bb50b7fcd0
This change helps system administrators who want to replicate GitLab backup files without needing root permissions.
216 lines
9.5 KiB
Ruby
216 lines
9.5 KiB
Ruby
require 'gitlab' # Load lib/gitlab.rb as soon as possible
|
|
|
|
class Settings < Settingslogic
|
|
source ENV.fetch('GITLAB_CONFIG') { "#{Rails.root}/config/gitlab.yml" }
|
|
namespace Rails.env
|
|
|
|
class << self
|
|
def gitlab_on_standard_port?
|
|
gitlab.port.to_i == (gitlab.https ? 443 : 80)
|
|
end
|
|
|
|
private
|
|
|
|
def build_gitlab_shell_ssh_path_prefix
|
|
if gitlab_shell.ssh_port != 22
|
|
"ssh://#{gitlab_shell.ssh_user}@#{gitlab_shell.ssh_host}:#{gitlab_shell.ssh_port}/"
|
|
else
|
|
if gitlab_shell.ssh_host.include? ':'
|
|
"[#{gitlab_shell.ssh_user}@#{gitlab_shell.ssh_host}]:"
|
|
else
|
|
"#{gitlab_shell.ssh_user}@#{gitlab_shell.ssh_host}:"
|
|
end
|
|
end
|
|
end
|
|
|
|
def build_gitlab_url
|
|
custom_port = gitlab_on_standard_port? ? nil : ":#{gitlab.port}"
|
|
[ gitlab.protocol,
|
|
"://",
|
|
gitlab.host,
|
|
custom_port,
|
|
gitlab.relative_url_root
|
|
].join('')
|
|
end
|
|
|
|
# check that values in `current` (string or integer) is a contant in `modul`.
|
|
def verify_constant_array(modul, current, default)
|
|
values = default || []
|
|
if !current.nil?
|
|
values = []
|
|
current.each do |constant|
|
|
values.push(verify_constant(modul, constant, nil))
|
|
end
|
|
values.delete_if { |value| value.nil? }
|
|
end
|
|
values
|
|
end
|
|
|
|
# check that `current` (string or integer) is a contant in `modul`.
|
|
def verify_constant(modul, current, default)
|
|
constant = modul.constants.find{ |name| modul.const_get(name) == current }
|
|
value = constant.nil? ? default : modul.const_get(constant)
|
|
if current.is_a? String
|
|
value = modul.const_get(current.upcase) rescue default
|
|
end
|
|
value
|
|
end
|
|
end
|
|
end
|
|
|
|
|
|
# Default settings
|
|
Settings['ldap'] ||= Settingslogic.new({})
|
|
Settings.ldap['enabled'] = false if Settings.ldap['enabled'].nil?
|
|
|
|
# backwards compatibility, we only have one host
|
|
if Settings.ldap['enabled'] || Rails.env.test?
|
|
if Settings.ldap['host'].present?
|
|
# We detected old LDAP configuration syntax. Update the config to make it
|
|
# look like it was entered with the new syntax.
|
|
server = Settings.ldap.except('sync_time')
|
|
Settings.ldap['servers'] = {
|
|
'main' => server
|
|
}
|
|
end
|
|
|
|
Settings.ldap['servers'].each do |key, server|
|
|
server['label'] ||= 'LDAP'
|
|
server['block_auto_created_users'] = false if server['block_auto_created_users'].nil?
|
|
server['allow_username_or_email_login'] = false if server['allow_username_or_email_login'].nil?
|
|
server['active_directory'] = true if server['active_directory'].nil?
|
|
server['provider_name'] ||= "ldap#{key}".downcase
|
|
server['provider_class'] = OmniAuth::Utils.camelize(server['provider_name'])
|
|
end
|
|
end
|
|
|
|
|
|
Settings['omniauth'] ||= Settingslogic.new({})
|
|
Settings.omniauth['enabled'] = false if Settings.omniauth['enabled'].nil?
|
|
Settings.omniauth['auto_sign_in_with_provider'] = false if Settings.omniauth['auto_sign_in_with_provider'].nil?
|
|
Settings.omniauth['allow_single_sign_on'] = false if Settings.omniauth['allow_single_sign_on'].nil?
|
|
Settings.omniauth['block_auto_created_users'] = true if Settings.omniauth['block_auto_created_users'].nil?
|
|
Settings.omniauth['auto_link_ldap_user'] = false if Settings.omniauth['auto_link_ldap_user'].nil?
