Add dockerfile to build gitlab-ce and gitlab-ee images
This commit is contained in:
parent
be86a12395
commit
057c8745cd
|
@ -14,3 +14,4 @@ build.txt
|
|||
Vagrantfile
|
||||
.idea
|
||||
*.log
|
||||
docker/RELEASE
|
||||
|
|
|
@ -123,3 +123,21 @@ Raspberry Pi 2:
|
|||
- RaspberryPi2-tag
|
||||
except:
|
||||
- branches
|
||||
|
||||
Docker master:
|
||||
script:
|
||||
- bundle install --binstubs --path ~/gems
|
||||
- if ./support/is_gitlab_ee.sh; then exit 0; else make do_docker_master;fi
|
||||
tags:
|
||||
- docker-build
|
||||
except:
|
||||
- tags
|
||||
|
||||
Docker:
|
||||
script:
|
||||
- bundle install --binstubs --path ~/gems
|
||||
- if ./support/is_gitlab_ee.sh; then exit 0; else make do_docker_release;fi
|
||||
tags:
|
||||
- docker-build
|
||||
except:
|
||||
- branches
|
||||
|
|
32
Makefile
32
Makefile
|
@ -6,6 +6,16 @@ PLATFORM_DIR:=$(shell bundle exec support/ohai-helper platform-dir)
|
|||
PACKAGECLOUD_USER=gitlab
|
||||
PACKAGECLOUD_REPO:=$(shell support/repo_name.sh)
|
||||
PACKAGECLOUD_OS:=$(shell bundle exec support/ohai-helper repo-string)
|
||||
ifeq ($(shell support/is_gitlab_ee.sh; echo $$?), 0)
|
||||
RELEASE_PACKAGE=gitlab-ee
|
||||
else
|
||||
RELEASE_PACKAGE=gitlab-ce
|
||||
endif
|
||||
ifdef NIGHTLY
|
||||
DOCKER_TAG=nightly
|
||||
else
|
||||
DOCKER_TAG:=$(shell git describe | tr '+' '.')
|
||||
endif
|
||||
|
||||
build:
|
||||
bin/omnibus build ${PROJECT} --override append_timestamp:false --log-level info
|
||||
|
@ -65,6 +75,28 @@ move_to_secret_dir:
|
|||
&& mv ${SECRET_DIR} pkg/ \
|
||||
; fi
|
||||
|
||||
docker_cleanup:
|
||||
-docker images | grep gitlab/$(RELEASE_PACKAGE) | awk '{print $$3}' | xargs docker rmi
|
||||
|
||||
docker_build: docker_cleanup
|
||||
echo PACKAGECLOUD_REPO=$(PACKAGECLOUD_REPO) > docker/RELEASE
|
||||
echo RELEASE_PACKAGE=$(RELEASE_PACKAGE) >> docker/RELEASE
|
||||
echo RELEASE_VERSION=$(shell git describe) >> docker/RELEASE
|
||||
docker build -t gitlab/$(RELEASE_PACKAGE):$(DOCKER_TAG) -f docker/Dockerfile docker/
|
||||
|
||||
docker_push:
|
||||
docker push gitlab/$(RELEASE_PACKAGE):$(DOCKER_TAG)
|
||||
|
||||
docker_push_latest:
|
||||
docker tag gitlab/$(RELEASE_PACKAGE):$(DOCKER_TAG) gitlab/$(RELEASE_PACKAGE):latest
|
||||
docker push gitlab/$(RELEASE_PACKAGE):latest
|
||||
|
||||
do_docker_master:
|
||||
ifdef NIGHTLY
|
||||
do_docker_master: docker_build docker_push
|
||||
endif
|
||||
do_docker_release: no_changes on_tag docker_build docker_push docker_push_latest
|
||||
|
||||
md5:
|
||||
find pkg -name '*.json' -exec cat {} \;
|
||||
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
*.md
|
|
@ -0,0 +1,30 @@
|
|||
FROM ubuntu:14.04
|
||||
MAINTAINER Kamil Trzciński <kamil@gitlab.com>
|
||||
|
||||
# Install required packages
|
||||
RUN apt-get update -q \
|
||||
&& DEBIAN_FRONTEND=noninteractive apt-get install -yq --no-install-recommends \
|
||||
ca-certificates \
|
||||
openssh-server \
|
||||
wget \
|
||||
apt-transport-https \
|
||||
vim \
|
||||
nano \
|
||||
patch
|
||||
|
||||
# Copy assets
|
||||
COPY RELEASE /
|
||||
COPY assets/ /assets/
|
||||
RUN /assets/setup
|
||||
|
||||
# Allow to access embedded tools
|
||||
ENV PATH /opt/gitlab/embedded/bin:/opt/gitlab/bin:/assets:$PATH
|
||||
|
||||
# Expose web & ssh
|
||||
EXPOSE 443 80 22
|
||||
|
||||
# Define data volumes
|
||||
