gitlab-grack 2.0.0.pre → 2.0.0.rc1

data/Vagrantfile

@@ -0,0 +1,41 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# Please see the Vagrant section in the readme for caveats and tips
+# https://gitlab.com/gitlab-org/gitlab-development-kit/tree/master#vagrant
+
+VAGRANTFILE_API_VERSION = "2"
+
+$apt_reqs = <<EOT
+apt-get update
+apt-get -y install git g++ pkg-config
+apt-get -y install postgresql libpq-dev phantomjs redis-server libicu-dev cmake
+EOT
+
+# CentOS 6 kernel doesn't suppose UID mapping (affects vagrant-lxc mostly).
+$user_setup = <<EOT
+if [ $(id -u vagrant) != $(stat -c %u /vagrant) ]; then
+	useradd -u $(stat -c %u /vagrant) -m build
+	echo "build ALL=(ALL) NOPASSWD:ALL" | tee /etc/sudoers.d/build
+	DEV_USER=build
+else
+	DEV_USER=vagrant
+fi
+sudo -u $DEV_USER -i bash -c "gpg --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3"
+sudo -u $DEV_USER -i bash -c "curl -sSL https://get.rvm.io | bash -s stable --ruby"
+EOT
+
+Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
+	config.vm.box = "ubuntu/trusty64"
+	config.vm.provision "shell", inline: $apt_reqs
+	config.vm.provision "shell", inline: $user_setup
+
+	config.vm.network "forwarded_port", guest: 3000, host: 3000
+
+	config.vm.provider "lxc" do |v, override|
+		override.vm.box = "fgrehm/trusty64-lxc"
+	end
+	config.vm.provider "virtualbox" do |vb|
+		vb.customize ["modifyvm", :id, "--memory", "2048"]
+	end
+end

data/database.yml.example

@@ -0,0 +1,13 @@
+development:
+  adapter: postgresql
+  encoding: unicode
+  database: gitlabhq_development
+  pool: 5
+  host: /home/git/postgresql
+
+test: &test
+  adapter: postgresql
+  encoding: unicode
+  database: gitlabhq_test
+  pool: 5
+  host: /home/git/postgresql

data/gitlab-openldap/.gitignore

@@ -0,0 +1 @@
+slapd.d/

data/gitlab-openldap/Makefile

@@ -0,0 +1,40 @@
+gitlab_openldap_root = $(shell pwd)
+
+default: slapd.d/bootstrap contents alt_contents
+
+contents: slapd.d/schema slapd.d/example-com
+alt_contents: slapd.d/schema slapd.d/alt-example-com
+
+slapd.d:
+	mkdir slapd.d
+	chmod 700 slapd.d
+
+slapd.d/bootstrap: sbin/slapadd slapd.d
+	sbin/slapadd -n 0 -F slapd.d < bootstrap.ldif
+	touch $@
+
+slapd.d/schema: sbin/slapadd
+	sbin/slapadd -b 'cn=config' -F slapd.d < etc/openldap/schema/core.ldif
+	sbin/slapadd -b 'cn=config' -F slapd.d < etc/openldap/schema/cosine.ldif
+	sbin/slapadd -b 'cn=config' -F slapd.d < etc/openldap/schema/inetorgperson.ldif
+	sbin/slapadd -b 'cn=config' -F slapd.d < etc/openldap/schema/nis.ldif
+	touch $@
+
+slapd.d/example-com: sbin/slapadd
+	sbin/slapadd -b 'dc=example,dc=com' -F slapd.d < frontend.example.com.ldif
+	touch $@
+
+slapd.d/alt-example-com: sbin/slapadd
+	sbin/slapadd -b 'dc=example-alt,dc=com' -F slapd.d < frontend.alt.example.com.ldif
+	touch $@
+
+clean:
+	rm -rf slapd.d
+
+openldap-2.4.40:
+	curl -O ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.40.tgz
+	tar zxf openldap-2.4.40.tgz
+
+sbin/slapadd: openldap-2.4.40
+	cd openldap-2.4.40 && ./configure --prefix=${gitlab_openldap_root} --enable-bdb=no --enable-hdb=no
+	cd openldap-2.4.40 && make -j 2 install

