Merge branch 'custom_postgres_socket' into 'master'
Custom postgres socket location Postgres is compiled by default to use `/tmp` as a socket directory. omnibus-gitlab also uses the postgres default. If there is an existing Postgresql installation on the system where GitLab is installed and user still wants to use the packaged postgres installation will fail because GitLab will try to connect to the external database. Few options on how to handle this: 1. Supply a different port for packaged postgresql 1. Supply a `unix_socket_directory` configuration option to postgresql.conf 1. Compile postgres to use a different socket directory, [Postgres docs say](http://www.postgresql.org/docs/9.2/static/runtime-config-connection.html) `The default is normally /tmp, but can be changed at build time` Considering: 1. Easiest to implement. Downside: if existing postgresql db uses a different port there is a chance this bug can reappear for certain users. Still no real isolation as you would expect with a packaged program. 1. Semi-difficult to implement. Requires changes when calling any postgres proces, namely supplying `-h PATH_TO_SOCKET_DIR` for every request. 1. Unknown difficulty. There seems to be no option to do this without changing the source of postgres. Debian/Ubuntu packaged postgres seem to patch the code according to [this discussion](http://postgresql.nabble.com/Add-socket-dir-to-pg-config-td4944750.html) Current direction: I think we should strive towards further isolation of the packaged services so option 2 is proposed here. Fixes #466 See merge request !387
This commit is contained in:
commit
9ca63f517d
|
@ -149,7 +149,8 @@ default['gitlab']['gitlab-rails']['db_database'] = "gitlabhq_production"
|
|||
default['gitlab']['gitlab-rails']['db_pool'] = 10
|
||||
default['gitlab']['gitlab-rails']['db_username'] = "gitlab"
|
||||
default['gitlab']['gitlab-rails']['db_password'] = nil
|
||||
default['gitlab']['gitlab-rails']['db_host'] = nil
|
||||
# Path to postgresql socket directory
|
||||
default['gitlab']['gitlab-rails']['db_host'] = "/var/opt/gitlab/postgresql"
|
||||
default['gitlab']['gitlab-rails']['db_port'] = 5432
|
||||
default['gitlab']['gitlab-rails']['db_socket'] = nil
|
||||
default['gitlab']['gitlab-rails']['db_sslmode'] = nil
|
||||
|
@ -223,6 +224,7 @@ default['gitlab']['postgresql']['ha'] = false
|
|||
default['gitlab']['postgresql']['dir'] = "/var/opt/gitlab/postgresql"
|
||||
default['gitlab']['postgresql']['data_dir'] = "/var/opt/gitlab/postgresql/data"
|
||||
default['gitlab']['postgresql']['log_directory'] = "/var/log/gitlab/postgresql"
|
||||
default['gitlab']['postgresql']['unix_socket_directory'] = "/var/opt/gitlab/postgresql"
|
||||
default['gitlab']['postgresql']['username'] = "gitlab-psql"
|
||||
default['gitlab']['postgresql']['uid'] = nil
|
||||
default['gitlab']['postgresql']['gid'] = nil
|
||||
|
@ -424,7 +426,8 @@ default['gitlab']['gitlab-ci']['db_database'] = "gitlab_ci_production"
|
|||
default['gitlab']['gitlab-ci']['db_pool'] = 10
|
||||
default['gitlab']['gitlab-ci']['db_username'] = "gitlab_ci"
|
||||
default['gitlab']['gitlab-ci']['db_password'] = nil
|
||||
default['gitlab']['gitlab-ci']['db_host'] = nil
|
||||
# Path to postgresql socket directory
|
||||
default['gitlab']['gitlab-ci']['db_host'] = "/var/opt/gitlab/postgresql"
|
||||
