- create new directory /opt/gitlab/sv/redis/log/main
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* template[/opt/gitlab/sv/redis/run] action create
- create new file /opt/gitlab/sv/redis/run
- update content in file /opt/gitlab/sv/redis/run from none to a62052
--- /opt/gitlab/sv/redis/run 2014-08-08 09:37:50.892305271 +0000
+++ /tmp/chef-rendered-template20140808-7887-1xop10j 2014-08-08 09:37:50.894305301 +0000
@@ -1 +1,5 @@
+#!/bin/sh
+exec 2>&1
+
+exec chpst -P -U gitlab-redis -u gitlab-redis /opt/gitlab/embedded/bin/redis-server /var/opt/gitlab/redis/redis.conf
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* template[/opt/gitlab/sv/redis/log/run] action create
- create new file /opt/gitlab/sv/redis/log/run
- update content in file /opt/gitlab/sv/redis/log/run from none to af1017
--- /opt/gitlab/sv/redis/log/run 2014-08-08 09:37:50.897305344 +0000
+++ /tmp/chef-rendered-template20140808-7887-zzpf7 2014-08-08 09:37:50.897305344 +0000
@@ -1 +1,3 @@
+#!/bin/sh
+exec svlogd -tt /var/log/gitlab/redis
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* template[/var/log/gitlab/redis/config] action create
- create new file /var/log/gitlab/redis/config
- update content in file /var/log/gitlab/redis/config from none to 623c00
--- /var/log/gitlab/redis/config 2014-08-08 09:37:50.900305389 +0000
+++ /tmp/chef-rendered-template20140808-7887-1dui1a0 2014-08-08 09:37:50.900305389 +0000
@@ -1 +1,7 @@
+s209715200
+n30
+t86400
+!gzip
+
+
- change owner from '' to 'root'
- change group from '' to 'root'
* ruby_block[reload redis svlogd configuration] action nothing (skipped due to action :nothing)
* file[/opt/gitlab/sv/redis/down] action delete (up to date)
* link[/opt/gitlab/init/redis] action create
- create symlink at /opt/gitlab/init/redis to /opt/gitlab/embedded/bin/sv
* link[/opt/gitlab/service/redis] action create
- create symlink at /opt/gitlab/service/redis to /opt/gitlab/sv/redis
* ruby_block[supervise_redis_sleep] action runFrom this point on nothing happens.
Searching for the last line lead me to some issues reported here (https://gitlab.com/gitlab-org/omnibus-gitlab/issues/117, https://gitlab.com/gitlab-org/omnibus-gitlab/issues/160). I try to give the output that seemed to be frequently asked for:
# ps aux | grep runsv
root 8119 0.0 0.0 6260 720 pts/1 S+ 09:46 0:00 grep runsv# /opt/gitlab/embedded/bin/ohai platform_family platform_version platform
[
"debian"
]
[
"7.6"
]
[
"debian"
]Executing
# sudo /opt/gitlab/embedded/bin/runsvdir-start
/opt/gitlab/embedded/bin/runsvdir-start: line 39: /proc/sys/fs/file-max: Permission deniedin a separate terminal gives the above error message and seems to hang then. However, at the same time the reconfigure does not hang anymore and continues:
* ruby_block[supervise_redis_sleep] action run
- execute the ruby block supervise_redis_sleep
* service[redis] action nothing (skipped due to action :nothing)
* execute[/opt/gitlab/bin/gitlab-ctl start redis] action run
- execute /opt/gitlab/bin/gitlab-ctl start redis
Recipe: gitlab::postgresql
* group[gitlab-psql] action create
- create group[gitlab-psql]
* user[gitlab-psql] action create
- create user user[gitlab-psql]
* directory[/var/opt/gitlab/postgresql] action create
- create new directory /var/opt/gitlab/postgresql
- change mode from '' to '0700'
- change owner from '' to 'gitlab-psql'
* directory[/var/opt/gitlab/postgresql/data] action create
- create new directory /var/opt/gitlab/postgresql/data
- change mode from '' to '0700'
- change owner from '' to 'gitlab-psql'
* directory[/var/log/gitlab/postgresql] action create
- create new directory /var/log/gitlab/postgresql
- change mode from '' to '0700'
- change owner from '' to 'gitlab-psql'
* link[/var/opt/gitlab/postgresql/data] action create (skipped due to not_if)
* file[/var/opt/gitlab/postgresql/.profile] action create
- create new file /var/opt/gitlab/postgresql/.profile
- update content in file /var/opt/gitlab/postgresql/.profile from none to 3b0387
--- /var/opt/gitlab/postgresql/.profile 2014-08-08 09:46:59.210372890 +0000
+++ /tmp/..profile20140808-7887-q5v5rx 2014-08-08 09:46:59.211372905 +0000
@@ -1 +1,2 @@
+PATH=/opt/gitlab/embedded/bin:/opt/gitlab/bin:$PATH
- change mode from '' to '0644'
- change owner from '' to 'gitlab-psql'
* service[procps] action nothing (skipped due to action :nothing)
* template[/etc/sysctl.d/90-postgresql.conf] action create
- create new file /etc/sysctl.d/90-postgresql.conf
- update content in file /etc/sysctl.d/90-postgresql.conf from none to 50478d
--- /etc/sysctl.d/90-postgresql.conf 2014-08-08 09:46:59.214372948 +0000
+++ /tmp/chef-rendered-template20140808-7887-sp8023 2014-08-08 09:46:59.215372963 +0000
@@ -1 +1,9 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+#
+# gitlab postgresql kernel shm tweaks
+#
+kernel.shmmax = 17179869184
+kernel.shmall = 4194304
- change mode from '' to '0644'
- change owner from '' to 'root'
* service[procps] action start
- start service service[procps]
* execute[/opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8] action run
- execute /opt/gitlab/embedded/bin/initdb -D /var/opt/gitlab/postgresql/data -E UTF8
* template[/var/opt/gitlab/postgresql/data/postgresql.conf] action create
- update content in file /var/opt/gitlab/postgresql/data/postgresql.conf from 2ec3e7 to 1bdd3a
--- /var/opt/gitlab/postgresql/data/postgresql.conf 2014-08-08 09:46:59.498377124 +0000
+++ /tmp/chef-rendered-template20140808-7887-1bbbs9v 2014-08-08 09:47:02.189416692 +0000
