check.rake 26.7 KB
Newer Older
1
namespace :gitlab do
2 3 4
  desc "GITLAB | Check the configuration of GitLab and its environment"
  task check: %w{gitlab:env:check
                 gitlab:gitolite:check
Riyad Preukschas's avatar
Riyad Preukschas committed
5 6 7 8
                 gitlab:resque:check
                 gitlab:app:check}


9

10
  namespace :app do
11 12
    desc "GITLAB | Check the configuration of the GitLab Rails app"
    task check: :environment  do
Riyad Preukschas's avatar
Riyad Preukschas committed
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55
      warn_user_is_not_gitlab
      start_checking "GitLab"

      check_database_config_exists
      check_database_is_not_sqlite
      check_migrations_are_up
      check_gitlab_config_exists
      check_gitlab_config_not_outdated
      check_log_writable
      check_tmp_writable
      check_init_script_exists
      check_init_script_up_to_date
      check_satellites_exist

      finished_checking "GitLab"
    end


    # Checks
    ########################

    def check_database_config_exists
      print "Database config exists? ... "

      database_config_file = Rails.root.join("config", "database.yml")

      if File.exists?(database_config_file)
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "Copy config/database.yml.<your db> to config/database.yml",
          "Check that the information in config/database.yml is correct"
        )
        for_more_information(
          see_database_guide,
          "http://guides.rubyonrails.org/getting_started.html#configuring-a-database"
        )
        check_failed
      end
    end

    def check_database_is_not_sqlite
56
      print "Database is SQLite ... "
Riyad Preukschas's avatar
Riyad Preukschas committed
57 58 59 60

      database_config_file = Rails.root.join("config", "database.yml")

      unless File.read(database_config_file) =~ /sqlite/
61
        puts "no".green
Riyad Preukschas's avatar
Riyad Preukschas committed
62
      else
63
        puts "yes".red
Riyad Preukschas's avatar
Riyad Preukschas committed
64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92
        for_more_information(
          "https://github.com/gitlabhq/gitlabhq/wiki/Migrate-from-SQLite-to-MySQL",
          see_database_guide
        )
        check_failed
      end
    end

    def check_gitlab_config_exists
      print "GitLab config exists? ... "

      gitlab_config_file = Rails.root.join("config", "gitlab.yml")

      if File.exists?(gitlab_config_file)
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "Copy config/gitlab.yml.example to config/gitlab.yml",
          "Update config/gitlab.yml to match your setup"
        )
        for_more_information(
          see_installation_guide_section "GitLab"
        )
        check_failed
      end
    end

    def check_gitlab_config_not_outdated
Riyad Preukschas's avatar
Riyad Preukschas committed
93
      print "GitLab config outdated? ... "
Riyad Preukschas's avatar
Riyad Preukschas committed
94 95 96 97 98 99 100

      gitlab_config_file = Rails.root.join("config", "gitlab.yml")
      unless File.exists?(gitlab_config_file)
        puts "can't check because of previous errors".magenta
      end

      # omniauth or ldap could have been deleted from the file
Riyad Preukschas's avatar
Riyad Preukschas committed
101 102
      unless Gitlab.config.pre_40_config
        puts "no".green
Riyad Preukschas's avatar
Riyad Preukschas committed
103
      else
Riyad Preukschas's avatar
Riyad Preukschas committed
104
        puts "yes".red
Riyad Preukschas's avatar
Riyad Preukschas committed
105
        try_fixing_it(
Riyad Preukschas's avatar
Riyad Preukschas committed
106
          "Backup your config/gitlab.yml",
Riyad Preukschas's avatar
Riyad Preukschas committed
107 108 109 110 111 112 113 114 115
          "Copy config/gitlab.yml.example to config/gitlab.yml",
          "Update config/gitlab.yml to match your setup"
        )
        for_more_information(
          see_installation_guide_section "GitLab"
        )
        check_failed
      end
    end
116