data/gitlab-openldap/README.md

@@ -0,0 +1,60 @@
+# Set up an OpenLDAP server for GitLab development
+
+This is an attempt to set up an OpenLDAP server for GitLab development.
+
+## Getting it running
+
+```bash
+make # compile openldap and bootstrap an LDAP server to run out of slapd.d
+./run-slapd # stays attached in the current terminal
+```
+
+## Repopulate the database
+```
+make clean default
+```
+
+## Configuring gitlab
+
+in gitlab.yml do the following;
+
+```yaml
+ldap:
+  enabled: true
+  servers:
+    main:
+      label: LDAP
+      host: 127.0.0.1
+      port: 3890
+      uid: 'uid'
+      method: 'plain' # "tls" or "ssl" or "plain"
+      base: 'dc=example,dc=com'
+      user_filter: ''
+      group_base: 'ou=groups,dc=example,dc=com'
+      admin_group: ''
+```
+
+alternative database (just using a different base)
+
+```yaml
+ldap:
+  enabled: true
+  servers:
+    alt:
+      label: LDAP-alt
+      host: 127.0.0.1
+      port: 3891
+      uid: 'uid'
+      method: 'plain' # "tls" or "ssl" or "plain"
+      base: 'dc=example-alt,dc=com'
+      user_filter: ''
+      group_base: 'ou=groups,dc=example-alt,dc=com'
+      admin_group: ''
+```
+
+*Note:* We don't use a bind user for this setup, keeping it as simple as possible
+
+# TODO
+
+- integrate into the development kit
+- figure out how to detect the location of `slapd`; on OS X there is `/usr/libexec/slapd`.

data/gitlab-openldap/bootstrap.ldif

@@ -0,0 +1,36 @@
+dn: cn=config
+objectClass: olcGlobal
+cn: config
+
+dn: olcDatabase={0}config,cn=config
+objectClass: olcDatabaseConfig
+olcDatabase: {0}config
+olcRootDN: cn=admin,cn=config
+# hash for 'password'
+olcRootPW: {SSHA}A5StgE99fCDUo7AlWas7Nvlyexo0vQfm
+
+# based on https://help.ubuntu.com/10.04/serverguide/openldap-server.html
+dn: olcDatabase=ldif,cn=config
+objectClass: olcDatabaseConfig
+objectClass: olcLdifConfig
+olcDatabase: ldif
+olcSuffix: dc=example,dc=com
+olcDbDirectory: slapd.d
+olcRootDN: cn=admin,dc=example,dc=com
+olcRootPW: password
+olcLastMod: TRUE
+olcAccess: to dn.base="" by * read
+olcAccess: to * by dn="cn=admin,dc=example,dc=com" write by * read
+
+# based on https://help.ubuntu.com/10.04/serverguide/openldap-server.html
+dn: olcDatabase=ldif,cn=config
+objectClass: olcDatabaseConfig
+objectClass: olcLdifConfig
+olcDatabase: ldif
+olcSuffix: dc=example-alt,dc=com
+olcDbDirectory: slapd.d
+olcRootDN: cn=admin,dc=example-alt,dc=com
+olcRootPW: password
+olcLastMod: TRUE
+olcAccess: to dn.base="" by * read
+olcAccess: to * by dn="cn=admin,dc=example,dc=com" write by * read