VOLUME ["/etc/gitlab", "/var/opt/gitlab", "/var/log/gitlab"]
|
||||
|
||||
# Wrapper to handle signal, trigger runit and reconfigure GitLab
|
||||
CMD ["/assets/wrapper"]
|
|
@ -0,0 +1,190 @@
|
|||
# GitLab Docker images
|
||||
|
||||
The GitLab CE docker image is [available on Docker Hub](https://registry.hub.docker.com/u/gitlab/gitlab-ce/).
|
||||
|
||||
The GitLab EE docker image is [available on Docker Hub](https://registry.hub.docker.com/u/gitlab/gitlab-ce/).
|
||||
|
||||
To use GitLab EE instead of GitLab CE replace image name to `gitlab/gitlab-ee:latest`.
|
||||
|
||||
## Run the image
|
||||
|
||||
Run the image:
|
||||
```bash
|
||||
sudo docker run --detach \
|
||||
--publish 8443:443 --publish 8080:80 --publish 2222:22 \
|
||||
--name gitlab \
|
||||
--restart always \
|
||||
--volume /srv/gitlab/config:/etc/gitlab \
|
||||
--volume /srv/gitlab/logs:/var/log/gitlab \
|
||||
--volume /srv/gitlab/data:/var/opt/gitlab \
|
||||
gitlab/gitlab-ce:latest
|
||||
```
|
||||
|
||||
This will download and start GitLab CE container and publish ports needed to access SSH, HTTP and HTTPS.
|
||||
All GitLab data will be stored as subdirectories of `/srv/gitlab/`.
|
||||
The container will automatically `restart` after system reboot.
|
||||
|
||||
After this you can login to the web interface as explained above in 'After starting a container'.
|
||||
|
||||
## Where is the data stored?
|
||||
|
||||
The GitLab container uses host mounted volumes to store persistent data:
|
||||
- `/srv/gitlab/data` mounted as `/var/opt/gitlab` in the container is used for storing *application data*
|
||||
- `/srv/gitlab/logs` mounted as `/var/log/gitlab` in the container is used for storing *logs*
|
||||
- `/srv/gitlab/config` mounted as `/etc/gitlab` in the container is used for storing *configuration*
|
||||
|
||||
You can fine tune these directories to meet your requirements.
|
||||
|
||||
### Configure GitLab
|
||||
|
||||
This container uses the official Omnibus GitLab distribution, so all configuration is done in the unique configuration file `/etc/gitlab/gitlab.rb`.
|
||||
|
||||
To access GitLab configuration, you can start an bash in a new the context of running container, you will be able to browse all directories and use your favorite text editor:
|
||||
```bash
|
||||
sudo docker exec -it gitlab /bin/bash
|
||||
```
|
||||
|
||||
You can also edit just `/etc/gitlab/gitlab.rb`:
|
||||
```bash
|
||||
sudo docker exec -it gitlab vi /etc/gitlab/gitlab.rb
|
||||
```
|
||||
|
||||
**You should set the `external_url` to point to a valid URL.**
|
||||
|
||||
**You may also be interesting in [Enabling HTTPS](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/nginx.md#enable-https).**
|
||||
|
||||
**To receive e-mails from GitLab you have to configure the [SMTP settings](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/smtp.md),
|
||||
because Docker image doesn't have a SMTP server.**
|
||||
|
||||
**Note** that GitLab will reconfigure itself **at each container start.** You will need to restart the container to reconfigure your GitLab:
|
||||
|
||||
```bash
|
||||
sudo docker restart gitlab
|
||||
```
|
||||
|
||||
For more options for configuring the container please check [Omnibus GitLab documentation](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md#configuration).