|
|
|
|
Settings.omniauth['providers'] ||= []
|
|
|
|
Settings['issues_tracker'] ||= {}
|
|
|
|
#
|
|
# GitLab
|
|
#
|
|
Settings['gitlab'] ||= Settingslogic.new({})
|
|
Settings.gitlab['default_projects_limit'] ||= 10
|
|
Settings.gitlab['default_branch_protection'] ||= 2
|
|
Settings.gitlab['default_can_create_group'] = true if Settings.gitlab['default_can_create_group'].nil?
|
|
Settings.gitlab['default_theme'] = Gitlab::Themes::APPLICATION_DEFAULT if Settings.gitlab['default_theme'].nil?
|
|
Settings.gitlab['host'] ||= 'localhost'
|
|
Settings.gitlab['ssh_host'] ||= Settings.gitlab.host
|
|
Settings.gitlab['https'] = false if Settings.gitlab['https'].nil?
|
|
Settings.gitlab['port'] ||= Settings.gitlab.https ? 443 : 80
|
|
Settings.gitlab['relative_url_root'] ||= ENV['RAILS_RELATIVE_URL_ROOT'] || ''
|
|
Settings.gitlab['protocol'] ||= Settings.gitlab.https ? "https" : "http"
|
|
Settings.gitlab['email_enabled'] ||= true if Settings.gitlab['email_enabled'].nil?
|
|
Settings.gitlab['email_from'] ||= "gitlab@#{Settings.gitlab.host}"
|
|
Settings.gitlab['email_display_name'] ||= "GitLab"
|
|
Settings.gitlab['email_reply_to'] ||= "noreply@#{Settings.gitlab.host}"
|
|
Settings.gitlab['url'] ||= Settings.send(:build_gitlab_url)
|
|
Settings.gitlab['user'] ||= 'git'
|
|
Settings.gitlab['user_home'] ||= begin
|
|
Etc.getpwnam(Settings.gitlab['user']).dir
|
|
rescue ArgumentError # no user configured
|
|
'/home/' + Settings.gitlab['user']
|
|
end
|
|
Settings.gitlab['time_zone'] ||= nil
|
|
Settings.gitlab['signup_enabled'] ||= true if Settings.gitlab['signup_enabled'].nil?
|
|
Settings.gitlab['signin_enabled'] ||= true if Settings.gitlab['signin_enabled'].nil?
|
|
Settings.gitlab['twitter_sharing_enabled'] ||= true if Settings.gitlab['twitter_sharing_enabled'].nil?
|
|
Settings.gitlab['restricted_visibility_levels'] = Settings.send(:verify_constant_array, Gitlab::VisibilityLevel, Settings.gitlab['restricted_visibility_levels'], [])
|
|
Settings.gitlab['username_changing_enabled'] = true if Settings.gitlab['username_changing_enabled'].nil?
|
|
Settings.gitlab['issue_closing_pattern'] = '((?:[Cc]los(?:e[sd]?|ing)|[Ff]ix(?:e[sd]|ing)?|[Rr]esolv(?:e[sd]?|ing)) +(?:(?:issues? +)?#\d+(?:(?:, *| +and +)?))+)' if Settings.gitlab['issue_closing_pattern'].nil?
|
|
Settings.gitlab['default_projects_features'] ||= {}
|
|
Settings.gitlab['webhook_timeout'] ||= 10
|
|
Settings.gitlab['max_attachment_size'] ||= 10
|
|
Settings.gitlab['session_expire_delay'] ||= 10080
|
|
Settings.gitlab.default_projects_features['issues'] = true if Settings.gitlab.default_projects_features['issues'].nil?
|
|
Settings.gitlab.default_projects_features['merge_requests'] = true if Settings.gitlab.default_projects_features['merge_requests'].nil?
|
|
Settings.gitlab.default_projects_features['wiki'] = true if Settings.gitlab.default_projects_features['wiki'].nil?
|
|
Settings.gitlab.default_projects_features['snippets'] = false if Settings.gitlab.default_projects_features['snippets'].nil?
|
|
Settings.gitlab.default_projects_features['visibility_level'] = Settings.send(:verify_constant, Gitlab::VisibilityLevel, Settings.gitlab.default_projects_features['visibility_level'], Gitlab::VisibilityLevel::PRIVATE)
|
|
Settings.gitlab['repository_downloads_path'] = File.absolute_path(Settings.gitlab['repository_downloads_path'] || 'tmp/repositories', Rails.root)
|
|
Settings.gitlab['restricted_signup_domains'] ||= []
|
|
|
|
#
|
|
# Gravatar
|
|
#
|
|
Settings['gravatar'] ||= Settingslogic.new({})
|
|
Settings.gravatar['enabled'] = true if Settings.gravatar['enabled'].nil?
