4fdafcaf8a
Add comment about tls for ldap method
238 lines
8.6 KiB
Text
238 lines
8.6 KiB
Text
# # # # # # # # # # # # # # # # # #
|
|
# GitLab application config file #
|
|
# # # # # # # # # # # # # # # # # #
|
|
#
|
|
# How to use:
|
|
# 1. copy file as gitlab.yml
|
|
# 2. Replace gitlab -> host with your domain
|
|
# 3. Replace gitlab -> email_from
|
|
|
|
production: &base
|
|
#
|
|
# 1. GitLab app settings
|
|
# ==========================
|
|
|
|
## GitLab settings
|
|
gitlab:
|
|
## Web server settings (note: host is the FQDN, do not include http://)
|
|
host: localhost
|
|
port: 80
|
|
https: false
|
|
|
|
# Uncomment and customize the last line to run in a non-root path
|
|
# WARNING: We recommend creating a FQDN to host GitLab in a root path instead of this.
|
|
# Note that four settings need to be changed for this to work.
|
|
# 1) In your application.rb file: config.relative_url_root = "/gitlab"
|
|
# 2) In your gitlab.yml file: relative_url_root: /gitlab
|
|
# 3) In your unicorn.rb: ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab"
|
|
# 4) In ../gitlab-shell/config.yml: gitlab_url: "http://127.0.0.1/gitlab"
|
|
# To update the path, run: sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production
|
|
#
|
|
# relative_url_root: /gitlab
|
|
|
|
# Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
|
|
# user: git
|
|
|
|
## Email settings
|
|
# Email address used in the "From" field in mails sent by GitLab
|
|
email_from: gitlab@localhost
|
|
|
|
# Email address of your support contact (default: same as email_from)
|
|
support_email: support@localhost
|
|
|
|
## User settings
|
|
default_projects_limit: 10
|
|
# default_can_create_group: false # default: true
|
|
# username_changing_enabled: false # default: true - User can change her username/namespace
|
|
## Default theme
|
|
## BASIC = 1
|
|
## MARS = 2
|
|
## MODERN = 3
|
|
## GRAY = 4
|
|
## COLOR = 5
|
|
# default_theme: 2 # default: 2
|
|
|
|
|
|
## Users management
|
|
# default: false - Account passwords are not sent via the email if signup is enabled.
|
|
# signup_enabled: true
|
|
|
|
# Restrict setting visibility levels for non-admin users.
|
|
# The default is to allow all levels.
|
|
#restricted_visibility_levels: [ "public" ]
|
|
|
|
## Automatic issue closing
|
|
# If a commit message matches this regular expression, all issues referenced from the matched text will be closed.
|
|
# This happens when the commit is pushed or merged into the default branch of a project.
|
|
# When not specified the default issue_closing_pattern as specified below will be used.
|
|
# issue_closing_pattern: '([Cc]lose[sd]|[Ff]ixe[sd]) +#\d+'
|
|
|
|
## Default project features settings
|
|
default_projects_features:
|
|
issues: true
|
|
merge_requests: true
|
|
wiki: true
|
|
wall: false
|
|
snippets: false
|
|
visibility_level: "private" # can be "private" | "internal" | "public"
|
|
|
|
## External issues trackers
|
|
issues_tracker:
|
|
# redmine:
|
|
# title: "Redmine"
|
|
# ## If not nil, link 'Issues' on project page will be replaced with this
|
|
# ## Use placeholders:
|
|
# ## :project_id - GitLab project identifier
|
|
# ## :issues_tracker_id - Project Name or Id in external issue tracker
|
|
# project_url: "http://redmine.sample/projects/:issues_tracker_id"
|
|
#
|
|
# ## If not nil, links from /#\d/ entities from commit messages will replaced with this
|
|
# ## Use placeholders:
|
|
# ## :project_id - GitLab project identifier
|
|
# ## :issues_tracker_id - Project Name or Id in external issue tracker
|
|
# ## :id - Issue id (from commit messages)
|
|
# issues_url: "http://redmine.sample/issues/:id"
|
|
#
|
|
# ## If not nil, linkis to creating new issues will be replaced with this
|
|
# ## Use placeholders:
|
|
# ## :project_id - GitLab project identifier
|
|
# ## :issues_tracker_id - Project Name or Id in external issue tracker
|
|
# new_issue_url: "http://redmine.sample/projects/:issues_tracker_id/issues/new"
|
|
#
|
|
# jira:
|
|
# title: "Atlassian Jira"
|
|
# project_url: "http://jira.sample/issues/?jql=project=:issues_tracker_id"
|
|
# issues_url: "http://jira.sample/browse/:id"
|
|
# new_issue_url: "http://jira.sample/secure/CreateIssue.jspa"
|
|
|
|
## Gravatar
|
|
gravatar:
|
|
enabled: true # Use user avatar image from Gravatar.com (default: true)
|
|
# plain_url: "http://..." # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=mm
|
|
# ssl_url: "https://..." # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=mm
|
|
|
|
#
|
|
# 2. Auth settings
|
|
# ==========================
|
|
|
|
## LDAP settings
|
|
# You can inspect a sample of the LDAP users with login access by running:
|
|
# bundle exec rake gitlab:ldap:check RAILS_ENV=production
|
|
ldap:
|
|
enabled: false
|
|
host: '_your_ldap_server'
|
|
base: '_the_base_where_you_search_for_users'
|
|
port: 636
|
|
uid: 'sAMAccountName'
|
|
method: 'ssl' # "tls" or "ssl" or "plain"
|
|
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
|
|
password: '_the_password_of_the_bind_user'