@@ -1,3 +1,7 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
# -----------------------------
# PostgreSQL configuration file
# -----------------------------
@@ -38,16 +42,16 @@
# The default values of these variables are driven from the -D command-line
# option or PGDATA environment variable, represented here as ConfigDir.
-#data_directory = 'ConfigDir' # use data in another directory
- # (change requires restart)
-#hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file
- # (change requires restart)
-#ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file
- # (change requires restart)
+#data_directory = 'ConfigDir' # use data in another directory
+ # (change requires restart)
+#hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file
+ # (change requires restart)
+#ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file
+ # (change requires restart)
# If external_pid_file is not explicitly set, no extra PID file is written.
-#external_pid_file = '' # write an extra PID file
- # (change requires restart)
+#external_pid_file = '(none)' # write an extra PID file
+ # (change requires restart)
#------------------------------------------------------------------------------
@@ -56,52 +60,48 @@
# - Connection Settings -
-#listen_addresses = 'localhost' # what IP address(es) to listen on;
- # comma-separated list of addresses;
- # defaults to 'localhost'; use '*' for all
- # (change requires restart)
-#port = 5432 # (change requires restart)
-max_connections = 100 # (change requires restart)
+listen_addresses = '' # what IP address(es) to listen on;
+ # comma-separated list of addresses;
+ # defaults to 'localhost', '*' = all
+ # (change requires restart)
+port = 5432 # (change requires restart)
+max_connections = 200 # (change requires restart)
# Note: Increasing max_connections costs ~400 bytes of shared memory per
# connection slot, plus lock space (see max_locks_per_transaction).
-#superuser_reserved_connections = 3 # (change requires restart)
-#unix_socket_directory = '' # (change requires restart)
-#unix_socket_group = '' # (change requires restart)
-#unix_socket_permissions = 0777 # begin with 0 to use octal notation
- # (change requires restart)
-#bonjour = off # advertise server via Bonjour
- # (change requires restart)
-#bonjour_name = '' # defaults to the computer name
- # (change requires restart)
+#superuser_reserved_connections = 3 # (change requires restart)
+#unix_socket_directory = '' # (change requires restart)
+#unix_socket_group = '' # (change requires restart)
+#unix_socket_permissions = 0777 # begin with 0 to use octal notation
+ # (change requires restart)
+#bonjour = off # advertise server via Bonjour
+ # (change requires restart)
+#bonjour_name = '' # defaults to the computer name
+ # (change requires restart)
# - Security and Authentication -
-#authentication_timeout = 1min # 1s-600s
-#ssl = off # (change requires restart)
-#ssl_ciphers = 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH' # allowed SSL ciphers
- # (change requires restart)
-#ssl_renegotiation_limit = 512MB # amount of data between renegotiations
-#ssl_cert_file = 'server.crt' # (change requires restart)
-#ssl_key_file = 'server.key' # (change requires restart)
-#ssl_ca_file = '' # (change requires restart)
-#ssl_crl_file = '' # (change requires restart)
+#authentication_timeout = 1min # 1s-600s
+#ssl = off # (change requires restart)
+#ssl_ciphers = 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH' # allowed SSL ciphers
+ # (change requires restart)
+#ssl_renegotiation_limit = 512MB # amount of data between renegotiations
#password_encryption = on
#db_user_namespace = off
# Kerberos and GSSAPI
#krb_server_keyfile = ''
-#krb_srvname = 'postgres' # (Kerberos only)
+#krb_srvname = 'postgres' # (Kerberos only)
#krb_caseins_users = off
# - TCP Keepalives -
# see "man 7 tcp" for details
-#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds;
- # 0 selects the system default
-#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds;
- # 0 selects the system default
-#tcp_keepalives_count = 0 # TCP_KEEPCNT;
- # 0 selects the system default
+#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds;
+ # 0 selects the system default
+#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds;
+ # 0 selects the system default
+#tcp_keepalives_count = 0 # TCP_KEEPCNT;
+ # 0 selects the system default
#------------------------------------------------------------------------------
@@ -110,47 +110,42 @@
# - Memory -
-shared_buffers = 32MB # min 128kB
- # (change requires restart)
-#temp_buffers = 8MB # min 800kB
-#max_prepared_transactions = 0 # zero disables the feature
- # (change requires restart)
+shared_buffers = 1024MB # min 128kB
+ # (change requires restart)
+#temp_buffers = 8MB # min 800kB
+#max_prepared_transactions = 0 # zero disables the feature
+ # (change requires restart)
