|
Size: 13213
Comment: ruby-grape 1.6.2 breaks gitlab in experimental
|
Size: 8030
Comment: old news entries are archived
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 43: | Line 43: |
| 1. From gitlab 14.2.6: postgresql database should be updated to 13 before installing gitlab 14.2. See [[gitlab/postgresql-update]] for steps to upgrading postgresql to 13. 1. From gitlab 14.0.10: We no longer require a work around to install grpc and google-protobuf gems from rubygems.org, packaged versions now work. 1. From 2021 July 23: We no longer require the personal repo of gitlab maintainer to install gitlab, all golang packages can now be added to fasttrack.debian.net directly. Thanks to Akshay S Dinesh for fixing this long pending bug (See https://salsa.debian.org/fasttrack-team/support/-/issues/8 for details). 1. New workaround from gitlab 13.12.3: You need to use google-protobuf from rubygems.org ([[gitlab#gitlab-sidekiq_service_failure_work_around_.28install_google-protobuf_from_rubygems.org.29|see below for details]]). 1. New from gitlab 13.10.4: Since this version includes gitlab-workhorse golang binary, it was moved to people.debian.org/~praveen/gitaly and should now include contrib section. 1. New in gitlab 13.6.7-1: New user created after a fresh installation should be approved using `gitlab-rails-console`. See [[gitlab#your_account_is_awaiting_approval_from_your_GitLab_administrator]] for steps to approving users and creating a user with Administrative privileges. 1. New in gitlab 13.3.8-1: You will need to install grpc gem from rubygems.org `gem install -v 1.30.2 grpc` (more details below). If you run gitaly on a different machine, you will need to do this on that machine as well. 1. New in gitlab 13.2.6-3: We have switched to puma as application server replacing unicorn. Upstream already made the switch from 12.9 and unicorn support will be dropped in gitlab 14.0. They saw a memory reduction of 37% in gitlab.com after the switch. See more details about this switch at this upstream blog post https://about.gitlab.com/blog/2020/07/08/migrating-to-puma-on-gitlab/. puma defaults to listening only on unix sockets and if you are running gitaly on a different machine, then you will have to edit `/etc/gitlab/puma.rb` to bind to tcp:// url as well. |
See [[gitlab/news]] for older archived entries. == Bookworm FastTrack (Ready for Testing) == {{{#!wiki important gitlab is now available in bookworm-fasttrack and more people testing upgrade from bullseye to bookworm is welcome! }}} gitlab 15.8.4 is available in Bookworm FastTrack (no open security issues). Add fasttrack.debian.net as a trusted repo for apt, {{{ # apt install fasttrack-archive-keyring }}} And add the following lines for fasttrack repo: {{{ deb https://fasttrack.debian.net/debian/ bookworm-fasttrack main contrib # For dependency packages not in testing only temporarily due to freeze, transitions or delayed by backports-new or NEW. deb https://fasttrack.debian.net/debian/ bookworm-backports-staging main contrib }}} And install gitlab: {{{ # apt update # apt install gitlab-apt-pin-preferences # apt install gitlab }}} {{{#!wiki important Note: apt is failing to resolve some dependencies right now, so aptitude is recommended (both for upgrading to latest in bullseye and from bullseye to bookworm upgrade). }}} For upgrading from bullseye-fasttrack to bookworm-fasttrack, make sure you update `gitlab-apt-pin-preferences` before you dist-upgrade. See [[DebianUpgrade]] for usual steps for upgrading between releases. Replace bullseye with bookworm in /etc/apt/sources.list or /etc/apt/sources.list.d/* and {{{ # apt update # apt install gitlab-apt-pin-preferences # aptitude dist-upgrade }}} |
| Line 54: | Line 88: |
| gitlab 15.7.8 is available in Bullseye FastTrack (no open security issues). | gitlab 15.8.4 is available in Bullseye FastTrack (no open security issues). |
| Line 86: | Line 120: |
| === Known Issues === {{{#!wiki important Currently gitlab installation is broken due to a change in libsass. See [[DebianBug:953415]] for more details. A work around is to downgrade libsass and libsass-dev to 3.6.1. Use http://snapshot.debian.org/package/libsass/3.6.1-1/ and hold it at the older version. # wget http://snapshot.debian.org/archive/debian/20190705T210019Z/pool/main/libs/libsass/libsass-dev_3.6.1-1_amd64.deb # wget http://snapshot.debian.org/archive/debian/20190705T210019Z/pool/main/libs/libsass/libsass1_3.6.1-1_amd64.deb # dpkg -i libsass1_3.6.1-1_amd64.deb libsass-dev_3.6.1-1_amd64.deb # apt-mark hold libsass1 libsass-dev }}} {{{#!wiki important See [[gitlab#gitlab_crash_work_around_.28install_grpc_from_rubygems.org.29]] for installing grpc gem from rubygems.org (just use `apt install ruby2.7` for installing ruby) }}} {{{#!wiki important Downgrade ruby-autoprefixer-rails and node-autoprefixer packages to 10.3.1.0+dfsg1+~cs14.6.19-2 using https://snapshot.debian.org/package/node-autoprefixer/10.3.1.0%2Bdfsg1%2B%7Ecs14.6.19-2/ and hold them to this version. # apt-mark hold node-autoprefixer ruby-autoprefixer-rails See [[DebianBug:1009245]] }}} {{{#!wiki important Downgrade ruby-github-linguist till gitaly is adapted to find languages.json from gem-install layout. Get older version from https://snapshot.debian.org/package/ruby-github-linguist/7.12.2-1/ # apt-mark hold ruby-github-linguist }}} |