|
||||
|
||||
## Diagnose potential problems
|
||||
|
||||
Read container logs:
|
||||
```bash
|
||||
sudo docker logs gitlab
|
||||
```
|
||||
|
||||
Enter running container:
|
||||
```bash
|
||||
sudo docker exec -it gitlab /bin/bash
|
||||
```
|
||||
|
||||
From within container you can administrer GitLab container as you would normally administer Omnibus installation: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md.
|
||||
|
||||
## After starting a container
|
||||
|
||||
After starting a container you can go to [http://localhost/](http://localhost/) or [http://192.168.59.103/](http://192.168.59.103/) if you use boot2docker.
|
||||
|
||||
It might take a while before the docker container is responding to queries.
|
||||
|
||||
You can check the status with something like `sudo docker logs -f gitlab`.
|
||||
|
||||
You can login to the web interface with username `root` and password `5iveL!fe`.
|
||||
|
||||
Next time, you can just use docker start and stop to run the container.
|
||||
|
||||
### Upgrade GitLab to newer version
|
||||
|
||||
To upgrade GitLab to new version you have to do:
|
||||
1. pull new image,
|
||||
```bash
|
||||
sudo docker stop gitlab
|
||||
```
|
||||
|
||||
1. stop running container,
|
||||
```bash
|
||||
sudo docker rm gitlab
|
||||
```
|
||||
|
||||
1. remove existing container,
|
||||
```bash
|
||||
sudo docker pull gitlab/gitlab-ce:latest
|
||||
```
|
||||
|
||||
1. create the container once again with previously specified options.
|
||||
```bash
|
||||
sudo docker run --detach \
|
||||
--publish 8443:443 --publish 8080:80 --publish 2222:22 \
|
||||
--name gitlab \
|
||||
--restart always \
|
||||
--volume /srv/gitlab/config:/etc/gitlab \
|
||||
--volume /srv/gitlab/logs:/var/log/gitlab \
|
||||
--volume /srv/gitlab/data:/var/opt/gitlab \
|
||||
gitlab/gitlab-ce:latest
|
||||
```
|
||||
|
||||
On the first run GitLab will reconfigure and update itself.
|
||||
|
||||
### Use tagged versions of GitLab
|
||||
|
||||
We provide tagged version of GitLab docker images.
|
||||
|
||||
To see all available tags check [GitLab-CE Tags](https://hub.docker.com/r/gitlab/gitlab-ce/tags/) and [GitLab-EE Tags](https://hub.docker.com/r/gitlab/gitlab-ce/tags/).
|
||||
|
||||
To use specific tagged version replace `gitlab/gitlab-ce:latest` with `gitlab/gitlab-ce:8.0.2`.
|
||||
|
||||
### Run GitLab CE on public IP address
|
||||
|
||||
You can make Docker to use your IP address and forward all traffic to the GitLab CE container.
|
||||
You can do that by modifying the `--publish` ([Binding container ports to the host](https://docs.docker.com/articles/networking/#binding-ports)):
|
||||
|
||||
> --publish=[] : Publish a container᾿s port or a range of ports to the host format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort
|
||||
|
||||
To expose GitLab CE on IP 1.1.1.1:
|
||||
|
||||
```bash
|
||||
sudo docker run --detach \
|
||||
--publish 1.1.1.1:443:443 --publish 1.1.1.1:80:80 --publish 1.1.1.1:22:22 \
|
||||
--name gitlab \
|
||||
--restart always \
|
||||
--volume /srv/gitlab/config:/etc/gitlab \
|
||||
--volume /srv/gitlab/logs:/var/log/gitlab \
|
||||
--volume /srv/gitlab/data:/var/opt/gitlab \
|
||||
gitlab/gitlab-ce:latest
|
||||
```
|
||||
|
||||
You can then access GitLab instance at http://1.1.1.1/ and https://1.1.1.1/.
