Date: Sunday, August 6, 2017 @ 17:05:58
  Author: svenstaro
Revision: 249060

archrelease: copy trunk to community-x86_64

Added:
  gitlab/repos/community-x86_64/PKGBUILD
    (from rev 249059, gitlab/trunk/PKGBUILD)
  gitlab/repos/community-x86_64/apache-ssl.conf.example
    (from rev 249059, gitlab/trunk/apache-ssl.conf.example)
  gitlab/repos/community-x86_64/apache.conf.example
    (from rev 249059, gitlab/trunk/apache.conf.example)
  gitlab/repos/community-x86_64/apache2.2-ssl.conf.example
    (from rev 249059, gitlab/trunk/apache2.2-ssl.conf.example)
  gitlab/repos/community-x86_64/apache2.2.conf.example
    (from rev 249059, gitlab/trunk/apache2.2.conf.example)
  gitlab/repos/community-x86_64/gitlab-backup.service
    (from rev 249059, gitlab/trunk/gitlab-backup.service)
  gitlab/repos/community-x86_64/gitlab-backup.timer
    (from rev 249059, gitlab/trunk/gitlab-backup.timer)
  gitlab/repos/community-x86_64/gitlab-mailroom.service
    (from rev 249059, gitlab/trunk/gitlab-mailroom.service)
  gitlab/repos/community-x86_64/gitlab-sidekiq.service
    (from rev 249059, gitlab/trunk/gitlab-sidekiq.service)
  gitlab/repos/community-x86_64/gitlab-unicorn.service
    (from rev 249059, gitlab/trunk/gitlab-unicorn.service)
  gitlab/repos/community-x86_64/gitlab.install
    (from rev 249059, gitlab/trunk/gitlab.install)
  gitlab/repos/community-x86_64/gitlab.logrotate
    (from rev 249059, gitlab/trunk/gitlab.logrotate)
  gitlab/repos/community-x86_64/gitlab.target
    (from rev 249059, gitlab/trunk/gitlab.target)
  gitlab/repos/community-x86_64/gitlab.tmpfiles.d
    (from rev 249059, gitlab/trunk/gitlab.tmpfiles.d)
  gitlab/repos/community-x86_64/lighttpd.conf.example
    (from rev 249059, gitlab/trunk/lighttpd.conf.example)
  gitlab/repos/community-x86_64/nginx-ssl.conf.example
    (from rev 249059, gitlab/trunk/nginx-ssl.conf.example)
  gitlab/repos/community-x86_64/nginx.conf.example
    (from rev 249059, gitlab/trunk/nginx.conf.example)
Deleted:
  gitlab/repos/community-x86_64/PKGBUILD
  gitlab/repos/community-x86_64/apache-ssl.conf.example
  gitlab/repos/community-x86_64/apache.conf.example
  gitlab/repos/community-x86_64/apache2.2-ssl.conf.example
  gitlab/repos/community-x86_64/apache2.2.conf.example
  gitlab/repos/community-x86_64/gitlab-backup.service
  gitlab/repos/community-x86_64/gitlab-backup.timer
  gitlab/repos/community-x86_64/gitlab-mailroom.service
  gitlab/repos/community-x86_64/gitlab-sidekiq.service
  gitlab/repos/community-x86_64/gitlab-unicorn.service
  gitlab/repos/community-x86_64/gitlab.install
  gitlab/repos/community-x86_64/gitlab.logrotate
  gitlab/repos/community-x86_64/gitlab.target
  gitlab/repos/community-x86_64/gitlab.tmpfiles.d
  gitlab/repos/community-x86_64/lighttpd.conf.example
  gitlab/repos/community-x86_64/nginx-ssl.conf.example
  gitlab/repos/community-x86_64/nginx.conf.example

----------------------------+
 PKGBUILD                   |  424 +++++++++++++++++++++----------------------
 apache-ssl.conf.example    |  188 +++++++++----------
 apache.conf.example        |  128 ++++++------
 apache2.2-ssl.conf.example |  186 +++++++++---------
 apache2.2.conf.example     |  126 ++++++------
 gitlab-backup.service      |   38 +--
 gitlab-backup.timer        |   20 +-
 gitlab-mailroom.service    |   40 ++--
 gitlab-sidekiq.service     |   58 ++---
 gitlab-unicorn.service     |   58 ++---
 gitlab.install             |   40 ++--
 gitlab.logrotate           |   22 +-
 gitlab.target              |   28 +-
 gitlab.tmpfiles.d          |    2 
 lighttpd.conf.example      |   70 +++----
 nginx-ssl.conf.example     |  224 +++++++++++-----------
 nginx.conf.example         |  138 ++++++-------
 17 files changed, 895 insertions(+), 895 deletions(-)

