BigW Consortium Gitlab

4.2-to-5.0.md 5.1 KB

From 4.2 to 5.0

Make sure you view this upgrade guide from the master branch for the most up to date instructions.

Warning

GitLab 5.0 is affected by critical security vulnerability CVE-2013-4490.

Important changes

  • We don't use gitlab user any more. Everything will be moved to git user
  • Self signed SSL certificates are not supported until GitLab 5.1
  • requires ruby1.9.3

0. Stop GitLab

sudo service gitlab stop

1. add bash to git user

sudo chsh -s /bin/bash git

2. git clone gitlab-shell

cd /home/git/
sudo -u git -H git clone https://github.com/gitlabhq/gitlab-shell.git /home/git/gitlab-shell

3. setup gitlab-shell

# chmod all repos and files under git
sudo chown git:git -R /home/git/repositories/

# login as git
sudo su git
cd /home/git/gitlab-shell
git checkout v1.1.0

# copy config
cp config.yml.example config.yml

# change URL to GitLab instance
# ! make sure the URL ends with '/' like 'https://gitlab.example/'
vim config.yml

# rewrite hooks
./support/rewrite-hooks.sh

# check ruby version for git user ( 1.9 required!! )
# GitLab shell requires system ruby 1.9
ruby -v

# exit from git user
exit

4. Copy GitLab instance to git user

sudo cp -R /home/gitlab/gitlab /home/git/gitlab
sudo chown git:git -R /home/git/gitlab
sudo rm -rf /home/gitlab/gitlab-satellites

# if exists
sudo rm /tmp/gitlab.socket

5. Update GitLab to recent version

cd /home/git/gitlab

# backup current config
sudo -u git -H cp config/gitlab.yml config/gitlab.yml.old

sudo -u git -H git fetch
sudo -u git -H git checkout 5-0-stable

# replace config with recent one
sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml

# edit it
sudo -u git -H vim config/gitlab.yml


sudo -u git -H bundle install --without development test postgres --deployment
sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production
sudo -u git -H bundle exec rake gitlab:shell:setup RAILS_ENV=production
sudo -u git -H bundle exec rake gitlab:shell:build_missing_projects RAILS_ENV=production

sudo -u git -H mkdir -p /home/git/gitlab-satellites
sudo -u git -H bundle exec rake gitlab:satellites:create RAILS_ENV=production

# migrate wiki to git
sudo -u git -H bundle exec rake gitlab:wiki:migrate RAILS_ENV=production


# check permissions for /home/git/.ssh/
sudo -u git -H chmod 700 /home/git/.ssh
sudo -u git -H chmod 600 /home/git/.ssh/authorized_keys

# check permissions for /home/git/gitlab/
sudo chown -R git /home/git/gitlab/log/
sudo chown -R git /home/git/gitlab/tmp/
sudo chmod -R u+rwX  /home/git/gitlab/log/
sudo chmod -R u+rwX  /home/git/gitlab/tmp/
sudo -u git -H mkdir -p /home/git/gitlab/tmp/pids/
sudo chmod -R u+rwX  /home/git/gitlab/tmp/pids

6. Update init.d script and Nginx config

# init.d
sudo rm /etc/init.d/gitlab
sudo curl -L --output /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlab-recipes/5-0-stable/init.d/gitlab
sudo chmod +x /etc/init.d/gitlab

# unicorn
sudo -u git -H cp /home/git/gitlab/config/unicorn.rb /home/git/gitlab/config/unicorn.rb.old
sudo -u git -H cp /home/git/gitlab/config/unicorn.rb.example /home/git/gitlab/config/unicorn.rb

# Nginx
# Replace path from '/home/gitlab/' to '/home/git/'
sudo vim /etc/nginx/sites-enabled/gitlab
sudo service nginx restart

7. Start GitLab instance

sudo service gitlab start

# check if unicorn and sidekiq started
# If not try to logout, also check replaced path from '/home/gitlab/' to '/home/git/'
# in Nginx, unicorn, init.d etc
ps aux | grep unicorn
ps aux | grep sidekiq

8. Check installation

# In 5-10 seconds lets check gitlab-shell
sudo -u git -H /home/git/gitlab-shell/bin/check

# Example of success output
# Check GitLab API access: OK
# Check directories and files:
#         /home/git/repositories: OK
#         /home/git/.ssh/authorized_keys: OK


# Now check GitLab instance
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production

9. Cleanup

If everything works as expected you can cleanup some old things Recommend you wait a bit and do a backup before completing the following.

# remove GitLab user from system
sudo userdel -r gitlab

cd /home/git

# cleanup .profile
## remove text from .profile added during gitolite installation:
##   PATH=\$PATH:/home/git/bin
##   export PATH
## to see what a clean .profile for new users on your system would look like see /etc/skel/.profile
sudo -u git -H vim .profile

# remove gitolite
sudo rm -R bin
sudo rm -Rf gitolite
sudo rm -R .gitolite
sudo rm .gitolite.rc
sudo rm -f gitlab.pub
sudo rm projects.list

# reset tmp folders
sudo service gitlab stop
cd /home/git/gitlab
sudo rm -R tmp
sudo -u git -H mkdir tmp
sudo chmod -R u+rwX  tmp/

# create directory for pids, make sure GitLab can write to it
sudo -u git -H mkdir tmp/pids/
sudo chmod -R u+rwX  tmp/pids/

# if you are already running a newer version of GitLab check that installation guide for other tmp folders you need to create

# reboot system
sudo reboot

# login, check that GitLab is running fine
cd /home/git/gitlab
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production