Browse files

Update FreeBSD docs (#289)

Update docs for installing GitLab on FreeBSD 10.3
  • Loading branch information...
1 parent 9a2697a commit 20fa4f108ab85e93c564c1549c39843fa336ffc2 @charlesdunbar charlesdunbar committed with axilleas Aug 17, 2016
Showing with 148 additions and 49 deletions.
  1. +148 −49 install/freebsd/freebsd-10.md
View
197 install/freebsd/freebsd-10.md
@@ -27,7 +27,7 @@ pkg upgrade
Install system packages:
```
-pkg install sudo bash icu cmake pkgconf git nginx node ruby ruby21-gems logrotate redis postgresql94-server postfix krb5
+pkg install sudo bash icu cmake pkgconf git nginx node ruby ruby22-gems logrotate redis postgresql95-server postgresql95-contrib postfix krb5 gmake go
```
Install bundler gem system-wide:
@@ -70,20 +70,12 @@ Set up user and groups:
pw add user -n git -m -s /usr/local/bin/bash -c "GitLab"
# Add 'git' user to 'redis' group (this will come in useful later!)
-pw user mod git -G redis
+pw groupmod git -m redis
```
4. Set up Postgres database
---------------------------
-As root, make sure that Postgres is running:
-
-```
-service postgresql start
-```
-
-Check this with `service postgresql status`.
-
Set up the database:
```
@@ -103,8 +95,12 @@ psql -d template1
When logged into the database:
```
-# Create a user for GitLab
# Do not type the 'template1=#', this is part of the prompt
+
+# Set up pg_trgm extension (required for GitLab 8.6+)
+template1=# CREATE EXTENSION IF NOT EXISTS pg_trgm;
+
+# Create a user for GitLab
template1=# CREATE USER git CREATEDB;
# Create the GitLab production database & grant all privileges on database
@@ -162,7 +158,7 @@ sudo service redis restart
cd /home/git
# Clone GitLab source
-sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 7-7-stable gitlab
+sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-ce.git -b 8-9-stable gitlab
# Go to GitLab source folder
cd /home/git/gitlab
@@ -181,72 +177,111 @@ As root:
```
cd /home/git/gitlab
-chown -R git log/
-chown -R git tmp/
-chmod -R u+rwX,go-w log/
-chmod -R u+rwX tmp/
-# Make folder for satellites and set the right permissions
-sudo -u git -H mkdir /home/git/gitlab-satellites
-sudo -u git -H chmod u+rwx,g=rx,o-rwx /home/git/gitlab-satellites
+# Copy the example secrets file
+sudo -u git -H cp config/secrets.yml.example config/secrets.yml
+sudo -u git -H chmod 0600 config/secrets.yml
+
+# Make sure GitLab can write to the log/ and tmp/ directories
+sudo chown -R git log/
+sudo chown -R git tmp/
+sudo chmod -R u+rwX,go-w log/
+sudo chmod -R u+rwX tmp/
# Make sure GitLab can write to the tmp/pids/ and tmp/sockets/ directories
-sudo -u git -H chmod -R u+rwX tmp/pids/
-sudo -u git -H chmod -R u+rwX tmp/sockets/
+sudo chmod -R u+rwX tmp/pids/
+sudo chmod -R u+rwX tmp/sockets/
+
+# Create the public/uploads/ directory
+sudo -u git -H mkdir public/uploads/
+
+# Make sure only the GitLab user has access to the public/uploads/ directory
+# now that files in public/uploads are served by gitlab-workhorse
+sudo chmod 0700 public/uploads
+
+# Change the permissions of the directory where CI build traces are stored
+sudo chmod -R u+rwX builds/
-# Make sure GitLab can write to the public/uploads/ directory
-sudo -u git -H chmod -R u+rwX public/uploads
+# Change the permissions of the directory where CI artifacts are stored
+sudo chmod -R u+rwX shared/artifacts/
# Copy the example Unicorn config
sudo -u git -H cp config/unicorn.rb.example config/unicorn.rb
+# Find number of cores
+sysctl hw.ncpu
+
+# Enable cluster mode if you expect to have a high load instance
# Set the number of workers to at least the number of cores
+# Ex. change amount of workers to 3 for 2GB RAM server
sudo -u git -H vim config/unicorn.rb
# Copy the example Rack attack config
sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb
-# Configure Git global settings for git user, useful when editing via web
-# Edit user.email according to what is set in gitlab.yml
-sudo -u git -H git config --global user.name "GitLab"
-sudo -u git -H git config --global user.email "example@example.com"
+# Configure Git global settings for git user
+# 'autocrlf' is needed for the web editor
sudo -u git -H git config --global core.autocrlf input
-# Copy Redis connection settings
+# Disable 'git gc --auto' because GitLab already runs 'git gc' when needed
+sudo -u git -H git config --global gc.auto 0
+
+# Configure Redis connection settings
sudo -u git -H cp config/resque.yml.example config/resque.yml
-# Configure Redis to use the modified socket path
-# Change 'production' line to 'unix:/usr/local/var/run/redis/redis.sock'
-sudo -u git -H vim config/resque.yml
+# Change the Redis socket path to /usr/local/var/run/redis/redis.sock
+sudo -u git -H sed -i '' 's|/var/run/redis/redis.sock|/usr/local/var/run/redis/redis.sock|g' config/resque.yml
+```
+
+Configure the GitLab DB Settings:
+
+```
+sudo -u git cp config/database.yml.postgresql config/database.yml
+
+# Make config/database.yml readable to git only
+sudo -u git -H chmod o-rwx config/database.yml
+```
+
+Install Gems:
-# Copy database config
