mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-22 21:50:55 +00:00
nixos/gitlab: Switch from unicorn to puma
Puma is the new upstream default server since GitLab 13.
This commit is contained in:
parent
2ec397ff9f
commit
f8ab43ef7b
|
@ -1,69 +0,0 @@
|
|||
worker_processes 3
|
||||
|
||||
listen ENV["UNICORN_PATH"] + "/tmp/sockets/gitlab.socket", :backlog => 1024
|
||||
listen "/run/gitlab/gitlab.socket", :backlog => 1024
|
||||
|
||||
working_directory ENV["GITLAB_PATH"]
|
||||
|
||||
pid ENV["UNICORN_PATH"] + "/tmp/pids/unicorn.pid"
|
||||
|
||||
timeout 60
|
||||
|
||||
# combine Ruby 2.0.0dev or REE with "preload_app true" for memory savings
|
||||
# http://rubyenterpriseedition.com/faq.html#adapt_apps_for_cow
|
||||
preload_app true
|
||||
GC.respond_to?(:copy_on_write_friendly=) and
|
||||
GC.copy_on_write_friendly = true
|
||||
|
||||
check_client_connection false
|
||||
|
||||
before_fork do |server, worker|
|
||||
# the following is highly recommended for Rails + "preload_app true"
|
||||
# as there's no need for the master process to hold a connection
|
||||
defined?(ActiveRecord::Base) and
|
||||
ActiveRecord::Base.connection.disconnect!
|
||||
|
||||
# The following is only recommended for memory/DB-constrained
|
||||
# installations. It is not needed if your system can house
|
||||
# twice as many worker_processes as you have configured.
|
||||
#
|
||||
# This allows a new master process to incrementally
|
||||
# phase out the old master process with SIGTTOU to avoid a
|
||||
# thundering herd (especially in the "preload_app false" case)
|
||||
# when doing a transparent upgrade. The last worker spawned
|
||||
# will then kill off the old master process with a SIGQUIT.
|
||||
old_pid = "#{server.config[:pid]}.oldbin"
|
||||
if old_pid != server.pid
|
||||
begin
|
||||
sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU
|
||||
Process.kill(sig, File.read(old_pid).to_i)
|
||||
rescue Errno::ENOENT, Errno::ESRCH
|
||||
end
|
||||
end
|
||||
|
||||
# Throttle the master from forking too quickly by sleeping. Due
|
||||
# to the implementation of standard Unix signal handlers, this
|
||||
# helps (but does not completely) prevent identical, repeated signals
|
||||
# from being lost when the receiving process is busy.
|
||||
# sleep 1
|
||||
end
|
||||
|
||||
after_fork do |server, worker|
|
||||
# per-process listener ports for debugging/admin/migrations
|
||||
# addr = "127.0.0.1:#{9293 + worker.nr}"
|
||||
# server.listen(addr, :tries => -1, :delay => 5, :tcp_nopush => true)
|
||||
|
||||
# the following is *required* for Rails + "preload_app true",
|
||||
defined?(ActiveRecord::Base) and
|
||||
ActiveRecord::Base.establish_connection
|
||||
|
||||
# reset prometheus client, this will cause any opened metrics files to be closed
|
||||
defined?(::Prometheus::Client.reinitialize_on_pid_change) &&
|
||||
Prometheus::Client.reinitialize_on_pid_change
|
||||
|
||||
# if preload_app is true, then you may also want to check and
|
||||
# restart any other shared sockets/descriptors such as Memcached,
|