Deleted: PKGBUILD
===================================================================
--- PKGBUILD    2017-08-06 17:05:49 UTC (rev 249059)
+++ PKGBUILD    2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,212 +0,0 @@
-# Maintainer: Sven-Hendrik Haase <s...@lutzhaase.com>
-# Contributor: Pavol (Lopo) Hluchy <lopo AT losys DOT eu>
-# Contributor: Jonas Heinrich <o...@project-insanity.org>
-# Contributor: Massimiliano Torromeo <massimiliano.torro...@gmail.com>
-# Contributor: Tobias Hunger <tobias DOT hunger AT gmail DOT com>
-# Contributor: Stefan Tatschner <ste...@sevenbyte.org>
-# Contributor: Caleb Maclennan <ca...@alerque.com>
-
-pkgname=gitlab
-pkgver=9.3.6
-pkgrel=1
-pkgdesc="Project management and code hosting application"
-arch=('x86_64')
-url="https://gitlab.com/gitlab-org/gitlab-ce/tree/master#README";
-license=('MIT')
-depends=('ruby2.3' 'git' 'ruby2.3-bundler' 'gitlab-workhorse' 'gitlab-gitaly' 
'openssh' 'redis' 'libxslt' 'icu' 'nodejs')
-makedepends=('cmake' 'postgresql' 'mariadb' 'yarn' 'go')
-optdepends=('postgresql: database backend'
-            'mysql: database backend'
-            'python2-docutils: reStructuredText markup language support'
-            'smtp-server: mail server in order to receive mail notifications')
-backup=("etc/webapps/${pkgname}/application.rb"
-        "etc/webapps/${pkgname}/gitlab.yml"
-        "etc/webapps/${pkgname}/resque.yml"
-        "etc/webapps/${pkgname}/unicorn.rb"
-        "etc/logrotate.d/${pkgname}")
-source=("$pkgname-$pkgver.tar.gz::https://gitlab.com/gitlab-org/gitlab-ce/repository/archive.tar.bz2?ref=v${pkgver}";
-        gitlab-unicorn.service
-        gitlab-sidekiq.service
-        gitlab-backup.service
-        gitlab-mailroom.service
-        gitlab-backup.timer
-        gitlab.target
-        gitlab.tmpfiles.d
-        gitlab.logrotate
-        apache.conf.example
-        apache-ssl.conf.example
-        apache2.2.conf.example
-        apache2.2-ssl.conf.example
-        nginx.conf.example
-        nginx-ssl.conf.example
-        lighttpd.conf.example)
-install='gitlab.install'
-sha512sums=('0d3c603dfbb4092f3218cedb13f9c1ec5d7a96ebdb9267bf47f00e9e81569ce548337d4b6491a2661b6e267accd7d6f66062f3d19352b304cf5cd736c2b536cb'
-            
'56cce150645ef74fa42a6100c8bc7689c4012579e1f3ba237c06c367b121246b39e968044615fa21c4757bc8e9d06f37f8ac8d39aa8b808c758e716857553f66'
-            
'8678b2f0632a830e42a8a62b59ffe66b629b7d96034ff167e2a93fdbb3c7617db0c7529990b73c7a12a78a900ec833e48c691ebbac6cd8257e53de060da16a37'
-            
'79cfb8ee740ab30f970c3113659b8349128abeae5e32cc81bb905f89a6db9941b7778040a094b884262daf020f66a1aee49a12d34fbb94efce6ade946bb4625b'
-            
'c097a26d1c24f120967ae457f9008df06af0cd2662306410d8e3f6cc4b5772416125fcd3c895bc35872251060083e8c95b37455b8d20154518d8c467625291eb'
-            
'c11d2c59da8325551a465227096e8d39b0e4bcd5b1db21565cf3439e431838c04bc00aa6f07f4d493f3f47fd6b4e25aeb0fe0fc1a05756064706bf5708c960ec'
-            
'c519a51d31300074ea12594fbcc8e9610d991ef04b1dac94d93a2b201df3465999cc7c6ac7f3896e02b117c2366d61dea1ef2f6b9cd7b18998385a7f26e5700f'
-            
'abacbff0d7be918337a17b56481c84e6bf3eddd9551efe78ba9fb74337179e95c9b60f41c49f275e05074a4074a616be36fa208a48fc12d5b940f0554fbd89c3'
-            
'20b93eab504e82cc4401685b59e6311b4d2c0285bc594d47ce4106d3f418a3e2ba92c4f49732748c0ba913aa3e3299126166e37d2a2d5b4d327d66bae4b8abda'
-            
'441585489fb992d5e893f14bf0770df04ada95ffdbfcc80bb98a44eda7db520d12c985f600d003d80a196562654d2231598f8481ff9bf664bb5889f564e897e7'
-            
'99f31439d348e21f764875b6207db8663b47f3224ad6a9f35b89c8a2ed29a9e831a974aa6b9429a3882fb74c1c9d42ed5c38b2d16ae122b5d55d5873a0c57cd3'
-            
'624eb1f13e0265522290faa8c22b4150e6081ca2580391c9dfd871f1ee1b9c1c745c95d3d8f7fdbf85038990060141b844c3d8097c577ab68e5506bfa2d2dddb'
-            
'248d47b44fa5ed65e2a940f2b60d0482c481b3a438357ca510848221370367ffbc0d83ce046d688bebbbc75d4e321b140f6a5ce1a9d7ec0b034fafcf92dee107'
-            
'53a9d6d6f87874b29e48a8fb2e207094ebc1a80af478562ec4b591926d59e135a3166c20966704aa948ca7063ba63c1ec4ac290a343832fa18025ec3d85081ba'
-            
'6d3006da591acefcc534c6e3f1da8e812d0b3b21fc416bfaa8678b8e2d922be6b17d1c92b0d7164de3b8ad864139253707107ca082f78e823d23f3b65fcb5914'
-            
'c78b6f46abcf603d8db6e38cf50868e14145928422ddfe17c88e2f006b5b910dddf456ec5d6d724b250994530643963809688a98f7e12ebd5b5dabf7f96f0e06')
-
-_datadir="/usr/share/webapps/${pkgname}"
-_etcdir="/etc/webapps/${pkgname}"
-_homedir="/var/lib/${pkgname}"
-_logdir="/var/log/${pkgname}"
-_srcdir="gitlab-ce-v${pkgver}"
-
-prepare() {
-  cd "${srcdir}/${_srcdir}"*
-
-  export SKIP_STORAGE_VALIDATION='true'
-
-  # Patching config files:
-  msg2 "Patching paths in and username gitlab.yml..."
-  sed -e "s|# user: git|user: gitlab|" \
-      -e "s|/home/git/repositories|${_homedir}/repositories|" \
-      -e "s|/home/git/gitlab-satellites|${_homedir}/satellites|" \
-      -e "s|# path: /mnt/gitlab|path: ${_homedir}/shared|" \
-      -e "s|/home/git/gitlab-shell|/usr/share/webapps/gitlab-shell|" \
-      -e "s|tmp/backups|${_homedir}/backups|" \
-      -e 
"s|/home/git/gitlab/tmp/sockets/private/gitaly.socket|${_homedir}/sockets/gitlab-gitaly.socket|"
 \
-      config/gitlab.yml.example > config/gitlab.yml
-
-  msg2 "Patching paths and timeout in unicorn.rb..."
-  sed -e "s|/home/git/gitlab/tmp/.*/|/run/gitlab/|g" \
-      -e "s|/var/run/|/run/|g" \
-      -e "s|/home/git/gitlab|${_datadir}|g" \
-      -e "s|timeout 30|timeout 300|" \
-      -e "s|${_datadir}/log/|${_logdir}/|g" \
-      config/unicorn.rb.example > config/unicorn.rb
-
-  # We need this one untouched because otherwise assets will fail
-  cp config/database.yml.postgresql config/database.yml.postgresql.orig
-
-  msg2 "Patching username in database.yml.{mysql,postgresql}..."
-  sed -i -e "s|username: git|username: gitlab|" config/database.yml.mysql
-  sed -i -e "s|username: git|username: gitlab|" config/database.yml.postgresql
-
-  msg2 "Patching redis connection in resque.yml"
-  sed -e "s|production: unix:/var/run/redis/redis.sock|production: 
redis://localhost:6379|" \
-      config/resque.yml.example > config/resque.yml.patched
-
-  msg2 "Setting up systemd service files ..."
-  for service_file in gitlab-sidekiq.service gitlab-unicorn.service 
gitlab.logrotate gitlab-backup.service gitlab-mailroom.service; do
-    sed -i "s|<HOMEDIR>|${_homedir}|g" "${srcdir}/${service_file}"
-    sed -i "s|<DATADIR>|${_datadir}|g" "${srcdir}/${service_file}"
-    sed -i "s|<LOGDIR>|${_logdir}|g" "${srcdir}/${service_file}"
-  done
-}
-
-build() {
-  cd "${srcdir}/${_srcdir}"*
-
-  msg "Fetching bundled gems..."
-  # Gems will be installed into vendor/bundle
-
-  bundle-2.3 config build.nokogiri --use-system-libraries
-  bundle-2.3 install -j$(nproc) --no-cache --deployment --without development 
test aws kerberos
-
-  # We'll temporarily stick this in here so we can build the assets
-  cp config/database.yml.postgresql.orig config/database.yml
-  cp config/resque.yml.example config/resque.yml
-  sed -i 's/url.*/nope.sock/g' config/resque.yml
-
-  yarn install --production --pure-lockfile
-  bundle-2.3 exec rake gitlab:assets:compile RAILS_ENV=production 
NODE_ENV=production
-  bundle-2.3 exec rake gettext:compile RAILS_ENV=production
-
-  # After building assets, clean this up again
-  rm config/database.yml config/database.yml.postgresql.orig
-  mv config/resque.yml.patched config/resque.yml
-}
-
-package() {
-  cd "${srcdir}/${_srcdir}"*
-  depends+=('gitlab-shell')
-
-  install -d "${pkgdir}/usr/share/webapps"
-
-  cp -r "${srcdir}/${_srcdir}"* "${pkgdir}${_datadir}"
-  chown -R root:root "${pkgdir}${_datadir}"
-  chmod 755 "${pkgdir}${_datadir}"
-
-  install -dm750 -o 105 -g 105 "${pkgdir}${_homedir}"
-  install -dm750 -o 105 -g 105 "${pkgdir}${_homedir}/satellites"
-  install -dm750 -o 105 -g 105 
"${pkgdir}${_homedir}/shared/"{,artifacts,lfs-objects}
-  install -dm750 -o 105 -g 105 "${pkgdir}${_homedir}/builds"
-  install -dm750 -o 105 -g 105 "${pkgdir}${_homedir}/uploads"
-  install -dm750 -o 105 -g 105 "${pkgdir}${_homedir}/backups"
-  install -dm750 -o 105 -g 105 "${pkgdir}${_etcdir}"
-  install -dm755 "${pkgdir}/usr/share/doc/${pkgname}"
-
-  ln -fs /run/gitlab "${pkgdir}${_homedir}/pids"
-  ln -fs /run/gitlab "${pkgdir}${_homedir}/sockets"
-  ln -fs ${_datadir}/log "${pkgdir}${_homedir}/log"
-
-  rm -rf "${pkgdir}${_datadir}/public/uploads" && ln -fs "${_homedir}/uploads" 
"${pkgdir}${_datadir}/public/uploads"
-  rm -rf "${pkgdir}${_datadir}/builds" && ln -fs "${_homedir}/builds" 
"${pkgdir}${_datadir}/builds"
-  rm -rf "${pkgdir}${_datadir}/tmp" && ln -fs /var/tmp 
"${pkgdir}${_datadir}/tmp"
-  rm -rf "${pkgdir}${_datadir}/log" && ln -fs "${_logdir}" 
"${pkgdir}${_datadir}/log"
-
-  mv "${pkgdir}${_datadir}/.gitlab_workhorse_secret" 
"${pkgdir}${_etcdir}/gitlab_workhorse_secret"
-  chmod 660 "${pkgdir}${_etcdir}/gitlab_workhorse_secret"
-  chown root:105 "${pkgdir}${_etcdir}/gitlab_workhorse_secret"
-  ln -fs "${_etcdir}/gitlab_workhorse_secret" 
"${pkgdir}${_datadir}/.gitlab_workhorse_secret"
-
-  ln -fs /etc/webapps/gitlab-shell/secret 
"${pkgdir}${_datadir}/.gitlab_shell_secret"
-
-  sed -i "s|require_relative '../lib|require '${_datadir}/lib|" 
config/application.rb
-
-  # Fix for ruby-2.3 and bundle-2.3
-  sed -i "s|bundle|bundle-2.3|g" 
"${pkgdir}${_datadir}/lib/tasks/gitlab/check.rake"
-  grep -rl "bin/env ruby" "${pkgdir}${_datadir}" | xargs sed -i "s|bin/env 
ruby$|bin/env ruby-2.3|g"
-
-  # Install config files
-  for config_file in application.rb gitlab.yml unicorn.rb resque.yml; do
-    mv "config/${config_file}" "${pkgdir}${_etcdir}/"
-    [[ -f "${pkgdir}${_datadir}/config/${config_file}" ]] && rm 
"${pkgdir}${_datadir}/config/${config_file}"
-    ln -fs "${_etcdir}/${config_file}" "${pkgdir}${_datadir}/config/"
-  done
-
-  # Install database symlink
-  ln -fs "${_etcdir}/database.yml" "${pkgdir}${_datadir}/config/database.yml"
-
-  # Install secrets symlink
-  ln -fs "${_etcdir}/secrets.yml" "${pkgdir}${_datadir}/config/secrets.yml"
-
-  # Install license and help files
-  mv README.md MAINTENANCE.md CONTRIBUTING.md CHANGELOG.md PROCESS.md VERSION 
config/*.{example,mysql,postgresql} "${pkgdir}/usr/share/doc/${pkgname}"
-  install -Dm644 "LICENSE" "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
-
-  # https://gitlab.com/gitlab-org/gitlab-ce/issues/765
-  cp -r "${pkgdir}${_datadir}/doc" "${pkgdir}${_datadir}/public/help"
-  find "${pkgdir}${_datadir}/public/help" -name "*.md" -exec rm {} \;
-  find "${pkgdir}${_datadir}/public/help/" -depth -type d -empty -exec rmdir 
{} \;
-
-  chown 105:105 "${pkgdir}${_datadir}/db/schema.rb"
-
-  # Install systemd service files
-  for service_file in gitlab-unicorn.service gitlab-sidekiq.service 
gitlab-backup.service gitlab-backup.timer gitlab.target 
gitlab-mailroom.service; do
-    install -Dm644 "${srcdir}/${service_file}" 
"${pkgdir}/usr/lib/systemd/system/${service_file}"
-  done
-
-  install -Dm644 "${srcdir}/gitlab.tmpfiles.d" 
"${pkgdir}/usr/lib/tmpfiles.d/gitlab.conf"
-  install -Dm644 "${srcdir}/gitlab.logrotate" 
"${pkgdir}/etc/logrotate.d/gitlab"
-
-  # Install webserver config templates
-  for config_file in apache apache-ssl apache2.2 apache2.2-ssl nginx nginx-ssl 
lighttpd; do
-    install -m644 "${srcdir}/${config_file}.conf.example" 
"${pkgdir}/usr/share/doc/${pkgname}"
-  done
-}
-
-# vim:set ts=2 sw=2 et:

Copied: gitlab/repos/community-x86_64/PKGBUILD (from rev 249059, 
gitlab/trunk/PKGBUILD)
===================================================================
--- PKGBUILD                            (rev 0)
+++ PKGBUILD    2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,212 @@
+# Maintainer: Sven-Hendrik Haase <s...@lutzhaase.com>
+# Contributor: Pavol (Lopo) Hluchy <lopo AT losys DOT eu>
+# Contributor: Jonas Heinrich <o...@project-insanity.org>
+# Contributor: Massimiliano Torromeo <massimiliano.torro...@gmail.com>
+# Contributor: Tobias Hunger <tobias DOT hunger AT gmail DOT com>
+# Contributor: Stefan Tatschner <ste...@sevenbyte.org>
+# Contributor: Caleb Maclennan <ca...@alerque.com>
+
+pkgname=gitlab
+pkgver=9.4.3
+pkgrel=1
+pkgdesc="Project management and code hosting application"
+arch=('x86_64')
+url="https://gitlab.com/gitlab-org/gitlab-ce/tree/master#README";
+license=('MIT')
+options=(!buildflags)
+depends=('ruby2.3' 'git' 'ruby2.3-bundler' 'gitlab-workhorse' 'gitlab-gitaly' 
'openssh' 'redis' 'libxslt' 'icu' 'nodejs' 're2')
+makedepends=('cmake' 'postgresql' 'mariadb' 'yarn' 'go')
+optdepends=('postgresql: database backend'
+            'mysql: database backend'
+            'python2-docutils: reStructuredText markup language support'
+            'smtp-server: mail server in order to receive mail notifications')
+backup=("etc/webapps/${pkgname}/application.rb"
+        "etc/webapps/${pkgname}/gitlab.yml"
+        "etc/webapps/${pkgname}/resque.yml"
+        "etc/webapps/${pkgname}/unicorn.rb"
+        "etc/logrotate.d/${pkgname}")
+source=("$pkgname-$pkgver.tar.gz::https://gitlab.com/gitlab-org/gitlab-ce/repository/archive.tar.bz2?ref=v${pkgver}";
+        gitlab-unicorn.service
+        gitlab-sidekiq.service
+        gitlab-backup.service
+        gitlab-mailroom.service
+        gitlab-backup.timer
+        gitlab.target
+        gitlab.tmpfiles.d
+        gitlab.logrotate
+        apache.conf.example
+        apache-ssl.conf.example
+        apache2.2.conf.example
+        apache2.2-ssl.conf.example
+        nginx.conf.example
+        nginx-ssl.conf.example
+        lighttpd.conf.example)
+install='gitlab.install'
+sha512sums=('1caac46183ce7a7926401a831459bb8e5fc006420e3208c637bb7cf8e13f94c7da69adf968cd911b97f82b3842e7afc3f122eeb708d68e8f8c1a750c348e5978'
+            
'56cce150645ef74fa42a6100c8bc7689c4012579e1f3ba237c06c367b121246b39e968044615fa21c4757bc8e9d06f37f8ac8d39aa8b808c758e716857553f66'
+            
'8678b2f0632a830e42a8a62b59ffe66b629b7d96034ff167e2a93fdbb3c7617db0c7529990b73c7a12a78a900ec833e48c691ebbac6cd8257e53de060da16a37'
+            
'79cfb8ee740ab30f970c3113659b8349128abeae5e32cc81bb905f89a6db9941b7778040a094b884262daf020f66a1aee49a12d34fbb94efce6ade946bb4625b'
+            
'c097a26d1c24f120967ae457f9008df06af0cd2662306410d8e3f6cc4b5772416125fcd3c895bc35872251060083e8c95b37455b8d20154518d8c467625291eb'
+            
'c11d2c59da8325551a465227096e8d39b0e4bcd5b1db21565cf3439e431838c04bc00aa6f07f4d493f3f47fd6b4e25aeb0fe0fc1a05756064706bf5708c960ec'
+            
'c519a51d31300074ea12594fbcc8e9610d991ef04b1dac94d93a2b201df3465999cc7c6ac7f3896e02b117c2366d61dea1ef2f6b9cd7b18998385a7f26e5700f'
+            
'abacbff0d7be918337a17b56481c84e6bf3eddd9551efe78ba9fb74337179e95c9b60f41c49f275e05074a4074a616be36fa208a48fc12d5b940f0554fbd89c3'
+            
'20b93eab504e82cc4401685b59e6311b4d2c0285bc594d47ce4106d3f418a3e2ba92c4f49732748c0ba913aa3e3299126166e37d2a2d5b4d327d66bae4b8abda'
+            
'441585489fb992d5e893f14bf0770df04ada95ffdbfcc80bb98a44eda7db520d12c985f600d003d80a196562654d2231598f8481ff9bf664bb5889f564e897e7'
+            
'99f31439d348e21f764875b6207db8663b47f3224ad6a9f35b89c8a2ed29a9e831a974aa6b9429a3882fb74c1c9d42ed5c38b2d16ae122b5d55d5873a0c57cd3'
+            
'624eb1f13e0265522290faa8c22b4150e6081ca2580391c9dfd871f1ee1b9c1c745c95d3d8f7fdbf85038990060141b844c3d8097c577ab68e5506bfa2d2dddb'
+            
'248d47b44fa5ed65e2a940f2b60d0482c481b3a438357ca510848221370367ffbc0d83ce046d688bebbbc75d4e321b140f6a5ce1a9d7ec0b034fafcf92dee107'
+            
'53a9d6d6f87874b29e48a8fb2e207094ebc1a80af478562ec4b591926d59e135a3166c20966704aa948ca7063ba63c1ec4ac290a343832fa18025ec3d85081ba'
+            
'6d3006da591acefcc534c6e3f1da8e812d0b3b21fc416bfaa8678b8e2d922be6b17d1c92b0d7164de3b8ad864139253707107ca082f78e823d23f3b65fcb5914'
+            
'c78b6f46abcf603d8db6e38cf50868e14145928422ddfe17c88e2f006b5b910dddf456ec5d6d724b250994530643963809688a98f7e12ebd5b5dabf7f96f0e06')
+
+_datadir="/usr/share/webapps/${pkgname}"
+_etcdir="/etc/webapps/${pkgname}"
+_homedir="/var/lib/${pkgname}"
+_logdir="/var/log/${pkgname}"
+_srcdir="gitlab-ce-v${pkgver}"
+
+prepare() {
+  cd "${srcdir}/${_srcdir}"*
+
+  export SKIP_STORAGE_VALIDATION='true'
+
+  # Patching config files:
+  msg2 "Patching paths in and username gitlab.yml..."
+  sed -e "s|# user: git|user: gitlab|" \
+      -e "s|/home/git/repositories|${_homedir}/repositories|" \
+      -e "s|/home/git/gitlab-satellites|${_homedir}/satellites|" \
+      -e "s|# path: /mnt/gitlab|path: ${_homedir}/shared|" \
+      -e "s|/home/git/gitlab-shell|/usr/share/webapps/gitlab-shell|" \
+      -e "s|tmp/backups|${_homedir}/backups|" \
+      -e 
"s|/home/git/gitlab/tmp/sockets/private/gitaly.socket|${_homedir}/sockets/gitlab-gitaly.socket|"
 \
+      config/gitlab.yml.example > config/gitlab.yml
+
+  msg2 "Patching paths and timeout in unicorn.rb..."
+  sed -e "s|/home/git/gitlab/tmp/.*/|/run/gitlab/|g" \
+      -e "s|/var/run/|/run/|g" \
+      -e "s|/home/git/gitlab|${_datadir}|g" \
+      -e "s|timeout 30|timeout 300|" \
+      -e "s|${_datadir}/log/|${_logdir}/|g" \
+      config/unicorn.rb.example > config/unicorn.rb
+
+  # We need this one untouched because otherwise assets will fail
+  cp config/database.yml.postgresql config/database.yml.postgresql.orig
+
+  msg2 "Patching username in database.yml.{mysql,postgresql}..."
+  sed -i -e "s|username: git|username: gitlab|" config/database.yml.mysql
+  sed -i -e "s|username: git|username: gitlab|" config/database.yml.postgresql
+
+  msg2 "Patching redis connection in resque.yml"
+  sed -e "s|production: unix:/var/run/redis/redis.sock|production: 
redis://localhost:6379|" \
+      config/resque.yml.example > config/resque.yml.patched
+
+  msg2 "Setting up systemd service files ..."
+  for service_file in gitlab-sidekiq.service gitlab-unicorn.service 
gitlab.logrotate gitlab-backup.service gitlab-mailroom.service; do
+    sed -i "s|<HOMEDIR>|${_homedir}|g" "${srcdir}/${service_file}"
+    sed -i "s|<DATADIR>|${_datadir}|g" "${srcdir}/${service_file}"
+    sed -i "s|<LOGDIR>|${_logdir}|g" "${srcdir}/${service_file}"
+  done
+}
+
+build() {
+  cd "${srcdir}/${_srcdir}"*
+
+  msg "Fetching bundled gems..."
+  # Gems will be installed into vendor/bundle
+
+  bundle-2.3 config build.nokogiri --use-system-libraries
+  bundle-2.3 install --no-cache --deployment --without development test aws 
kerberos
+
+  # We'll temporarily stick this in here so we can build the assets
+  cp config/database.yml.postgresql.orig config/database.yml
+  cp config/resque.yml.example config/resque.yml
+  sed -i 's/url.*/nope.sock/g' config/resque.yml
+
+  yarn install --production --pure-lockfile
+  bundle-2.3 exec rake gitlab:assets:compile RAILS_ENV=production 
NODE_ENV=production
+  bundle-2.3 exec rake gettext:compile RAILS_ENV=production
+  # After building assets, clean this up again
+  rm config/database.yml config/database.yml.postgresql.orig
+  mv config/resque.yml.patched config/resque.yml
+}
+
+package() {
+  cd "${srcdir}/${_srcdir}"*
+  depends+=('gitlab-shell')
+
+  install -d "${pkgdir}/usr/share/webapps"
+
+  cp -r "${srcdir}/${_srcdir}"* "${pkgdir}${_datadir}"
+  chown -R root:root "${pkgdir}${_datadir}"
+  chmod 755 "${pkgdir}${_datadir}"
+
+  install -dm750 -o 105 -g 105 "${pkgdir}${_homedir}"
+  install -dm750 -o 105 -g 105 "${pkgdir}${_homedir}/satellites"
+  install -dm750 -o 105 -g 105 
"${pkgdir}${_homedir}/shared/"{,artifacts,lfs-objects}
+  install -dm750 -o 105 -g 105 "${pkgdir}${_homedir}/builds"
+  install -dm750 -o 105 -g 105 "${pkgdir}${_homedir}/uploads"
+  install -dm750 -o 105 -g 105 "${pkgdir}${_homedir}/backups"
+  install -dm750 -o 105 -g 105 "${pkgdir}${_etcdir}"
+  install -dm755 "${pkgdir}/usr/share/doc/${pkgname}"
+
+  ln -fs /run/gitlab "${pkgdir}${_homedir}/pids"
+  ln -fs /run/gitlab "${pkgdir}${_homedir}/sockets"
+  ln -fs ${_datadir}/log "${pkgdir}${_homedir}/log"
+
+  rm -rf "${pkgdir}${_datadir}/public/uploads" && ln -fs "${_homedir}/uploads" 
"${pkgdir}${_datadir}/public/uploads"
+  rm -rf "${pkgdir}${_datadir}/builds" && ln -fs "${_homedir}/builds" 
"${pkgdir}${_datadir}/builds"
+  rm -rf "${pkgdir}${_datadir}/tmp" && ln -fs /var/tmp 
"${pkgdir}${_datadir}/tmp"
+  rm -rf "${pkgdir}${_datadir}/log" && ln -fs "${_logdir}" 
"${pkgdir}${_datadir}/log"
+
+  mv "${pkgdir}${_datadir}/.gitlab_workhorse_secret" 
"${pkgdir}${_etcdir}/gitlab_workhorse_secret"
+  chmod 660 "${pkgdir}${_etcdir}/gitlab_workhorse_secret"
+  chown root:105 "${pkgdir}${_etcdir}/gitlab_workhorse_secret"
+  ln -fs "${_etcdir}/gitlab_workhorse_secret" 
"${pkgdir}${_datadir}/.gitlab_workhorse_secret"
+
+  ln -fs /etc/webapps/gitlab-shell/secret 
"${pkgdir}${_datadir}/.gitlab_shell_secret"
+
+  sed -i "s|require_relative '../lib|require '${_datadir}/lib|" 
config/application.rb
+
+  # Fix for ruby-2.3 and bundle-2.3
+  sed -i "s|bundle|bundle-2.3|g" 
"${pkgdir}${_datadir}/lib/tasks/gitlab/check.rake"
+  grep -rl "bin/env ruby" "${pkgdir}${_datadir}" | xargs sed -i "s|bin/env 
ruby$|bin/env ruby-2.3|g"
+
+  # Install config files
+  for config_file in application.rb gitlab.yml unicorn.rb resque.yml; do
+    mv "config/${config_file}" "${pkgdir}${_etcdir}/"
+    [[ -f "${pkgdir}${_datadir}/config/${config_file}" ]] && rm 
"${pkgdir}${_datadir}/config/${config_file}"
+    ln -fs "${_etcdir}/${config_file}" "${pkgdir}${_datadir}/config/"
+  done
+
+  # Install database symlink
+  ln -fs "${_etcdir}/database.yml" "${pkgdir}${_datadir}/config/database.yml"
+
+  # Install secrets symlink
+  ln -fs "${_etcdir}/secrets.yml" "${pkgdir}${_datadir}/config/secrets.yml"
+
+  # Install license and help files
+  mv README.md MAINTENANCE.md CONTRIBUTING.md CHANGELOG.md PROCESS.md VERSION 
config/*.{example,mysql,postgresql} "${pkgdir}/usr/share/doc/${pkgname}"
+  install -Dm644 "LICENSE" "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+
+  # https://gitlab.com/gitlab-org/gitlab-ce/issues/765
+  cp -r "${pkgdir}${_datadir}/doc" "${pkgdir}${_datadir}/public/help"
+  find "${pkgdir}${_datadir}/public/help" -name "*.md" -exec rm {} \;
+  find "${pkgdir}${_datadir}/public/help/" -depth -type d -empty -exec rmdir 
{} \;
+
+  chown 105:105 "${pkgdir}${_datadir}/db/schema.rb"
+
+  # Install systemd service files
+  for service_file in gitlab-unicorn.service gitlab-sidekiq.service 
gitlab-backup.service gitlab-backup.timer gitlab.target 
gitlab-mailroom.service; do
+    install -Dm644 "${srcdir}/${service_file}" 
"${pkgdir}/usr/lib/systemd/system/${service_file}"
+  done
+
+  install -Dm644 "${srcdir}/gitlab.tmpfiles.d" 
"${pkgdir}/usr/lib/tmpfiles.d/gitlab.conf"
+  install -Dm644 "${srcdir}/gitlab.logrotate" 
"${pkgdir}/etc/logrotate.d/gitlab"
+
+  # Install webserver config templates
+  for config_file in apache apache-ssl apache2.2 apache2.2-ssl nginx nginx-ssl 
lighttpd; do
+    install -m644 "${srcdir}/${config_file}.conf.example" 
"${pkgdir}/usr/share/doc/${pkgname}"
+  done
+}
+
+# vim:set ts=2 sw=2 et:

Deleted: apache-ssl.conf.example
===================================================================
--- apache-ssl.conf.example     2017-08-06 17:05:49 UTC (rev 249059)
+++ apache-ssl.conf.example     2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,94 +0,0 @@
-# This configuration has been tested on GitLab 8.2
-# Note this config assumes unicorn is listening on default port 8080 and
-# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to
-# listen on port 8181, edit or create /etc/default/gitlab and change or add 
the following:
-#
-# gitlab_workhorse_options="-listenUmask 0 -listenNetwork tcp -listenAddr 
127.0.0.1:8181 -authBackend http://127.0.0.1:8080";
-#
-#Module dependencies
-# mod_rewrite
-# mod_ssl
-# mod_proxy
-# mod_proxy_http
-# mod_headers
-
-# This section is only needed if you want to redirect http traffic to https.
-# You can live without it but clients will have to type in https:// to reach 
gitlab.
-<VirtualHost *:80>
-  ServerName YOUR_SERVER_FQDN
-  ServerSignature Off
-
-  RewriteEngine on
-  RewriteCond %{HTTPS} !=on
-  RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
-</VirtualHost>
-
-<VirtualHost *:443>
-  SSLEngine on
-  #strong encryption ciphers only
-  #see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
-  SSLProtocol all -SSLv2 -SSLv3
-  SSLHonorCipherOrder on
-#  SSLCipherSuite 
"ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
-  SSLCipherSuite 
"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"
-  Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
-  SSLCompression Off
-  SSLCertificateFile /etc/httpd/ssl.crt/YOUR_SERVER_FQDN.crt
-  SSLCertificateKeyFile /etc/httpd/ssl.key/YOUR_SERVER_FQDN.key
-  SSLCACertificateFile /etc/httpd/ssl.crt/your-ca.crt
-
-  ServerName YOUR_SERVER_FQDN
-  ServerSignature Off
-
-  ProxyPreserveHost On
-
-  # Ensure that encoded slashes are not decoded but left in their encoded 
state.
-  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
-  AllowEncodedSlashes NoDecode
-
-  <Location />
-    # New authorization commands for apache 2.4 and up
-    # http://httpd.apache.org/docs/2.4/upgrading.html#access
-    Require all granted
-
-    #Allow forwarding to gitlab-workhorse
-    ProxyPassReverse http://127.0.0.1:8181
-    ProxyPassReverse http://YOUR_SERVER_FQDN/
-  </Location>
-
-  # Apache equivalent of nginx try files
-  # 
http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
-  # 
http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
-  RewriteEngine on
-
-  #Don't escape encoded characters in api requests
-  RewriteCond %{REQUEST_URI} ^/api/v3/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
-
-  #Forward all requests to gitlab-workhorse except existing files like error 
documents
-  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
-  RewriteCond %{REQUEST_URI} ^/uploads/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
-
-  RequestHeader set X_FORWARDED_PROTO 'https'
-  RequestHeader set X-Forwarded-Ssl on
-
-  # needed for downloading attachments
-  DocumentRoot /usr/share/webapps/gitlab/public
-
-  #Set up apache error documents, if back end goes down (i.e. 503 error) then 
a maintenance/deploy page is thrown up.
-  ErrorDocument 404 /404.html
-  ErrorDocument 422 /422.html
-  ErrorDocument 500 /500.html
-  ErrorDocument 503 /deploy.html
-
-  # It is assumed that the log directory is in /var/log/httpd.
-  # For Debian distributions you might want to change this to
-  # /var/log/apache2.
-  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
-  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined 
env=!dontlog
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
-
-</VirtualHost>

Copied: gitlab/repos/community-x86_64/apache-ssl.conf.example (from rev 249059, 
gitlab/trunk/apache-ssl.conf.example)
===================================================================
--- apache-ssl.conf.example                             (rev 0)
+++ apache-ssl.conf.example     2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,94 @@
+# This configuration has been tested on GitLab 8.2
+# Note this config assumes unicorn is listening on default port 8080 and
+# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to
+# listen on port 8181, edit or create /etc/default/gitlab and change or add 
the following:
+#
+# gitlab_workhorse_options="-listenUmask 0 -listenNetwork tcp -listenAddr 
127.0.0.1:8181 -authBackend http://127.0.0.1:8080";
+#
+#Module dependencies
+# mod_rewrite
+# mod_ssl
+# mod_proxy
+# mod_proxy_http
+# mod_headers
+
+# This section is only needed if you want to redirect http traffic to https.
+# You can live without it but clients will have to type in https:// to reach 
gitlab.
+<VirtualHost *:80>
+  ServerName YOUR_SERVER_FQDN
+  ServerSignature Off
+
+  RewriteEngine on
+  RewriteCond %{HTTPS} !=on
+  RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
+</VirtualHost>
+
+<VirtualHost *:443>
+  SSLEngine on
+  #strong encryption ciphers only
+  #see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
+  SSLProtocol all -SSLv2 -SSLv3
+  SSLHonorCipherOrder on
+#  SSLCipherSuite 
"ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
+  SSLCipherSuite 
"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"
+  Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
+  SSLCompression Off
+  SSLCertificateFile /etc/httpd/ssl.crt/YOUR_SERVER_FQDN.crt
+  SSLCertificateKeyFile /etc/httpd/ssl.key/YOUR_SERVER_FQDN.key
+  SSLCACertificateFile /etc/httpd/ssl.crt/your-ca.crt
+
+  ServerName YOUR_SERVER_FQDN
+  ServerSignature Off
+
+  ProxyPreserveHost On
+
+  # Ensure that encoded slashes are not decoded but left in their encoded 
state.
+  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
+  AllowEncodedSlashes NoDecode
+
+  <Location />
+    # New authorization commands for apache 2.4 and up
+    # http://httpd.apache.org/docs/2.4/upgrading.html#access
+    Require all granted
+
+    #Allow forwarding to gitlab-workhorse
+    ProxyPassReverse http://127.0.0.1:8181
+    ProxyPassReverse http://YOUR_SERVER_FQDN/
+  </Location>
+
+  # Apache equivalent of nginx try files
+  # 
http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
+  # 
http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
+  RewriteEngine on
+
+  #Don't escape encoded characters in api requests
+  RewriteCond %{REQUEST_URI} ^/api/v3/.*
+  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
+
+  #Forward all requests to gitlab-workhorse except existing files like error 
documents
+  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
+  RewriteCond %{REQUEST_URI} ^/uploads/.*
+  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
+
+  RequestHeader set X_FORWARDED_PROTO 'https'
+  RequestHeader set X-Forwarded-Ssl on
+
+  # needed for downloading attachments
+  DocumentRoot /usr/share/webapps/gitlab/public
+
+  #Set up apache error documents, if back end goes down (i.e. 503 error) then 
a maintenance/deploy page is thrown up.
+  ErrorDocument 404 /404.html
+  ErrorDocument 422 /422.html
+  ErrorDocument 500 /500.html
+  ErrorDocument 503 /deploy.html
+
+  # It is assumed that the log directory is in /var/log/httpd.
+  # For Debian distributions you might want to change this to
+  # /var/log/apache2.
+  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
+  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
+  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
+  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined 
env=!dontlog
+  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
+
+</VirtualHost>

Deleted: apache.conf.example
===================================================================
--- apache.conf.example 2017-08-06 17:05:49 UTC (rev 249059)
+++ apache.conf.example 2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,64 +0,0 @@
-# This configuration has been tested on GitLab 8.2
-# Note this config assumes unicorn is listening on default port 8080 and
-# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to
-# listen on port 8181, edit or create /etc/default/gitlab and change or add 
the following:
-#
-# gitlab_workhorse_options="-listenUmask 0 -listenNetwork tcp -listenAddr 
127.0.0.1:8181 -authBackend http://127.0.0.1:8080";
-#
-#Module dependencies
-# mod_rewrite
-# mod_proxy
-# mod_proxy_http
-<VirtualHost *:80>
-  ServerName YOUR_SERVER_FQDN
-  ServerSignature Off
-
-  ProxyPreserveHost On
-
-  # Ensure that encoded slashes are not decoded but left in their encoded 
state.
-  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
-  AllowEncodedSlashes NoDecode
-
-  <Location />
-    # New authorization commands for apache 2.4 and up
-    # http://httpd.apache.org/docs/2.4/upgrading.html#access
-    Require all granted
-
-    #Allow forwarding to gitlab-workhorse
-    ProxyPassReverse http://127.0.0.1:8181
-    ProxyPassReverse http://YOUR_SERVER_FQDN/
-  </Location>
-
-  # Apache equivalent of nginx try files
-  # 
http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
-  # 
http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
-  RewriteEngine on
-
-  #Don't escape encoded characters in api requests
-  RewriteCond %{REQUEST_URI} ^/api/v3/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
-
-  #Forward all requests to gitlab-workhorse except existing files like error 
documents
-  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
-  RewriteCond %{REQUEST_URI} ^/uploads/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
-
-  # needed for downloading attachments
-  DocumentRoot /usr/share/webapps/gitlab/public
-
-  #Set up apache error documents, if back end goes down (i.e. 503 error) then 
a maintenance/deploy page is thrown up.
-  ErrorDocument 404 /404.html
-  ErrorDocument 422 /422.html
-  ErrorDocument 500 /500.html
-  ErrorDocument 503 /deploy.html
-
-  # It is assumed that the log directory is in /var/log/httpd.
-  # For Debian distributions you might want to change this to
-  # /var/log/apache2.
-  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
-  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined 
env=!dontlog
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
-
-</VirtualHost>

Copied: gitlab/repos/community-x86_64/apache.conf.example (from rev 249059, 
gitlab/trunk/apache.conf.example)
===================================================================
--- apache.conf.example                         (rev 0)
+++ apache.conf.example 2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,64 @@
+# This configuration has been tested on GitLab 8.2
+# Note this config assumes unicorn is listening on default port 8080 and
+# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to
+# listen on port 8181, edit or create /etc/default/gitlab and change or add 
the following:
+#
+# gitlab_workhorse_options="-listenUmask 0 -listenNetwork tcp -listenAddr 
127.0.0.1:8181 -authBackend http://127.0.0.1:8080";
+#
+#Module dependencies
+# mod_rewrite
+# mod_proxy
+# mod_proxy_http
+<VirtualHost *:80>
+  ServerName YOUR_SERVER_FQDN
+  ServerSignature Off
+
+  ProxyPreserveHost On
+
+  # Ensure that encoded slashes are not decoded but left in their encoded 
state.
+  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
+  AllowEncodedSlashes NoDecode
+
+  <Location />
+    # New authorization commands for apache 2.4 and up
+    # http://httpd.apache.org/docs/2.4/upgrading.html#access
+    Require all granted
+
+    #Allow forwarding to gitlab-workhorse
+    ProxyPassReverse http://127.0.0.1:8181
+    ProxyPassReverse http://YOUR_SERVER_FQDN/
+  </Location>
+
+  # Apache equivalent of nginx try files
+  # 
http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
+  # 
http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
+  RewriteEngine on
+
+  #Don't escape encoded characters in api requests
+  RewriteCond %{REQUEST_URI} ^/api/v3/.*
+  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
+
+  #Forward all requests to gitlab-workhorse except existing files like error 
documents
+  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
+  RewriteCond %{REQUEST_URI} ^/uploads/.*
+  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
+
+  # needed for downloading attachments
+  DocumentRoot /usr/share/webapps/gitlab/public
+
+  #Set up apache error documents, if back end goes down (i.e. 503 error) then 
a maintenance/deploy page is thrown up.
+  ErrorDocument 404 /404.html
+  ErrorDocument 422 /422.html
+  ErrorDocument 500 /500.html
+  ErrorDocument 503 /deploy.html
+
+  # It is assumed that the log directory is in /var/log/httpd.
+  # For Debian distributions you might want to change this to
+  # /var/log/apache2.
+  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
+  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
+  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
+  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined 
env=!dontlog
+  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
+
+</VirtualHost>