# Note: Increasing max_prepared_transactions costs ~600 bytes of shared memory
# per transaction slot, plus lock space (see max_locks_per_transaction).
# It is not advisable to set max_prepared_transactions nonzero unless you
# actively intend to use prepared transactions.
-#work_mem = 1MB # min 64kB
-#maintenance_work_mem = 16MB # min 1MB
-#max_stack_depth = 2MB # min 100kB
+work_mem = 8MB # min 64kB
+#maintenance_work_mem = 16MB # min 1MB
+#max_stack_depth = 2MB # min 100kB
-# - Disk -
-
-#temp_file_limit = -1 # limits per-session temp file space
- # in kB, or -1 for no limit
-
# - Kernel Resource Usage -
-#max_files_per_process = 1000 # min 25
- # (change requires restart)
-#shared_preload_libraries = '' # (change requires restart)
+#max_files_per_process = 1000 # min 25
+ # (change requires restart)
+#shared_preload_libraries = '' # (change requires restart)
# - Cost-Based Vacuum Delay -
-#vacuum_cost_delay = 0ms # 0-100 milliseconds
-#vacuum_cost_page_hit = 1 # 0-10000 credits
-#vacuum_cost_page_miss = 10 # 0-10000 credits
-#vacuum_cost_page_dirty = 20 # 0-10000 credits
-#vacuum_cost_limit = 200 # 1-10000 credits
+#vacuum_cost_delay = 0ms # 0-100 milliseconds
+#vacuum_cost_page_hit = 1 # 0-10000 credits
+#vacuum_cost_page_miss = 10 # 0-10000 credits
+#vacuum_cost_page_dirty = 20 # 0-10000 credits
+#vacuum_cost_limit = 200 # 1-10000 credits
# - Background Writer -
-#bgwriter_delay = 200ms # 10-10000ms between rounds
-#bgwriter_lru_maxpages = 100 # 0-1000 max buffers written/round
-#bgwriter_lru_multiplier = 2.0 # 0-10.0 multipler on buffers scanned/round
+#bgwriter_delay = 200ms # 10-10000ms between rounds
+#bgwriter_lru_maxpages = 100 # 0-1000 max buffers written/round
+#bgwriter_lru_multiplier = 2.0 # 0-10.0 multipler on buffers scanned/round
# - Asynchronous Behavior -
-#effective_io_concurrency = 1 # 1-1000; 0 disables prefetching
+#effective_io_concurrency = 1 # 1-1000. 0 disables prefetching
#------------------------------------------------------------------------------
@@ -159,83 +154,75 @@
# - Settings -
-#wal_level = minimal # minimal, archive, or hot_standby
- # (change requires restart)
-#fsync = on # turns forced synchronization on or off
-#synchronous_commit = on # synchronization level;
- # off, local, remote_write, or on
-#wal_sync_method = fsync # the default is the first option
- # supported by the operating system:
- # open_datasync
- # fdatasync (default on Linux)
- # fsync
- # fsync_writethrough
- # open_sync
-#full_page_writes = on # recover from partial page writes
-#wal_buffers = -1 # min 32kB, -1 sets based on shared_buffers
- # (change requires restart)
-#wal_writer_delay = 200ms # 1-10000 milliseconds
+#wal_level = minimal # minimal, archive, or hot_standby
+ # (change requires restart)
+#fsync = on # turns forced synchronization on or off
+#synchronous_commit = on # synchronization level; on, off, or local
+#wal_sync_method = fsync # the default is the first option
+ # supported by the operating system:
+ # open_datasync
+ # fdatasync (default on Linux)
+ # fsync
+ # fsync_writethrough
+ # open_sync
+#full_page_writes = on # recover from partial page writes
+#wal_buffers = -1 # min 32kB, -1 sets based on shared_buffers
+ # (change requires restart)
+#wal_writer_delay = 200ms # 1-10000 milliseconds
-#commit_delay = 0 # range 0-100000, in microseconds
-#commit_siblings = 5 # range 1-1000
+#commit_delay = 0 # range 0-100000, in microseconds
+#commit_siblings = 5 # range 1-1000
# - Checkpoints -
-#checkpoint_segments = 3 # in logfile segments, min 1, 16MB each
-#checkpoint_timeout = 5min # range 30s-1h
-#checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0
-#checkpoint_warning = 30s # 0 disables
+checkpoint_segments = 10 # in logfile segments, min 1, 16MB each, default 3
+checkpoint_timeout = 5min # range 30s-1h, default 5min
+checkpoint_completion_target = 0.9 # checkpoint target duration, 0.0 - 1.0, default 0.5
+checkpoint_warning = 30s # 0 disables, default 30s
# - Archiving -
-#archive_mode = off # allows archiving to be done
- # (change requires restart)
-#archive_command = '' # command to use to archive a logfile segment
- # placeholders: %p = path of file to archive
- # %f = file name only
- # e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f'
-#archive_timeout = 0 # force a logfile segment switch after this
- # number of seconds; 0 disables
+#archive_mode = off # allows archiving to be done
+ # (change requires restart)
+#archive_command = '' # command to use to archive a logfile segment
+#archive_timeout = 0 # force a logfile segment switch after this
+ # number of seconds; 0 disables
#------------------------------------------------------------------------------
# REPLICATION
#------------------------------------------------------------------------------
-# - Sending Server(s) -
-
-# Set these on the master and on any standby that will send replication data.
-
-#max_wal_senders = 0 # max number of walsender processes
- # (change requires restart)
-#wal_keep_segments = 0 # in logfile segments, 16MB each; 0 disables
-#replication_timeout = 60s # in milliseconds; 0 disables
-
# - Master Server -
-# These settings are ignored on a standby server.
+# These settings are ignored on a standby server
-#synchronous_standby_names = '' # standby servers that provide sync rep
- # comma-separated list of application_name
- # from standby(s); '*' = all
-#vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed
+#max_wal_senders = 0 # max number of walsender processes
+ # (change requires restart)
+#wal_sender_delay = 1s # walsender cycle time, 1-10000 milliseconds
+#wal_keep_segments = 0 # in logfile segments, 16MB each; 0 disables
+#vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed
+#replication_timeout = 60s # in milliseconds; 0 disables
+#synchronous_standby_names = '' # standby servers that provide sync rep
+ # comma-separated list of application_name
+ # from standby(s); '*' = all
# - Standby Servers -
-# These settings are ignored on a master server.