|
||||
|
||||
### Build the image
|
||||
|
||||
This guide will also let you know how to build docker image yourself.
|
||||
Please run the command from the GitLab repo root directory.
|
||||
People using boot2docker should run all the commands without sudo.
|
||||
|
||||
```bash
|
||||
make do_docker_build
|
||||
```
|
||||
|
||||
### Publish the image to Dockerhub
|
||||
|
||||
- Ensure the containers are running
|
||||
- Login to Dockerhub with `sudo docker login`
|
||||
|
||||
```bash
|
||||
sudo docker login
|
||||
sudo docker push gitlab/gitlab-ce:latest
|
||||
```
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
### Permission problems
|
||||
|
||||
When updating from older GitLab Docker images you can get permission problems.
|
||||
This can happen due to fact that users created by docker image are pinned.
|
||||
There's script that fixes permissions for all files.
|
||||
|
||||
To fix your container, simply execute `update-permissions` script:
|
||||
```
|
||||
sudo docker exec gitlab update-permissions
|
||||
```
|
||||
|
||||
Note: We use `fig.yml` to have compatibility with fig and because docker-compose also supports it.
|
||||
|
||||
Our docker image runs chef at every start to generate GitLab configuration.
|
|
@ -0,0 +1,50 @@
|
|||
--- etc/gitlab.rb.template.bak 2015-09-22 20:55:42.088202003 +0000
|
||||
+++ etc/gitlab.rb.template 2015-09-22 20:55:50.888202003 +0000
|
||||
@@ -3,7 +3,7 @@
|
||||
## Url on which GitLab will be reachable.
|
||||
## For more details on configuring external_url see:
|
||||
## https://gitlab.com/gitlab-org/omnibus-gitlab/blob/629def0a7a26e7c2326566f0758d4a27857b52a3/README.md#configuring-the-external-url-for-gitlab
|
||||
-external_url 'GENERATED_EXTERNAL_URL'
|
||||
+# external_url 'GENERATED_EXTERNAL_URL' # default: http://hostname
|
||||
|
||||
|
||||
## Note: configuration settings below are optional.
|
||||
--- embedded/cookbooks/gitlab.bak/recipes/remove_accounts.rb 2015-09-22 20:50:46.964202003 +0000
|
||||
+++ embedded/cookbooks/gitlab/recipes/remove_accounts.rb 2015-09-22 20:51:49.256202003 +0000
|
||||
@@ -16,8 +16,8 @@
|
||||
#
|
||||
|
||||
Gitlab[:node] = node
|
||||
-if File.exists?("/etc/gitlab/gitlab.rb")
|
||||
- Gitlab.from_file("/etc/gitlab/gitlab.rb")
|
||||
+if File.exists?("/assets/gitlab.rb")
|
||||
+ Gitlab.from_file("/assets/gitlab.rb")
|
||||
end
|
||||
node.consume_attributes(Gitlab.generate_config(node['fqdn']))
|
||||
|
||||
--- embedded/cookbooks/gitlab.bak/recipes/show_config.rb 2015-09-22 20:50:46.964202003 +0000
|
||||
+++ embedded/cookbooks/gitlab/recipes/show_config.rb 2015-09-22 20:52:02.716202003 +0000
|
||||
@@ -16,9 +16,9 @@
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
-if File.exists?("/etc/gitlab/gitlab.rb")
|
||||
+if File.exists?("/assets/gitlab.rb")
|
||||
Gitlab[:node] = node
|
||||
- Gitlab.from_file("/etc/gitlab/gitlab.rb")
|
||||
+ Gitlab.from_file("/assets/gitlab.rb")
|
||||
end
|
||||
config = Gitlab.generate_config(node['fqdn'])
|
||||
|
||||
