gitlab-org--gitlab-foss/config
Stan Hu a6c0f95705 Make httpclient respect system SSL configuration
By default, httpclient (and hence anything that uses rack-oauth2)
ignores the system-wide SSL certificate configuration in favor of its
own `cacert.pem`. This makes it impossible to use custom certificates
without patching that file. Until
https://github.com/nahi/httpclient/pull/386 is merged, we work around
this limitation by forcing the `HTTPClient` SSL store to use the default
system configuration.

Closes https://gitlab.com/charts/gitlab/issues/1436
2019-07-15 10:07:10 -07:00
..
environments Merge branch 'js-specs-transactions' into 'master' 2019-07-12 13:30:42 +00:00
helpers Rename environment variable EE to IS_GITLAB_EE 2019-04-05 12:08:05 +02:00
initializers Make httpclient respect system SSL configuration 2019-07-15 10:07:10 -07:00
locales [skip ci] Update doorkeeper.en.yml 2019-06-17 14:59:54 +00:00
prometheus Copy EE-only config files to CE 2019-07-09 12:13:59 -05:00
routes Add a rubocop for Rails.logger 2019-07-10 19:26:47 +00:00
application.rb Upgrade to Rails 5.2 2019-07-12 10:15:31 +08:00
boot.rb Get memory data after booting app in production 2019-06-28 20:12:50 +03:00
brakeman.ignore Copy EE-only config files to CE 2019-07-09 12:13:59 -05:00
database.yml.env
database.yml.mysql
database.yml.postgresql Backport EE YAML settings for PostgreSQL 2019-06-19 14:14:39 +02:00
database_geo.yml.postgresql Copy EE-only config files to CE 2019-07-09 12:13:59 -05:00
dependency_decisions.yml Backport dependency decisions from EE 2019-06-19 14:14:39 +02:00
environment.rb
gitlab.yml.example CE-EE parity for shared config files 2019-07-09 12:13:21 -05:00
jsdocs.config.js Generate searchable JSDoc documentation 2019-01-14 21:46:21 +00:00
karma.config.js Merge branch '58869-unified-fe-test-script' into 'master' 2019-05-23 17:32:56 +00:00
license_finder.yml
mail_room.yml
no_todos_messages.yml Change 'Todo' to 'To Do' 2019-07-04 15:45:54 +00:00
object_store_settings.rb
pseudonymizer.yml Copy EE-only config files to CE 2019-07-09 12:13:59 -05:00
puma.example.development.rb Add metric for measuring PumaWorkerKiller activity 2019-06-10 16:09:40 +00:00
puma.rb.example Replace Unicorn with web server in the init.d script [ci skip] 2019-05-17 17:00:29 +00:00
README.md Remove empty lines in config/README.md 2019-07-04 12:02:54 +02:00
redis.cache.yml.example
redis.queues.yml.example
redis.shared_state.yml.example
resque.yml.example
routes.rb Remove obsolete chaos routes 2019-07-13 09:41:31 +00:00
secrets.yml.example
settings.rb CE-EE parity for shared config files 2019-07-09 12:13:21 -05:00
sidekiq.yml.example
sidekiq_queues.yml Includes logic to persist namespace statistics 2019-07-02 14:44:39 +00:00
spring.rb
unicorn.rb.example Run do_master_restart callback on server start 2019-07-01 15:32:19 +00:00
unicorn.rb.example.development Run do_master_restart callback on server start 2019-07-01 15:32:19 +00:00
webpack.config.js Remove setImmediate polyfill from production assets 2019-07-10 16:34:28 -05:00
webpack.config.review_toolbar.js Build visual_review_toolbar with webpack 2019-05-29 20:24:15 +00:00

Configuration files Documentation

Note that most configuration files (config/*.*) committed into gitlab-ce will not be used for omnibus-gitlab. Configuration files committed into gitlab-ce are only used for development.

gitlab.yml

You can find most of GitLab configuration settings here.

mail_room.yml

This file is actually an YML wrapped inside an ERB file to enable templated values to be specified from gitlab.yml. mail_room loads this file first as an ERB file and then loads the resulting YML as its configuration.

resque.yml

This file is called resque.yml for historical reasons. We are NOT using Resque at the moment. It is used to specify Redis configuration values when a single database instance of Redis is desired.

Advanced Redis configuration files

In more advanced configurations of Redis key-value storage, it is desirable to separate the keys by lifecycle and intended use to ease provisioning and management of scalable Redis clusters.

These settings provide routing and other configuration data (such as sentinel, persistence policies, and other Redis customization) for connections to Redis single instances, Redis sentinel, and Redis clusters.