+# These settings are ignored on a master server
-#hot_standby = off # "on" allows queries during recovery
- # (change requires restart)
-#max_standby_archive_delay = 30s # max delay before canceling queries
- # when reading WAL from archive;
- # -1 allows indefinite delay
-#max_standby_streaming_delay = 30s # max delay before canceling queries
- # when reading streaming WAL;
- # -1 allows indefinite delay
-#wal_receiver_status_interval = 10s # send replies at least this often
- # 0 disables
-#hot_standby_feedback = off # send info from standby to prevent
- # query conflicts
+#hot_standby = off # "on" allows queries during recovery
+ # (change requires restart)
+#max_standby_archive_delay = 30s # max delay before canceling queries
+ # when reading WAL from archive;
+ # -1 allows indefinite delay
+#max_standby_streaming_delay = 30s # max delay before canceling queries
+ # when reading streaming WAL;
+ # -1 allows indefinite delay
+#wal_receiver_status_interval = 10s # send replies at least this often
+ # 0 disables
+#hot_standby_feedback = off # send info from standby to prevent
+ # query conflicts
#------------------------------------------------------------------------------
@@ -248,7 +235,6 @@
#enable_hashagg = on
#enable_hashjoin = on
#enable_indexscan = on
-#enable_indexonlyscan = on
#enable_material = on
#enable_mergejoin = on
#enable_nestloop = on
@@ -258,31 +244,31 @@
# - Planner Cost Constants -
-#seq_page_cost = 1.0 # measured on an arbitrary scale
-#random_page_cost = 4.0 # same scale as above
-#cpu_tuple_cost = 0.01 # same scale as above
-#cpu_index_tuple_cost = 0.005 # same scale as above
-#cpu_operator_cost = 0.0025 # same scale as above
-#effective_cache_size = 128MB
+#seq_page_cost = 1.0 # measured on an arbitrary scale
+#random_page_cost = 4.0 # same scale as above
+#cpu_tuple_cost = 0.01 # same scale as above
+#cpu_index_tuple_cost = 0.005 # same scale as above
+#cpu_operator_cost = 0.0025 # same scale as above
+effective_cache_size = 2048MB # Default 128MB
# - Genetic Query Optimizer -
#geqo = on
#geqo_threshold = 12
-#geqo_effort = 5 # range 1-10
-#geqo_pool_size = 0 # selects default based on effort
-#geqo_generations = 0 # selects default based on effort
-#geqo_selection_bias = 2.0 # range 1.5-2.0
-#geqo_seed = 0.0 # range 0.0-1.0
+#geqo_effort = 5 # range 1-10
+#geqo_pool_size = 0 # selects default based on effort
+#geqo_generations = 0 # selects default based on effort
+#geqo_selection_bias = 2.0 # range 1.5-2.0
+#geqo_seed = 0.0 # range 0.0-1.0
# - Other Planner Options -
-#default_statistics_target = 100 # range 1-10000
-#constraint_exclusion = partition # on, off, or partition
-#cursor_tuple_fraction = 0.1 # range 0.0-1.0
+#default_statistics_target = 100 # range 1-10000
+#constraint_exclusion = partition # on, off, or partition
+#cursor_tuple_fraction = 0.1 # range 0.0-1.0
#from_collapse_limit = 8
-#join_collapse_limit = 8 # 1 disables collapsing of explicit
- # JOIN clauses
+#join_collapse_limit = 8 # 1 disables collapsing of explicit
+ # JOIN clauses
#------------------------------------------------------------------------------
@@ -291,90 +277,93 @@
# - Where to Log -
-#log_destination = 'stderr' # Valid values are combinations of
- # stderr, csvlog, syslog, and eventlog,
- # depending on platform. csvlog
- # requires logging_collector to be on.
+#log_destination = 'stderr' # Valid values are combinations of
+ # stderr, csvlog, syslog, and eventlog,
+ # depending on platform. csvlog
+ # requires logging_collector to be on.
# This is used when logging to stderr:
-#logging_collector = off # Enable capturing of stderr and csvlog
- # into log files. Required to be on for
- # csvlogs.
- # (change requires restart)
+#logging_collector = off # Enable capturing of stderr and csvlog
+ # into log files. Required to be on for
+ # csvlogs.
+ # (change requires restart)
# These are only used if logging_collector is on:
-#log_directory = 'pg_log' # directory where log files are written,
- # can be absolute or relative to PGDATA
-#log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern,
- # can include strftime() escapes
-#log_file_mode = 0600 # creation mode for log files,
- # begin with 0 to use octal notation
-#log_truncate_on_rotation = off # If on, an existing log file with the
- # same name as the new log file will be
- # truncated rather than appended to.
- # But such truncation only occurs on
- # time-driven rotation, not on restarts
- # or size-driven rotation. Default is
- # off, meaning append to existing files
- # in all cases.
-#log_rotation_age = 1d # Automatic rotation of logfiles will
- # happen after that time. 0 disables.
-#log_rotation_size = 10MB # Automatic rotation of logfiles will
- # happen after that much log output.
- # 0 disables.
+#log_directory = 'pg_log' # directory where log files are written,
+ # can be absolute or relative to PGDATA
+#log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern,
+ # can include strftime() escapes
+#log_file_mode = 0600 # creation mode for log files,
+ # begin with 0 to use octal notation
+#log_truncate_on_rotation = off # If on, an existing log file with the
+ # same name as the new log file will be
+ # truncated rather than appended to.
+ # But such truncation only occurs on
+ # time-driven rotation, not on restarts
+ # or size-driven rotation. Default is
+ # off, meaning append to existing files
+ # in all cases.
+#log_rotation_age = 1d # Automatic rotation of logfiles will
+ # happen after that time. 0 disables.
+#log_rotation_size = 10MB # Automatic rotation of logfiles will
+ # happen after that much log output.
+ # 0 disables.
# These are relevant when logging to syslog:
#syslog_facility = 'LOCAL0'
#syslog_ident = 'postgres'
-# This is only relevant when logging to eventlog (win32):
-#event_source = 'PostgreSQL'
+#silent_mode = off # Run server silently.