|
| Line 127: | Line 126: |
| {{{#!wiki important You will have to follow the notes mentioned in unstable section above. }}} === Known Issues === * [[https://gitlab.com/gitlab-org/gitlab/-/issues/395809|grape 1.6.2 breaks gitlab installation]]. As a work around, install grape 1.5.2 from rubygems.org (See [[gitlab/troubleshooting#manually_installing_ruby_dependencies]] and lock grape to "~> 1.5.2" in /usr/share/gitlab/Gemfile. |
|
| Line 138: | Line 129: |
{{{#!wiki important You will have to follow the notes mentioned in unstable section above. }}} |
|
| Line 152: | Line 139: |
| == Gitlab with apache2 == Gitlab can use apache instead of nginx. The ([[https://gitlab.com/gitlab-org/gitlab-recipes/-/tree/master/web-server/apache|gitlab-recipes repository]]) instructions are wrong - apache supports proxying to UNIX sockets so there's no need to change any gitlab configuration to use TCP. Basically you will have to: * disable nginx * enable apache modules: * mod_rewrite * mod_ssl (if needed) * mod_proxy * mod_proxy_http * mod_headers * add/modify apache configuration file {{{ a2enmod rewrite ssl proxy_http headers }}} See below for Apache configuration file example (using Let's Encrypt SSL certificates and HTTP to HTTPS redirect). Replace YOUR_SERVER_FQDN string with your domain (e.g. git.example.org). {{{ <VirtualHost *:80> ServerName YOUR_SERVER_FQDN Redirect / https://YOUR_SERVER_FQDN/ </VirtualHost> <VirtualHost *:443> SSLCertificateFile /etc/letsencrypt/live/YOUR_SERVER_FQDN/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/YOUR_SERVER_FQDN/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains" ProxyPreserveHost On ServerName YOUR_SERVER_FQDN # Ensure that encoded slashes are not decoded but left in their encoded state. # http://doc.gitlab.com/ce/api/projects.html#get-single-project AllowEncodedSlashes NoDecode <Location /> Require all granted ProxyPassReverse https://YOUR_SERVER_FQDN/ </Location> RewriteEngine on #Forward all requests to gitlab-workhorse except existing files like error documents RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR] RewriteCond %{REQUEST_URI} ^/uploads/.* RewriteRule .* unix:/run/gitlab/gitlab-workhorse.socket|http://YOUR_SERVER_FQDN%{REQUEST_URI} [P,QSA,NE] RequestHeader set X_FORWARDED_PROTO 'https' RequestHeader set X-Forwarded-Ssl on # needed for downloading attachments DocumentRoot /var/lib/gitlab/public # Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up. ErrorDocument 404 /404.html ErrorDocument 422 /422.html ErrorDocument 500 /500.html ErrorDocument 502 /502.html ErrorDocument 503 /503.html LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded ErrorLog /var/log/apache2/YOUR_SERVER_FQDN_error.log CustomLog /var/log/apache2/YOUR_SERVER_FQDN_forwarded.log common_forwarded CustomLog /var/log/apache2/YOUR_SERVER_FQDN_access.log combined env=!dontlog CustomLog /var/log/apache2/YOUR_SERVER_FQDN.log combined </VirtualHost> }}} |
|
| Line 231: | Line 145: |
| See [[/tweaks|Tweaks for GitLab]] | See [[/tweaks|Tweaks for GitLab]] for things like configuring gitlab with apache 2 or configuring puma in single process mode. |
Gitlab is a git front end with repository management, graphs, links, goodies, commands to run, and review capabilities similar in feel to a self-hosted ?GitHub.
A new feature release of gitlab flows in the following direction: devel -> staging -> experimental -> unstable -> fasttrack-staging -> fasttrack (experimental and unstable may be skipped during freeze and transitions).
See /omnibus if you are looking for instructions to install upstream provided packages.
New upstream releases (including security updates) are announced at https://about.gitlab.com/releases/categories/releases/ and available as RSS feed https://about.gitlab.com/security-releases.xml.
Debian is running its own Instance of GitLab under https://salsa.debian.org, which is not based on the packaged version.
Note 1: For a smooth upgrade experience, always stay on the latest major version of gitlab. For example, if latest version of gitlab is 12.0.0 and you are currently on 11.3.6, then update to 12.0.0 as soon as possible, certainly before the debian package is updated to 13.x. Ideally, you should update as soon as a new version with security updates is available.
Note 2: It is recommended to subscribe to changes in this wiki page or frequently check this page for updates. Alternatively, you can subscribe to https://tracker.debian.org/pkg/gitlab to get notified when new versions are uploaded.