data/gitlab-openldap/frontend.alt.example.com.ldif

@@ -0,0 +1,109 @@
+# source: https://help.ubuntu.com/10.04/serverguide/openldap-server.html
+
+# Create top-level object in domain
+dn: dc=example-alt,dc=com
+objectClass: top
+objectClass: dcObject
+objectclass: organization
+o: Example Organization
+dc: Example-alt
+description: LDAP Example
+
+# Admin user.
+dn: cn=admin,dc=example-alt,dc=com
+objectClass: simpleSecurityObject
+objectClass: organizationalRole
+cn: admin
+description: LDAP administrator
+# hased value for 'password'
+userPassword: {SSHA}ICMhr6Jxt5bk2awD7HL7GxRTM3BZ1pFI
+
+dn: ou=people,dc=example-alt,dc=com
+objectClass: organizationalUnit
+ou: people
+
+dn: ou=groups,dc=example-alt,dc=com
+objectClass: organizationalUnit
+ou: groups
+
+dn: uid=bob,ou=people,dc=example-alt,dc=com
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: shadowAccount
+uid: bob
+sn: Doe
+givenName: bob
+cn: bob Doe
+displayName: bob Doe
+uidNumber: 1000
+gidNumber: 10000
+# hased value for 'password'
+userPassword: {SSHA}qqLFjamdd1cru4RV815+FiSxh/54rfbd
+gecos: bob Doe
+loginShell: /bin/bash
+homeDirectory: /home/bob
+shadowExpire: -1
+shadowFlag: 0
+shadowWarning: 7
+shadowMin: 8
+shadowMax: 999999
+shadowLastChange: 10877
+mail: bob.doe@example.com
+postalCode: 31000
+l: Toulouse
+o: Example
+mobile: +33 (0)6 xx xx xx xx
+homePhone: +33 (0)5 xx xx xx xx
+title: System Administrator
+postalAddress:
+initials: JD
+
+dn: uid=alice,ou=people,dc=example-alt,dc=com
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: shadowAccount
+uid: alice
+sn: Jane
+givenName: alice Jane
+cn: alice Jane
+displayName: alice Jane
+uidNumber: 1001
+gidNumber: 10001
+# hased value for 'password'
+userPassword: {SSHA}qqLFjamdd1cru4RV815+FiSxh/54rfbd
+mail: alice.jane@example.com
+gecos: alice
+loginShell: /bin/bash
+homeDirectory: /home/alice
+shadowExpire: -1
+shadowFlag: 0
+shadowWarning: 7
+shadowMin: 8
+shadowMax: 999999
+shadowLastChange: 10877
+postalCode: 31000
+l: Toulouse
+o: Example
+mobile: +33 (0)6 xx xx xx xx
+homePhone: +33 (0)5 xx xx xx xx
+title: System Administrator
+postalAddress:
+initials: JD
+
+dn: cn=example,ou=groups,dc=example-alt,dc=com
+objectClass: posixGroup
+cn: example
+gidNumber: 10000
+
+dn: cn=group-a,ou=groups,dc=example-alt,dc=com
+objectClass: groupofnames
+ou: groups
+cn: group-a
+member: uid=bob,ou=people,dc=example-alt,dc=com
+member: uid=alice,ou=people,dc=example-alt,dc=com
+
+dn: cn=group-b,ou=groups,dc=example-alt,dc=com
+objectClass: groupofnames
+ou: groups
+cn: group-b
+member: uid=bob,ou=people,dc=example-alt,dc=com

