# From 6.1 to 6.2 ## Notice Security vulnerabilities CVE-2013-4490 and CVE-2013-4489 have been patched in the latest version of GitLab 6.2. # You should update to 6.1 before installing 6.2 so all the necessary conversions are run. ### 0. Backup It's useful to make a backup just in case things go south: (With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version) ```bash cd /home/git/gitlab sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production ``` ### 1. Stop server sudo service gitlab stop ### 2. Get latest code ```bash cd /home/git/gitlab sudo -u git -H git fetch sudo -u git -H git checkout 6-2-stable # Latest version of 6-2-stable addresses CVE-2013-4489 ``` ### 3. Update gitlab-shell ```bash cd /home/git/gitlab-shell sudo -u git -H git fetch sudo -u git -H git checkout v1.7.8 # Addresses multiple critical security vulnerabilities ``` ### 4. Install additional packages ```bash # Add support for lograte for better log file handling sudo apt-get install logrotate ``` ### 5. Install libs, migrations, etc. ```bash cd /home/git/gitlab # MySQL sudo -u git -H bundle install --without development test postgres --deployment #PostgreSQL sudo -u git -H bundle install --without development test mysql --deployment sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production sudo -u git -H bundle exec rake assets:clean RAILS_ENV=production sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production sudo -u git -H bundle exec rake cache:clear RAILS_ENV=production ``` ### 6. Update config files TIP: to see what changed in gitlab.yml.example in this release use next command: ``` git diff 6-1-stable:config/gitlab.yml.example 6-2-stable:config/gitlab.yml.example ``` * Make `/home/git/gitlab/config/gitlab.yml` same as https://github.com/gitlabhq/gitlabhq/blob/6-2-stable/config/gitlab.yml.example but with your settings. * Make `/home/git/gitlab/config/unicorn.rb` same as https://github.com/gitlabhq/gitlabhq/blob/6-2-stable/config/unicorn.rb.example but with your settings. * Copy rack attack middleware config ```bash sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb ``` * Uncomment `config.middleware.use Rack::Attack` in `/home/git/gitlab/config/application.rb` * Set up logrotate ```bash sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab ``` ### 7. Update Init script ```bash sudo rm /etc/init.d/gitlab sudo curl --output /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlabhq/6-2-stable/lib/support/init.d/gitlab sudo chmod +x /etc/init.d/gitlab ``` ### 8. Start application sudo service gitlab start sudo service nginx restart ### 9. Check application status Check if GitLab and its environment are configured correctly: sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production To make sure you didn't miss anything run a more thorough check with: sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production If all items are green, then congratulations upgrade complete! ## Things went south? Revert to previous version (6.1) ### 1. Revert the code to the previous version Follow the [`upgrade guide from 6.0 to 6.1`](6.0-to-6.1.md), except for the database migration (The backup is already migrated to the previous version) ### 2. Restore from the backup: ```bash cd /home/git/gitlab sudo -u git -H bundle exec rake gitlab:backup:restore RAILS_ENV=production ```