||||
# and Redis. TokyoCabinet file handles are safe to reuse
|
||||
# between any number of forked children (assuming your kernel
|
||||
# correctly implements pread()/pwrite() system calls)
|
||||
end
|
|
@ -142,7 +142,7 @@ let
|
|||
|
||||
gitlabEnv = {
|
||||
HOME = "${cfg.statePath}/home";
|
||||
UNICORN_PATH = "${cfg.statePath}/";
|
||||
PUMA_PATH = "${cfg.statePath}/";
|
||||
GITLAB_PATH = "${cfg.packages.gitlab}/share/gitlab/";
|
||||
SCHEMA = "${cfg.statePath}/db/structure.sql";
|
||||
GITLAB_UPLOADS_PATH = "${cfg.statePath}/uploads";
|
||||
|
@ -725,8 +725,6 @@ in {
|
|||
"L+ /run/gitlab/uploads - - - - ${cfg.statePath}/uploads"
|
||||
|
||||
"L+ /run/gitlab/shell-config.yml - - - - ${pkgs.writeText "config.yml" (builtins.toJSON gitlabShellConfig)}"
|
||||
|
||||
"L+ ${cfg.statePath}/config/unicorn.rb - - - - ${./defaultUnicornConfig.rb}"
|
||||
];
|
||||
|
||||
systemd.services.gitlab-sidekiq = {
|
||||
|
@ -873,7 +871,9 @@ in {
|
|||
set -eu
|
||||
|
||||
chown --no-dereference '${cfg.user}':'${cfg.group}' '${cfg.statePath}'/*
|
||||
chown --no-dereference '${cfg.user}':'${cfg.group}' '${cfg.statePath}'/config/*
|
||||
if [[ ! -z "$(ls -A '${cfg.statePath}'/config/)" ]]; then
|
||||
chown --no-dereference '${cfg.user}':'${cfg.group}' '${cfg.statePath}'/config/*
|
||||
fi
|
||||
'';
|
||||
preStart = ''
|
||||
set -eu
|
||||
|
@ -956,7 +956,7 @@ in {
|
|||
"+${pkgs.writeShellScript "gitlab-pre-start-full-privileges" preStartFullPrivileges}"
|
||||
"${pkgs.writeShellScript "gitlab-pre-start" preStart}"
|
||||
];
|
||||
ExecStart = "${cfg.packages.gitlab.rubyEnv}/bin/unicorn -c ${cfg.statePath}/config/unicorn.rb -E production";
|
||||
ExecStart = "${cfg.packages.gitlab.rubyEnv}/bin/puma -C ${cfg.statePath}/config/puma.rb -e production";
|
||||
};
|
||||
|
||||
};
|
||||
|
|
|
@ -137,6 +137,7 @@ stdenv.mkDerivation {
|
|||
sed -i '/ask_to_continue/d' lib/tasks/gitlab/two_factor.rake
|
||||
sed -ri -e '/log_level/a config.logger = Logger.new(STDERR)' config/environments/production.rb
|
||||
|
||||
mv config/puma.rb.example config/puma.rb
|
||||
# Always require lib-files and application.rb through their store
|
||||
# path, not their relative state directory path. This gets rid of
|
||||
# warnings and means we don't have to link back to lib from the
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
diff --git a/config/environments/production.rb b/config/environments/production.rb
|
||||
index c5cbfcf64c..4d01f6fab8 100644
|
||||
index d9b3ee354b0..1eb0507488b 100644
|
||||
--- a/config/environments/production.rb
|
||||
+++ b/config/environments/production.rb
|
||||
@@ -70,10 +70,10 @@ Rails.application.configure do
|
||||
@@ -69,10 +69,10 @@
|
||||
|
||||
config.action_mailer.delivery_method = :sendmail
|
||||
# Defaults to:
|
||||
|
@ -11,17 +11,17 @@ index c5cbfcf64c..4d01f6fab8 100644
|
|||
- # # arguments: '-i -t'
|
||||
- # # }
|
||||
+ config.action_mailer.sendmail_settings = {
|
||||
+ location: '/usr/sbin/sendmail',
|
||||
+ location: '/run/wrappers/bin/sendmail',
|
||||
+ arguments: '-i -t'