|
|
Settings.gravatar['plain_url'] ||= 'http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon'
|
|
Settings.gravatar['ssl_url'] ||= 'https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon'
|
|
|
|
#
|
|
# GitLab Shell
|
|
#
|
|
Settings['gitlab_shell'] ||= Settingslogic.new({})
|
|
Settings.gitlab_shell['path'] ||= Settings.gitlab['user_home'] + '/gitlab-shell/'
|
|
Settings.gitlab_shell['hooks_path'] ||= Settings.gitlab['user_home'] + '/gitlab-shell/hooks/'
|
|
Settings.gitlab_shell['secret_file'] ||= Rails.root.join('.gitlab_shell_secret')
|
|
Settings.gitlab_shell['receive_pack'] = true if Settings.gitlab_shell['receive_pack'].nil?
|
|
Settings.gitlab_shell['upload_pack'] = true if Settings.gitlab_shell['upload_pack'].nil?
|
|
Settings.gitlab_shell['repos_path'] ||= Settings.gitlab['user_home'] + '/repositories/'
|
|
Settings.gitlab_shell['ssh_host'] ||= Settings.gitlab.ssh_host
|
|
Settings.gitlab_shell['ssh_port'] ||= 22
|
|
Settings.gitlab_shell['ssh_user'] ||= Settings.gitlab.user
|
|
Settings.gitlab_shell['owner_group'] ||= Settings.gitlab.user
|
|
Settings.gitlab_shell['ssh_path_prefix'] ||= Settings.send(:build_gitlab_shell_ssh_path_prefix)
|
|
|
|
#
|
|
# Backup
|
|
#
|
|
Settings['backup'] ||= Settingslogic.new({})
|
|
Settings.backup['keep_time'] ||= 0
|
|
Settings.backup['path'] = File.expand_path(Settings.backup['path'] || "tmp/backups/", Rails.root)
|
|
Settings.backup['archive_permissions'] ||= 0600
|
|
Settings.backup['upload'] ||= Settingslogic.new({ 'remote_directory' => nil, 'connection' => nil })
|
|
# Convert upload connection settings to use symbol keys, to make Fog happy
|
|
if Settings.backup['upload']['connection']
|
|
Settings.backup['upload']['connection'] = Hash[Settings.backup['upload']['connection'].map { |k, v| [k.to_sym, v] }]
|
|
end
|
|
Settings.backup['upload']['multipart_chunk_size'] ||= 104857600
|
|
|
|
#
|
|
# Git
|
|
#
|
|
Settings['git'] ||= Settingslogic.new({})
|
|
Settings.git['max_size'] ||= 20971520 # 20.megabytes
|
|
Settings.git['bin_path'] ||= '/usr/bin/git'
|
|
Settings.git['timeout'] ||= 10
|
|
|
|
Settings['satellites'] ||= Settingslogic.new({})
|
|
Settings.satellites['path'] = File.expand_path(Settings.satellites['path'] || "tmp/repo_satellites/", Rails.root)
|
|
Settings.satellites['timeout'] ||= 30
|
|
|
|
#
|
|
# Extra customization
|
|
#
|
|
Settings['extra'] ||= Settingslogic.new({})
|
|
|
|
#
|
|
# Rack::Attack settings
|
|
#
|
|
Settings['rack_attack'] ||= Settingslogic.new({})
|
|
Settings.rack_attack['git_basic_auth'] ||= Settingslogic.new({})
|
|
Settings.rack_attack.git_basic_auth['enabled'] = true if Settings.rack_attack.git_basic_auth['enabled'].nil?
|
|
Settings.rack_attack.git_basic_auth['ip_whitelist'] ||= %w{127.0.0.1}
|
|
Settings.rack_attack.git_basic_auth['maxretry'] ||= 10
|
|
Settings.rack_attack.git_basic_auth['findtime'] ||= 1.minute
|
|
Settings.rack_attack.git_basic_auth['bantime'] ||= 1.hour
|
|
|
|
#
|
|
# Testing settings
|
|
#
|
|
if Rails.env.test?
|
|
Settings.gitlab['default_projects_limit'] = 42
|
|
Settings.gitlab['default_can_create_group'] = true
|
|
Settings.gitlab['default_can_create_team'] = false
|
|
end
|