If desired, the routing URL provided by these settings can be used with:

  1. Unix Socket
    1. named socket for each Redis instance desired.
    2. database number for each Redis instance desired.
  2. TCP Socket
    1. host name or IP for each Redis instance desired
    2. TCP port number for each Redis instance desired
    3. database number for each Redis instance desired

Example URL attribute formats for GitLab Redis .yml configuration files

  • Unix Socket, default Redis database (0)
    • url: unix:/path/to/redis.sock
    • url: unix:/path/to/redis.sock?db=
  • Unix Socket, Redis database 44
    • url: unix:/path/to/redis.sock?db=44
    • url: unix:/path/to/redis.sock?extra=foo&db=44
  • TCP Socket for Redis on localhost, port 6379, database 33
    • url: redis://:mynewpassword@localhost:6379/33
  • TCP Socket for Redis on remote host myserver, port 6379, database 33
    • url: redis://:mynewpassword@myserver:6379/33

redis.cache.yml

If configured, redis.cache.yml overrides the resque.yml settings to configure the Redis database instance used for Rails.cache and other volatile non-persistent data which enhances the performance of GitLab. Settings here can be overridden by the environment variable GITLAB_REDIS_CACHE_CONFIG_FILE which provides an alternate location for configuration settings.

The order of precedence for the URL used to connect to the Redis instance used for cache is:

  1. URL from a configuration file pointed to by the GITLAB_REDIS_CACHE_CONFIG_FILE environment variable
  2. URL from redis.cache.yml
  3. URL from a configuration file pointed to by the GITLAB_REDIS_CONFIG_FILE environment variable
  4. URL from resque.yml
  5. redis://localhost:6380

The order of precedence for all other configuration settings for cache are selected from only the first of the following files found (if a setting is not provided in an earlier file, the remainder of the files are not searched):

  1. the configuration file pointed to by the GITLAB_REDIS_CACHE_CONFIG_FILE environment variable
  2. the configuration file redis.cache.yml
  3. the configuration file pointed to by the GITLAB_REDIS_CONFIG_FILE environment variable
  4. the configuration file resque.yml

redis.queues.yml

If configured, redis.queues.yml overrides the resque.yml settings to configure the Redis database instance used for clients of ::Gitlab::Redis::Queues. These queues are intended to be the foundation of reliable inter-process communication between modules, whether on the same host node, or within a cluster. The primary clients of the queues are SideKiq, Mailroom, CI Runner, Workhorse, and push services. Settings here can be overridden by the environment variable GITLAB_REDIS_QUEUES_CONFIG_FILE which provides an alternate location for configuration settings.

The order of precedence for the URL used to connect to the Redis instance used for queues is:

  1. URL from a configuration file pointed to by the GITLAB_REDIS_QUEUES_CONFIG_FILE environment variable
  2. URL from redis.queues.yml
  3. URL from a configuration file pointed to by the GITLAB_REDIS_CONFIG_FILE environment variable
  4. URL from resque.yml
  5. redis://localhost:6381

The order of precedence for all other configuration settings for queues are selected from only the first of the following files found (if a setting is not provided in an earlier file, the remainder of the files are not searched):

  1. the configuration file pointed to by the GITLAB_REDIS_QUEUES_CONFIG_FILE environment variable
  2. the configuration file redis.queues.yml
  3. the configuration file pointed to by the GITLAB_REDIS_CONFIG_FILE environment variable
  4. the configuration file resque.yml

redis.shared_state.yml

If configured, redis.shared_state.yml overrides the resque.yml settings to configure the Redis database instance used for clients of ::Gitlab::Redis::SharedState such as session state, and rate limiting. Settings here can be overridden by the environment variable GITLAB_REDIS_SHARED_STATE_CONFIG_FILE which provides an alternate location for configuration settings.

The order of precedence for the URL used to connect to the Redis instance used for shared_state is:

  1. URL from a configuration file pointed to by the GITLAB_REDIS_SHARED_STATE_CONFIG_FILE environment variable
  2. URL from redis.shared_state.yml
  3. URL from a configuration file pointed to by the GITLAB_REDIS_CONFIG_FILE environment variable
  4. URL from resque.yml
  5. redis://localhost:6382

The order of precedence for all other configuration settings for shared_state are selected from only the first of the following files found (if a setting is not provided in an earlier file, the remainder of the files are not searched):

  1. the configuration file pointed to by the GITLAB_REDIS_SHARED_STATE_CONFIG_FILE environment variable
  2. the configuration file redis.shared_state.yml
  3. the configuration file pointed to by the GITLAB_REDIS_CONFIG_FILE environment variable
  4. the configuration file resque.yml