Deleted: apache2.2-ssl.conf.example
===================================================================
--- apache2.2-ssl.conf.example  2017-08-06 17:05:49 UTC (rev 249059)
+++ apache2.2-ssl.conf.example  2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,93 +0,0 @@
-# This configuration has been tested on GitLab 8.2
-# Note this config assumes unicorn is listening on default port 8080 and
-# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to
-# listen on port 8181, edit or create /etc/default/gitlab and change or add 
the following:
-#
-# gitlab_workhorse_options="-listenUmask 0 -listenNetwork tcp -listenAddr 
127.0.0.1:8181 -authBackend http://127.0.0.1:8080";
-#
-#Module dependencies
-# mod_rewrite
-# mod_ssl
-# mod_proxy
-# mod_proxy_http
-# mod_headers
-
-# This section is only needed if you want to redirect http traffic to https.
-# You can live without it but clients will have to type in https:// to reach 
gitlab.
-<VirtualHost *:80>
-  ServerName YOUR_SERVER_FQDN
-  ServerSignature Off
-
-  RewriteEngine on
-  RewriteCond %{HTTPS} !=on
-  RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
-</VirtualHost>
-
-<VirtualHost *:443>
-  SSLEngine on
-  #strong encryption ciphers only
-  #see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
-  SSLProtocol all -SSLv2 -SSLv3
-  SSLHonorCipherOrder on
-#  SSLCipherSuite 
"ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
-  SSLCipherSuite 
"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"
-  Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
-  SSLCompression Off
-  SSLCertificateFile /etc/httpd/ssl.crt/YOUR_SERVER_FQDN.crt
-  SSLCertificateKeyFile /etc/httpd/ssl.key/YOUR_SERVER_FQDN.key
-  SSLCACertificateFile /etc/httpd/ssl.crt/your-ca.crt
-
-  ServerName YOUR_SERVER_FQDN
-  ServerSignature Off
-
-  ProxyPreserveHost On
-
-  # Ensure that encoded slashes are not decoded but left in their encoded 
state.
-  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
-  AllowEncodedSlashes NoDecode
-
-  <Location />
-    Order deny,allow
-    Allow from all
-
-    #Allow forwarding to gitlab-workhorse
-    ProxyPassReverse http://127.0.0.1:8181
-    ProxyPassReverse http://YOUR_SERVER_FQDN/
-  </Location>
-
-  # Apache equivalent of nginx try files
-  # 
http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
-  # 
http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
-  RewriteEngine on
-
-  #Don't escape encoded characters in api requests
-  RewriteCond %{REQUEST_URI} ^/api/v3/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
-
-  #Forward all requests to gitlab-workhorse except existing files like error 
documents
-  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
-  RewriteCond %{REQUEST_URI} ^/uploads/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
-
-  RequestHeader set X_FORWARDED_PROTO 'https'
-  RequestHeader set X-Forwarded-Ssl on
-
-  # needed for downloading attachments
-  DocumentRoot /usr/share/webapps/gitlab/public
-
-  #Set up apache error documents, if back end goes down (i.e. 503 error) then 
a maintenance/deploy page is thrown up.
-  ErrorDocument 404 /404.html
-  ErrorDocument 422 /422.html
-  ErrorDocument 500 /500.html
-  ErrorDocument 503 /deploy.html
-
-  # It is assumed that the log directory is in /var/log/httpd.
-  # For Debian distributions you might want to change this to
-  # /var/log/apache2.
-  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
-  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined 
env=!dontlog
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
-
-</VirtualHost>

Copied: gitlab/repos/community-x86_64/apache2.2-ssl.conf.example (from rev 
249059, gitlab/trunk/apache2.2-ssl.conf.example)
===================================================================
--- apache2.2-ssl.conf.example                          (rev 0)
+++ apache2.2-ssl.conf.example  2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,93 @@
+# This configuration has been tested on GitLab 8.2
+# Note this config assumes unicorn is listening on default port 8080 and
+# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to
+# listen on port 8181, edit or create /etc/default/gitlab and change or add 
the following:
+#
+# gitlab_workhorse_options="-listenUmask 0 -listenNetwork tcp -listenAddr 
127.0.0.1:8181 -authBackend http://127.0.0.1:8080";
+#
+#Module dependencies
+# mod_rewrite
+# mod_ssl
+# mod_proxy
+# mod_proxy_http
+# mod_headers
+
+# This section is only needed if you want to redirect http traffic to https.
+# You can live without it but clients will have to type in https:// to reach 
gitlab.
+<VirtualHost *:80>
+  ServerName YOUR_SERVER_FQDN
+  ServerSignature Off
+
+  RewriteEngine on
+  RewriteCond %{HTTPS} !=on
+  RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
+</VirtualHost>
+
+<VirtualHost *:443>
+  SSLEngine on
+  #strong encryption ciphers only
+  #see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
+  SSLProtocol all -SSLv2 -SSLv3
+  SSLHonorCipherOrder on
+#  SSLCipherSuite 
"ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
+  SSLCipherSuite 
"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"
+  Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
+  SSLCompression Off
+  SSLCertificateFile /etc/httpd/ssl.crt/YOUR_SERVER_FQDN.crt
+  SSLCertificateKeyFile /etc/httpd/ssl.key/YOUR_SERVER_FQDN.key
+  SSLCACertificateFile /etc/httpd/ssl.crt/your-ca.crt
+
+  ServerName YOUR_SERVER_FQDN
+  ServerSignature Off
+
+  ProxyPreserveHost On
+
+  # Ensure that encoded slashes are not decoded but left in their encoded 
state.
+  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
+  AllowEncodedSlashes NoDecode
+
+  <Location />
+    Order deny,allow
+    Allow from all
+
+    #Allow forwarding to gitlab-workhorse
+    ProxyPassReverse http://127.0.0.1:8181
+    ProxyPassReverse http://YOUR_SERVER_FQDN/
+  </Location>
+
+  # Apache equivalent of nginx try files
+  # 
http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
+  # 
http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
+  RewriteEngine on
+
+  #Don't escape encoded characters in api requests
+  RewriteCond %{REQUEST_URI} ^/api/v3/.*
+  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
+
+  #Forward all requests to gitlab-workhorse except existing files like error 
documents
+  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
+  RewriteCond %{REQUEST_URI} ^/uploads/.*
+  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
+
+  RequestHeader set X_FORWARDED_PROTO 'https'
+  RequestHeader set X-Forwarded-Ssl on
+
+  # needed for downloading attachments
+  DocumentRoot /usr/share/webapps/gitlab/public
+
+  #Set up apache error documents, if back end goes down (i.e. 503 error) then 
a maintenance/deploy page is thrown up.
+  ErrorDocument 404 /404.html
+  ErrorDocument 422 /422.html
+  ErrorDocument 500 /500.html
+  ErrorDocument 503 /deploy.html
+
+  # It is assumed that the log directory is in /var/log/httpd.
+  # For Debian distributions you might want to change this to
+  # /var/log/apache2.
+  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
+  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
+  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
+  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined 
env=!dontlog
+  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
+
+</VirtualHost>

Deleted: apache2.2.conf.example
===================================================================
--- apache2.2.conf.example      2017-08-06 17:05:49 UTC (rev 249059)
+++ apache2.2.conf.example      2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,63 +0,0 @@
-# This configuration has been tested on GitLab 8.2
-# Note this config assumes unicorn is listening on default port 8080 and
-# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to
-# listen on port 8181, edit or create /etc/default/gitlab and change or add 
the following:
-#
-# gitlab_workhorse_options="-listenUmask 0 -listenNetwork tcp -listenAddr 
127.0.0.1:8181 -authBackend http://127.0.0.1:8080";
-#
-#Module dependencies
-# mod_rewrite
-# mod_proxy
-# mod_proxy_http
-<VirtualHost *:80>
-  ServerName YOUR_SERVER_FQDN
-  ServerSignature Off
-
-  ProxyPreserveHost On
-
-  # Ensure that encoded slashes are not decoded but left in their encoded 
state.
-  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
-  AllowEncodedSlashes NoDecode
-
-  <Location />
-    Order deny,allow
-    Allow from all
-
-    #Allow forwarding to gitlab-workhorse
-    ProxyPassReverse http://127.0.0.1:8181
-    ProxyPassReverse http://YOUR_SERVER_FQDN/
-  </Location>
-
-  # Apache equivalent of nginx try files
-  # 
http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
-  # 
http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
-  RewriteEngine on
-
-  #Don't escape encoded characters in api requests
-  RewriteCond %{REQUEST_URI} ^/api/v3/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
-
-  #Forward all requests to gitlab-workhorse except existing files like error 
documents
-  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
-  RewriteCond %{REQUEST_URI} ^/uploads/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
-
-  # needed for downloading attachments
-  DocumentRoot /usr/share/webapps/gitlab/public
-
-  #Set up apache error documents, if back end goes down (i.e. 503 error) then 
a maintenance/deploy page is thrown up.
-  ErrorDocument 404 /404.html
-  ErrorDocument 422 /422.html
-  ErrorDocument 500 /500.html
-  ErrorDocument 503 /deploy.html
-
-  # It is assumed that the log directory is in /var/log/httpd.
-  # For Debian distributions you might want to change this to
-  # /var/log/apache2.
-  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
-  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined 
env=!dontlog
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
-
-</VirtualHost>

Copied: gitlab/repos/community-x86_64/apache2.2.conf.example (from rev 249059, 
gitlab/trunk/apache2.2.conf.example)
===================================================================
--- apache2.2.conf.example                              (rev 0)
+++ apache2.2.conf.example      2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,63 @@
+# This configuration has been tested on GitLab 8.2
+# Note this config assumes unicorn is listening on default port 8080 and
+# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to
+# listen on port 8181, edit or create /etc/default/gitlab and change or add 
the following:
+#
+# gitlab_workhorse_options="-listenUmask 0 -listenNetwork tcp -listenAddr 
127.0.0.1:8181 -authBackend http://127.0.0.1:8080";
+#
+#Module dependencies
+# mod_rewrite
+# mod_proxy
+# mod_proxy_http
+<VirtualHost *:80>
+  ServerName YOUR_SERVER_FQDN
+  ServerSignature Off
+
+  ProxyPreserveHost On
+
+  # Ensure that encoded slashes are not decoded but left in their encoded 
state.
+  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
+  AllowEncodedSlashes NoDecode
+
+  <Location />
+    Order deny,allow
+    Allow from all
+
+    #Allow forwarding to gitlab-workhorse
+    ProxyPassReverse http://127.0.0.1:8181
+    ProxyPassReverse http://YOUR_SERVER_FQDN/
+  </Location>
+
+  # Apache equivalent of nginx try files
+  # 
http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
+  # 
http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
+  RewriteEngine on
+
+  #Don't escape encoded characters in api requests
+  RewriteCond %{REQUEST_URI} ^/api/v3/.*
+  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
+
+  #Forward all requests to gitlab-workhorse except existing files like error 
documents
+  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
+  RewriteCond %{REQUEST_URI} ^/uploads/.*
+  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
+
+  # needed for downloading attachments
+  DocumentRoot /usr/share/webapps/gitlab/public
+
+  #Set up apache error documents, if back end goes down (i.e. 503 error) then 
a maintenance/deploy page is thrown up.
+  ErrorDocument 404 /404.html
+  ErrorDocument 422 /422.html
+  ErrorDocument 500 /500.html
+  ErrorDocument 503 /deploy.html
+
+  # It is assumed that the log directory is in /var/log/httpd.
+  # For Debian distributions you might want to change this to
+  # /var/log/apache2.
+  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
+  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
+  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
+  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined 
env=!dontlog
+  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
+
+</VirtualHost>