Riyad Preukschas's avatar
Riyad Preukschas committed
117 118 119 120 121 122 123
    def check_init_script_exists
      print "Init script exists? ... "

      script_path = "/etc/init.d/gitlab"

      if File.exists?(script_path)
        puts "yes".green
Nihad Abbasov's avatar
Nihad Abbasov committed
124
      else
Riyad Preukschas's avatar
Riyad Preukschas committed
125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141
        puts "no".red
        try_fixing_it(
          "Install the init script"
        )
        for_more_information(
          see_installation_guide_section "Install Init Script"
        )
        check_failed
      end
    end

    def check_init_script_up_to_date
      print "Init script up-to-date? ... "

      script_path = "/etc/init.d/gitlab"
      unless File.exists?(script_path)
        puts "can't check because of previous errors".magenta
142 143 144
        return
      end

Riyad Preukschas's avatar
Riyad Preukschas committed
145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168
      recipe_content = `curl https://raw.github.com/gitlabhq/gitlab-recipes/master/init.d/gitlab 2>/dev/null`
      script_content = File.read(script_path)

      if recipe_content == script_content
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "Redownload the init script"
        )
        for_more_information(
          see_installation_guide_section "Install Init Script"
        )
        check_failed
      end
    end

    def check_migrations_are_up
      print "All migrations up? ... "

      migration_status =  `bundle exec rake db:migrate:status`

      unless migration_status =~ /down\s+\d{14}/
        puts "yes".green
169
      else
Riyad Preukschas's avatar
Riyad Preukschas committed
170 171 172 173 174 175 176 177 178 179 180 181 182
        puts "no".red
        try_fixing_it(
          "sudo -u gitlab -H bundle exec rake db:migrate"
        )
        check_failed
      end
    end

    def check_satellites_exist
      print "Projects have satellites? ... "

      unless Project.count > 0
        puts "can't check, you have no projects".magenta
183 184
        return
      end
Riyad Preukschas's avatar
Riyad Preukschas committed
185 186 187
      puts ""

      Project.find_each(batch_size: 100) do |project|
188
        print "#{project.name_with_namespace.yellow} ... "
Riyad Preukschas's avatar
Riyad Preukschas committed
189 190 191

        if project.satellite.exists?
          puts "yes".green
192 193
        elsif project.empty_repo?
          puts "can't create, repository is empty".magenta
Riyad Preukschas's avatar
Riyad Preukschas committed
194 195 196
        else
          puts "no".red
          try_fixing_it(
197 198 199
            "sudo -u gitlab -H bundle exec rake gitlab:satellites:create",
            "If necessary, remove the tmp/repo_satellites directory ...",
            "... and rerun the above command"
Riyad Preukschas's avatar
Riyad Preukschas committed
200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246
          )
          for_more_information(
            "doc/raketasks/maintenance.md "
          )
          check_failed
        end
      end
    end

    def check_log_writable
      print "Log directory writable? ... "

      log_path = Rails.root.join("log")

      if File.writable?(log_path)
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "sudo chown -R gitlab #{log_path}",
          "sudo chmod -R rwX #{log_path}"
        )
        for_more_information(
          see_installation_guide_section "GitLab"
        )
        check_failed
      end
    end

    def check_tmp_writable
      print "Tmp directory writable? ... "

      tmp_path = Rails.root.join("tmp")

      if File.writable?(tmp_path)
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "sudo chown -R gitlab #{tmp_path}",
          "sudo chmod -R rwX #{tmp_path}"
        )
        for_more_information(
          see_installation_guide_section "GitLab"
        )
        check_failed
      end
247 248 249
    end
  end

Riyad Preukschas's avatar
Riyad Preukschas committed
250 251


252 253 254
  namespace :env do
    desc "GITLAB | Check the configuration of the environment"
    task check: :environment  do
Riyad Preukschas's avatar
Riyad Preukschas committed
255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275
      warn_user_is_not_gitlab
      start_checking "Environment"

      check_gitlab_in_git_group
      check_issue_1056_shell_profile_error
      check_gitlab_git_config
      check_python2_exists
      check_python2_version

      finished_checking "Environment"
    end


    # Checks
    ########################

    def check_gitlab_git_config
      print "Git configured for gitlab user? ... "