+ # DO NOT USE without syslog or
+ # logging_collector
+ # (change requires restart)
+
# - When to Log -
-#client_min_messages = notice # values in order of decreasing detail:
- # debug5
- # debug4
- # debug3
- # debug2
- # debug1
- # log
- # notice
- # warning
- # error
+#client_min_messages = notice # values in order of decreasing detail:
+ # debug5
+ # debug4
+ # debug3
+ # debug2
+ # debug1
+ # log
+ # notice
+ # warning
+ # error
-#log_min_messages = warning # values in order of decreasing detail:
- # debug5
- # debug4
- # debug3
- # debug2
- # debug1
- # info
- # notice
- # warning
- # error
- # log
- # fatal
- # panic
+#log_min_messages = warning # values in order of decreasing detail:
+ # debug5
+ # debug4
+ # debug3
+ # debug2
+ # debug1
+ # info
+ # notice
+ # warning
+ # error
+ # log
+ # fatal
+ # panic
-#log_min_error_statement = error # values in order of decreasing detail:
- # debug5
- # debug4
- # debug3
- # debug2
- # debug1
- # info
- # notice
- # warning
- # error
- # log
- # fatal
- # panic (effectively off)
+#log_min_error_statement = error # values in order of decreasing detail:
+ # debug5
+ # debug4
+ # debug3
+ # debug2
+ # debug1
+ # info
+ # notice
+ # warning
+ # error
+ # log
+ # fatal
+ # panic (effectively off)
-#log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements
- # and their durations, > 0 logs only
- # statements running at least this number
- # of milliseconds
+#log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements
+ # and their durations, > 0 logs only
+ # statements running at least this number
+ # of milliseconds
# - What to Log -
@@ -387,34 +376,34 @@
#log_connections = off
#log_disconnections = off
#log_duration = off
-#log_error_verbosity = default # terse, default, or verbose messages
+#log_error_verbosity = default # terse, default, or verbose messages
#log_hostname = off
-#log_line_prefix = '' # special values:
- # %a = application name
- # %u = user name
- # %d = database name
- # %r = remote host and port
- # %h = remote host
- # %p = process ID
- # %t = timestamp without milliseconds
- # %m = timestamp with milliseconds
- # %i = command tag
- # %e = SQL state
- # %c = session ID
- # %l = session line number
- # %s = session start timestamp
- # %v = virtual transaction ID
- # %x = transaction ID (0 if none)
- # %q = stop here in non-session
- # processes
- # %% = '%'
- # e.g. '<%u%%%d> '
-#log_lock_waits = off # log lock waits >= deadlock_timeout
-#log_statement = 'none' # none, ddl, mod, all
-#log_temp_files = -1 # log temporary files equal or larger
- # than the specified size in kilobytes;
- # -1 disables, 0 logs all temp files
-log_timezone = 'UTC'
+#log_line_prefix = '' # special values:
+ # %a = application name
+ # %u = user name
+ # %d = database name
+ # %r = remote host and port
+ # %h = remote host
+ # %p = process ID
+ # %t = timestamp without milliseconds
+ # %m = timestamp with milliseconds
+ # %i = command tag
+ # %e = SQL state
+ # %c = session ID
+ # %l = session line number
+ # %s = session start timestamp
+ # %v = virtual transaction ID
+ # %x = transaction ID (0 if none)
+ # %q = stop here in non-session
+ # processes
+ # %% = '%'
+ # e.g. '<%u%%%d> '
+#log_lock_waits = off # log lock waits >= deadlock_timeout
+#log_statement = 'none' # none, ddl, mod, all
+#log_temp_files = -1 # log temporary files equal or larger
+ # than the specified size in kilobytes;
+ # -1 disables, 0 logs all temp files
+#log_timezone = '(defaults to server environment setting)'
#------------------------------------------------------------------------------
@@ -425,9 +414,8 @@
#track_activities = on
#track_counts = on
-#track_io_timing = off
-#track_functions = none # none, pl, all
-#track_activity_query_size = 1024 # (change requires restart)
+#track_functions = none # none, pl, all
+#track_activity_query_size = 1024 # (change requires restart)
#update_process_title = on
#stats_temp_directory = 'pg_stat_tmp'
@@ -444,29 +432,29 @@
# AUTOVACUUM PARAMETERS
#------------------------------------------------------------------------------
-#autovacuum = on # Enable autovacuum subprocess? 'on'
- # requires track_counts to also be on.
-#log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and
- # their durations, > 0 logs only
- # actions running at least this number
- # of milliseconds.
-#autovacuum_max_workers = 3 # max number of autovacuum subprocesses
- # (change requires restart)
-#autovacuum_naptime = 1min # time between autovacuum runs
-#autovacuum_vacuum_threshold = 50 # min number of row updates before
- # vacuum
-#autovacuum_analyze_threshold = 50 # min number of row updates before
- # analyze
-#autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum
-#autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze
-#autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum
- # (change requires restart)
-#autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for
- # autovacuum, in milliseconds;
- # -1 means use vacuum_cost_delay
-#autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for
- # autovacuum, -1 means use
- # vacuum_cost_limit
+#autovacuum = on # Enable autovacuum subprocess? 'on'
+ # requires track_counts to also be on.
+#log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and
+ # their durations, > 0 logs only
+ # actions running at least this number
+ # of milliseconds.
+#autovacuum_max_workers = 3 # max number of autovacuum subprocesses
+ # (change requires restart)
+#autovacuum_naptime = 1min # time between autovacuum runs
+#autovacuum_vacuum_threshold = 50 # min number of row updates before
+ # vacuum
+#autovacuum_analyze_threshold = 50 # min number of row updates before
+ # analyze
+#autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum
+#autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze
+#autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum
+ # (change requires restart)
+#autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for
+ # autovacuum, in milliseconds;
+ # -1 means use vacuum_cost_delay
+#autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for
+ # autovacuum, -1 means use
+ # vacuum_cost_limit
#------------------------------------------------------------------------------
@@ -475,19 +463,19 @@
# - Statement Behavior -
-#search_path = '"$user",public' # schema names
-#default_tablespace = '' # a tablespace name, '' uses the default
-#temp_tablespaces = '' # a list of tablespace names, '' uses
- # only default tablespace
+#search_path = '"$user",public' # schema names
+#default_tablespace = '' # a tablespace name, '' uses the default
+#temp_tablespaces = '' # a list of tablespace names, '' uses
+ # only default tablespace
#check_function_bodies = on
#default_transaction_isolation = 'read committed'
#default_transaction_read_only = off
#default_transaction_deferrable = off
#session_replication_role = 'origin'
-#statement_timeout = 0 # in milliseconds, 0 is disabled
+#statement_timeout = 0 # in milliseconds, 0 is disabled
#vacuum_freeze_min_age = 50000000
#vacuum_freeze_table_age = 150000000
-#bytea_output = 'hex' # hex, escape
+#bytea_output = 'hex' # hex, escape
#xmlbinary = 'base64'
#xmloption = 'content'
@@ -495,24 +483,24 @@
datestyle = 'iso, mdy'
#intervalstyle = 'postgres'
-timezone = 'UTC'
+#timezone = '(defaults to server environment setting)'
#timezone_abbreviations = 'Default' # Select the set of available time zone
- # abbreviations. Currently, there are
- # Default
- # Australia
- # India
- # You can create your own file in
- # share/timezonesets/.
