Difference between revisions of "GitLab"

1,637 bytes added ,  09:13, 24 November 2022
(backup using postgresql replication)
 
(15 intermediate revisions by 2 users not shown)
Line 3: Line 3:
==Hosting==
==Hosting==


Sponsored by [http://about.gitlab.com GitLab Inc]. Running on debian gnu/linux 9 stretch with postgresql 9.6.
Sponsored by [https://www.infomaniak.com/en/about Infomaniak]. Hosted in Switzerland with infomaniak.com.
 
Previously sponsored by [http://about.gitlab.com GitLab Inc] (2016-2022)
 
==Setup==
 
Running on debian gnu/linux 10 buster with postgresql 11. Using gitlab package from http://fasttrack.debian.net
 
Check https://wiki.debian.org/gitlab for installation/update instructions.
 
Debian package specific documentation -> https://salsa.debian.org/ruby-team/gitlab/raw/buster-fasttrack/debian/README.Debian
 
Letsencrypt domains:
 
  letsencrypt --expand --webroot --webroot-path /usr/share/gitlab/public -d git.fosscommunity.in -d gitlab.debian.net -d wiki.fsci.org.in -d git.fsci.org.in  certonly
 
== Mail Server Setup ==
 
* postfix is used
* SPF record is added (only a and aaaa allowed to send mails)
* Reverse DNS is updated in gandi.net server ip section
* Using letsencrypt certificates for tls in main.cf
* Using 'inet_interfaces = 127.0.0.1' in main.cf
* Configured DKIM following https://www.linode.com/docs/email/postfix/configure-spf-and-dkim-in-postfix-on-debian-8/
* DMARC is set to reject


==Maintenance==
==Maintenance==


Maintenance discussion at [https://www.loomio.org/g/Qu3O8mSf/fosscommunity-in-git-fosscommunity-in-maintainers this loomio subgroup] and [https://matrix.to/#/#git.fosscommunity.in:matrix.org this matrix chat room]
Maintenance discussion at [https://www.loomio.org/g/Qu3O8mSf/fosscommunity-in-git-fosscommunity-in-maintainers this loomio subgroup] and [https://matrix.to/#/#git.fosscommunity.in:matrix.org this matrix chat room]. Can also use the [https://git.fosscommunity.in/community/management/-/issues git tracker] for development issues.


* [https://git.fosscommunity.in/community/gitlab/ team repo with access details] (private)
* [https://git.fosscommunity.in/community/gitlab/ team repo with access details] (private)
If expecting service disruptions, downtime, or user-facing errors, consider adding an update to [[Status]]
==Gitlab QA - running tests==
<Create a user account for QA>
<code>
$ sudo gem install gitlab-qa
$ GITLAB_USERNAME=<username> GITLAB_PASSWORD=<password> gitlab-qa Test::Instance::Any gitlab/gitlab-ce-qa:<gitlab version> https://git.hacksk.xyz
</code>


==Backup==
==Backup==


Backup server is provided by Manu. Running on debian gnu/linux 9 stretch.
Backup server is provided by Manu (KVM virtual machine with 100 GB storage and 1 GB ram). Running on debian gnu/linux 10 buster.  
 
Documentation: https://linuxhint.com/setup_postgresql_replication/ and https://www.percona.com/blog/2018/09/07/setting-up-streaming-replication-postgresql/


===Slave configuration: Step 1===
===Slave configuration: Step 1===
Install postgresql and rsync
Install postgresql and rsync


  # apt-get install postgresql-contrib-9.6 rsync
  # apt-get install postgresql-contrib-11 rsync
 
Check postgresql server is running
 
# su postgres -c psql


Make sure en_US.UTF-8 locale is available
Make sure en_US.UTF-8 locale is available
Line 27: Line 69:


  # su - postgres
  # su - postgres
  $ ssh-keygen
  $ ssh-keygen -t ed25519


Now copy /var/lib/postgresql/.ssh/id_rsa.pub to master postgres users' /var/lib/postgresql/.ssh/authorized_keys
Now copy /var/lib/postgresql/.ssh/id_ed25519.pub to master postgres users' /var/lib/postgresql/.ssh/authorized_keys


Stop postgresql before changing any configuration
Stop postgresql before changing any configuration
  $ pg_ctlcluster 9.6 main stop
  # systemctl stop postgresql@11-main


  cd /etc/postgresql/9.6/main
as postgres user
  $ su - postgres
$ cd /etc/postgresql/11/main


Open the postgres configuration file
Open the postgres configuration file


  nano postgresql.conf
  $ nano postgresql.conf
 
Set the following configuration options in the postgresql.conf file
Set the following configuration options in the postgresql.conf file


  listen_addresses = 'localhost,192.168.0.115'
  listen_addresses = 'localhost,192.168.0.115'
  port=5432
  port=5432
  wal_level = 'hot_standby'
  wal_level = replica
max_wal_senders = 1
  archive_mode = on
  archive_mode = on
  archive_command = 'cd .'
  archive_command = 'cd .'
max_wal_senders = 1
  hot_standby = on
  hot_standby = on


Line 64: Line 109:
Allow slave to connect to master using the user just created.
Allow slave to connect to master using the user just created.


  $ cd /etc/postgresql/9.6/main
  $ cd /etc/postgresql/11/main


  $ nano pg_hba.conf
  $ nano pg_hba.conf
Line 80: Line 125:
  listen_addresses = 'localhost,213.167.243.152'
  listen_addresses = 'localhost,213.167.243.152'
  port=5432
  port=5432
  wal_level = 'hot_standby'
  wal_level = replica
max_wal_senders = 1
  archive_mode = on
  archive_mode = on
  archive_command = 'cd .'
  archive_command = 'cd .'
max_wal_senders = 1
  hot_standby = on
  hot_standby = on


Now, to activate your changes, reload the postgresql server
Now, to activate your changes, reload the postgresql server


  $ pg_ctlcluster 9.6 main reload
  # systemctl reload postgresql@11-main


You may need to restart it via systemd,
You may need to restart it via systemd,
Line 94: Line 139:
  # systemctl restart postgresql
  # systemctl restart postgresql


Start the backup process,
Open 5432 port in the firewall


  psql -c "select pg_start_backup('initial_backup');"
  # ufw allow from 62.210.83.200 to any port 5432 proto tcp
rsync -cva -e 'ssh -p 12022' --inplace --exclude=*pg_xlog* /var/lib/postgresql/9.6/main/ 62.210.83.200:/var/lib/postgresql/9.6/main/
psql -c "select pg_stop_backup();"


===Slave Configuration: Step 2===
===Slave Configuration: Step 2===
Create a recovery file called  recovery.conf and add following lines.
 
  standby_mode = 'on'
Copy data from master and create recovery.conf
primary_conninfo = 'host=213.167.243.152 port=5432 user=rep password=yourpassword'
  $ pg_basebackup -h git.fosscommunity.in -D /var/lib/postgresql/11/main/ -P -U rep --wal-method=fetch -R
  trigger_file = '/tmp/postgresql.trigger.5432'


Start the slave server
Start the slave server


  $ pg_ctlcluster 9.6 main start
  # systemctl start postgresql@11-main


===Replication Status===
===Replication Status===
Line 115: Line 157:


  $ ps -ef | grep sender
  $ ps -ef | grep sender
$ psql -c "select * from pg_stat_activity where usename='rep';"
On slave server,
On slave server,


2

edits