      options = {
        "user.name"  => "GitLab",
276
        "user.email" => Gitlab.config.gitlab.email_from
Riyad Preukschas's avatar
Riyad Preukschas committed
277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297
      }
      correct_options = options.map do |name, value|
        run("git config --global --get #{name}").try(:squish) == value
      end

      if correct_options.all?
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "sudo -u gitlab -H git config --global user.name  \"#{options["user.name"]}\"",
          "sudo -u gitlab -H git config --global user.email \"#{options["user.email"]}\""
        )
        for_more_information(
          see_installation_guide_section "GitLab"
        )
        check_failed
      end
    end

    def check_gitlab_in_git_group
298
      gitolite_ssh_user = Gitlab.config.gitolite.ssh_user
299
      print "gitlab user is in #{gitolite_ssh_user} group? ... "
Riyad Preukschas's avatar
Riyad Preukschas committed
300 301 302 303 304 305

      if run_and_match("id -rnG", /\Wgit\W/)
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
306
          "sudo usermod -a -G #{gitolite_ssh_user} gitlab"
Riyad Preukschas's avatar
Riyad Preukschas committed
307 308 309 310 311 312 313 314 315 316
        )
        for_more_information(
          see_installation_guide_section "System Users"
        )
        check_failed
      end
    end

    # see https://github.com/gitlabhq/gitlabhq/issues/1059
    def check_issue_1056_shell_profile_error
317
      gitolite_ssh_user = Gitlab.config.gitolite.ssh_user
318
      print "Has no \"-e\" in ~#{gitolite_ssh_user}/.profile ... "
Riyad Preukschas's avatar
Riyad Preukschas committed
319

Riyad Preukschas's avatar
Riyad Preukschas committed
320
      profile_file = File.join(gitolite_home, ".profile")
Riyad Preukschas's avatar
Riyad Preukschas committed
321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382

      unless File.read(profile_file) =~ /^-e PATH/
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "Open #{profile_file}",
          "Find the line starting with \"-e PATH\"",
          "Remove \"-e \" so the line starts with PATH"
        )
        for_more_information(
          see_installation_guide_section("Gitolite"),
          "https://github.com/gitlabhq/gitlabhq/issues/1059"
        )
        check_failed
      end
    end

    def check_python2_exists
      print "Has python2? ... "

      # Python prints its version to STDERR
      # so we can't just use run("python2 --version")
      if run_and_match("which python2", /python2$/)
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "Make sure you have Python 2.5+ installed",
          "Link it to python2"
        )
        for_more_information(
          see_installation_guide_section "Packages / Dependencies"
        )
        check_failed
      end
    end

    def check_python2_version
      print "python2 is supported version? ... "

      # Python prints its version to STDERR
      # so we can't just use run("python2 --version")

      unless run_and_match("which python2", /python2$/)
        puts "can't check because of previous errors".magenta
        return
      end

      if `python2 --version 2>&1` =~ /2\.[567]\.\d/
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "Make sure you have Python 2.5+ installed",
          "Link it to python2"
        )
        for_more_information(
          see_installation_guide_section "Packages / Dependencies"
        )
        check_failed
      end
383 384 385
    end
  end

Riyad Preukschas's avatar
Riyad Preukschas committed
386 387


388 389 390
  namespace :gitolite do
    desc "GITLAB | Check the configuration of Gitolite"
    task check: :environment  do
Riyad Preukschas's avatar
Riyad Preukschas committed
391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421
      warn_user_is_not_gitlab
      start_checking "Gitolite"

      check_gitolite_is_up_to_date
      check_gitoliterc_repo_umask
      check_gitoliterc_git_config_keys
      check_dot_gitolite_exists
      check_dot_gitolite_user_and_group
      check_dot_gitolite_permissions
      check_repo_base_exists
      check_repo_base_user_and_group
      check_repo_base_permissions
      check_can_clone_gitolite_admin
      check_can_commit_to_gitolite_admin
      check_post_receive_hook_exists
      check_post_receive_hook_is_up_to_date
      check_repos_post_receive_hooks_is_link
      check_repos_git_config

      finished_checking "Gitolite"
    end


    # Checks
    ########################

    def check_can_clone_gitolite_admin
      print "Can clone gitolite-admin? ... "

      test_path = "/tmp/gitlab_gitolite_admin_test"
      FileUtils.rm_rf(test_path)
422
      `git clone -q #{Gitlab.config.gitolite.admin_uri} #{test_path}`
Riyad Preukschas's avatar
Riyad Preukschas committed
423 424 425 426 427 428 429 430
      raise unless $?.success?