Deleted: gitlab-backup.service
===================================================================
--- gitlab-backup.service       2017-08-06 17:05:49 UTC (rev 249059)
+++ gitlab-backup.service       2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,19 +0,0 @@
-[Unit]
-Description=GitLab Backup process
-Requires=
-After=network.target
-
-[Service]
-Type=oneshot
-User=gitlab
-Group=gitlab
-SyslogIdentifier=gitlab-backup
-WorkingDirectory=<DATADIR>
-Environment=RAILS_ENV=production PATH=/opt/ruby/bin:/usr/bin
-CapabilityBoundingSet=
-PrivateTmp=true
-PrivateDevices=true
-ProtectSystem=full
-ProtectHome=true
-NoNewPrivileges=true
-ExecStart=/usr/bin/bundle-2.3 exec rake gitlab:backup:create

Copied: gitlab/repos/community-x86_64/gitlab-backup.service (from rev 249059, 
gitlab/trunk/gitlab-backup.service)
===================================================================
--- gitlab-backup.service                               (rev 0)
+++ gitlab-backup.service       2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,19 @@
+[Unit]
+Description=GitLab Backup process
+Requires=
+After=network.target
+
+[Service]
+Type=oneshot
+User=gitlab
+Group=gitlab
+SyslogIdentifier=gitlab-backup
+WorkingDirectory=<DATADIR>
+Environment=RAILS_ENV=production PATH=/opt/ruby/bin:/usr/bin
+CapabilityBoundingSet=
+PrivateTmp=true
+PrivateDevices=true
+ProtectSystem=full
+ProtectHome=true
+NoNewPrivileges=true
+ExecStart=/usr/bin/bundle-2.3 exec rake gitlab:backup:create

Deleted: gitlab-backup.timer
===================================================================
--- gitlab-backup.timer 2017-08-06 17:05:49 UTC (rev 249059)
+++ gitlab-backup.timer 2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,10 +0,0 @@
-[Unit]
-Description=Daily gitlab backup
-
-[Timer]
-OnCalendar=daily
-AccuracySec=12h
-Persistent=true
-
-[Install]
-WantedBy=multi-user.target

Copied: gitlab/repos/community-x86_64/gitlab-backup.timer (from rev 249059, 
gitlab/trunk/gitlab-backup.timer)
===================================================================
--- gitlab-backup.timer                         (rev 0)
+++ gitlab-backup.timer 2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,10 @@
+[Unit]
+Description=Daily gitlab backup
+
+[Timer]
+OnCalendar=daily
+AccuracySec=12h
+Persistent=true
+
+[Install]
+WantedBy=multi-user.target

Deleted: gitlab-mailroom.service
===================================================================
--- gitlab-mailroom.service     2017-08-06 17:05:49 UTC (rev 249059)
+++ gitlab-mailroom.service     2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,20 +0,0 @@
-[Unit]
-Description=Gitlab Mailroom Worker
-Requires=gitlab-unicorn.service
-Wants=gitlab-unicorn.service
-After=gitlab-unicorn.service
-
-[Service]
-User=gitlab
-Group=gitlab
-WorkingDirectory=<DATADIR>
-Environment=RAILS_ENV=production PATH=/opt/ruby/bin:/usr/bin
-SyslogIdentifier=gitlab-mailroom
-PIDFile=/run/gitlab/mailroom.pid
-ExecStart=/usr/bin/bundle-2.3 exec mail_room -q -c 
<DATADIR>/config/mail_room.yml
-ExecStop=/usr/bin/kill -QUIT $MAINPID
-Restart=on-failure
-RestartSec=1
-
-[Install]
-WantedBy=multi-user.target

Copied: gitlab/repos/community-x86_64/gitlab-mailroom.service (from rev 249059, 
gitlab/trunk/gitlab-mailroom.service)
===================================================================
--- gitlab-mailroom.service                             (rev 0)
+++ gitlab-mailroom.service     2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,20 @@
+[Unit]
+Description=Gitlab Mailroom Worker
+Requires=gitlab-unicorn.service
+Wants=gitlab-unicorn.service
+After=gitlab-unicorn.service
+
+[Service]
+User=gitlab
+Group=gitlab
+WorkingDirectory=<DATADIR>
+Environment=RAILS_ENV=production PATH=/opt/ruby/bin:/usr/bin
+SyslogIdentifier=gitlab-mailroom
+PIDFile=/run/gitlab/mailroom.pid
+ExecStart=/usr/bin/bundle-2.3 exec mail_room -q -c 
<DATADIR>/config/mail_room.yml
+ExecStop=/usr/bin/kill -QUIT $MAINPID
+Restart=on-failure
+RestartSec=1
+
+[Install]
+WantedBy=multi-user.target

Deleted: gitlab-sidekiq.service
===================================================================
--- gitlab-sidekiq.service      2017-08-06 17:05:49 UTC (rev 249059)
+++ gitlab-sidekiq.service      2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,29 +0,0 @@
-[Unit]
-Description=GitLab Sidekiq Worker
-Requires=redis.service gitlab-unicorn.service
-Wants=mysqld.service postgresql.service
-After=redis.service mysqld.service postgresql.service network.target 
gitlab-unicorn.service
-JoinsNamespaceOf=gitlab-unicorn.service
-
-[Service]
-User=gitlab
-Group=gitlab
-WorkingDirectory=<DATADIR>
-Environment=RAILS_ENV=production PATH=/opt/ruby/bin:/usr/bin
-SyslogIdentifier=gitlab-sidekiq
-PIDFile=/run/gitlab/sidekiq.pid
-CapabilityBoundingSet=
-PrivateTmp=true
-ProtectSystem=full
-ProtectHome=true
-# NoNewPrivileges breaks gitlabs' email delivery if you
-# use postfix' sendmail wrapper. If you use an SMTP server
-# instead you can safely enable this security feature.
-#NoNewPrivileges=true
-ExecStart=/usr/bin/bundle-2.3 exec sidekiq -C 
<DATADIR>/config/sidekiq_queues.yml -e production
-ExecStop=/usr/bin/bundle-2.3 exec sidekiqctl stop /run/gitlab/sidekiq.pid
-Restart=on-failure
-RestartSec=1
-
-[Install]
-WantedBy=multi-user.target

Copied: gitlab/repos/community-x86_64/gitlab-sidekiq.service (from rev 249059, 
gitlab/trunk/gitlab-sidekiq.service)
===================================================================
--- gitlab-sidekiq.service                              (rev 0)
+++ gitlab-sidekiq.service      2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,29 @@
+[Unit]
+Description=GitLab Sidekiq Worker
+Requires=redis.service gitlab-unicorn.service
+Wants=mysqld.service postgresql.service
+After=redis.service mysqld.service postgresql.service network.target 
gitlab-unicorn.service
+JoinsNamespaceOf=gitlab-unicorn.service
+
+[Service]
+User=gitlab
+Group=gitlab
+WorkingDirectory=<DATADIR>
+Environment=RAILS_ENV=production PATH=/opt/ruby/bin:/usr/bin
+SyslogIdentifier=gitlab-sidekiq
+PIDFile=/run/gitlab/sidekiq.pid
+CapabilityBoundingSet=
+PrivateTmp=true
+ProtectSystem=full
+ProtectHome=true
+# NoNewPrivileges breaks gitlabs' email delivery if you
+# use postfix' sendmail wrapper. If you use an SMTP server
+# instead you can safely enable this security feature.
+#NoNewPrivileges=true
+ExecStart=/usr/bin/bundle-2.3 exec sidekiq -C 
<DATADIR>/config/sidekiq_queues.yml -e production
+ExecStop=/usr/bin/bundle-2.3 exec sidekiqctl stop /run/gitlab/sidekiq.pid
+Restart=on-failure
+RestartSec=1
+
+[Install]
+WantedBy=multi-user.target

Deleted: gitlab-unicorn.service
===================================================================
--- gitlab-unicorn.service      2017-08-06 17:05:49 UTC (rev 249059)
+++ gitlab-unicorn.service      2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,29 +0,0 @@
-[Unit]
-Description=GitLab Unicorn Server
-Requires=redis.service
-Wants=mysqld.service postgresql.service
-After=redis.service mysqld.service postgresql.service network.target
-
-[Service]
-User=gitlab
-Group=gitlab
-WorkingDirectory=<DATADIR>
-Environment=RAILS_ENV=production PATH=/opt/ruby/bin:/usr/bin
-SyslogIdentifier=gitlab-unicorn
-PIDFile=/run/gitlab/unicorn.pid
-RuntimeDirectory=gitlab
-RuntimeDirectoryMode=775
-CapabilityBoundingSet=
-PrivateTmp=true
-PrivateDevices=true
-ProtectSystem=full
-ProtectHome=true
-NoNewPrivileges=true
-ExecStart=/usr/bin/bundle-2.3 exec unicorn_rails -c 
<DATADIR>/config/unicorn.rb -E production
-ExecStop=/usr/bin/kill -QUIT $MAINPID
-ExecReload=/usr/bin/kill -USR2 $MAINPID
-Restart=on-failure
-RestartSec=1
-
-[Install]
-WantedBy=multi-user.target

Copied: gitlab/repos/community-x86_64/gitlab-unicorn.service (from rev 249059, 
gitlab/trunk/gitlab-unicorn.service)
===================================================================
--- gitlab-unicorn.service                              (rev 0)
+++ gitlab-unicorn.service      2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,29 @@
+[Unit]
+Description=GitLab Unicorn Server
+Requires=redis.service
+Wants=mysqld.service postgresql.service
+After=redis.service mysqld.service postgresql.service network.target
+
+[Service]
+User=gitlab
+Group=gitlab
+WorkingDirectory=<DATADIR>
+Environment=RAILS_ENV=production PATH=/opt/ruby/bin:/usr/bin
+SyslogIdentifier=gitlab-unicorn
+PIDFile=/run/gitlab/unicorn.pid
+RuntimeDirectory=gitlab
+RuntimeDirectoryMode=775
+CapabilityBoundingSet=
+PrivateTmp=true
+PrivateDevices=true
+ProtectSystem=full
+ProtectHome=true
+NoNewPrivileges=true
+ExecStart=/usr/bin/bundle-2.3 exec unicorn_rails -c 
<DATADIR>/config/unicorn.rb -E production
+ExecStop=/usr/bin/kill -QUIT $MAINPID
+ExecReload=/usr/bin/kill -USR2 $MAINPID
+Restart=on-failure
+RestartSec=1
+
+[Install]
+WantedBy=multi-user.target

Deleted: gitlab.install
===================================================================
--- gitlab.install      2017-08-06 17:05:49 UTC (rev 249059)
+++ gitlab.install      2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,20 +0,0 @@
-post_install() {
-    echo "Configure your /etc/webapps/gitlab/gitlab.yml"
-    echo "Set up your redis to run on /var/run/redis/redis.sock or configure 
gitlab to use redis TCP"
-    echo "Put a secret bytestring to /etc/webapps/gitlab/secret"
-    echo "Copy /usr/share/doc/gitlab/secrets.yml.example to 
/etc/webapps/gitlab/secrets.yml and configure it"
-    echo "Copy a database example config from /usr/share/doc/gitlab/ to 
/etc/webapps/gitlab/database.yml and configure it"
-    echo "Setup the database:"
-    echo "# su - gitlab -s /bin/sh -c \"cd '/usr/share/webapps/gitlab'; 
bundle-2.3 exec rake gitlab:setup RAILS_ENV=production\""
-    echo "Finally run the following commands to check your installation:"
-    echo "# su - gitlab -s /bin/sh -c \"cd '/usr/share/webapps/gitlab'; 
bundle-2.3 exec rake gitlab:env:info RAILS_ENV=production\""
-    echo "# su - gitlab -s /bin/sh -c \"cd '/usr/share/webapps/gitlab'; 
bundle-2.3 exec rake gitlab:check RAILS_ENV=production\""
-}
-
-post_upgrade() {
-    echo "You should upgrade your database:"
-    echo "# su - gitlab -s /bin/sh -c \"cd '/usr/share/webapps/gitlab'; 
bundle-2.3 exec rake db:migrate RAILS_ENV=production\""
-    echo "Afterwards, restart gitlab-related services:"
-    echo "# systemctl daemon-reload"
-    echo "# systemctl restart gitlab-sidekiq gitlab-unicorn gitlab-workhorse 
gitlab-gitaly"
-}