default['gitlab']['gitlab-ci']['db_port'] = 5432
|
||||
default['gitlab']['gitlab-ci']['db_socket'] = nil
|
||||
|
||||
|
|
|
@ -65,6 +65,7 @@ class PgHelper
|
|||
cmd = ["/opt/gitlab/embedded/bin/chpst",
|
||||
"-u #{pg_user}",
|
||||
"/opt/gitlab/embedded/bin/psql",
|
||||
"-h #{pg_host}",
|
||||
"--port #{pg_port}",
|
||||
cmd_list.join(" ")].join(" ")
|
||||
success?(cmd)
|
||||
|
@ -78,6 +79,10 @@ class PgHelper
|
|||
node['gitlab']['postgresql']['port']
|
||||
end
|
||||
|
||||
def pg_host
|
||||
node['gitlab']['postgresql']['unix_socket_directory']
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
class OmnibusHelper
|
||||
|
|
|
@ -20,6 +20,7 @@ postgresql_dir = node['gitlab']['postgresql']['dir']
|
|||
postgresql_data_dir = node['gitlab']['postgresql']['data_dir']
|
||||
postgresql_data_dir_symlink = File.join(postgresql_dir, "data")
|
||||
postgresql_log_dir = node['gitlab']['postgresql']['log_directory']
|
||||
postgresql_socket_dir = node['gitlab']['postgresql']['unix_socket_directory']
|
||||
postgresql_user = node['gitlab']['postgresql']['username']
|
||||
|
||||
group postgresql_user do
|
||||
|
@ -35,8 +36,13 @@ user postgresql_user do
|
|||
home node['gitlab']['postgresql']['home']
|
||||
end
|
||||
|
||||
directory postgresql_dir do
|
||||
owner node['gitlab']['postgresql']['username']
|
||||
mode "0755"
|
||||
recursive true
|
||||
end
|
||||
|
||||
[
|
||||
postgresql_dir,
|
||||
postgresql_data_dir,
|
||||
postgresql_log_dir
|
||||
].each do |dir|
|
||||
|
@ -54,7 +60,7 @@ end
|
|||
|
||||
file File.join(node['gitlab']['postgresql']['home'], ".profile") do
|
||||
owner node['gitlab']['postgresql']['username']
|
||||
mode "0644"
|
||||
mode "0600"
|
||||
content <<-EOH
|
||||
PATH=#{node['gitlab']['postgresql']['user_path']}
|
||||
EOH
|
||||
|
@ -162,13 +168,13 @@ end
|
|||
|
||||
databases.each do |rails_app, db_name, sql_user|
|
||||
execute "create #{sql_user} database user" do
|
||||
command "#{bin_dir}/psql --port #{pg_port} -d template1 -c \"CREATE USER #{sql_user}\""
|
||||
command "#{bin_dir}/psql --port #{pg_port} -h #{postgresql_socket_dir} -d template1 -c \"CREATE USER #{sql_user}\""
|
||||
user pg_user
|
||||
not_if { !pg_helper.is_running? || pg_helper.user_exists?(sql_user) }
|
||||
end
|
||||
|
||||
execute "create #{db_name} database" do
|
||||
command "#{bin_dir}/createdb --port #{pg_port} -O #{sql_user} #{db_name}"
|
||||
command "#{bin_dir}/createdb --port #{pg_port} -h #{postgresql_socket_dir} -O #{sql_user} #{db_name}"
|
||||
user pg_user
|
||||
not_if { !pg_helper.is_running? || pg_helper.database_exists?(db_name) }
|
||||
retries 30
|
||||
|
|
|
@ -69,7 +69,7 @@ max_connections = <%= node['gitlab']['postgresql']['max_connections'] %> #
|
|||
# Note: Increasing max_connections costs ~400 bytes of shared memory per
|
||||
# connection slot, plus lock space (see max_locks_per_transaction).
|
||||
#superuser_reserved_connections = 3 # (change requires restart)
|
||||
#unix_socket_directory = '' # (change requires restart)
|
||||
unix_socket_directory = '<%= node['gitlab']['postgresql']['unix_socket_directory'] %>' # (change requires restart)
|
||||
#unix_socket_group = '' # (change requires restart)
|
||||
#unix_socket_permissions = 0777 # begin with 0 to use octal notation
|
||||
# (change requires restart)
|
||||
|
|
Loading…
Reference in New Issue