      puts "yes".green
    rescue
      puts "no".red
      try_fixing_it(
        "Make sure the \"admin_uri\" is set correctly in config/gitlab.yml",
        "Try cloning it yourself with:",
431
        "  git clone -q #{Gitlab.config.gitolite.admin_uri} /tmp/gitolite-admin",
Riyad Preukschas's avatar
Riyad Preukschas committed
432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459
        "Make sure Gitolite is installed correctly."
      )
      for_more_information(
        see_installation_guide_section "Gitolite"
      )
      check_failed
    end

    # assumes #check_can_clone_gitolite_admin has been run before
    def check_can_commit_to_gitolite_admin
      print "Can commit to gitolite-admin? ... "

      test_path = "/tmp/gitlab_gitolite_admin_test"
      unless File.exists?(test_path)
        puts "can't check because of previous errors".magenta
        return
      end

      Dir.chdir(test_path) do
        `touch foo && git add foo && git commit -qm foo`
        raise unless $?.success?
      end

      puts "yes".green
    rescue
      puts "no".red
      try_fixing_it(
        "Try committing to it yourself with:",
460
        "  git clone -q #{Gitlab.config.gitolite.admin_uri} /tmp/gitolite-admin",
Riyad Preukschas's avatar
Riyad Preukschas committed
461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476
        "  touch foo",
        "  git add foo",
        "  git commit -m \"foo\"",
        "Make sure Gitolite is installed correctly."
      )
      for_more_information(
        see_installation_guide_section "Gitolite"
      )
      check_failed
    ensure
      FileUtils.rm_rf("/tmp/gitolite_gitlab_test")
    end

    def check_dot_gitolite_exists
      print "Config directory exists? ... "

Riyad Preukschas's avatar
Riyad Preukschas committed
477
      gitolite_config_path = File.join(gitolite_home, ".gitolite")
Riyad Preukschas's avatar
Riyad Preukschas committed
478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496

      if File.directory?(gitolite_config_path)
        puts "yes".green
      else
        puts "no".red
        puts "#{gitolite_config_path} is missing".red
        try_fixing_it(
          "This should have been created when setting up Gitolite.",
          "Make sure Gitolite is installed correctly."
        )
        for_more_information(
          see_installation_guide_section "Gitolite"
        )
        check_failed
      end
    end

    def check_dot_gitolite_permissions
      print "Config directory access is drwxr-x---? ... "
497

Riyad Preukschas's avatar
Riyad Preukschas committed
498
      gitolite_config_path = File.join(gitolite_home, ".gitolite")
Riyad Preukschas's avatar
Riyad Preukschas committed
499 500 501 502 503 504 505
      unless File.exists?(gitolite_config_path)
        puts "can't check because of previous errors".magenta
        return
      end

      if `stat --printf %a #{gitolite_config_path}` == "750"
        puts "yes".green
Nihad Abbasov's avatar
Nihad Abbasov committed
506
      else
Riyad Preukschas's avatar
Riyad Preukschas committed
507 508 509 510 511 512 513 514 515 516 517 518
        puts "no".red
        try_fixing_it(
          "sudo chmod 750 #{gitolite_config_path}"
        )
        for_more_information(
          see_installation_guide_section "Gitolite"
        )
        check_failed
      end
    end

    def check_dot_gitolite_user_and_group
519
      gitolite_ssh_user = Gitlab.config.gitolite.ssh_user
520
      print "Config directory owned by #{gitolite_ssh_user}:#{gitolite_ssh_user} ... "
Riyad Preukschas's avatar
Riyad Preukschas committed
521