Copied: gitlab/repos/community-x86_64/gitlab.install (from rev 249059, 
gitlab/trunk/gitlab.install)
===================================================================
--- gitlab.install                              (rev 0)
+++ gitlab.install      2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,20 @@
+post_install() {
+    echo "Configure your /etc/webapps/gitlab/gitlab.yml"
+    echo "Set up your redis to run on /var/run/redis/redis.sock or configure 
gitlab to use redis TCP"
+    echo "Put a secret bytestring to /etc/webapps/gitlab/secret"
+    echo "Copy /usr/share/doc/gitlab/secrets.yml.example to 
/etc/webapps/gitlab/secrets.yml and configure it"
+    echo "Copy a database example config from /usr/share/doc/gitlab/ to 
/etc/webapps/gitlab/database.yml and configure it"
+    echo "Setup the database:"
+    echo "# su - gitlab -s /bin/sh -c \"cd '/usr/share/webapps/gitlab'; 
bundle-2.3 exec rake gitlab:setup RAILS_ENV=production\""
+    echo "Finally run the following commands to check your installation:"
+    echo "# su - gitlab -s /bin/sh -c \"cd '/usr/share/webapps/gitlab'; 
bundle-2.3 exec rake gitlab:env:info RAILS_ENV=production\""
+    echo "# su - gitlab -s /bin/sh -c \"cd '/usr/share/webapps/gitlab'; 
bundle-2.3 exec rake gitlab:check RAILS_ENV=production\""
+}
+
+post_upgrade() {
+    echo "You should upgrade your database:"
+    echo "# su - gitlab -s /bin/sh -c \"cd '/usr/share/webapps/gitlab'; 
bundle-2.3 exec rake db:migrate RAILS_ENV=production\""
+    echo "Afterwards, restart gitlab-related services:"
+    echo "# systemctl daemon-reload"
+    echo "# systemctl restart gitlab-sidekiq gitlab-unicorn gitlab-workhorse 
gitlab-gitaly"
+}

Deleted: gitlab.logrotate
===================================================================
--- gitlab.logrotate    2017-08-06 17:05:49 UTC (rev 249059)
+++ gitlab.logrotate    2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,11 +0,0 @@
-# GitLab logrotate settings
-# based on: http://stackoverflow.com/a/4883967
-
-<LOGDIR>/*.log {
-       daily
-       missingok
-       rotate 90
-       compress
-       notifempty
-       copytruncate
-}

Copied: gitlab/repos/community-x86_64/gitlab.logrotate (from rev 249059, 
gitlab/trunk/gitlab.logrotate)
===================================================================
--- gitlab.logrotate                            (rev 0)
+++ gitlab.logrotate    2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,11 @@
+# GitLab logrotate settings
+# based on: http://stackoverflow.com/a/4883967
+
+<LOGDIR>/*.log {
+       daily
+       missingok
+       rotate 90
+       compress
+       notifempty
+       copytruncate
+}

Deleted: gitlab.target
===================================================================
--- gitlab.target       2017-08-06 17:05:49 UTC (rev 249059)
+++ gitlab.target       2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,14 +0,0 @@
-###########################################################################################
-#
-# GitLab version    : 5.x - 7.x
-# Contributors      : davispuh, mtorromeo, axilleas, boeserwolf91
-# Downloaded from   : 
https://github.com/gitlabhq/gitlab-recipes/tree/master/init/systemd 
-#
-###########################################################################################
-
-[Unit]
-Description=GitLab - Self Hosted Git Management
-Wants=gitlab-unicorn.service gitlab-sidekiq.service gitlab-backup.timer
-
-[Install]
-WantedBy=multi-user.target

Copied: gitlab/repos/community-x86_64/gitlab.target (from rev 249059, 
gitlab/trunk/gitlab.target)
===================================================================
--- gitlab.target                               (rev 0)
+++ gitlab.target       2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,14 @@
+###########################################################################################
+#
+# GitLab version    : 5.x - 7.x
+# Contributors      : davispuh, mtorromeo, axilleas, boeserwolf91
+# Downloaded from   : 
https://github.com/gitlabhq/gitlab-recipes/tree/master/init/systemd 
+#
+###########################################################################################
+
+[Unit]
+Description=GitLab - Self Hosted Git Management
+Wants=gitlab-unicorn.service gitlab-sidekiq.service gitlab-backup.timer
+
+[Install]
+WantedBy=multi-user.target

Deleted: gitlab.tmpfiles.d
===================================================================
--- gitlab.tmpfiles.d   2017-08-06 17:05:49 UTC (rev 249059)
+++ gitlab.tmpfiles.d   2017-08-06 17:05:58 UTC (rev 249060)
@@ -1 +0,0 @@
-d /run/gitlab 0775 gitlab gitlab - -

Copied: gitlab/repos/community-x86_64/gitlab.tmpfiles.d (from rev 249059, 
gitlab/trunk/gitlab.tmpfiles.d)
===================================================================
--- gitlab.tmpfiles.d                           (rev 0)
+++ gitlab.tmpfiles.d   2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1 @@
+d /run/gitlab 0775 gitlab gitlab - -

Deleted: lighttpd.conf.example
===================================================================
--- lighttpd.conf.example       2017-08-06 17:05:49 UTC (rev 249059)
+++ lighttpd.conf.example       2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,35 +0,0 @@
-# GITLAB
-# Maintainer: @tvn87
-# App Version: 2.8
-
-server.modules += ( 
-  "mod_simple_vhost",
-  "mod_proxy"
-)
-
-## The document root of a virtual host is document-root =
-##   simple-vhost.server-root + $HTTP["host"] + simple-vhost.document-root
-simple-vhost.server-root = "/var/www"
-simple-vhost.document-root = "htdocs"
-
-## the default host if no host is sent
-simple-vhost.default-host = "YOUR_SERVER_FQDN"
-
-## uploads must be served as static files
-$HTTP["url"] == "^/upload" {
-  var.vhost.name = "YOUR_SERVER_FQDN"
-  var.vhost.path = "/usr/share/webapps/gitlab/public"
-}
-## otherwise everything is proxied
-else $HTTP["host"] == "YOUR_SERVER_FQDN" {
-  var.vhost_name = "YOUR_SERVER_FQDN"
-  var.vhost_path = "/var/www/YOUR_SERVER_FQDN" # This directory should be empty
-
-  proxy.server = ( "" => ( (      
-                 "host" => "127.0.0.1",
-                 "port" => "8080"
-         ),
-       )
-  )
-  ssl.pemfile = "/etc/lighttpd/certs/YOUR_SERVER_FQDN.pem" # If ssl is enabled
-}

Copied: gitlab/repos/community-x86_64/lighttpd.conf.example (from rev 249059, 
gitlab/trunk/lighttpd.conf.example)
===================================================================
--- lighttpd.conf.example                               (rev 0)
+++ lighttpd.conf.example       2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,35 @@
+# GITLAB
+# Maintainer: @tvn87
+# App Version: 2.8
+
+server.modules += ( 
+  "mod_simple_vhost",
+  "mod_proxy"
+)
+
+## The document root of a virtual host is document-root =
+##   simple-vhost.server-root + $HTTP["host"] + simple-vhost.document-root
+simple-vhost.server-root = "/var/www"
+simple-vhost.document-root = "htdocs"
+
+## the default host if no host is sent
+simple-vhost.default-host = "YOUR_SERVER_FQDN"
+
+## uploads must be served as static files
+$HTTP["url"] == "^/upload" {
+  var.vhost.name = "YOUR_SERVER_FQDN"
+  var.vhost.path = "/usr/share/webapps/gitlab/public"
+}
+## otherwise everything is proxied
+else $HTTP["host"] == "YOUR_SERVER_FQDN" {
+  var.vhost_name = "YOUR_SERVER_FQDN"
+  var.vhost_path = "/var/www/YOUR_SERVER_FQDN" # This directory should be empty
+
+  proxy.server = ( "" => ( (      
+                 "host" => "127.0.0.1",
+                 "port" => "8080"
+         ),
+       )
+  )
+  ssl.pemfile = "/etc/lighttpd/certs/YOUR_SERVER_FQDN.pem" # If ssl is enabled
+}

Deleted: nginx-ssl.conf.example
===================================================================
--- nginx-ssl.conf.example      2017-08-06 17:05:49 UTC (rev 249059)
+++ nginx-ssl.conf.example      2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,112 +0,0 @@
-## GitLab
-##
-## Modified from nginx http version
-## Modified from 
http://blog.phusion.nl/2012/04/21/tutorial-setting-up-gitlab-on-debian-6/
-## Modified from 
https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
-##
-## Lines starting with two hashes (##) are comments with information.
-## Lines starting with one hash (#) are configuration parameters that can be 
uncommented.
-##
-##################################
-##        CONTRIBUTING          ##
-##################################
-##
-## If you change this file in a Merge Request, please also create
-## a Merge Request on 
https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
-##
-###################################
-##         configuration         ##
-###################################
-##
-## See installation.md#using-https for additional HTTPS configuration details.
-
-upstream gitlab-workhorse {
-  server unix:/run/gitlab/gitlab-workhorse.socket fail_timeout=0;
-}
-
-## Redirects all HTTP traffic to the HTTPS host
-server {
-  ## Either remove "default_server" from the listen line below,
-  ## or delete the /etc/nginx/sites-enabled/default file. This will cause 
gitlab
-  ## to be served if you visit any address that your server responds to, eg.
-  ## the ip address of the server (http://x.x.x.x/)
-  listen 0.0.0.0:80;
-  listen [::]:80 ipv6only=on default_server;
-  server_name YOUR_SERVER_FQDN; ## Replace this with something like 
gitlab.example.com
-  server_tokens off; ## Don't show the nginx version number, a security best 
practice
-  return 301 https://$http_host$request_uri;
-  access_log  /var/log/nginx/gitlab_access.log;
-  error_log   /var/log/nginx/gitlab_error.log;
-}
-
-## HTTPS host
-server {
-  listen 0.0.0.0:443 ssl;
-  listen [::]:443 ipv6only=on ssl default_server;
-  server_name YOUR_SERVER_FQDN; ## Replace this with something like 
gitlab.example.com
-  server_tokens off; ## Don't show the nginx version number, a security best 
practice
-
-  ## Strong SSL Security
-  ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & 
https://cipherli.st/
-  ssl on;
-  ssl_certificate /etc/nginx/ssl/gitlab.crt;
-  ssl_certificate_key /etc/nginx/ssl/gitlab.key;
-
-  # GitLab needs backwards compatible ciphers to retain compatibility with 
Java IDEs
-  ssl_ciphers 
"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
-  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-  ssl_prefer_server_ciphers on;
-  ssl_session_cache shared:SSL:10m;
-  ssl_session_timeout 5m;
-
-  ## See app/controllers/application_controller.rb for headers set
-
-  ## [Optional] If your certficate has OCSP, enable OCSP stapling to reduce 
the overhead and latency of running SSL.
-  ## Replace with your ssl_trusted_certificate. For more info see:
-  ## - https://medium.com/devops-programming/4445f4862461
-  ## - https://www.ruby-forum.com/topic/4419319
-  ## - 
https://www.digitalocean.com/community/tutorials/how-to-configure-ocsp-stapling-on-apache-and-nginx
-  # ssl_stapling on;
-  # ssl_stapling_verify on;
-  # ssl_trusted_certificate /etc/nginx/ssl/stapling.trusted.crt;
-  # resolver 208.67.222.222 208.67.222.220 valid=300s; # Can change to your 
DNS resolver if desired
-  # resolver_timeout 5s;
-
-  ## [Optional] Generate a stronger DHE parameter:
-  ##   sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096
-  ##
-  # ssl_dhparam /etc/ssl/certs/dhparam.pem;
-
-  ## Individual nginx logs for this GitLab vhost
-  access_log  /var/log/nginx/gitlab_access.log;
-  error_log   /var/log/nginx/gitlab_error.log;
-
-  location / {
-    client_max_body_size 0;
-    gzip off;
-
-    ## https://github.com/gitlabhq/gitlabhq/issues/694
-    ## Some requests take more than 30 seconds.
-    proxy_read_timeout      300;
-    proxy_connect_timeout   300;
-    proxy_redirect          off;
-
-    proxy_http_version 1.1;
-
-    proxy_set_header    Host                $http_host;
-    proxy_set_header    X-Real-IP           $remote_addr;
-    proxy_set_header    X-Forwarded-Ssl     on;
-    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
-    proxy_set_header    X-Forwarded-Proto   $scheme;
-    proxy_pass http://gitlab-workhorse;
-  }
-
-  error_page 404 /404.html;
-  error_page 422 /422.html;
-  error_page 500 /500.html;
-  error_page 502 /502.html;
-  location ~ ^/(404|422|500|502)\.html$ {
-    root /usr/share/webapps/gitlab/public;
-    internal;
-  }
-}

