Configure gitlab-shell

Jacob Vosmaer
1 parent 9ff3b444
Showing 3 changed files with 80 additions and 0 deletions Show diff stats
files/gitlab-cookbooks/gitlab/attributes/default.rb
files/gitlab-cookbooks/gitlab/recipes/gitlab-shell.rb
files/gitlab-cookbooks/gitlab/templates/default/gitlab-shell-config.yml.erb
@@ -27,6 +27,11 @@ default[&#39;gitlab&#39;][&#39;user&#39;][&#39;shell&#39;] = &quot;/bin/sh&quot;
 # The home directory for the chef services user
 default['gitlab']['user']['home'] = "/var/opt/gitlab"
+default['gitlab']['gitlab-core']['repositories_path'] = "/var/opt/gitlab/repositories"
+default['gitlab']['gitlab-core']['internal_api_url'] = "http://localhost:8080"
+
+default['gitlab']['gitlab-shell']['log_directory'] = "/var/log/gitlab/gitlab-shell/"
+
 ###
 # PostgreSQL
@@ -0,0 +1,34 @@
+git_user = node['gitlab']['user']['username']
+gitlab_shell_dir = "/opt/gitlab/embedded/service/gitlab-shell"
+repositories_path = node['gitlab']['gitlab-core']['repositories_path']
+ssh_dir = File.join(node['gitlab']['user']['home'], ".ssh")
+
+# Create directories because the git_user does not own its home directory
+directory repositories_path do
+  owner git_user
+end
+
+directory ssh_dir do
+  owner git_user
+  mode "0700"
+end
+
+template File.join(gitlab_shell_dir, "config.yml") do
+  source "gitlab-shell-config.yml.erb"
+  owner git_user
+  variables(
+    :user => git_user,
+    :api_url => node['gitlab']['gitlab-core']['internal_api_url'],
+    :repositories_path => repositories_path,
+    :ssh_dir => ssh_dir,
+    :redis_port => node['gitlab']['redis']['port'],
+    :log_directory => node['gitlab']['gitlab-shell']['log_directory']
+  )
+  notifies :run, "execute[bin/install]"
+end
+
+execute "bin/install" do
+  cwd gitlab_shell_dir
+  user git_user
+  action :nothing
+end
@@ -0,0 +1,41 @@
+# GitLab user. git by default
+user: <%= @user %>
+
+# Url to gitlab instance. Used for api calls. Should end with a slash.
+gitlab_url: "<%= @api_url %>"
+
+http_settings:
+#  user: someone
+#  password: somepass
+#  ca_file: /etc/ssl/cert.pem
+#  ca_path: /etc/pki/tls/certs
+  self_signed_cert: false
+
+# Repositories path
+# Give the canonicalized absolute pathname,
+# REPOS_PATH MUST NOT CONTAIN ANY SYMLINK!!!
+# Check twice that none of the components is a symlink, including "/home".
+repos_path: "<%= @repositories_path %>"
+
+# File used as authorized_keys for gitlab user
+auth_file: "<%= @ssh_dir %>/authorized_keys"
+
+# Redis settings used for pushing commit notices to gitlab
+redis:
+  bin: /opt/gitlab/embedded/bin/redis-cli
+  host: 127.0.0.1
+  port: <%= @redis_port %>
+  # socket: /tmp/redis.socket # Only define this if you want to use sockets
+  namespace: resque:gitlab
+
+# Log file.
+# Default is gitlab-shell.log in the root directory.
+log_file: "<%= @log_directory %>/gitlab-shell.log"
+
+# Log level. INFO by default
+log_level: INFO
+
+# Audit usernames.
+# Set to true to see real usernames in the logs instead of key ids, which is easier to follow, but
+# incurs an extra API call on every gitlab-shell command.
+audit_usernames: false
@@ -0,0 +1,34 @@		@@ -0,0 +1,34 @@
	1	+git_user = node['gitlab']['user']['username']
	2	+gitlab_shell_dir = "/opt/gitlab/embedded/service/gitlab-shell"
	3	+repositories_path = node['gitlab']['gitlab-core']['repositories_path']
	4	+ssh_dir = File.join(node['gitlab']['user']['home'], ".ssh")
	5	+
	6	+# Create directories because the git_user does not own its home directory
	7	+directory repositories_path do
	8	+ owner git_user
	9	+end
	10	+
	11	+directory ssh_dir do
	12	+ owner git_user
	13	+ mode "0700"
	14	+end
	15	+
	16	+template File.join(gitlab_shell_dir, "config.yml") do
	17	+ source "gitlab-shell-config.yml.erb"
	18	+ owner git_user
	19	+ variables(
	20	+ :user => git_user,
	21	+ :api_url => node['gitlab']['gitlab-core']['internal_api_url'],
	22	+ :repositories_path => repositories_path,
	23	+ :ssh_dir => ssh_dir,
	24	+ :redis_port => node['gitlab']['redis']['port'],
	25	+ :log_directory => node['gitlab']['gitlab-shell']['log_directory']
	26	+ )
	27	+ notifies :run, "execute[bin/install]"
	28	+end
	29	+
	30	+execute "bin/install" do
	31	+ cwd gitlab_shell_dir
	32	+ user git_user
	33	+ action :nothing
	34	+end
@@ -0,0 +1,41 @@		@@ -0,0 +1,41 @@
	1	+# GitLab user. git by default
	2	+user: <%= @user %>
	3	+
	4	+# Url to gitlab instance. Used for api calls. Should end with a slash.
	5	+gitlab_url: "<%= @api_url %>"
	6	+
	7	+http_settings:
	8	+# user: someone
	9	+# password: somepass
	10	+# ca_file: /etc/ssl/cert.pem
	11	+# ca_path: /etc/pki/tls/certs
	12	+ self_signed_cert: false
	13	+
	14	+# Repositories path
	15	+# Give the canonicalized absolute pathname,
	16	+# REPOS_PATH MUST NOT CONTAIN ANY SYMLINK!!!
	17	+# Check twice that none of the components is a symlink, including "/home".
	18	+repos_path: "<%= @repositories_path %>"
	19	+
	20	+# File used as authorized_keys for gitlab user
	21	+auth_file: "<%= @ssh_dir %>/authorized_keys"
	22	+
	23	+# Redis settings used for pushing commit notices to gitlab
	24	+redis:
	25	+ bin: /opt/gitlab/embedded/bin/redis-cli
	26	+ host: 127.0.0.1
	27	+ port: <%= @redis_port %>
	28	+ # socket: /tmp/redis.socket # Only define this if you want to use sockets
	29	+ namespace: resque:gitlab
	30	+
	31	+# Log file.
	32	+# Default is gitlab-shell.log in the root directory.
	33	+log_file: "<%= @log_directory %>/gitlab-shell.log"
	34	+
	35	+# Log level. INFO by default
	36	+log_level: INFO
	37	+
	38	+# Audit usernames.
	39	+# Set to true to see real usernames in the logs instead of key ids, which is easier to follow, but
	40	+# incurs an extra API call on every gitlab-shell command.
	41	+audit_usernames: false