Make sure contrib section is enabled for official repos.
Story of Gitlab packaging project/FAQ about Gitlab packaging
Gitlab Inc sponsored the packaging effort for 6+ years (2016-2022). Currently looking for donations at https://opencollective.com/debian-gitlab.
Though the dependencies are so many, the work benefits Debian immensely by maintaining many important build tools like webpack, rollup, babel, npm, yarn... And frameworks like ruby on rails.
The situation in packaging ?JavaScript modules is considerably improved over the years thanks to this packaging work. It took over 2 years for packaging handlebars_assets gem for diaspora because its embedded ?JavaScript library was using tools like gulp, webpack, jison etc and none of this was packaged for Debian. The whole ?JavaScript build tools were untouched for years in Debian and instead reverse engineering of the build tools for specific libraries was the norm (for example jquery), it was very hard and not scalable.
Out of 1600+ node modules gitlab needs, we have 1200+ modules already packaged. It is not impossible to have it in main (it was in main earlier before the nodejs modules exploded exponentially and if some more people join the team, currently it is mostly a single person work and at times some new people helping out with a handful of dependencies. I don't think it is much harder if you take whole gnome or KDE as comparison. We are able to pull it off because of team work. This project have also brought many new contributors to Debian.
While we might love long term supported releases, calling anything moving fast as insane and not able to adapt to change is a recipe for Debian becoming irrelevant over time. Many just want distros to be only a base os for shipping containers but that is not necessarily a good thing for users to have dependency on a single project for updates and lose choice and flexibility.
We created https://fasttrack.debian.net to serve gitlab as it did not fit into a debian stable release cycle and currently not just gitlab, but matrix synapse and virtual box is also shipped via FastTrack.
New changes
- From gitlab 14.7.7: gitlab user needs to write to /var/lib/gitlab/.gem so if you installed gems manually as root user, you will need to update permissions or remove this directory. Gitlab package now installs required unpackaged gems in that directory automatically.
See gitlab/news for older archived entries.
Bookworm FastTrack (Ready for Testing)
gitlab is now available in bookworm-fasttrack and more people testing upgrade from bullseye to bookworm is welcome!
gitlab 15.8.4 is available in Bookworm FastTrack (no open security issues).
Add fasttrack.debian.net as a trusted repo for apt,
# apt install fasttrack-archive-keyring
And add the following lines for fasttrack repo:
deb https://fasttrack.debian.net/debian/ bookworm-fasttrack main contrib # For dependency packages not in testing only temporarily due to freeze, transitions or delayed by backports-new or NEW. deb https://fasttrack.debian.net/debian/ bookworm-backports-staging main contrib
And install gitlab:
# apt update # apt install gitlab-apt-pin-preferences # apt install gitlab
Note: apt is failing to resolve some dependencies right now, so aptitude is recommended (both for upgrading to latest in bullseye and from bullseye to bookworm upgrade).
For upgrading from bullseye-fasttrack to bookworm-fasttrack, make sure you update gitlab-apt-pin-preferences before you dist-upgrade. See DebianUpgrade for usual steps for upgrading between releases.
Replace bullseye with bookworm in /etc/apt/sources.list or /etc/apt/sources.list.d/* and
# apt update # apt install gitlab-apt-pin-preferences # aptitude dist-upgrade
Bullseye FastTrack (Recommended)
gitlab 15.8.4 is available in Bullseye FastTrack (no open security issues).
Add fasttrack.debian.net as a trusted repo for apt,
# apt install fasttrack-archive-keyring ca-certificates
And add the following lines for fasttrack repo:
deb https://fasttrack.debian.net/debian/ bullseye-fasttrack main contrib # For dependency packages not in testing only temporarily due to freeze, transitions or delayed by backports-new or NEW. deb https://fasttrack.debian.net/debian/ bullseye-backports-staging main contrib
You will also need official bullseye-backports repo:
deb http://deb.debian.org/debian bullseye-backports main contrib
Note: You may also use a mirror of fasttrack repo like http://mirror.linux.pizza/debian-fasttrack/
and install gitlab
# apt update # apt install gitlab-apt-pin-preferences # apt install gitlab
Unstable (be careful when updating packages)
See below for installing from experimental.
Experimental - During freeze and transitions
gitlab 15.7.8 is available in experimental (no open security issues).
If you are using experimental for the first time, check DebianExperimental.
Experimental/unstable Staging
When gitlab is not ready for official experimental/unstable (for example some dependencies need to clear NEW queue), it will be available from this repo.
This section moved to gitlab/staging.
Gitlab on older releases
These versions no longer receive any security updates and it is recommended to upgrade to Debian 11 Bullseye to continue receiving security updates.
Troubleshooting common issues
Tips and tweaks
See Tweaks for GitLab for things like configuring gitlab with apache 2 or configuring puma in single process mode.
Contact maintainers
You can reach the maintainers of the gitlab package via
Matrix at #debian-gitlab:poddery.com (join via browser)
IRC #debian-gitlab on OFTC network (join via browser)
Via XMPP at #debian-gitlab#poddery.com@matrix.org
Documentation for gitlab maintainers