Copied: gitlab/repos/community-x86_64/nginx-ssl.conf.example (from rev 249059, 
gitlab/trunk/nginx-ssl.conf.example)
===================================================================
--- nginx-ssl.conf.example                              (rev 0)
+++ nginx-ssl.conf.example      2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,112 @@
+## GitLab
+##
+## Modified from nginx http version
+## Modified from 
http://blog.phusion.nl/2012/04/21/tutorial-setting-up-gitlab-on-debian-6/
+## Modified from 
https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
+##
+## Lines starting with two hashes (##) are comments with information.
+## Lines starting with one hash (#) are configuration parameters that can be 
uncommented.
+##
+##################################
+##        CONTRIBUTING          ##
+##################################
+##
+## If you change this file in a Merge Request, please also create
+## a Merge Request on 
https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
+##
+###################################
+##         configuration         ##
+###################################
+##
+## See installation.md#using-https for additional HTTPS configuration details.
+
+upstream gitlab-workhorse {
+  server unix:/run/gitlab/gitlab-workhorse.socket fail_timeout=0;
+}
+
+## Redirects all HTTP traffic to the HTTPS host
+server {
+  ## Either remove "default_server" from the listen line below,
+  ## or delete the /etc/nginx/sites-enabled/default file. This will cause 
gitlab
+  ## to be served if you visit any address that your server responds to, eg.
+  ## the ip address of the server (http://x.x.x.x/)
+  listen 0.0.0.0:80;
+  listen [::]:80 ipv6only=on default_server;
+  server_name YOUR_SERVER_FQDN; ## Replace this with something like 
gitlab.example.com
+  server_tokens off; ## Don't show the nginx version number, a security best 
practice
+  return 301 https://$http_host$request_uri;
+  access_log  /var/log/nginx/gitlab_access.log;
+  error_log   /var/log/nginx/gitlab_error.log;
+}
+
+## HTTPS host
+server {
+  listen 0.0.0.0:443 ssl;
+  listen [::]:443 ipv6only=on ssl default_server;
+  server_name YOUR_SERVER_FQDN; ## Replace this with something like 
gitlab.example.com
+  server_tokens off; ## Don't show the nginx version number, a security best 
practice
+
+  ## Strong SSL Security
+  ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & 
https://cipherli.st/
+  ssl on;
+  ssl_certificate /etc/nginx/ssl/gitlab.crt;
+  ssl_certificate_key /etc/nginx/ssl/gitlab.key;
+
+  # GitLab needs backwards compatible ciphers to retain compatibility with 
Java IDEs
+  ssl_ciphers 
"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+  ssl_prefer_server_ciphers on;
+  ssl_session_cache shared:SSL:10m;
+  ssl_session_timeout 5m;
+
+  ## See app/controllers/application_controller.rb for headers set
+
+  ## [Optional] If your certficate has OCSP, enable OCSP stapling to reduce 
the overhead and latency of running SSL.
+  ## Replace with your ssl_trusted_certificate. For more info see:
+  ## - https://medium.com/devops-programming/4445f4862461
+  ## - https://www.ruby-forum.com/topic/4419319
+  ## - 
https://www.digitalocean.com/community/tutorials/how-to-configure-ocsp-stapling-on-apache-and-nginx
+  # ssl_stapling on;
+  # ssl_stapling_verify on;
+  # ssl_trusted_certificate /etc/nginx/ssl/stapling.trusted.crt;
+  # resolver 208.67.222.222 208.67.222.220 valid=300s; # Can change to your 
DNS resolver if desired
+  # resolver_timeout 5s;
+
+  ## [Optional] Generate a stronger DHE parameter:
+  ##   sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096
+  ##
+  # ssl_dhparam /etc/ssl/certs/dhparam.pem;
+
+  ## Individual nginx logs for this GitLab vhost
+  access_log  /var/log/nginx/gitlab_access.log;
+  error_log   /var/log/nginx/gitlab_error.log;
+
+  location / {
+    client_max_body_size 0;
+    gzip off;
+
+    ## https://github.com/gitlabhq/gitlabhq/issues/694
+    ## Some requests take more than 30 seconds.
+    proxy_read_timeout      300;
+    proxy_connect_timeout   300;
+    proxy_redirect          off;
+
+    proxy_http_version 1.1;
+
+    proxy_set_header    Host                $http_host;
+    proxy_set_header    X-Real-IP           $remote_addr;
+    proxy_set_header    X-Forwarded-Ssl     on;
+    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
+    proxy_set_header    X-Forwarded-Proto   $scheme;
+    proxy_pass http://gitlab-workhorse;
+  }
+
+  error_page 404 /404.html;
+  error_page 422 /422.html;
+  error_page 500 /500.html;
+  error_page 502 /502.html;
+  location ~ ^/(404|422|500|502)\.html$ {
+    root /usr/share/webapps/gitlab/public;
+    internal;
+  }
+}

Deleted: nginx.conf.example
===================================================================
--- nginx.conf.example  2017-08-06 17:05:49 UTC (rev 249059)
+++ nginx.conf.example  2017-08-06 17:05:58 UTC (rev 249060)
@@ -1,69 +0,0 @@
-## GitLab
-##
-## Lines starting with two hashes (##) are comments with information.
-## Lines starting with one hash (#) are configuration parameters that can be 
uncommented.
-##
-##################################
-##        CONTRIBUTING          ##
-##################################
-##
-## If you change this file in a Merge Request, please also create
-## a Merge Request on 
https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
-##
-###################################
-##         configuration         ##
-###################################
-##
-## See installation.md#using-https for additional HTTPS configuration details.
-
-upstream gitlab-workhorse {
-  server unix:/run/gitlab/gitlab-workhorse.socket fail_timeout=0;
-}
-
-## Normal HTTP host
-server {
-  ## Either remove "default_server" from the listen line below,
-  ## or delete the /etc/nginx/sites-enabled/default file. This will cause 
gitlab
-  ## to be served if you visit any address that your server responds to, eg.
-  ## the ip address of the server (http://x.x.x.x/)n 0.0.0.0:80 default_server;
-  listen 0.0.0.0:80 default_server;
-  listen [::]:80 default_server;
-  server_name YOUR_SERVER_FQDN; ## Replace this with something like 
gitlab.example.com
-  server_tokens off; ## Don't show the nginx version number, a security best 
practice
-
-  ## See app/controllers/application_controller.rb for headers set
-
-  ## Individual nginx logs for this GitLab vhost
-  access_log  /var/log/nginx/gitlab_access.log;
-  error_log   /var/log/nginx/gitlab_error.log;
-
-  location / {
-    client_max_body_size 0;
-    gzip off;
-
-    ## https://github.com/gitlabhq/gitlabhq/issues/694
-    ## Some requests take more than 30 seconds.
-    proxy_read_timeout      300;
-    proxy_connect_timeout   300;
-    proxy_redirect          off;
-
-    proxy_http_version 1.1;
-
-    proxy_set_header    Host                $http_host;
-    proxy_set_header    X-Real-IP           $remote_addr;
-    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
-    proxy_set_header    X-Forwarded-Proto   $scheme;
-
-    proxy_pass http://gitlab-workhorse;
-  }
-
-  error_page 404 /404.html;
-  error_page 422 /422.html;
-  error_page 500 /500.html;
-  error_page 502 /502.html;
-  location ~ ^/(404|422|500|502)\.html$ {
-    root /usr/share/webapps/gitlab/public;
-    internal;
-  }
-
-}

Copied: gitlab/repos/community-x86_64/nginx.conf.example (from rev 249059, 
gitlab/trunk/nginx.conf.example)
===================================================================
--- nginx.conf.example                          (rev 0)
+++ nginx.conf.example  2017-08-06 17:05:58 UTC (rev 249060)
@@ -0,0 +1,69 @@
+## GitLab
+##
+## Lines starting with two hashes (##) are comments with information.
+## Lines starting with one hash (#) are configuration parameters that can be 
uncommented.
+##
+##################################
+##        CONTRIBUTING          ##
+##################################
+##
+## If you change this file in a Merge Request, please also create
+## a Merge Request on 
https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
+##
+###################################
+##         configuration         ##
+###################################
+##
+## See installation.md#using-https for additional HTTPS configuration details.
+
+upstream gitlab-workhorse {
+  server unix:/run/gitlab/gitlab-workhorse.socket fail_timeout=0;
+}
+
+## Normal HTTP host
+server {
+  ## Either remove "default_server" from the listen line below,
+  ## or delete the /etc/nginx/sites-enabled/default file. This will cause 
gitlab
+  ## to be served if you visit any address that your server responds to, eg.
+  ## the ip address of the server (http://x.x.x.x/)n 0.0.0.0:80 default_server;
+  listen 0.0.0.0:80 default_server;
+  listen [::]:80 default_server;
+  server_name YOUR_SERVER_FQDN; ## Replace this with something like 
gitlab.example.com
+  server_tokens off; ## Don't show the nginx version number, a security best 
practice
+
+  ## See app/controllers/application_controller.rb for headers set
+
+  ## Individual nginx logs for this GitLab vhost
+  access_log  /var/log/nginx/gitlab_access.log;
+  error_log   /var/log/nginx/gitlab_error.log;
+
+  location / {
+    client_max_body_size 0;
+    gzip off;
+
+    ## https://github.com/gitlabhq/gitlabhq/issues/694
+    ## Some requests take more than 30 seconds.
+    proxy_read_timeout      300;
+    proxy_connect_timeout   300;
+    proxy_redirect          off;
+
+    proxy_http_version 1.1;
+
+    proxy_set_header    Host                $http_host;
+    proxy_set_header    X-Real-IP           $remote_addr;
+    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
+    proxy_set_header    X-Forwarded-Proto   $scheme;
+
+    proxy_pass http://gitlab-workhorse;
+  }
+
+  error_page 404 /404.html;
+  error_page 422 /422.html;
+  error_page 500 /500.html;
+  error_page 502 /502.html;
+  location ~ ^/(404|422|500|502)\.html$ {
+    root /usr/share/webapps/gitlab/public;
+    internal;
+  }
+
+}

Reply via email to