From ArchWiki
Latest comment: 16 April by Lahwaacz in topic gitlab-shell-ruby executable does not exist

Missing Section?

It might just be me, but it seems like a section is missing. In start and test it says visit your domain, however unless I am missing something pretty major that shouldn't work since neither apache nor nginx are ever setup / pointed to the webapp.--Theflyingfool (talk) 08:15, 8 April 2014 (UTC)Reply[reply]

I don't have neither of them on my server, Gitlab uses own one, Unicorn, to deal with webapp. Kosciak9 (talk) 12:17, 6 December 2015 (UTC)Reply[reply]

This has been explained, closing. -- Lahwaacz (talk) 19:43, 14 November 2017 (UTC)Reply[reply]
I just managed to install a working Gitlab. Without an nginx server, you get no assets from Unicorn. And the installation manual from the Gitlab website is quite explicit about it: you need a server like nginx. Mdhooge (talk) 09:26, 23 July 2018 (UTC)Reply[reply]

Using Sudo instead of su -

I don't have any root password on my pi, only my user password (for sudo). As the rest of the documentation uses sudo, it would be better to use sudo here too :

For some reason all sudo - commands fail for me, not sure why. ElectricPrism (talk) 08:10, 21 December 2015 (UTC)Reply[reply]

I'm also having issues without being root, unfortunately there are more issues, and I couldn't install (the latest version) at all.
Going to add Stub template, because more commands listed doesn't seem to work (correctly).
Beta990 (talk) 11:42, 21 December 2015 (UTC)Reply[reply]
Note: Regarding the `su - gitlab` users have gotten a update because they kept failing for me too.
From what I've seen online, the correct way of sudo'ing into the gitlab user would be `sudo -i -u gitlab /bin/sh` but that results in a `Only ssh allowed` error for me (which I think originates from gitab-shell).
You can always do `sudo su - gitlab -s /bin/sh`, that does work for me.
Gtarsia (talk) 18:23, 31 January 2019 (UTC)Reply[reply]

Very confusing

I went through the install, I didn't make it work yet but I have a few questions on confusing instructions:

-I want to use my already set-up nginx webserver. Should I still use reddis, and the gem/bundle install commands ?

Yes, you should proxy-pass nginx to unicorn. Redis is used for internal communication, gem/bundle for setup. You can find good explanations at the GitLab website. DenBrahe (talk) 21:43, 19 April 2016 (UTC)Reply[reply]

-What are the pros/cons to use the AUR package v. using the official package ?

AUR package is finetuned for Arch to work with systemd and linux conventions and things like that (don't know exactly). Basically if you're not an expert, you're better off with the AUR package. Wiki page should get an update though. DenBrahe (talk) 21:43, 19 April 2016 (UTC)Reply[reply]

-How can we uninstall the components installed by the gem/bundle install commands ?

-the su - gitlab command is not working but sudo -u gitlab works (as mentionned in this thread), is that ok ?

-I don't have any shell.yml file, which is mentionned only once for the HTTPS configuration, is it normal ?

-what is /dev/null in the nginx config ?

-how do I setup resque.timer ? I can't load it? ('unit resque.timer not found).

Mentatf (talk) 22:41, 7 April 2016 (UTC)Reply[reply]

I am adding my two cents to this section as well, because after trying for around 5 hours, I am giving up on the gitlab package and will try Gogs/Gitea instead. As I cannot say for sure what are actual problems and which are design choices made by the package maintainer that are just not well documented, someone else who has the necessary knowledge has to decide which changes are appropiate to make.

This is summary of the problems/confusion I faced:

  • The package depends on ruby2-3, which does not provide the bin 'ruby'. This throws off the environment check at the very least, yet no note is made of that.
  • Despite stating that the Arch package uses the user gitlab instead of git, the latter keeps getting mentioned in the article, sometimes even together with gitlab.
  • As described below, rvm seems to be neither necessary nor supported, yet the article implies that its usage is good practise.
  • All GitLab files seem to belong to root, leaving the gitlab with insufficient rights to save config files. As a result, at the very least the copy&paste solutions provided by the environment checks cannot be used because of that.
  • The article states that Unicorn is a HTTP server on its own, yet GitLab is shipped with nginx by default.
  • The article says that gitlab-workhorse is optional, yet at the very least the current Apache examples provided by GitLab all assume it to be configured. The package itself also depends on it.

Right now, it might be a better idea to intall GitLab from source, as the official documentation is more up-to-date and can be used with less adjustments. --Krukai (talk) 09:15, 8 September 2017 (UTC)Reply[reply]

Another small thing: the wiki page says we should enable gitlab-sidekiq and gitlab-unicorn services, but these are already part of, so I believe there is no need in enabling them separately. --Nplatis (talk) 06:04, 26 September 2017 (UTC)Reply[reply]

Package cleanup

I am trying to cleanup Arch Linux package, remove some obsolete workarounds and make the directory structure more Linux idiomatic.

I see that there are 2 ruby files under /etc/webapps/gitlab - application.rb and boot.rb. It looks more like an application code than a config file. Folks, do you really modify these files? If yes - why do you do this, what kind of changes do you have?

If these files are never modified by a user then I better move it back to the application code directory.