-#extra_float_digits = 0 # min -15, max 3
-#client_encoding = sql_ascii # actually, defaults to database
- # encoding
+ # abbreviations. Currently, there are
+ # Default
+ # Australia
+ # India
+ # You can create your own file in
+ # share/timezonesets/.
+#extra_float_digits = 0 # min -15, max 3
+#client_encoding = sql_ascii # actually, defaults to database
+ # encoding
# These settings are initialized by initdb, but they can be changed.
-lc_messages = 'C' # locale for system error message
- # strings
-lc_monetary = 'C' # locale for monetary formatting
-lc_numeric = 'C' # locale for number formatting
-lc_time = 'C' # locale for time formatting
+lc_messages = 'C' # locale for system error message
+ # strings
+lc_monetary = 'C' # locale for monetary formatting
+lc_numeric = 'C' # locale for number formatting
+lc_time = 'C' # locale for time formatting
# default configuration for text search
default_text_search_config = 'pg_catalog.english'
@@ -528,15 +516,14 @@
#------------------------------------------------------------------------------
#deadlock_timeout = 1s
-#max_locks_per_transaction = 64 # min 10
- # (change requires restart)
+#max_locks_per_transaction = 64 # min 10
+ # (change requires restart)
# Note: Each lock table slot uses ~270 bytes of shared memory, and there are
# max_locks_per_transaction * (max_connections + max_prepared_transactions)
# lock table slots.
-#max_pred_locks_per_transaction = 64 # min 10
- # (change requires restart)
+#max_pred_locks_per_transaction = 64 # min 10
+ # (change requires restart)
-
#------------------------------------------------------------------------------
# VERSION/PLATFORM COMPATIBILITY
#------------------------------------------------------------------------------
@@ -544,7 +531,7 @@
# - Previous PostgreSQL Versions -
#array_nulls = on
-#backslash_quote = safe_encoding # on, off, or safe_encoding
+#backslash_quote = safe_encoding # on, off, or safe_encoding
#default_with_oids = off
#escape_string_warning = on
#lo_compat_privileges = off
@@ -562,13 +549,13 @@
# ERROR HANDLING
#------------------------------------------------------------------------------
-#exit_on_error = off # terminate session on any error?
-#restart_after_crash = on # reinitialize after backend crash?
+#exit_on_error = off # terminate session on any error?
+#restart_after_crash = on # reinitialize after backend crash?
#------------------------------------------------------------------------------
# CUSTOMIZED OPTIONS
#------------------------------------------------------------------------------
-# Add settings for extensions here
+#custom_variable_classes = '' # list of custom variable class names
- change mode from '0600' to '0644'
* template[/var/opt/gitlab/postgresql/data/pg_hba.conf] action create
- update content in file /var/opt/gitlab/postgresql/data/pg_hba.conf from 378b56 to 40e348
--- /var/opt/gitlab/postgresql/data/pg_hba.conf 2014-08-08 09:46:59.499377139 +0000
+++ /tmp/chef-rendered-template20140808-7887-jgps4k 2014-08-08 09:47:02.229417280 +0000
@@ -1,94 +1,74 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
# PostgreSQL Client Authentication Configuration File
# ===================================================
#
-# Refer to the "Client Authentication" section in the PostgreSQL
-# documentation for a complete description of this file. A short
-# synopsis follows.
+# Refer to the "Client Authentication" section in the
+# PostgreSQL documentation for a complete description
+# of this file. A short synopsis follows.
#
# This file controls: which hosts are allowed to connect, how clients
# are authenticated, which PostgreSQL user names they can use, which
# databases they can access. Records take one of these forms:
#
-# local DATABASE USER METHOD [OPTIONS]
-# host DATABASE USER ADDRESS METHOD [OPTIONS]
-# hostssl DATABASE USER ADDRESS METHOD [OPTIONS]
-# hostnossl DATABASE USER ADDRESS METHOD [OPTIONS]
+# local DATABASE USER METHOD [OPTION]
+# host DATABASE USER CIDR-ADDRESS METHOD [OPTION]
+# hostssl DATABASE USER CIDR-ADDRESS METHOD [OPTION]
+# hostnossl DATABASE USER CIDR-ADDRESS METHOD [OPTION]
#
# (The uppercase items must be replaced by actual values.)
#
-# The first field is the connection type: "local" is a Unix-domain
-# socket, "host" is either a plain or SSL-encrypted TCP/IP socket,
-# "hostssl" is an SSL-encrypted TCP/IP socket, and "hostnossl" is a
-# plain TCP/IP socket.
+# The first field is the connection type: "local" is a Unix-domain socket,
+# "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an
+# SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
#
-# DATABASE can be "all", "sameuser", "samerole", "replication", a
-# database name, or a comma-separated list thereof. The "all"
-# keyword does not match "replication". Access to replication
-# must be enabled in a separate record (see example below).
+# DATABASE can be "all", "sameuser", "samerole", a database name, or
+# a comma-separated list thereof.
#
-# USER can be "all", a user name, a group name prefixed with "+", or a
-# comma-separated list thereof. In both the DATABASE and USER fields
-# you can also write a file name prefixed with "@" to include names
-# from a separate file.
+# USER can be "all", a user name, a group name prefixed with "+", or
+# a comma-separated list thereof. In both the DATABASE and USER fields
+# you can also write a file name prefixed with "@" to include names from
+# a separate file.
#
-# ADDRESS specifies the set of hosts the record matches. It can be a
-# host name, or it is made up of an IP address and a CIDR mask that is
-# an integer (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that
-# specifies the number of significant bits in the mask. A host name
-# that starts with a dot (.) matches a suffix of the actual host name.