|
|
# If allow_username_or_email_login is enabled, GitLab will ignore everything
|
|
# after the first '@' in the LDAP username submitted by the user on login.
|
|
#
|
|
# Example:
|
|
# - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
|
|
# - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
|
|
#
|
|
# If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
|
|
# disable this setting, because the userPrincipalName contains an '@'.
|
|
allow_username_or_email_login: true
|
|
|
|
## OmniAuth settings
|
|
omniauth:
|
|
# Allow login via Twitter, Google, etc. using OmniAuth providers
|
|
enabled: false
|
|
|
|
# CAUTION!
|
|
# This allows users to login without having a user account first (default: false).
|
|
# User accounts will be created automatically when authentication was successful.
|
|
allow_single_sign_on: false
|
|
# Locks down those users until they have been cleared by the admin (default: true).
|
|
block_auto_created_users: true
|
|
|
|
## Auth providers
|
|
# Uncomment the following lines and fill in the data of the auth provider you want to use
|
|
# If your favorite auth provider is not listed you can use others:
|
|
# see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Working-custom-omniauth-provider-configurations
|
|
# The 'app_id' and 'app_secret' parameters are always passed as the first two
|
|
# arguments, followed by optional 'args' which can be either a hash or an array.
|
|
providers:
|
|
# - { name: 'google_oauth2', app_id: 'YOUR APP ID',
|
|
# app_secret: 'YOUR APP SECRET',
|
|
# args: { access_type: 'offline', approval_prompt: '' } }
|
|
# - { name: 'twitter', app_id: 'YOUR APP ID',
|
|
# app_secret: 'YOUR APP SECRET'}
|
|
# - { name: 'github', app_id: 'YOUR APP ID',
|
|
# app_secret: 'YOUR APP SECRET',
|
|
# args: { scope: 'user:email' } }
|
|
|
|
|
|
|
|
#
|
|
# 3. Advanced settings
|
|
# ==========================
|
|
|
|
# GitLab Satellites
|
|
satellites:
|
|
# Relative paths are relative to Rails.root (default: tmp/repo_satellites/)
|
|
path: /home/git/gitlab-satellites/
|
|
|
|
## Backup settings
|
|
backup:
|
|
path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/)
|
|
# keep_time: 604800 # default: 0 (forever) (in seconds)
|
|
|
|
## GitLab Shell settings
|
|
gitlab_shell:
|
|
path: /home/git/gitlab-shell/
|
|
|
|
# REPOS_PATH MUST NOT BE A SYMLINK!!!
|
|
repos_path: /home/git/repositories/
|
|
hooks_path: /home/git/gitlab-shell/hooks/
|
|
|
|
# Git over HTTP
|
|
upload_pack: true
|
|
receive_pack: true
|
|
|
|
# If you use non-standard ssh port you need to specify it
|
|
# ssh_port: 22
|
|
|
|
## Git settings
|
|
# CAUTION!
|
|
# Use the default values unless you really know what you are doing
|
|
git:
|
|
bin_path: /usr/bin/git
|
|
# The next value is the maximum memory size grit can use
|
|
# Given in number of bytes per git object (e.g. a commit)
|
|
# This value can be increased if you have very large commits
|
|
max_size: 5242880 # 5.megabytes
|
|
# Git timeout to read a commit, in seconds
|
|
timeout: 10
|
|
|
|
#
|
|
# 4. Extra customization
|
|
# ==========================
|
|
|
|
extra:
|
|
## Google analytics. Uncomment if you want it
|
|
# google_analytics_id: '_your_tracking_id'
|
|
|
|
## Text under sign-in page (Markdown enabled)
|
|
# sign_in_text: |
|
|
# ![Company Logo](http://www.companydomain.com/logo.png)
|
|
# [Learn more about CompanyName](http://www.companydomain.com/)
|
|
|
|
development:
|
|
<<: *base
|
|
|
|
test:
|
|
<<: *base
|
|
issues_tracker:
|
|
redmine:
|
|
title: "Redmine"
|
|
project_url: "http://redmine/projects/:issues_tracker_id"
|
|
issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
|
|
new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
|
|
|
|
staging:
|
|
<<: *base
|