Riyad Preukschas's avatar
Riyad Preukschas committed
522
      gitolite_config_path = File.join(gitolite_home, ".gitolite")
Riyad Preukschas's avatar
Riyad Preukschas committed
523 524
      unless File.exists?(gitolite_config_path)
        puts "can't check because of previous errors".magenta
525 526 527
        return
      end

528 529
      if `stat --printf %U #{gitolite_config_path}` == gitolite_ssh_user && # user
         `stat --printf %G #{gitolite_config_path}` == gitolite_ssh_user #group
Riyad Preukschas's avatar
Riyad Preukschas committed
530 531 532
        puts "yes".green
      else
        puts "no".red
533
        puts "#{gitolite_config_path} is not owned by #{gitolite_ssh_user}".red
Riyad Preukschas's avatar
Riyad Preukschas committed
534
        try_fixing_it(
535
          "sudo chown -R #{gitolite_ssh_user}:#{gitolite_ssh_user} #{gitolite_config_path}"
Riyad Preukschas's avatar
Riyad Preukschas committed
536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621
        )
        for_more_information(
          see_installation_guide_section "Gitolite"
        )
        check_failed
      end
    end

    def check_gitolite_is_up_to_date
      print "Using recommended version ... "
      if gitolite_version.try(:start_with?, "v3.04")
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "We strongly recommend using the version pointed out in the installation guide."
        )
        for_more_information(
          see_installation_guide_section "Gitolite"
        )
        # this is not a "hard" failure
      end
    end

    def check_gitoliterc_git_config_keys
      gitoliterc_path = File.join(gitolite_home, ".gitolite.rc")

      print "Allow all Git config keys in .gitolite.rc ... "
      option_name = if has_gitolite3?
                      # see https://github.com/sitaramc/gitolite/blob/v3.04/src/lib/Gitolite/Rc.pm#L329
                      "GIT_CONFIG_KEYS"
                    else
                      # assume older version
                      # see https://github.com/sitaramc/gitolite/blob/v2.3/conf/example.gitolite.rc#L49
                      "$GL_GITCONFIG_KEYS"
                    end
      option_value = ".*"
      if open(gitoliterc_path).grep(/#{option_name}\s*=[>]?\s*["']#{option_value}["']/).any?
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "Open #{gitoliterc_path}",
          "Find the \"#{option_name}\" option",
          "Change its value to \".*\""
        )
        for_more_information(
          see_installation_guide_section "Gitolite"
        )
        check_failed
      end
    end

    def check_gitoliterc_repo_umask
      gitoliterc_path = File.join(gitolite_home, ".gitolite.rc")

      print "Repo umask is 0007 in .gitolite.rc? ... "
      option_name = if has_gitolite3?
                      # see https://github.com/sitaramc/gitolite/blob/v3.04/src/lib/Gitolite/Rc.pm#L328
                      "UMASK"
                    else
                      # assume older version
                      # see https://github.com/sitaramc/gitolite/blob/v2.3/conf/example.gitolite.rc#L32
                      "$REPO_UMASK"
                    end
      option_value = "0007"
      if open(gitoliterc_path).grep(/#{option_name}\s*=[>]?\s*#{option_value}/).any?
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "Open #{gitoliterc_path}",
          "Find the \"#{option_name}\" option",
          "Change its value to \"0007\""
        )
        for_more_information(
          see_installation_guide_section "Gitolite"
        )
        check_failed
      end
    end

    def check_post_receive_hook_exists
      print "post-receive hook exists? ... "

      hook_file = "post-receive"
622
      gitolite_hooks_path = File.join(Gitlab.config.gitolite.hooks_path, "common")
Riyad Preukschas's avatar
Riyad Preukschas committed
623
      gitolite_hook_file = File.join(gitolite_hooks_path, hook_file)
624
      gitolite_ssh_user = Gitlab.config.gitolite.ssh_user
Riyad Preukschas's avatar
Riyad Preukschas committed
625 626 627 628 629

      gitlab_hook_file = Rails.root.join.join("lib", "hooks", hook_file)