-# Alternatively, you can write an IP address and netmask in separate
-# columns to specify the set of hosts. Instead of a CIDR-address, you
-# can write "samehost" to match any of the server's own IP addresses,
-# or "samenet" to match any address in any subnet that the server is
-# directly connected to.
+# CIDR-ADDRESS specifies the set of hosts the record matches.
+# It is made up of an IP address and a CIDR mask that is an integer
+# (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that specifies
+# the number of significant bits in the mask. Alternatively, you can write
+# an IP address and netmask in separate columns to specify the set of hosts.
#
-# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi",
-# "krb5", "ident", "peer", "pam", "ldap", "radius" or "cert". Note that
-# "password" sends passwords in clear text; "md5" is preferred since
-# it sends encrypted passwords.
+# METHOD can be "trust", "reject", "md5", "crypt", "password", "gss", "sspi",
+# "krb5", "ident", "pam" or "ldap". Note that "password" sends passwords
+# in clear text; "md5" is preferred since it sends encrypted passwords.
#
-# OPTIONS are a set of options for the authentication in the format
-# NAME=VALUE. The available options depend on the different
-# authentication methods -- refer to the "Client Authentication"
-# section in the documentation for a list of which options are
-# available for which authentication methods.
+# OPTION is the ident map or the name of the PAM service, depending on METHOD.
#
-# Database and user names containing spaces, commas, quotes and other
-# special characters must be quoted. Quoting one of the keywords
-# "all", "sameuser", "samerole" or "replication" makes the name lose
-# its special character, and just match a database or username with
-# that name.
+# Database and user names containing spaces, commas, quotes and other special
+# characters must be quoted. Quoting one of the keywords "all", "sameuser" or
+# "samerole" makes the name lose its special character, and just match a
+# database or username with that name.
#
# This file is read on server startup and when the postmaster receives
# a SIGHUP signal. If you edit the file on a running system, you have
-# to SIGHUP the postmaster for the changes to take effect. You can
-# use "pg_ctl reload" to do that.
+# to SIGHUP the postmaster for the changes to take effect. You can use
+# "pg_ctl reload" to do that.
# Put your actual configuration here
# ----------------------------------
#
# If you want to allow non-local connections, you need to add more
-# "host" records. In that case you will also need to make PostgreSQL
-# listen on a non-local interface via the listen_addresses
-# configuration parameter, or via the -i or -h command line switches.
+# "host" records. In that case you will also need to make PostgreSQL listen
+# on a non-local interface via the listen_addresses configuration parameter,
+# or via the -i or -h command line switches.
+#
-# CAUTION: Configuring the system for local "trust" authentication
-# allows any local user to connect as any PostgreSQL user, including
-# the database superuser. If you do not trust all your local users,
-# use another authentication method.
+# TYPE DATABASE USER CIDR-ADDRESS METHOD
-# TYPE DATABASE USER ADDRESS METHOD
-
# "local" is for Unix domain socket connections only
-local all all trust
-# IPv4 local connections:
-host all all 127.0.0.1/32 trust
-# IPv6 local connections:
-host all all ::1/128 trust
-# Allow replication connections from localhost, by a user with the
-# replication privilege.
-#local replication gitlab-psql trust
-#host replication gitlab-psql 127.0.0.1/32 trust
-#host replication gitlab-psql ::1/128 trust
+local all all peer map=gitlab
+
+
+
- change mode from '0600' to '0644'
* template[/var/opt/gitlab/postgresql/data/pg_ident.conf] action create
- update content in file /var/opt/gitlab/postgresql/data/pg_ident.conf from 297f46 to a0ea2a
--- /var/opt/gitlab/postgresql/data/pg_ident.conf 2014-08-08 09:46:59.499377139 +0000
+++ /tmp/chef-rendered-template20140808-7887-1g5wh7k 2014-08-08 09:47:02.238417411 +0000
@@ -40,4 +40,7 @@
# ----------------------------------
# MAPNAME SYSTEM-USERNAME PG-USERNAME
+gitlab git gitlab
+# Default to a 1-1 mapping between system usernames and Postgres usernames
+gitlab /^(.*)$ \1
- change mode from '0600' to '0644'
* directory[/opt/gitlab/sv/postgresql] action create
- create new directory /opt/gitlab/sv/postgresql
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* directory[/opt/gitlab/sv/postgresql/log] action create
- create new directory /opt/gitlab/sv/postgresql/log
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* directory[/opt/gitlab/sv/postgresql/log/main] action create
- create new directory /opt/gitlab/sv/postgresql/log/main
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* template[/opt/gitlab/sv/postgresql/run] action create
- create new file /opt/gitlab/sv/postgresql/run
- update content in file /opt/gitlab/sv/postgresql/run from none to 870bb6
--- /opt/gitlab/sv/postgresql/run 2014-08-08 09:47:02.246417529 +0000
+++ /tmp/chef-rendered-template20140808-7887-bfcqkd 2014-08-08 09:47:02.246417530 +0000
@@ -1 +1,5 @@
+#!/bin/sh
+exec 2>&1
+
+exec chpst -P -U gitlab-psql -u gitlab-psql /opt/gitlab/embedded/bin/postgres -D /var/opt/gitlab/postgresql/data
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* template[/opt/gitlab/sv/postgresql/log/run] action create
- create new file /opt/gitlab/sv/postgresql/log/run
- update content in file /opt/gitlab/sv/postgresql/log/run from none to ce742a
--- /opt/gitlab/sv/postgresql/log/run 2014-08-08 09:47:02.249417574 +0000
+++ /tmp/chef-rendered-template20140808-7887-10c1ht1 2014-08-08 09:47:02.250417589 +0000
@@ -1 +1,3 @@
+#!/bin/sh
+exec svlogd -tt /var/log/gitlab/postgresql
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* template[/var/log/gitlab/postgresql/config] action create
- create new file /var/log/gitlab/postgresql/config