data/gitlab-openldap/frontend.example.com.ldif

@@ -0,0 +1,109 @@
+# source: https://help.ubuntu.com/10.04/serverguide/openldap-server.html
+
+# Create top-level object in domain
+dn: dc=example,dc=com
+objectClass: top
+objectClass: dcObject
+objectclass: organization
+o: Example Organization
+dc: Example
+description: LDAP Example 
+
+# Admin user.
+dn: cn=admin,dc=example,dc=com
+objectClass: simpleSecurityObject
+objectClass: organizationalRole
+cn: admin
+description: LDAP administrator
+# hased value for 'password'
+userPassword: {SSHA}ICMhr6Jxt5bk2awD7HL7GxRTM3BZ1pFI
+
+dn: ou=people,dc=example,dc=com
+objectClass: organizationalUnit
+ou: people
+
+dn: ou=groups,dc=example,dc=com
+objectClass: organizationalUnit
+ou: groups
+
+dn: uid=john,ou=people,dc=example,dc=com
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: shadowAccount
+uid: john
+sn: Doe
+givenName: John
+cn: John Doe
+displayName: John Doe
+uidNumber: 1000
+gidNumber: 10000
+# hased value for 'password'
+userPassword: {SSHA}qqLFjamdd1cru4RV815+FiSxh/54rfbd
+gecos: John Doe
+loginShell: /bin/bash
+homeDirectory: /home/john
+shadowExpire: -1
+shadowFlag: 0
+shadowWarning: 7
+shadowMin: 8
+shadowMax: 999999
+shadowLastChange: 10877
+mail: john.doe@example.com
+postalCode: 31000
+l: Toulouse
+o: Example
+mobile: +33 (0)6 xx xx xx xx
+homePhone: +33 (0)5 xx xx xx xx
+title: System Administrator
+postalAddress:
+initials: JD
+
+dn: uid=mary,ou=people,dc=example,dc=com
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: shadowAccount
+uid: Mary
+sn: Jane
+givenName: Mary Jane
+cn: Mary Jane
+displayName: Mary Jane
+uidNumber: 1001
+gidNumber: 10001
+# hased value for 'password'
+userPassword: {SSHA}qqLFjamdd1cru4RV815+FiSxh/54rfbd
+mail: mary.jane@example.com
+gecos: Mary
+loginShell: /bin/bash
+homeDirectory: /home/mary
+shadowExpire: -1
+shadowFlag: 0
+shadowWarning: 7
+shadowMin: 8
+shadowMax: 999999
+shadowLastChange: 10877
+postalCode: 31000
+l: Toulouse
+o: Example
+mobile: +33 (0)6 xx xx xx xx
+homePhone: +33 (0)5 xx xx xx xx
+title: System Administrator
+postalAddress:
+initials: JD
+
+dn: cn=example,ou=groups,dc=example,dc=com
+objectClass: posixGroup
+cn: example
+gidNumber: 10000
+
+dn: cn=group1,ou=groups,dc=example,dc=com
+objectClass: groupofnames
+ou: groups
+cn: group1
+member: uid=john,ou=people,dc=example,dc=com
+member: uid=mary,ou=people,dc=example,dc=com
+
+dn: cn=group2,ou=groups,dc=example,dc=com
+objectClass: groupofnames
+ou: groups
+cn: group2
+member: uid=john,ou=people,dc=example,dc=com

data/gitlab-openldap/run-slapd

@@ -0,0 +1,3 @@
+#!/bin/sh
+umask 077
+libexec/slapd -F slapd.d -d2 -h "ldapi://slapd.socket ldap://127.0.0.1:3890"

data/gitlab-openldap/run-slapd-alt

@@ -0,0 +1,3 @@
+#!/bin/sh
+umask 077
+/usr/libexec/slapd -F slapd.d -d1 -h "ldapi://slapd.socket ldap://127.0.0.1:3891"

data/redis/redis.conf.example

@@ -0,0 +1,2 @@
+port 0
+unixsocket /home/git/redis/redis.socket

data/redis/resque.yml.example

@@ -0,0 +1,2 @@
+development: unix:/home/git/redis/redis.socket
+test: unix:/home/git/redis/redis.socket

data/support/edit-gitlab.yml

@@ -0,0 +1,11 @@
+#!/bin/sh
+# This script will edit the file named as the first argument in-place.
+ed -s "$1" <<EOF
+/port:/c
+    port: 3000
+.
+/ user:/c
+    user: $(whoami)
+.
+wq
+EOF