Anatolik (talk) 18:17, 27 May 2020 (UTC)Reply[reply]

I have only changes in puma.rb. -- Lahwaacz (talk) 20:09, 27 May 2020 (UTC)Reply[reply]

secrets.yml missing entries & permission/ownership properties

Almost completed installation, version 13.1.4-1. Following changes had to be done to the secrets.yml file:

# chown root:gitlab /etc/webapps/gitlab/secrets.yml
# chmod 640 /etc/webapps/gitlab/secrets.yml
  secret_key_base: secret
  db_key_base: secret
  otp_key_base: secret
  openid_connect_signing_key: secret

4 different secrets were generated with hexdump as instructed in the wiki. Without these changes the command to initialize GitLab database failed:

$ cd /usr/share/webapps/gitlab
$ sudo -u gitlab $(cat environment | xargs) bundle exec rake gitlab:setup
Missing Rails.application.secrets.otp_key_base for production environment. The secret will be generated and stored in config/secrets.yml.
Missing Rails.application.secrets.openid_connect_signing_key for production environment. The secret will be generated and stored in config/secrets.yml.
rake aborted!
Errno::EACCES: Permission denied @ rb_sysopen - /usr/share/webapps/gitlab/config/secrets.yml

I did some small customisations to gitlab.yml and did the whole setup using Saltstack configuration management, so didn't edit the wiki instructions yet as I'm not sure if these changes only apply to my setup.

—This unsigned comment is by Tqre (talk) 15:09, 21 July 2020‎. Please sign your posts with ~~~~!

See also FS#67173. -- Lahwaacz (talk) 16:53, 21 July 2020 (UTC)Reply[reply]

I agree that this needs to be addressed. The permissions on /etc/webapps/gitlab/secrets.yml is wrong.

In my case, I let the gitlab:setup take care of generating otp_key_base and openid_connect_signing_key, there for I had to do:

# chown root:gitlab /etc/webapps/gitlab/secrets.yml
# chmod 660 /etc/webapps/gitlab/secrets.yml

But if you feel comfortable generating a RSA PRIVATE KEY and dump it in the right place/format, you could do chmod 640.

Torxed (talk) 08:57, 21 January 2021 (UTC)Reply[reply]

Gitlab as PostgreSQL superuser?

The GitLab#PostgreSQL Database section suggests creating the gitlab user as SUPERUSER, but to me it seems like a security risk...

The offical guide [1] suggests installing the extensions manually, is there a reason why making gitlab a SUPERUSER is suggested instead?

—This unsigned comment is by Steffo (talk) 17:35, 8 April 2021‎ (UTC). Please sign your posts with ~~~~!Reply[reply]

The motivation is mentioned in the note in GitLab#PostgreSQL database, but it might be outdated. -- Lahwaacz (talk) 08:52, 10 April 2021 (UTC)Reply[reply]

Sideloaded git version since version 13.6?

There seem to be several issues with Gitlab instances running the vanilla git lately.

The most common I get on my Arch systems is this warning:

remote: warning: core.fsyncObjectFiles is deprecated; use core.fsync instead

But in some cases there may be more serious issues.

The official recommendation from Gitlab is to use the version of git provided by gitaly instead of the one provided by the system.

Has this been taken into account in the gitlab package and/or documented? Will the solution be to provide an e.g. git-gitlab package that e.g. installs the git executable under another prefix so it won't step on the system one? Sure, currently I can git clone whichever version of git they provide it, build it and install it under e.g. /usr/local. But then most of the people will simply forget to keep it up-to-date. And, even if we go down that route, we should probably document it in this page.

--Blacklight (talk) 22:33, 09 May 2022 (UTC)Reply[reply]

Puma config introduced new non-existent directories for PID files and logs

In version 16.5.0-2 the puma.rb config file changed were PID files and logs are located. These directories ('/var/lib/gitlab/tmp/pids/' and '/var/lib/gitlab/log/') were not available in my system and not part of the package. This is why gitlab-workhorse could not connect to gitlab-puma and the instance was not available. Creating the directories owned by the gitlab user and restarting the services fixed the problem. Is there a problem with my configuration or a bug in the package?

—This unsigned comment is by Chrysaor (talk) 11:55, 3 November 2023. Please sign your posts with ~~~~!

This was fixed in [2], closing. — Lahwaacz (talk) 18:02, 11 November 2023 (UTC)Reply[reply]
Actually, it wasn't fixed: FS#80233. — Lahwaacz (talk) 18:26, 11 November 2023 (UTC)Reply[reply]

gitlab-shell-ruby executable does not exist

The default installation seems to set the gitlab user's shell to /usr/share/webapps/gitlab-shell/bin/gitlab-shell-ruby. However, this executable no longer exists. Instead it is gitlab-shell.

As a result, when trying to use ssh after adding an authorized key for a user it will fail with "Permission denied (publickey)." Checking sshd's logs shows "Apr 13 05:52:06 gitlab sshd[240]: User gitlab not allowed because shell /usr/share/webapps/gitlab-shell/bin/gitlab-shell-ruby does not exist".

Changing the gitlab user's shell to /usr/share/webapps/gitlab-shell/bin/gitlab-shell fixes this issue.

I have updated the "Failed to connect via SSH" section to remove the "-ruby" suffix. Bits (talk) 06:23, 13 April 2024 (UTC)Reply[reply]

/usr/share/webapps/gitlab-shell/bin/gitlab-shell is the default shell. The troubleshooting section is relevant only for people who changed the shell to /usr/share/webapps/gitlab-shell/bin/gitlab-shell-ruby before. I've flagged the section for removal. — Lahwaacz (talk) 06:25, 16 April 2024 (UTC)Reply[reply]