--- embedded/cookbooks/gitlab.bak/recipes/default.rb 2015-09-22 20:50:46.964202003 +0000
|
||||
+++ embedded/cookbooks/gitlab/recipes/default.rb 2015-09-22 20:52:13.880202003 +0000
|
||||
@@ -31,8 +31,8 @@
|
||||
end.run_action(:create)
|
||||
|
||||
Gitlab[:node] = node
|
||||
-if File.exists?("/etc/gitlab/gitlab.rb")
|
||||
- Gitlab.from_file("/etc/gitlab/gitlab.rb")
|
||||
+if File.exists?("/assets/gitlab.rb")
|
||||
+ Gitlab.from_file("/assets/gitlab.rb")
|
||||
end
|
||||
node.consume_attributes(Gitlab.generate_config(node['fqdn']))
|
|
@ -0,0 +1,13 @@
|
|||
# Docker options
|
||||
## Prevent Postgres from trying to allocate 25% of total memory
|
||||
postgresql['shared_buffers'] = '1MB'
|
||||
|
||||
# Manage accounts with docker
|
||||
manage_accounts['enable'] = false
|
||||
|
||||
# Get hostname from shell
|
||||
host = `hostname`.strip
|
||||
external_url "http://#{host}"
|
||||
|
||||
# Load /etc/gitlab/gitlab.rb
|
||||
from_file("/etc/gitlab/gitlab.rb")
|
|
@ -0,0 +1,43 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -xe
|
||||
|
||||
source /RELEASE
|
||||
|
||||
# Download & Install GitLab
|
||||
echo "deb https://packages.gitlab.com/gitlab/${PACKAGECLOUD_REPO}/ubuntu/ `lsb_release -cs` main" > /etc/apt/sources.list.d/gitlab_${RELEASE_PACKAGE}.list
|
||||
wget -q -O - https://packages.gitlab.com/gpg.key | apt-key add -
|
||||
apt-get update
|
||||
apt-get install -yq --no-install-recommends ${RELEASE_PACKAGE}=${RELEASE_VERSION}
|
||||
|
||||
# Create sshd daemon
|
||||
mkdir -p /opt/gitlab/sv/sshd/supervise
|
||||
mkfifo /opt/gitlab/sv/sshd/supervise/ok
|
||||
printf "#!/bin/sh\nexec 2>&1\numask 077\nexec /usr/sbin/sshd -D" > /opt/gitlab/sv/sshd/run
|
||||
chmod a+x /opt/gitlab/sv/sshd/run
|
||||
mkdir -p /var/run/sshd
|
||||
|
||||
# Disabling use DNS in ssh since it tends to slow connecting
|
||||
echo "UseDNS no" >> /etc/ssh/sshd_config
|
||||
|
||||
# Remove current gitlab.rb file
|
||||
rm -f /etc/gitlab/gitlab.rb
|
||||
|
||||
# Patch omnibus package
|
||||
patch -p0 -d /opt/gitlab < /assets/gitlab-rb-location.patch
|
||||
|
||||
# Create groups
|
||||
groupadd -g 998 git
|
||||
groupadd -g 999 gitlab-www
|
||||
groupadd -g 997 gitlab-redis
|
||||
groupadd -g 996 gitlab-psql
|
||||
# groupadd -g 995 gitlab-ci
|
||||
groupadd -g 994 mattermost
|
||||
|
||||
# Create accounts
|
||||
useradd -m -u 998 -g git -m -s /bin/sh -d /var/opt/gitlab git
|
||||
useradd -m -u 999 -g gitlab-www -m -s /bin/false -d /var/opt/gitlab/nginx gitlab-www
|
||||
useradd -m -u 997 -g gitlab-redis -m -s /bin/nologin -d /var/opt/gitlab/redis gitlab-redis
|
||||
useradd -m -u 996 -g gitlab-psql -m -s /bin/sh -d /var/opt/gitlab/postgresql gitlab-psql
|
||||
# useradd -m -u 995 -g gitlab-ci -m -s /bin/sh -d /var/opt/gitlab/gitlab-ci gitlab-ci
|
||||
useradd -m -u 994 -g mattermost -m -s /bin/sh -d /var/opt/gitlab/mattermost mattermost
|
|
@ -0,0 +1,44 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -x
|
||||
|
||||
# Fix GitLab permissions
|
||||