      if File.exists?(gitolite_hook_file)
        puts "yes".green
630
      else
Riyad Preukschas's avatar
Riyad Preukschas committed
631 632
        puts "no".red
        try_fixing_it(
633
          "sudo -u #{gitolite_ssh_user} cp #{gitlab_hook_file} #{gitolite_hook_file}"
Riyad Preukschas's avatar
Riyad Preukschas committed
634 635 636 637 638 639 640 641 642 643 644 645
        )
        for_more_information(
          see_installation_guide_section "Setup GitLab Hooks"
        )
        check_failed
      end
    end

    def check_post_receive_hook_is_up_to_date
      print "post-receive hook up-to-date? ... "

      hook_file = "post-receive"
646
      gitolite_hooks_path = File.join(Gitlab.config.gitolite.hooks_path, "common")
Riyad Preukschas's avatar
Riyad Preukschas committed
647
      gitolite_hook_file  = File.join(gitolite_hooks_path, hook_file)
648
      gitolite_ssh_user = Gitlab.config.gitolite.ssh_user
Riyad Preukschas's avatar
Riyad Preukschas committed
649 650 651

      unless File.exists?(gitolite_hook_file)
        puts "can't check because of previous errors".magenta
652 653 654
        return
      end

655
      gitolite_hook_content = File.read(gitolite_hook_file)
Riyad Preukschas's avatar
Riyad Preukschas committed
656 657 658 659 660 661 662 663
      gitlab_hook_file = Rails.root.join.join("lib", "hooks", hook_file)
      gitlab_hook_content = File.read(gitlab_hook_file)

      if gitolite_hook_content == gitlab_hook_content
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
664
          "sudo -u #{gitolite_ssh_user} cp #{gitlab_hook_file} #{gitolite_hook_file}"
Riyad Preukschas's avatar
Riyad Preukschas committed
665 666 667 668 669 670 671 672 673 674 675
        )
        for_more_information(
          see_installation_guide_section "Setup GitLab Hooks"
        )
        check_failed
      end
    end

    def check_repo_base_exists
      print "Repo base directory exists? ... "

676
      repo_base_path = Gitlab.config.gitolite.repos_path
Riyad Preukschas's avatar
Riyad Preukschas committed
677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697

      if File.exists?(repo_base_path)
        puts "yes".green
      else
        puts "no".red
        puts "#{repo_base_path} is missing".red
        try_fixing_it(
          "This should have been created when setting up Gitolite.",
          "Make sure it's set correctly in config/gitlab.yml",
          "Make sure Gitolite is installed correctly."
        )
        for_more_information(
          see_installation_guide_section "Gitolite"
        )
        check_failed
      end
    end

    def check_repo_base_permissions
      print "Repo base access is drwsrws---? ... "

698
      repo_base_path = Gitlab.config.gitolite.repos_path
Riyad Preukschas's avatar
Riyad Preukschas committed
699 700
      unless File.exists?(repo_base_path)
        puts "can't check because of previous errors".magenta
701 702 703
        return
      end

Riyad Preukschas's avatar
Riyad Preukschas committed
704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719
      if `stat --printf %a #{repo_base_path}` == "6770"
        puts "yes".green
      else
        puts "no".red
        puts "#{repo_base_path} is not writable".red
        try_fixing_it(
          "sudo chmod -R ug+rwXs,o-rwx #{repo_base_path}"
        )
        for_more_information(
          see_installation_guide_section "Gitolite"
        )
        check_failed
      end
    end

    def check_repo_base_user_and_group
720
      gitolite_ssh_user = Gitlab.config.gitolite.ssh_user
721
      print "Repo base owned by #{gitolite_ssh_user}:#{gitolite_ssh_user}? ... "
Riyad Preukschas's avatar
Riyad Preukschas committed
722

723
      repo_base_path = Gitlab.config.gitolite.repos_path
Riyad Preukschas's avatar
Riyad Preukschas committed
724 725
      unless File.exists?(repo_base_path)
        puts "can't check because of previous errors".magenta
726 727 728
        return
      end

729 730
      if `stat --printf %U #{repo_base_path}` == gitolite_ssh_user && # user
         `stat --printf %G #{repo_base_path}` == gitolite_ssh_user #group
Riyad Preukschas's avatar
Riyad Preukschas committed
731
        puts "yes".green
732
      else
Riyad Preukschas's avatar
Riyad Preukschas committed
733
        puts "no".red
734
        puts "#{repo_base_path} is not owned by #{gitolite_ssh_user}".red
Riyad Preukschas's avatar
Riyad Preukschas committed
735
        try_fixing_it(
736
          "sudo chown -R #{gitolite_ssh_user}:#{gitolite_ssh_user} #{repo_base_path}"
Riyad Preukschas's avatar
Riyad Preukschas committed
737 738 739 740 741 742 743 744 745 746 747 748 749
        )
        for_more_information(
          see_installation_guide_section "Gitolite"
        )
        check_failed
      end
    end

    def check_repos_git_config
      print "Git config in repos: ... "

      unless Project.count > 0
        puts "can't check, you have no projects".magenta
750 751
        return
      end
Riyad Preukschas's avatar
Riyad Preukschas committed
752
      puts ""
753

Riyad Preukschas's avatar
Riyad Preukschas committed
754 755 756 757 758
      options = {
        "core.sharedRepository" => "0660",
      }

      Project.find_each(batch_size: 100) do |project|
759
        print "#{project.name_with_namespace.yellow} ... "
Riyad Preukschas's avatar
Riyad Preukschas committed
760 761 762 763 764 765 766

        correct_options = options.map do |name, value|
          run("git --git-dir=\"#{project.path_to_repo}\" config --get #{name}").try(:chomp) == value
        end

        if correct_options.all?
          puts "ok".green
767
        else
Riyad Preukschas's avatar
Riyad Preukschas committed
768 769 770 771 772 773 774 775
          puts "wrong or missing".red
          try_fixing_it(
            "sudo -u gitlab -H bundle exec rake gitlab:gitolite:update_repos"
          )
          for_more_information(
            "doc/raketasks/maintenance.md"
          )
          check_failed
776 777
        end
      end
Riyad Preukschas's avatar
Riyad Preukschas committed
778 779 780 781 782 783
    end

    def check_repos_post_receive_hooks_is_link
      print "post-receive hooks in repos are links: ... "

      hook_file = "post-receive"
784
      gitolite_hooks_path = File.join(Gitlab.config.gitolite.hooks_path, "common")
Riyad Preukschas's avatar
Riyad Preukschas committed
785
      gitolite_hook_file  = File.join(gitolite_hooks_path, hook_file)
786
      gitolite_ssh_user = Gitlab.config.gitolite.ssh_user
Riyad Preukschas's avatar
Riyad Preukschas committed
787 788 789 790 791

      unless File.exists?(gitolite_hook_file)
        puts "can't check because of previous errors".magenta
        return
      end
792

Riyad Preukschas's avatar
Riyad Preukschas committed
793 794 795 796 797
      unless Project.count > 0
        puts "can't check, you have no projects".magenta
        return
      end
      puts ""
798

Riyad Preukschas's avatar
Riyad Preukschas committed
799
      Project.find_each(batch_size: 100) do |project|
800
        print "#{project.name_with_namespace.yellow} ... "
Riyad Preukschas's avatar
Riyad Preukschas committed
801
        project_hook_file = File.join(project.path_to_repo, "hooks", hook_file)
802

Riyad Preukschas's avatar
Riyad Preukschas committed
803 804 805
        unless File.exists?(project_hook_file)
          puts "missing".red
          try_fixing_it(
806
            "sudo -u #{gitolite_ssh_user} ln -sf #{gitolite_hook_file} #{project_hook_file}"
Riyad Preukschas's avatar
Riyad Preukschas committed
807 808 809 810 811 812 813
          )
          for_more_information(
            "lib/support/rewrite-hooks.sh"
          )
          check_failed
          next
        end
814

Riyad Preukschas's avatar
Riyad Preukschas committed
815 816 817 818 819
        if run_and_match("stat --format %N #{project_hook_file}", /#{hook_file}.+->.+#{gitolite_hook_file}/)
          puts "ok".green
        else
          puts "not a link to Gitolite's hook".red
          try_fixing_it(
820
            "sudo -u #{gitolite_ssh_user} ln -sf #{gitolite_hook_file} #{project_hook_file}"
Riyad Preukschas's avatar
Riyad Preukschas committed
821 822 823 824 825
          )
          for_more_information(
            "lib/support/rewrite-hooks.sh"
          )
          check_failed
826 827
        end
      end
828
    end
Riyad Preukschas's avatar
Riyad Preukschas committed
829 830 831 832 833 834


    # Helper methods
    ########################

    def gitolite_home
835
      File.expand_path("~#{Gitlab.config.gitolite.ssh_user}")
Riyad Preukschas's avatar
Riyad Preukschas committed
836 837 838 839 840 841 842 843 844 845 846 847
    end

    def gitolite_version
      gitolite_version_file = "#{gitolite_home}/gitolite/src/VERSION"
      if File.readable?(gitolite_version_file)
        File.read(gitolite_version_file)
      end
    end

    def has_gitolite3?
      gitolite_version.try(:start_with?, "v3.")
    end
848
  end
849

Riyad Preukschas's avatar
Riyad Preukschas committed
850 851


852 853 854
  namespace :resque do
    desc "GITLAB | Check the configuration of Resque"
    task check: :environment  do
Riyad Preukschas's avatar
Riyad Preukschas committed
855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966
      warn_user_is_not_gitlab
      start_checking "Resque"

      check_resque_running

      finished_checking "Resque"
    end


    # Checks
    ########################

    def check_resque_running
      print "Running? ... "

      if run_and_match("ps aux | grep -i resque", /resque-[\d\.]+:.+$/)
        puts "yes".green
      else
        puts "no".red
        try_fixing_it(
          "sudo service gitlab restart",
          "or",
          "sudo /etc/init.d/gitlab restart"
        )
        for_more_information(
          see_installation_guide_section("Install Init Script"),
          "see log/resque.log for possible errors"
        )
        check_failed
      end
    end
  end


  # Helper methods
  ##########################

  def check_failed
    puts "  Please #{"fix the error above"} and rerun the checks.".red
  end

  def for_more_information(*sources)
    sources = sources.shift if sources.first.is_a?(Array)

    puts "  For more information see:".blue
    sources.each do |source|
      puts "  #{source}"
    end
  end

  def finished_checking(component)
    puts ""
    puts "Checking #{component.yellow} ... #{"Finished".green}"
    puts ""
  end

  # Runs the given command
  #
  # Returns nil if the command was not found
  # Returns the output of the command otherwise
  #
  # see also #run_and_match
  def run(command)
    unless `#{command} 2>/dev/null`.blank?
      `#{command}`
    end
  end

  # Runs the given command and matches the output agains the given pattern
  #
  # Returns nil if nothing matched
  # Retunrs the MatchData if the pattern matched
  #
  # see also #run
  # see also String#match
  def run_and_match(command, pattern)
    run(command).try(:match, pattern)
  end

  def see_database_guide
    "doc/install/databases.md"
  end

  def see_installation_guide_section(section)
    "doc/install/installation.md in section \"#{section}\""
  end

  def start_checking(component)
    puts "Checking #{component.yellow} ..."
    puts ""
  end

  def try_fixing_it(*steps)
    steps = steps.shift if steps.first.is_a?(Array)

    puts "  Try fixing it:".blue
    steps.each do |step|
      puts "  #{step}"
    end
  end

  def warn_user_is_not_gitlab
    unless @warned_user_not_gitlab
      current_user = run("whoami").chomp
      unless current_user == "gitlab"
        puts "#{Colored.color(:black)+Colored.color(:on_yellow)} Warning #{Colored.extra(:clear)}"
        puts "  You are running as user #{current_user.magenta}, we hope you know what you are doing."
        puts "  Some tests may pass\/fail for the wrong reason."
        puts "  For meaningful results you should run this as user #{"gitlab".magenta}."
        puts ""
      end
      @warned_user_not_gitlab = true
967 968 969
    end
  end
end