-sudo -u git -H cp config/database.yml.postgresql config/database.yml
+```
+sudo -u git -H bundle install --deployment --without development test mysql aws kerberos
-# Install Ruby Gems
-sudo -u git -H bundle install --deployment --without development test mysql aws
```
7. GitLab Shell
---------------
```
# Run the rake task for installing gitlab-shell
-sudo -u git -H bundle exec rake gitlab:shell:install[v2.4.1] REDIS_URL=unix:/usr/local/var/run/redis/redis.sock RAILS_ENV=production
+sudo -u git -H bundle exec rake gitlab:shell:install REDIS_URL=unix:/usr/local/var/run/redis/redis.sock RAILS_ENV=production
# Edit the gitlab-shell config
# Change /home/* to be /usr/home/* (home is a symbolic link that doesn't work)
-# Change the 'socket' option to '/usr/local/var/run/redis/redis.sock'
# Change the 'gitlab_url' option to 'http://localhost:8080/'
# Don't bother configuring any SSL stuff in here because it's used internally
sudo -u git -H vim /home/git/gitlab-shell/config.yml
```
-8. Initialise Database
+8. Gitlab Workhorse
+----------------------
+
+```
+cd /home/git
+sudo -u git -H git clone https://gitlab.com/gitlab-org/gitlab-workhorse.git
+cd gitlab-workhorse
+sudo -u git -H git checkout v0.7.5
+sudo -u git -H gmake
+```
+
+
+9. Initialize Database
----------------------
Initialize Database and Activate Advanced Features
```
+cd /home/git/gitlab
sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production
# Type 'yes' to create the database tables.
# When done you see 'Administrator account created:'
@@ -263,16 +298,17 @@ default password.
sudo -u git -H bundle exec rake gitlab:setup RAILS_ENV=production GITLAB_ROOT_PASSWORD=yourpassword
```
-9. Init script
+10. Init script
--------------
Download the FreeBSD init script as root:
```
-wget -O /usr/local/etc/rc.d/gitlab https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/init/freebsd/gitlab-unicorn
+fetch -o /usr/local/etc/rc.d/gitlab https://gitlab.com/gitlab-org/gitlab-recipes/raw/master/init/init/freebsd/gitlab-unicorn
+chmod 555 /usr/local/etc/rc.d/gitlab
```
-10. Check Configuration and Compile Assets
+11. Check Configuration and Compile Assets
------------------------------------------
```
@@ -288,7 +324,7 @@ smaller machine, so don't panic if it takes a while!
sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production
```
-11. Start GitLab service
+12. Start GitLab service
------------------------
If all of the above steps complete with no errors and everything has gone
@@ -299,27 +335,90 @@ As root:
service gitlab start
```
-12. Nginx
+13. Nginx
---------
**Note:** The default version of `nginx` on FreeBSD is compiled without the
`gzip_static` module, which means you need to remove the appropriate directives
from the `nginx` configuration.
-You might want to create `/usr/local/etc/nginx/conf.d/` and include it in
-`nginx.conf` first.
+```
+mkdir -p /usr/local/etc/nginx/conf.d
+mkdir -p /usr/local/etc/nginx/ssl
+mkdir -p /var/log/nginx
+
+# SSL
+fetch -o /usr/local/etc/nginx/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-ce/raw/master/lib/support/nginx/gitlab-ssl
+# HTTP
+fetch -o /usr/local/etc/nginx/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-ce/raw/master/lib/support/nginx/gitlab
```
-wget -O /usr/local/etc/nginx/conf.d/gitlab.conf https://gitlab.com/gitlab-org/gitlab-ce/raw/master/lib/support/nginx/gitlab-ssl
+
+Edit `/usr/local/etc/nginx/nginx.conf`:
```
+load_module /usr/local/libexec/nginx/ngx_mail_module.so;
+load_module /usr/local/libexec/nginx/ngx_stream_module.so;
+
+#user nobody;
+worker_processes 1;
+
+#error_log logs/error.log;
+#error_log logs/error.log notice;
+#error_log logs/error.log info;
+
+#pid logs/nginx.pid;
+
+
+events {
+ worker_connections 1024;
+}
+
+
+http {
+ include mime.types;
+ default_type application/octet-stream;
-Edit `/usr/local/etc/nginx/conf.d/gitlab.conf` and replace `git.example.com` with your FQDN. Make sure to read the comments in order to properly set up SSL.
+ #log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ # '$status $body_bytes_sent "$http_referer" '
+ # '"$http_user_agent" "$http_x_forwarded_for"';
-Add `nginx` user to `git` group:
+ #access_log logs/access.log main;
- pw usermod -a -G git nginx
+ sendfile on;
+ #tcp_nopush on;
+
+ #keepalive_timeout 0;
+ keepalive_timeout 65;
+
+ #gzip on;
+
+ include /usr/local/etc/nginx/conf.d/*;
+}
+```
+
+Edit `/usr/local/etc/nginx/conf.d/gitlab.conf`
+ * Change any reference to /etc/* to /usr/local/etc/*
+ * Replace `git.example.com` with your FQDN.
+
+Make sure to read the comments in order to properly set up SSL.
+
+Example to set up self-signed SSL:
+```
+cd /usr/local/etc/nginx/ssl
+openssl genrsa -out gitlab.key
+openssl req -new -batch -subj "/C=US/ST=gitlab/L=gitlab/O=gitlab/CN=gitlab" -key gitlab.key -out gitlab.csr
+openssl x509 -req -days 3650 -in gitlab.csr -signkey gitlab.key -out gitlab.crt
+```
+
+Add `www` user to `git` group:
+
+ pw groupmod git -m www
chmod g+rx /home/git/
+Set up the log directory
+
+ mkdir /var/log/nginx
+
Finally start nginx with:
service nginx start

0 comments on commit 20fa4f1

Please sign in to comment.