|
||||
+ }
|
||||
config.action_mailer.perform_deliveries = true
|
||||
config.action_mailer.raise_delivery_errors = true
|
||||
|
||||
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
|
||||
index bd696a7f2c..44e3863736 100644
|
||||
index 92e7501d49d..4ee5a1127df 100644
|
||||
--- a/config/gitlab.yml.example
|
||||
+++ b/config/gitlab.yml.example
|
||||
@@ -590,7 +590,7 @@ production: &base
|
||||
@@ -1168,7 +1168,7 @@ production: &base
|
||||
# CAUTION!
|
||||
# Use the default values unless you really know what you are doing
|
||||
git:
|
||||
|
@ -31,10 +31,10 @@ index bd696a7f2c..44e3863736 100644
|
|||
## Webpack settings
|
||||
# If enabled, this will tell rails to serve frontend assets from the webpack-dev-server running
|
||||
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
|
||||
index 0bea8a4f4b..290248547b 100644
|
||||
index bbed08f5044..2906e5c44af 100644
|
||||
--- a/config/initializers/1_settings.rb
|
||||
+++ b/config/initializers/1_settings.rb
|
||||
@@ -177,7 +177,7 @@ Settings.gitlab['ssh_user'] ||= Settings.gitlab['user']
|
||||
@@ -183,7 +183,7 @@
|
||||
Settings.gitlab['user_home'] ||= begin
|
||||
Etc.getpwnam(Settings.gitlab['user']).dir
|
||||
rescue ArgumentError # no user configured
|
||||
|
@ -43,7 +43,7 @@ index 0bea8a4f4b..290248547b 100644
|
|||
end
|
||||
Settings.gitlab['time_zone'] ||= nil
|
||||
Settings.gitlab['signup_enabled'] ||= true if Settings.gitlab['signup_enabled'].nil?
|
||||
@@ -507,7 +507,7 @@ Settings.backup['upload']['storage_class'] ||= nil
|
||||
@@ -751,7 +751,7 @@
|
||||
# Git
|
||||
#
|
||||
Settings['git'] ||= Settingslogic.new({})
|
||||
|
@ -52,37 +52,94 @@ index 0bea8a4f4b..290248547b 100644
|
|||
|
||||
# Important: keep the satellites.path setting until GitLab 9.0 at
|
||||
# least. This setting is fed to 'rm -rf' in
|
||||
diff --git a/config/puma.rb.example b/config/puma.rb.example
|
||||
index 9fc354a8fe8..2352ca9b58c 100644
|
||||
--- a/config/puma.rb.example
|
||||
+++ b/config/puma.rb.example
|
||||
@@ -5,12 +5,8 @@
|
||||
# The default is "config.ru".
|
||||
#
|
||||
rackup 'config.ru'
|
||||
-pidfile '/home/git/gitlab/tmp/pids/puma.pid'
|
||||
-state_path '/home/git/gitlab/tmp/pids/puma.state'
|
||||
-
|
||||
-stdout_redirect '/home/git/gitlab/log/puma.stdout.log',
|
||||
- '/home/git/gitlab/log/puma.stderr.log',
|
||||
- true
|
||||
+pidfile ENV['PUMA_PATH'] + '/tmp/pids/puma.pid'
|
||||
+state_path ENV['PUMA_PATH'] + '/tmp/pids/puma.state'
