diff --git a/files/gitlab-cookbooks/gitlab/attributes/default.rb b/files/gitlab-cookbooks/gitlab/attributes/default.rb index 0de8d43..b7ae760 100644 --- a/files/gitlab-cookbooks/gitlab/attributes/default.rb +++ b/files/gitlab-cookbooks/gitlab/attributes/default.rb @@ -27,6 +27,11 @@ default['gitlab']['user']['shell'] = "/bin/sh" # The home directory for the chef services user default['gitlab']['user']['home'] = "/var/opt/gitlab" +default['gitlab']['gitlab-core']['repositories_path'] = "/var/opt/gitlab/repositories" +default['gitlab']['gitlab-core']['internal_api_url'] = "http://localhost:8080" + +default['gitlab']['gitlab-shell']['log_directory'] = "/var/log/gitlab/gitlab-shell/" + ### # PostgreSQL diff --git a/files/gitlab-cookbooks/gitlab/recipes/gitlab-shell.rb b/files/gitlab-cookbooks/gitlab/recipes/gitlab-shell.rb new file mode 100644 index 0000000..f18e678 --- /dev/null +++ b/files/gitlab-cookbooks/gitlab/recipes/gitlab-shell.rb @@ -0,0 +1,34 @@ +git_user = node['gitlab']['user']['username'] +gitlab_shell_dir = "/opt/gitlab/embedded/service/gitlab-shell" +repositories_path = node['gitlab']['gitlab-core']['repositories_path'] +ssh_dir = File.join(node['gitlab']['user']['home'], ".ssh") + +# Create directories because the git_user does not own its home directory +directory repositories_path do + owner git_user +end + +directory ssh_dir do + owner git_user + mode "0700" +end + +template File.join(gitlab_shell_dir, "config.yml") do + source "gitlab-shell-config.yml.erb" + owner git_user + variables( + :user => git_user, + :api_url => node['gitlab']['gitlab-core']['internal_api_url'], + :repositories_path => repositories_path, + :ssh_dir => ssh_dir, + :redis_port => node['gitlab']['redis']['port'], + :log_directory => node['gitlab']['gitlab-shell']['log_directory'] + ) + notifies :run, "execute[bin/install]" +end + +execute "bin/install" do + cwd gitlab_shell_dir + user git_user + action :nothing +end diff --git a/files/gitlab-cookbooks/gitlab/templates/default/gitlab-shell-config.yml.erb b/files/gitlab-cookbooks/gitlab/templates/default/gitlab-shell-config.yml.erb new file mode 100644 index 0000000..61432ac --- /dev/null +++ b/files/gitlab-cookbooks/gitlab/templates/default/gitlab-shell-config.yml.erb @@ -0,0 +1,41 @@ +# GitLab user. git by default +user: <%= @user %> + +# Url to gitlab instance. Used for api calls. Should end with a slash. +gitlab_url: "<%= @api_url %>" + +http_settings: +# user: someone +# password: somepass +# ca_file: /etc/ssl/cert.pem +# ca_path: /etc/pki/tls/certs + self_signed_cert: false + +# Repositories path +# Give the canonicalized absolute pathname, +# REPOS_PATH MUST NOT CONTAIN ANY SYMLINK!!! +# Check twice that none of the components is a symlink, including "/home". +repos_path: "<%= @repositories_path %>" + +# File used as authorized_keys for gitlab user +auth_file: "<%= @ssh_dir %>/authorized_keys" + +# Redis settings used for pushing commit notices to gitlab +redis: + bin: /opt/gitlab/embedded/bin/redis-cli + host: 127.0.0.1 + port: <%= @redis_port %> + # socket: /tmp/redis.socket # Only define this if you want to use sockets + namespace: resque:gitlab + +# Log file. +# Default is gitlab-shell.log in the root directory. +log_file: "<%= @log_directory %>/gitlab-shell.log" + +# Log level. INFO by default +log_level: INFO + +# Audit usernames. +# Set to true to see real usernames in the logs instead of key ids, which is easier to follow, but +# incurs an extra API call on every gitlab-shell command. +audit_usernames: false -- libgit2 0.21.2