diff --git a/files/gitlab-cookbooks/gitlab/attributes/default.rb b/files/gitlab-cookbooks/gitlab/attributes/default.rb index 08d4ba4..db9e53c 100644 --- a/files/gitlab-cookbooks/gitlab/attributes/default.rb +++ b/files/gitlab-cookbooks/gitlab/attributes/default.rb @@ -51,7 +51,13 @@ default['gitlab']['gitlab-core']['umask'] = "0022" default['gitlab']['gitlab-core']['worker_processes'] = 2 default['gitlab']['gitlab-core']['repositories_path'] = "/var/opt/gitlab/repositories" +default['gitlab']['gitlab-core']['satellites_path'] = "/var/opt/gitlab/gitlab-satellites" default['gitlab']['gitlab-core']['internal_api_url'] = "http://localhost:8080" +default['gitlab']['gitlab-core']['external_fqdn'] = node['fqdn'] +default['gitlab']['gitlab-core']['external_port'] = 80 +default['gitlab']['gitlab-core']['external_https'] = false +default['gitlab']['gitlab-core']['notification_email'] = "gitlab@#{node['fqdn']}" +default['gitlab']['gitlab-core']['support_email'] = "support@example.com" ### diff --git a/files/gitlab-cookbooks/gitlab/recipes/gitlab-core.rb b/files/gitlab-cookbooks/gitlab/recipes/gitlab-core.rb index 7bcb28d..4611027 100644 --- a/files/gitlab-cookbooks/gitlab/recipes/gitlab-core.rb +++ b/files/gitlab-cookbooks/gitlab/recipes/gitlab-core.rb @@ -62,8 +62,19 @@ template database_yml do notifies :restart, 'service[gitlab-core]' if should_notify end -link "/opt/gitlab/embedded/service/gitlab-core/config/database.yml" do - to database_yml +gitlab_yml = File.join(gitlab_core_etc_dir, "gitlab.yml") + +template gitlab_yml do + source "gitlab.yml.erb" + owner "root" + group "root" + mode "0644" + variables(node['gitlab']['gitlab-core'].to_hash) + notifies :restart, 'service[gitlab-core]' if should_notify +end + +link "/opt/gitlab/embedded/service/gitlab-core/config/gitlab.yml" do + to gitlab_yml end unicorn_listen_tcp = node['gitlab']['gitlab-core']['listen'] diff --git a/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb b/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb new file mode 100644 index 0000000..7e54dca --- /dev/null +++ b/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb @@ -0,0 +1,238 @@ +# # # # # # # # # # # # # # # # # # +# GitLab application config file # +# # # # # # # # # # # # # # # # # # +# +# How to use: +# 1. copy file as gitlab.yml +# 2. Replace gitlab -> host with your domain +# 3. Replace gitlab -> email_from + +production: &base + # + # 1. GitLab app settings + # ========================== + + ## GitLab settings + gitlab: + ## Web server settings (note: host is the FQDN, do not include http://) + host: <%= node['gitlab']['gitlab-core']['external_fqdn'] %> + port: <%= node['gitlab']['gitlab-core']['external_port'] %> + https: <%= node['gitlab']['gitlab-core']['external_https'] %> + + # Uncomment and customize the last line to run in a non-root path + # WARNING: We recommend creating a FQDN to host GitLab in a root path instead of this. + # Note that four settings need to be changed for this to work. + # 1) In your application.rb file: config.relative_url_root = "/gitlab" + # 2) In your gitlab.yml file: relative_url_root: /gitlab + # 3) In your unicorn.rb: ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab" + # 4) In ../gitlab-shell/config.yml: gitlab_url: "http://127.0.0.1/gitlab" + # To update the path, run: sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production + # + # relative_url_root: /gitlab + + # Uncomment and customize if you can't use the default user to run GitLab (default: 'git') + # user: git + + ## Email settings + # Email address used in the "From" field in mails sent by GitLab + email_from: <%= node['gitlab']['gitlab-core']['notification_email'] %> + + # Email address of your support contact (default: same as email_from) + support_email: <%= node['gitlab']['gitlab-core']['support_email'] %> + + ## User settings + default_projects_limit: 10 + # default_can_create_group: false # default: true + # username_changing_enabled: false # default: true - User can change her username/namespace + ## Default theme + ## BASIC = 1 + ## MARS = 2 + ## MODERN = 3 + ## GRAY = 4 + ## COLOR = 5 + # default_theme: 2 # default: 2 + + + ## Users management + # default: false - Account passwords are not sent via the email if signup is enabled. + # signup_enabled: true + + # Restrict setting visibility levels for non-admin users. + # The default is to allow all levels. + #restricted_visibility_levels: [ "public" ] + + ## Automatic issue closing + # If a commit message matches this regular expression, all issues referenced from the matched text will be closed. + # This happens when the commit is pushed or merged into the default branch of a project. + # When not specified the default issue_closing_pattern as specified below will be used. + # issue_closing_pattern: '([Cc]lose[sd]|[Ff]ixe[sd]) +#\d+' + + ## Default project features settings + default_projects_features: + issues: true + merge_requests: true + wiki: true + wall: false + snippets: false + visibility_level: "private" # can be "private" | "internal" | "public" + + ## External issues trackers + issues_tracker: + # redmine: + # title: "Redmine" + # ## If not nil, link 'Issues' on project page will be replaced with this + # ## Use placeholders: + # ## :project_id - GitLab project identifier + # ## :issues_tracker_id - Project Name or Id in external issue tracker + # project_url: "http://redmine.sample/projects/:issues_tracker_id" + # + # ## If not nil, links from /#\d/ entities from commit messages will replaced with this + # ## Use placeholders: + # ## :project_id - GitLab project identifier + # ## :issues_tracker_id - Project Name or Id in external issue tracker + # ## :id - Issue id (from commit messages) + # issues_url: "http://redmine.sample/issues/:id" + # + # ## If not nil, linkis to creating new issues will be replaced with this + # ## Use placeholders: + # ## :project_id - GitLab project identifier + # ## :issues_tracker_id - Project Name or Id in external issue tracker + # new_issue_url: "http://redmine.sample/projects/:issues_tracker_id/issues/new" + # + # jira: + # title: "Atlassian Jira" + # project_url: "http://jira.sample/issues/?jql=project=:issues_tracker_id" + # issues_url: "http://jira.sample/browse/:id" + # new_issue_url: "http://jira.sample/secure/CreateIssue.jspa" + + ## Gravatar + gravatar: + enabled: true # Use user avatar image from Gravatar.com (default: true) + # plain_url: "http://..." # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=mm + # ssl_url: "https://..." # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=mm + + # + # 2. Auth settings + # ========================== + + ## LDAP settings + # You can inspect a sample of the LDAP users with login access by running: + # bundle exec rake gitlab:ldap:check RAILS_ENV=production + ldap: + enabled: false + host: '_your_ldap_server' + base: '_the_base_where_you_search_for_users' + port: 636 + uid: 'sAMAccountName' + method: 'ssl' # "tls" or "ssl" or "plain" + bind_dn: '_the_full_dn_of_the_user_you_will_bind_with' + password: '_the_password_of_the_bind_user' + # If allow_username_or_email_login is enabled, GitLab will ignore everything + # after the first '@' in the LDAP username submitted by the user on login. + # + # Example: + # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials; + # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'. + # + # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to + # disable this setting, because the userPrincipalName contains an '@'. + allow_username_or_email_login: true + + ## OmniAuth settings + omniauth: + # Allow login via Twitter, Google, etc. using OmniAuth providers + enabled: false + + # CAUTION! + # This allows users to login without having a user account first (default: false). + # User accounts will be created automatically when authentication was successful. + allow_single_sign_on: false + # Locks down those users until they have been cleared by the admin (default: true). + block_auto_created_users: true + + ## Auth providers + # Uncomment the following lines and fill in the data of the auth provider you want to use + # If your favorite auth provider is not listed you can use others: + # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Working-custom-omniauth-provider-configurations + # The 'app_id' and 'app_secret' parameters are always passed as the first two + # arguments, followed by optional 'args' which can be either a hash or an array. + providers: + # - { name: 'google_oauth2', app_id: 'YOUR APP ID', + # app_secret: 'YOUR APP SECRET', + # args: { access_type: 'offline', approval_prompt: '' } } + # - { name: 'twitter', app_id: 'YOUR APP ID', + # app_secret: 'YOUR APP SECRET'} + # - { name: 'github', app_id: 'YOUR APP ID', + # app_secret: 'YOUR APP SECRET', + # args: { scope: 'user:email' } } + + + + # + # 3. Advanced settings + # ========================== + + # GitLab Satellites + satellites: + # Relative paths are relative to Rails.root (default: tmp/repo_satellites/) + path: <%= node['gitlab']['gitlab-core']['satellites_path'] %> + + ## Backup settings + backup: + path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) + # keep_time: 604800 # default: 0 (forever) (in seconds) + + ## GitLab Shell settings + gitlab_shell: + path: /opt/gitlab/embedded/service/gitlab-shell/ + + # REPOS_PATH MUST NOT BE A SYMLINK!!! + repos_path: <%= node['gitlab']['gitlab-core']['repositories_path'] %> + hooks_path: /opt/gitlab/embedded/service/gitlab-shell/hooks/ + + # Git over HTTP + upload_pack: true + receive_pack: true + + # If you use non-standard ssh port you need to specify it + # ssh_port: 22 + + ## Git settings + # CAUTION! + # Use the default values unless you really know what you are doing + git: + bin_path: /opt/gitlab/embedded/bin/git + # The next value is the maximum memory size grit can use + # Given in number of bytes per git object (e.g. a commit) + # This value can be increased if you have very large commits + max_size: 5242880 # 5.megabytes + # Git timeout to read a commit, in seconds + timeout: 10 + + # + # 4. Extra customization + # ========================== + + extra: + ## Google analytics. Uncomment if you want it + # google_analytics_id: '_your_tracking_id' + + ## Text under sign-in page (Markdown enabled) + # sign_in_text: | + # ![Company Logo](http://www.companydomain.com/logo.png) + # [Learn more about CompanyName](http://www.companydomain.com/) + +development: + <<: *base + +test: + <<: *base + issues_tracker: + redmine: + title: "Redmine" + project_url: "http://redmine/projects/:issues_tracker_id" + issues_url: "http://redmine/:project_id/:issues_tracker_id/:id" + new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new" + +staging: + <<: *base diff --git a/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.example b/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.example deleted file mode 100644 index ce57465..0000000 --- a/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.example +++ /dev/null @@ -1,238 +0,0 @@ -# # # # # # # # # # # # # # # # # # -# GitLab application config file # -# # # # # # # # # # # # # # # # # # -# -# How to use: -# 1. copy file as gitlab.yml -# 2. Replace gitlab -> host with your domain -# 3. Replace gitlab -> email_from - -production: &base - # - # 1. GitLab app settings - # ========================== - - ## GitLab settings - gitlab: - ## Web server settings (note: host is the FQDN, do not include http://) - host: localhost - port: 80 - https: false - - # Uncomment and customize the last line to run in a non-root path - # WARNING: We recommend creating a FQDN to host GitLab in a root path instead of this. - # Note that four settings need to be changed for this to work. - # 1) In your application.rb file: config.relative_url_root = "/gitlab" - # 2) In your gitlab.yml file: relative_url_root: /gitlab - # 3) In your unicorn.rb: ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab" - # 4) In ../gitlab-shell/config.yml: gitlab_url: "http://127.0.0.1/gitlab" - # To update the path, run: sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production - # - # relative_url_root: /gitlab - - # Uncomment and customize if you can't use the default user to run GitLab (default: 'git') - # user: git - - ## Email settings - # Email address used in the "From" field in mails sent by GitLab - email_from: gitlab@localhost - - # Email address of your support contact (default: same as email_from) - support_email: support@localhost - - ## User settings - default_projects_limit: 10 - # default_can_create_group: false # default: true - # username_changing_enabled: false # default: true - User can change her username/namespace - ## Default theme - ## BASIC = 1 - ## MARS = 2 - ## MODERN = 3 - ## GRAY = 4 - ## COLOR = 5 - # default_theme: 2 # default: 2 - - - ## Users management - # default: false - Account passwords are not sent via the email if signup is enabled. - # signup_enabled: true - - # Restrict setting visibility levels for non-admin users. - # The default is to allow all levels. - #restricted_visibility_levels: [ "public" ] - - ## Automatic issue closing - # If a commit message matches this regular expression, all issues referenced from the matched text will be closed. - # This happens when the commit is pushed or merged into the default branch of a project. - # When not specified the default issue_closing_pattern as specified below will be used. - # issue_closing_pattern: '([Cc]lose[sd]|[Ff]ixe[sd]) +#\d+' - - ## Default project features settings - default_projects_features: - issues: true - merge_requests: true - wiki: true - wall: false - snippets: false - visibility_level: "private" # can be "private" | "internal" | "public" - - ## External issues trackers - issues_tracker: - # redmine: - # title: "Redmine" - # ## If not nil, link 'Issues' on project page will be replaced with this - # ## Use placeholders: - # ## :project_id - GitLab project identifier - # ## :issues_tracker_id - Project Name or Id in external issue tracker - # project_url: "http://redmine.sample/projects/:issues_tracker_id" - # - # ## If not nil, links from /#\d/ entities from commit messages will replaced with this - # ## Use placeholders: - # ## :project_id - GitLab project identifier - # ## :issues_tracker_id - Project Name or Id in external issue tracker - # ## :id - Issue id (from commit messages) - # issues_url: "http://redmine.sample/issues/:id" - # - # ## If not nil, linkis to creating new issues will be replaced with this - # ## Use placeholders: - # ## :project_id - GitLab project identifier - # ## :issues_tracker_id - Project Name or Id in external issue tracker - # new_issue_url: "http://redmine.sample/projects/:issues_tracker_id/issues/new" - # - # jira: - # title: "Atlassian Jira" - # project_url: "http://jira.sample/issues/?jql=project=:issues_tracker_id" - # issues_url: "http://jira.sample/browse/:id" - # new_issue_url: "http://jira.sample/secure/CreateIssue.jspa" - - ## Gravatar - gravatar: - enabled: true # Use user avatar image from Gravatar.com (default: true) - # plain_url: "http://..." # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=mm - # ssl_url: "https://..." # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=mm - - # - # 2. Auth settings - # ========================== - - ## LDAP settings - # You can inspect a sample of the LDAP users with login access by running: - # bundle exec rake gitlab:ldap:check RAILS_ENV=production - ldap: - enabled: false - host: '_your_ldap_server' - base: '_the_base_where_you_search_for_users' - port: 636 - uid: 'sAMAccountName' - method: 'ssl' # "tls" or "ssl" or "plain" - bind_dn: '_the_full_dn_of_the_user_you_will_bind_with' - password: '_the_password_of_the_bind_user' - # If allow_username_or_email_login is enabled, GitLab will ignore everything - # after the first '@' in the LDAP username submitted by the user on login. - # - # Example: - # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials; - # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'. - # - # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to - # disable this setting, because the userPrincipalName contains an '@'. - allow_username_or_email_login: true - - ## OmniAuth settings - omniauth: - # Allow login via Twitter, Google, etc. using OmniAuth providers - enabled: false - - # CAUTION! - # This allows users to login without having a user account first (default: false). - # User accounts will be created automatically when authentication was successful. - allow_single_sign_on: false - # Locks down those users until they have been cleared by the admin (default: true). - block_auto_created_users: true - - ## Auth providers - # Uncomment the following lines and fill in the data of the auth provider you want to use - # If your favorite auth provider is not listed you can use others: - # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Working-custom-omniauth-provider-configurations - # The 'app_id' and 'app_secret' parameters are always passed as the first two - # arguments, followed by optional 'args' which can be either a hash or an array. - providers: - # - { name: 'google_oauth2', app_id: 'YOUR APP ID', - # app_secret: 'YOUR APP SECRET', - # args: { access_type: 'offline', approval_prompt: '' } } - # - { name: 'twitter', app_id: 'YOUR APP ID', - # app_secret: 'YOUR APP SECRET'} - # - { name: 'github', app_id: 'YOUR APP ID', - # app_secret: 'YOUR APP SECRET', - # args: { scope: 'user:email' } } - - - - # - # 3. Advanced settings - # ========================== - - # GitLab Satellites - satellites: - # Relative paths are relative to Rails.root (default: tmp/repo_satellites/) - path: /home/git/gitlab-satellites/ - - ## Backup settings - backup: - path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) - # keep_time: 604800 # default: 0 (forever) (in seconds) - - ## GitLab Shell settings - gitlab_shell: - path: /home/git/gitlab-shell/ - - # REPOS_PATH MUST NOT BE A SYMLINK!!! - repos_path: /home/git/repositories/ - hooks_path: /home/git/gitlab-shell/hooks/ - - # Git over HTTP - upload_pack: true - receive_pack: true - - # If you use non-standard ssh port you need to specify it - # ssh_port: 22 - - ## Git settings - # CAUTION! - # Use the default values unless you really know what you are doing - git: - bin_path: /usr/bin/git - # The next value is the maximum memory size grit can use - # Given in number of bytes per git object (e.g. a commit) - # This value can be increased if you have very large commits - max_size: 5242880 # 5.megabytes - # Git timeout to read a commit, in seconds - timeout: 10 - - # - # 4. Extra customization - # ========================== - - extra: - ## Google analytics. Uncomment if you want it - # google_analytics_id: '_your_tracking_id' - - ## Text under sign-in page (Markdown enabled) - # sign_in_text: | - # ![Company Logo](http://www.companydomain.com/logo.png) - # [Learn more about CompanyName](http://www.companydomain.com/) - -development: - <<: *base - -test: - <<: *base - issues_tracker: - redmine: - title: "Redmine" - project_url: "http://redmine/projects/:issues_tracker_id" - issues_url: "http://redmine/:project_id/:issues_tracker_id/:id" - new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new" - -staging: - <<: *base -- libgit2 0.21.2