|
||||
|
||||
# Configure "min" to be the minimum number of threads to use to answer
|
||||
# requests and "max" the maximum.
|
||||
@@ -31,12 +27,12 @@ queue_requests false
|
||||
|
||||
# Bind the server to "url". "tcp://", "unix://" and "ssl://" are the only
|
||||
# accepted protocols.
|
||||
-bind 'unix:///home/git/gitlab/tmp/sockets/gitlab.socket'
|
||||
+bind "unix://#{ENV['PUMA_PATH']}/tmp/sockets/gitlab.socket"
|
||||
|
||||
workers 3
|
||||
|
||||
-require_relative "/home/git/gitlab/lib/gitlab/cluster/lifecycle_events"
|
||||
-require_relative "/home/git/gitlab/lib/gitlab/cluster/puma_worker_killer_initializer"
|
||||
+require_relative ENV['GITLAB_PATH'] + "lib/gitlab/cluster/lifecycle_events"
|
||||
+require_relative ENV['GITLAB_PATH'] + "lib/gitlab/cluster/puma_worker_killer_initializer"
|
||||
|
||||
on_restart do
|
||||
# Signal application hooks that we're about to restart
|
||||
@@ -80,7 +76,7 @@ if defined?(nakayoshi_fork)
|
||||
end
|
||||
|
||||
# Use json formatter
|
||||
-require_relative "/home/git/gitlab/lib/gitlab/puma_logging/json_formatter"
|
||||
+require_relative ENV['GITLAB_PATH'] + "lib/gitlab/puma_logging/json_formatter"
|
||||
|
||||
json_formatter = Gitlab::PumaLogging::JSONFormatter.new
|
||||
log_formatter do |str|
|
||||
diff --git a/lib/api/api.rb b/lib/api/api.rb
|
||||
index e953f3d2ec..3a8d9f076b 100644
|
||||
index ada0da28749..8a3f5824008 100644
|
||||
--- a/lib/api/api.rb
|
||||
+++ b/lib/api/api.rb
|
||||
@@ -2,7 +2,7 @@ module API
|
||||
class API < Grape::API
|
||||
@@ -4,7 +4,7 @@ module API
|
||||
class API < ::API::Base
|
||||
include APIGuard
|
||||
|
||||
- LOG_FILENAME = Rails.root.join("log", "api_json.log")
|
||||
+ LOG_FILENAME = File.join(ENV["GITLAB_LOG_PATH"], "api_json.log")
|
||||
|
||||
NO_SLASH_URL_PART_REGEX = %r{[^/]+}
|
||||
PROJECT_ENDPOINT_REQUIREMENTS = { id: NO_SLASH_URL_PART_REGEX }.freeze
|
||||
NO_SLASH_URL_PART_REGEX = %r{[^/]+}.freeze
|
||||
NAMESPACE_OR_PROJECT_REQUIREMENTS = { id: NO_SLASH_URL_PART_REGEX }.freeze
|
||||
diff --git a/lib/gitlab/authorized_keys.rb b/lib/gitlab/authorized_keys.rb
|
||||
index 50cd15b7a10..3ac89e5b8e9 100644
|
||||
--- a/lib/gitlab/authorized_keys.rb
|
||||
+++ b/lib/gitlab/authorized_keys.rb
|
||||
@@ -157,7 +157,7 @@ def command(id)
|
||||
raise KeyError, "Invalid ID: #{id.inspect}"
|
||||
end
|
||||
|
||||
- "#{File.join(Gitlab.config.gitlab_shell.path, 'bin', 'gitlab-shell')} #{id}"
|
||||
+ "#{File.join('/run/current-system/sw/bin', 'gitlab-shell')} #{id}"
|
||||
end
|
||||
|
||||
def strip(key)
|
||||
diff --git a/lib/gitlab/logger.rb b/lib/gitlab/logger.rb
|
||||
index a42e312b5d..ccaab9229e 100644
|
||||
index 89a4e36a232..ae379ffb27a 100644
|
||||
--- a/lib/gitlab/logger.rb
|
||||
+++ b/lib/gitlab/logger.rb
|
||||
@@ -26,7 +26,7 @@ module Gitlab
|
||||
@@ -37,7 +37,7 @@ def self.build
|
||||
end
|
||||
|
||||
def self.full_log_path
|
||||
- Rails.root.join("log", file_name)
|
||||
+ File.join(ENV["GITLAB_LOG_PATH"], file_name)
|
||||
+ File.join(ENV["GITLAB_LOG_PATH"], file_name)
|
||||
end
|
||||
|
||||
def self.cache_key
|
||||
diff --git a/lib/gitlab/uploads_transfer.rb b/lib/gitlab/uploads_transfer.rb
|
||||
index 7d7400bdab..cb25211d44 100644
|
||||
index e0e7084e27e..19fab855b90 100644
|
||||
--- a/lib/gitlab/uploads_transfer.rb
|
||||
+++ b/lib/gitlab/uploads_transfer.rb
|
||||
@@ -1,7 +1,7 @@
|
||||
@@ -3,7 +3,7 @@
|
||||
module Gitlab
|
||||
class UploadsTransfer < ProjectTransfer
|
||||
def root_dir
|
||||
|
@ -92,10 +149,10 @@ index 7d7400bdab..cb25211d44 100644
|
|||
end
|
||||
end
|
||||
diff --git a/lib/system_check/app/log_writable_check.rb b/lib/system_check/app/log_writable_check.rb
|
||||
index 3e0c436d6e..28cefc5514 100644
|
||||
index 2c108f0c18d..3a16ff52d01 100644
|
||||
--- a/lib/system_check/app/log_writable_check.rb
|
||||
+++ b/lib/system_check/app/log_writable_check.rb
|
||||
@@ -21,7 +21,7 @@ module SystemCheck
|
||||
@@ -23,7 +23,7 @@ def show_error
|
||||
private
|
||||
|
||||
def log_path
|
||||
|
@ -105,10 +162,10 @@ index 3e0c436d6e..28cefc5514 100644
|
|||
end
|
||||
end
|
||||
diff --git a/lib/system_check/app/uploads_directory_exists_check.rb b/lib/system_check/app/uploads_directory_exists_check.rb
|
||||
index 7026d0ba07..c56e1f7ed9 100644
|
||||
index 54dff63ab61..882da702f29 100644
|
||||
--- a/lib/system_check/app/uploads_directory_exists_check.rb
|
||||
+++ b/lib/system_check/app/uploads_directory_exists_check.rb
|
||||
@@ -4,12 +4,13 @@ module SystemCheck
|
||||
@@ -6,12 +6,13 @@ class UploadsDirectoryExistsCheck < SystemCheck::BaseCheck
|
||||
set_name 'Uploads directory exists?'
|
||||
|
||||
def check?
|
||||
|
@ -120,15 +177,15 @@ index 7026d0ba07..c56e1f7ed9 100644
|
|||
+ uploads_dir = ENV['GITLAB_UPLOADS_PATH'] || Rails.root.join('public/uploads')
|
||||
try_fixing_it(
|
||||
- "sudo -u #{gitlab_user} mkdir #{Rails.root}/public/uploads"
|
||||
+ "sudo -u #{gitlab_user} mkdir #{uploads_dir}"
|
||||
+ "sudo -u #{gitlab_user} mkdir #{uploads_dir}"
|
||||
)
|
||||
for_more_information(
|
||||
see_installation_guide_section 'GitLab'
|
||||
see_installation_guide_section('GitLab')
|
||||
diff --git a/lib/system_check/app/uploads_path_permission_check.rb b/lib/system_check/app/uploads_path_permission_check.rb
|
||||
index 7df6c06025..bb447c16b2 100644
|
||||
index 2e1cc687c43..ca69d63bcf6 100644
|
||||
--- a/lib/system_check/app/uploads_path_permission_check.rb
|
||||
+++ b/lib/system_check/app/uploads_path_permission_check.rb
|
||||
@@ -25,7 +25,7 @@ module SystemCheck
|
||||
@@ -27,7 +27,7 @@ def show_error
|
||||
private
|
||||
|
||||
def rails_uploads_path
|
||||
|
@ -138,10 +195,10 @@ index 7df6c06025..bb447c16b2 100644
|
|||
|
||||
def uploads_fullpath
|
||||
diff --git a/lib/system_check/app/uploads_path_tmp_permission_check.rb b/lib/system_check/app/uploads_path_tmp_permission_check.rb
|
||||
index b276a81eac..070e3ebd81 100644
|
||||
index 567c7540777..29906b1c132 100644
|
||||
--- a/lib/system_check/app/uploads_path_tmp_permission_check.rb
|
||||
+++ b/lib/system_check/app/uploads_path_tmp_permission_check.rb
|
||||
@@ -33,7 +33,7 @@ module SystemCheck
|
||||
@@ -35,7 +35,7 @@ def upload_path_tmp
|
||||
end
|
||||
|
||||
def uploads_fullpath
|
||||
|
@ -150,14 +207,3 @@ index b276a81eac..070e3ebd81 100644
|
|||
end
|
||||
end
|
||||
end
|
||||
--- a/lib/gitlab/authorized_keys.rb
|
||||
+++ b/lib/gitlab/authorized_keys.rb
|
||||
@@ -157,7 +157,7 @@
|
||||
raise KeyError, "Invalid ID: #{id.inspect}"
|
||||
end
|
||||
|
||||
- "#{File.join(Gitlab.config.gitlab_shell.path, 'bin', 'gitlab-shell')} #{id}"
|
||||
+ "#{File.join('/run/current-system/sw/bin', 'gitlab-shell')} #{id}"
|
||||
end
|
||||
|
||||
def strip(key)
|
||||
|
|
Loading…
Reference in a new issue