- update content in file /var/log/gitlab/postgresql/config from none to 623c00
--- /var/log/gitlab/postgresql/config 2014-08-08 09:47:02.251417604 +0000
+++ /tmp/chef-rendered-template20140808-7887-15qw157 2014-08-08 09:47:02.251417604 +0000
@@ -1 +1,7 @@
+s209715200
+n30
+t86400
+!gzip
+
+
- change owner from '' to 'root'
- change group from '' to 'root'
* ruby_block[reload postgresql svlogd configuration] action nothing (skipped due to action :nothing)
* file[/opt/gitlab/sv/postgresql/down] action delete (up to date)
* directory[/opt/gitlab/sv/postgresql/control] action create
- create new directory /opt/gitlab/sv/postgresql/control
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* template[/opt/gitlab/sv/postgresql/control/t] action create
- create new file /opt/gitlab/sv/postgresql/control/t
- update content in file /opt/gitlab/sv/postgresql/control/t from none to 05ae12
--- /opt/gitlab/sv/postgresql/control/t 2014-08-08 09:47:02.256417676 +0000
+++ /tmp/chef-rendered-template20140808-7887-1vlg7vt 2014-08-08 09:47:02.256417676 +0000
@@ -1 +1,4 @@
+#!/bin/sh
+echo "received TERM from runit, sending INT instead to force quit connections"
+/opt/gitlab/embedded/bin/sv interrupt postgresql
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* link[/opt/gitlab/init/postgresql] action create
- create symlink at /opt/gitlab/init/postgresql to /opt/gitlab/embedded/bin/sv
* link[/opt/gitlab/service/postgresql] action create
- create symlink at /opt/gitlab/service/postgresql to /opt/gitlab/sv/postgresql
* ruby_block[supervise_postgresql_sleep] action run
- execute the ruby block supervise_postgresql_sleep
* service[postgresql] action nothing (skipped due to action :nothing)
* execute[/opt/gitlab/bin/gitlab-ctl start postgresql] action run
- execute /opt/gitlab/bin/gitlab-ctl start postgresql
* execute[create gitlab database user] action run
================================================================================
Error executing action `run` on resource 'execute[create gitlab database user]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
Expected process to exit with [0], but received '2'
---- Begin output of /opt/gitlab/embedded/bin/psql --port 5432 -d template1 -c "CREATE USER gitlab" ----
STDOUT:
STDERR: psql: could not connect to server: No such file or directory
Is the server running locally and accepting
connections on Unix domain socket "/tmp/.s.PGSQL.5432"?
---- End output of /opt/gitlab/embedded/bin/psql --port 5432 -d template1 -c "CREATE USER gitlab" ----
Ran /opt/gitlab/embedded/bin/psql --port 5432 -d template1 -c "CREATE USER gitlab" returned 2
Resource Declaration:
---------------------
# In /opt/gitlab/embedded/cookbooks/gitlab/recipes/postgresql.rb
154: execute "create #{sql_user} database user" do
155: command "#{bin_dir}/psql --port #{pg_port} -d template1 -c \"CREATE USER #{sql_user}\""
156: user pg_user
157: not_if { !pg_helper.is_running? || pg_helper.sql_user_exists? }
158: end
159:
Compiled Resource:
------------------
# Declared in /opt/gitlab/embedded/cookbooks/gitlab/recipes/postgresql.rb:154:in `from_file'
execute("create gitlab database user") do
action "run"
retries 0
retry_delay 2
guard_interpreter :default
command "/opt/gitlab/embedded/bin/psql --port 5432 -d template1 -c \"CREATE USER gitlab\""
backup 5
returns 0
user "gitlab-psql"
cookbook_name :gitlab
recipe_name "postgresql"
not_if { #code block }
end
Recipe: gitlab::gitlab-rails
* execute[clear the gitlab-rails cache] action run
- execute /opt/gitlab/bin/gitlab-rake cache:clear
Recipe: gitlab::database_migrations
* execute[migrate database] action run
================================================================================
Error executing action `run` on resource 'execute[migrate database]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
Expected process to exit with [0], but received '1'
---- Begin output of /opt/gitlab/bin/gitlab-rake db:migrate ----
STDOUT:
STDERR: rake aborted!
PG::Error: could not connect to server: No such file or directory
Is the server running locally and accepting
connections on Unix domain socket "/tmp/.s.PGSQL.5432"?
Tasks: TOP => db:migrate
(See full trace by running task with --trace)
---- End output of /opt/gitlab/bin/gitlab-rake db:migrate ----
Ran /opt/gitlab/bin/gitlab-rake db:migrate returned 1
Resource Declaration:
---------------------
# In /opt/gitlab/embedded/cookbooks/gitlab/recipes/database_migrations.rb
23: execute "migrate database" do
24: command "/opt/gitlab/bin/gitlab-rake db:migrate"
25: action :nothing
26: end
Compiled Resource:
------------------
# Declared in /opt/gitlab/embedded/cookbooks/gitlab/recipes/database_migrations.rb:23:in `from_file'
execute("migrate database") do
action [:nothing]
retries 0
retry_delay 2
guard_interpreter :default
command "/opt/gitlab/bin/gitlab-rake db:migrate"
backup 5
returns 0
cookbook_name :gitlab
recipe_name "database_migrations"
end
Recipe: gitlab::redis
* ruby_block[reload redis svlogd configuration] action create
- execute the ruby block reload redis svlogd configuration
Recipe: gitlab::postgresql
* ruby_block[reload postgresql svlogd configuration] action create
- execute the ruby block reload postgresql svlogd configuration
Running handlers:
[2014-08-08T09:47:26+00:00] ERROR: Running exception handlers
Running handlers complete
[2014-08-08T09:47:26+00:00] ERROR: Exception handlers complete
[2014-08-08T09:47:26+00:00] FATAL: Stacktrace dumped to /opt/gitlab/embedded/cookbooks/cache/chef-stacktrace.out
Chef Client failed. 82 resources updated in 578.198799474 seconds
[2014-08-08T09:47:26+00:00] ERROR: Chef::Exceptions::MultipleFailures
[2014-08-08T09:47:26+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)Unfortunately, there seems to be a problem with the database configuration.
Since I am using Debian 7.6 and the package download URL indicates that the package was created for debian 7.5, should this package work with 7.6? If not, is there going to be a corresponding package soon (otherwise I will consider a manual installation like I did the last time)?