diff options
author | Dmitriy Zaporozhets <dzaporozhets@gitlab.com> | 2015-02-19 19:02:50 +0000 |
---|---|---|
committer | Dmitriy Zaporozhets <dzaporozhets@gitlab.com> | 2015-02-19 19:02:50 +0000 |
commit | e480e45a8b944143bec0468f9d5d4e2bfca82c86 (patch) | |
tree | b68cca92fa225ddb308c3ff701716e52a7554308 | |
parent | 17cc76c9a94e6edf24bfb0803e6838db3675bfbc (diff) | |
parent | 93e42f690bc057ca0e803074aaeb1b55ea9c2232 (diff) | |
download | gitlab-ce-e480e45a8b944143bec0468f9d5d4e2bfca82c86.tar.gz |
Merge branch 'doc-omnibus-differences' into 'master'
Document fun facts about omnibus-gitlab
I hope this helps developers understand some of the differences.
See merge request !1546
-rw-r--r-- | doc/development/omnibus.md | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/doc/development/omnibus.md b/doc/development/omnibus.md new file mode 100644 index 00000000000..0ba354d28a2 --- /dev/null +++ b/doc/development/omnibus.md @@ -0,0 +1,32 @@ +# What you should know about omnibus packages + +Most users install GitLab using our omnibus packages. As a developer it can be +good to know how the omnibus packages differ from what you have on your laptop +when you are coding. + +## Files are owned by root by default + +All the files in the Rails tree (`app/`, `config/` etc.) are owned by 'root' in +omnibus installations. This makes the installation simpler and it provides +extra security. The omnibus reconfigure script contains commands that give +write access to the 'git' user only where needed. + +For example, the 'git' user is allowed to write in the `log/` directory, in +`public/uploads`, and they are allowed to rewrite the `db/schema.rb` file. + +In other cases, the reconfigure script tricks GitLab into not trying to write a +file. For instance, GitLab will generate a `.secret` file if it cannot find one +and write it to the Rails root. In the omnibus packages, reconfigure writes the +`.secret` file first, so that GitLab never tries to write it. + +## Code, data and logs are in separate directories + +The omnibus design separates code (read-only, under `/opt/gitlab`) from data +(read/write, under `/var/opt/gitlab`) and logs (read/write, under +`/var/log/gitlab`). To make this happen the reconfigure script sets custom +paths where it can in GitLab config files, and where there are no path +settings, it uses symlinks. + +For example, `config/gitlab.yml` is treated as data so that file is a symlink. +The same goes for `public/uploads`. The `log/` directory is replaced by omnibus +with a symlink to `/var/log/gitlab/gitlab-rails`. |