if id -u git; then
|
||||
# Fix data storage
|
||||
chown -R git:git /var/opt/gitlab/.ssh
|
||||
chown -R git:git /var/opt/gitlab/.gitconfig
|
||||
chown -R git:git /var/opt/gitlab/git-data
|
||||
chown -R git:git /var/opt/gitlab/gitlab-ci/builds
|
||||
chown -R git:git /var/opt/gitlab/gitlab-git-http-server
|
||||
chown -R git:git /var/opt/gitlab/gitlab-rails
|
||||
chown -R git:git /var/opt/gitlab/gitlab-shell
|
||||
|
||||
# Fix log storage
|
||||
chown git /var/log/gitlab/gitlab-git-http-server
|
||||
chown git /var/log/gitlab/gitlab-rails
|
||||
chown git /var/log/gitlab/gitlab-shell
|
||||
chown git /var/log/gitlab/sidekiq
|
||||
chown git /var/log/gitlab/unicorn
|
||||
chown gitlab-psql /var/log/gitlab/postgresql
|
||||
chown gitlab-redis /var/log/gitlab/redis
|
||||
|
||||
# Update log files
|
||||
chown -R git:git /var/log/gitlab/gitlab-rails/*.log
|
||||
chown -R git:git /var/log/gitlab/gitlab-shell/*.log
|
||||
chown -R git:git /var/log/gitlab/unicorn/*.log
|
||||
fi
|
||||
|
||||
# Fix nginx buffering directory permission
|
||||
if id -u gitlab-www; then
|
||||
chown -R gitlab-www:gitlab-www /var/opt/gitlab/nginx/*_temp
|
||||
fi
|
||||
|
||||
# Fix database storage
|
||||
if id -u gitlab-psql; then
|
||||
chown -R gitlab-psql:gitlab-psql /var/opt/gitlab/postgresql
|
||||
fi
|
||||
|
||||
# Fix redis storage
|
||||
if id -u gitlab-redis; then
|
||||
chown gitlab-redis:gitlab-redis /var/opt/gitlab/redis
|
||||
fi
|
|
@ -0,0 +1,29 @@
|
|||
#!/bin/bash
|
||||
|
||||
function sigterm_handler() {
|
||||
echo "SIGTERM signal received, try to gracefully shutdown all services..."
|
||||
gitlab-ctl stop
|
||||
}
|
||||
|
||||
trap "sigterm_handler; exit" TERM
|
||||
|
||||
set -xe
|
||||
|
||||
# Copy gitlab.rb for the first time
|
||||
if [[ ! -e /etc/gitlab/gitlab.rb ]]; then
|
||||
cp /opt/gitlab/etc/gitlab.rb.template /etc/gitlab/gitlab.rb
|
||||
chmod 0600 /etc/gitlab/gitlab.rb
|
||||
fi
|
||||
|
||||
# Remove all services, the reconfigure will create them
|
||||
rm -f /opt/gitlab/service/*
|
||||
ln -s /opt/gitlab/sv/sshd /opt/gitlab/service
|
||||
|
||||
# Start service manager
|
||||
/opt/gitlab/embedded/bin/runsvdir-start &
|
||||
|
||||
# Configure gitlab package
|
||||
gitlab-ctl reconfigure
|
||||
|
||||
# Tail all logs
|
||||
gitlab-ctl tail
|
|
@ -0,0 +1,31 @@
|
|||
{
|
||||
"id": "/gitlab",
|
||||
"ports": [0,0],
|
||||
"cpus": 2,
|
||||
"mem": 2048.0,
|
||||
"disk": 10240.0,
|
||||
"container": {
|
||||
"type": "DOCKER",
|
||||
"docker": {
|
||||
"network": "HOST",
|
||||
"image": "gitlab/gitlab-ce:latest"
|
||||
},
|
||||
"volumes": [
|
||||
{
|
||||
"containerPath": "/etc/gitlab",
|
||||
"hostPath": "/var/data/etc/gitlab",
|
||||
"mode": "RW"
|
||||
},
|
||||
{
|
||||
"containerPath": "/var/opt/gitlab",
|
||||
"hostPath": "/var/data/opt/gitlab",
|
||||
"mode": "RW"
|
||||
},
|
||||
{
|
||||
"containerPath": "/var/log/gitlab",
|
||||
"hostPath": "/var/data/log/gitlab",
|
||||
"mode": "RW"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue