# # # # # # # # # # # # # # # # # # # GitLab application config file # # # # # # # # # # # # # # # # # # # # # How to use: # 1. Copy file as gitlab.yml # 2. Update gitlab -> host with your fully qualified domain name # 3. Update gitlab -> email_from # 4. If you installed Git from source, change git -> bin_path to /usr/local/bin/git # 5. Review this configuration file for other settings you may want to adjust production: &base # # 1. GitLab app settings # ========================== ## GitLab settings gitlab: ## Web server settings (note: host is the FQDN, do not include http://) host: localhost port: 80 # Set to 443 if using HTTPS, see installation.md#using-https for additional HTTPS configuration details https: false # Set to true if using HTTPS, see installation.md#using-https for additional HTTPS configuration details # Uncommment this line below if your ssh host is different from HTTP/HTTPS one # (you'd obviously need to replace ssh.host_example.com with your own host). # Otherwise, ssh host will be set to the `host:` value above # ssh_host: ssh.host_example.com # WARNING: See config/application.rb under "Relative url support" for the list of # other files that need to be changed for relative url support # relative_url_root: /gitlab # Uncomment and customize if you can't use the default user to run GitLab (default: 'git') # user: git ## Date & Time settings # Uncomment and customize if you want to change the default time zone of GitLab application. # To see all available zones, run `bundle exec rake time:zones:all RAILS_ENV=production` # time_zone: 'UTC' ## Email settings # Uncomment and set to false if you need to disable email sending from GitLab (default: true) # email_enabled: true # Email address used in the "From" field in mails sent by GitLab email_from: example@example.com # Email server smtp settings are in config/initializers/smtp_settings.rb.sample # default_can_create_group: false # default: true # username_changing_enabled: false # default: true - User can change her username/namespace ## Default theme ## BASIC = 1 ## MARS = 2 ## MODERN = 3 ## GRAY = 4 ## COLOR = 5 # default_theme: 2 # default: 2 # Restrict setting visibility levels for non-admin users. # The default is to allow all levels. # restricted_visibility_levels: [ "public" ] ## Automatic issue closing # If a commit message matches this regular expression, all issues referenced from the matched text will be closed. # This happens when the commit is pushed or merged into the default branch of a project. # When not specified the default issue_closing_pattern as specified below will be used. # Tip: you can test your closing pattern at http://rubular.com # issue_closing_pattern: '((?:[Cc]los(?:e[sd]|ing)|[Ff]ix(?:e[sd]|ing)?) +(?:(?:issues? +)?#\d+(?:(?:, *| +and +)?))+)' ## Default project features settings default_projects_features: issues: true merge_requests: true wiki: true snippets: false visibility_level: "private" # can be "private" | "internal" | "public" ## Webhook settings # Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10) # webhook_timeout: 10 ## Repository downloads directory # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory. # The default is 'tmp/repositories' relative to the root of the Rails app. # repository_downloads_path: tmp/repositories ## External issues trackers issues_tracker: # redmine: # title: "Redmine" # ## If not nil, link 'Issues' on project page will be replaced with this # ## Use placeholders: # ## :project_id - GitLab project identifier # ## :issues_tracker_id - Project Name or Id in external issue tracker # project_url: "http://redmine.sample/projects/:issues_tracker_id" # # ## If not nil, links from /#\d/ entities from commit messages will replaced with this # ## Use placeholders: # ## :project_id - GitLab project identifier # ## :issues_tracker_id - Project Name or Id in external issue tracker # ## :id - Issue id (from commit messages) # issues_url: "http://redmine.sample/issues/:id" # # ## If not nil, links to creating new issues will be replaced with this # ## Use placeholders: # ## :project_id - GitLab project identifier # ## :issues_tracker_id - Project Name or Id in external issue tracker # new_issue_url: "http://redmine.sample/projects/:issues_tracker_id/issues/new" # # jira: # title: "Atlassian Jira" # project_url: "http://jira.sample/issues/?jql=project=:issues_tracker_id" # issues_url: "http://jira.sample/browse/:id" # new_issue_url: "http://jira.sample/secure/CreateIssue.jspa" ## Gravatar ## For Libravatar see: http://doc.gitlab.com/ce/customization/libravatar.html gravatar: enabled: true # Use user avatar image from Gravatar.com (default: true) # gravatar urls: possible placeholders: %{hash} %{size} %{email} # plain_url: "http://..." # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon # ssl_url: "https://..." # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon # # 2. Auth settings # ========================== ## LDAP settings # You can inspect a sample of the LDAP users with login access by running: # bundle exec rake gitlab:ldap:check RAILS_ENV=production ldap: enabled: false servers: main: # 'main' is the GitLab 'provider ID' of this LDAP server ## label # # A human-friendly name for your LDAP server. It is OK to change the label later, # for instance if you find out it is too large to fit on the web page. # # Example: 'Paris' or 'Acme, Ltd.' label: 'LDAP' host: '_your_ldap_server' port: 389 uid: 'sAMAccountName' method: 'plain' # "tls" or "ssl" or "plain" bind_dn: '_the_full_dn_of_the_user_you_will_bind_with' password: '_the_password_of_the_bind_user' # This setting specifies if LDAP server is Active Directory LDAP server. # For non AD servers it skips the AD specific queries. # If your LDAP server is not AD, set this to false. active_directory: true # If allow_username_or_email_login is enabled, GitLab will ignore everything # after the first '@' in the LDAP username submitted by the user on login. # # Example: # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials; # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'. # # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to # disable this setting, because the userPrincipalName contains an '@'. allow_username_or_email_login: false # Base where we can search for users # # Ex. ou=People,dc=gitlab,dc=example # base: '' # Filter LDAP users # # Format: RFC 4515 http://tools.ietf.org/search/rfc4515 # Ex. (employeeType=developer) # # Note: GitLab does not support omniauth-ldap's custom filter syntax. # user_filter: '' # GitLab EE only: add more LDAP servers # Choose an ID made of a-z and 0-9 . This ID will be stored in the database # so that GitLab can remember which LDAP server a user belongs to. # uswest2: # label: # host: # .... ## OmniAuth settings omniauth: # Allow login via Twitter, Google, etc. using OmniAuth providers enabled: false # CAUTION! # This allows users to login without having a user account first (default: false). # User accounts will be created automatically when authentication was successful. allow_single_sign_on: false # Locks down those users until they have been cleared by the admin (default: true). block_auto_created_users: true ## Auth providers # Uncomment the following lines and fill in the data of the auth provider you want to use # If your favorite auth provider is not listed you can use others: # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations # The 'app_id' and 'app_secret' parameters are always passed as the first two # arguments, followed by optional 'args' which can be either a hash or an array. # Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html providers: # - { name: 'google_oauth2', app_id: 'YOUR APP ID', # app_secret: 'YOUR APP SECRET', # args: { access_type: 'offline', approval_prompt: '' } } # - { name: 'twitter', app_id: 'YOUR APP ID', # app_secret: 'YOUR APP SECRET'} # - { name: 'github', app_id: 'YOUR APP ID', # app_secret: 'YOUR APP SECRET', # args: { scope: 'user:email' } } # - { name: 'gitlab', app_id: 'YOUR APP ID', # app_secret: 'YOUR APP SECRET', # args: { scope: 'api' } } # # 3. Advanced settings # ========================== # GitLab Satellites satellites: # Relative paths are relative to Rails.root (default: tmp/repo_satellites/) path: /home/git/gitlab-satellites/ timeout: 30 ## Backup settings backup: path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) # keep_time: 604800 # default: 0 (forever) (in seconds) # upload: # # Fog storage connection settings, see http://fog.io/storage/ . # connection: # provider: AWS # region: eu-west-1 # aws_access_key_id: AKIAKIAKI # aws_secret_access_key: 'secret123' # # The remote 'directory' to store your backups. For S3, this would be the bucket name. # remote_directory: 'my.s3.bucket' ## GitLab Shell settings gitlab_shell: path: /home/git/gitlab-shell/ # REPOS_PATH MUST NOT BE A SYMLINK!!! repos_path: /home/git/repositories/ hooks_path: /home/git/gitlab-shell/hooks/ # Git over HTTP upload_pack: true receive_pack: true # If you use non-standard ssh port you need to specify it # ssh_port: 22 ## Git settings # CAUTION! # Use the default values unless you really know what you are doing git: bin_path: /usr/bin/git # The next value is the maximum memory size grit can use # Given in number of bytes per git object (e.g. a commit) # This value can be increased if you have very large commits max_size: 20971520 # 20.megabytes # Git timeout to read a commit, in seconds timeout: 10 # # 4. Extra customization # ========================== extra: ## Google analytics. Uncomment if you want it # google_analytics_id: '_your_tracking_id' ## Piwik analytics. # piwik_url: '_your_piwik_url' # piwik_site_id: '_your_piwik_site_id' rack_attack: git_basic_auth: # Whitelist requests from 127.0.0.1 for web proxies (NGINX/Apache) with incorrect headers # ip_whitelist: ["127.0.0.1"] # # Limit the number of Git HTTP authentication attempts per IP # maxretry: 10 # # Reset the auth attempt counter per IP after 60 seconds # findtime: 60 # # Ban an IP for one hour (3600s) after too many auth attempts # bantime: 3600 development: <<: *base test: <<: *base gravatar: enabled: true gitlab: host: localhost port: 80 # When you run tests we clone and setup gitlab-shell # In order to setup it correctly you need to specify # your system username you use to run GitLab # user: YOUR_USERNAME satellites: path: tmp/tests/gitlab-satellites/ gitlab_shell: path: tmp/tests/gitlab-shell/ repos_path: tmp/tests/repositories/ hooks_path: tmp/tests/gitlab-shell/hooks/ issues_tracker: redmine: title: "Redmine" project_url: "http://redmine/projects/:issues_tracker_id" issues_url: "http://redmine/:project_id/:issues_tracker_id/:id" new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new" ldap: enabled: false servers: main: label: ldap host: 127.0.0.1 port: 3890 uid: 'uid' method: 'plain' # "tls" or "ssl" or "plain" base: 'dc=example,dc=com' user_filter: '' group_base: 'ou=groups,dc=example,dc=com' admin_group: '' sync_ssh_keys: false staging: <<: *base