gitlab.yml.example 11.6 KB
Newer Older
1
# # # # # # # # # # # # # # # # # #
2
# GitLab application config file  #
3
# # # # # # # # # # # # # # # # # #
4
#
5 6 7 8 9
###########################  NOTE  #####################################
# This file should not receive new settings. All configuration options #
# are being moved to ApplicationSetting model!                         #
########################################################################
#
10
# How to use:
11 12 13 14 15
# 1. Copy file as gitlab.yml
# 2. Update gitlab -> host with your fully qualified domain name
# 3. Update gitlab -> email_from
# 4. If you installed Git from source, change git -> bin_path to /usr/local/bin/git
# 5. Review this configuration file for other settings you may want to adjust
16

17 18 19 20 21 22 23
production: &base
  #
  # 1. GitLab app settings
  # ==========================

  ## GitLab settings
  gitlab:
24
    ## Web server settings (note: host is the FQDN, do not include http://)
25
    host: localhost
26 27
    port: 80 # Set to 443 if using HTTPS, see installation.md#using-https for additional HTTPS configuration details
    https: false # Set to true if using HTTPS, see installation.md#using-https for additional HTTPS configuration details
28

29 30 31 32 33
    # Uncommment this line below if your ssh host is different from HTTP/HTTPS one
    # (you'd obviously need to replace ssh.host_example.com with your own host).
    # Otherwise, ssh host will be set to the `host:` value above
    # ssh_host: ssh.host_example.com

34 35
    # WARNING: See config/application.rb under "Relative url support" for the list of
    # other files that need to be changed for relative url support
36 37 38 39 40
    # relative_url_root: /gitlab

    # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
    # user: git

41 42
    ## Date & Time settings
    # Uncomment and customize if you want to change the default time zone of GitLab application.
43
    # To see all available zones, run `bundle exec rake time:zones:all RAILS_ENV=production`
44 45
    # time_zone: 'UTC'

46
    ## Email settings
47 48
    # Uncomment and set to false if you need to disable email sending from GitLab (default: true)
    # email_enabled: true
49
    # Email address used in the "From" field in mails sent by GitLab
50
    email_from: example@example.com
51
    email_display_name: GitLab
52

53
    # Email server smtp settings are in config/initializers/smtp_settings.rb.sample
54

55
    # default_can_create_group: false  # default: true
56
    # username_changing_enabled: false # default: true - User can change her username/namespace
Izaak Alpert's avatar
Izaak Alpert committed
57 58 59 60 61 62
    ## Default theme
    ##   BASIC  = 1
    ##   MARS   = 2
    ##   MODERN = 3
    ##   GRAY   = 4
    ##   COLOR  = 5
Izaak Alpert's avatar
Izaak Alpert committed
63
    # default_theme: 2 # default: 2
Izaak Alpert's avatar
Izaak Alpert committed
64

65
    ## Automatic issue closing
Sytse Sijbrandij's avatar
Sytse Sijbrandij committed
66
    # If a commit message matches this regular expression, all issues referenced from the matched text will be closed.
Julien Kirch's avatar
Julien Kirch committed
67
    # This happens when the commit is pushed or merged into the default branch of a project.
Sytse Sijbrandij's avatar
Sytse Sijbrandij committed
68
    # When not specified the default issue_closing_pattern as specified below will be used.
69
    # Tip: you can test your closing pattern at http://rubular.com
70
    # issue_closing_pattern: '((?:[Cc]los(?:e[sd]|ing)|[Ff]ix(?:e[sd]|ing)?) +(?:(?:issues? +)?#\d+(?:(?:, *| +and +)?))+)'
71

72 73 74 75 76
    ## Default project features settings
    default_projects_features:
      issues: true
      merge_requests: true
      wiki: true
77
      snippets: false
78
      visibility_level: "private"  # can be "private" | "internal" | "public"
79

80 81 82 83
    ## Webhook settings
    # Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10)
    # webhook_timeout: 10

84 85
    ## Repository downloads directory
    # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory.
86
    # The default is 'tmp/repositories' relative to the root of the Rails app.
87 88
    # repository_downloads_path: tmp/repositories

89
  ## Gravatar
90
  ## For Libravatar see: http://doc.gitlab.com/ce/customization/libravatar.html
91
  gravatar:
92
    enabled: true                 # Use user avatar image from Gravatar.com (default: true)
93
    # gravatar urls: possible placeholders: %{hash} %{size} %{email}
94 95
    # plain_url: "http://..."     # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
    # ssl_url:   "https://..."    # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
96 97 98 99 100 101

  #
  # 2. Auth settings
  # ==========================

  ## LDAP settings
102 103
  # You can inspect a sample of the LDAP users with login access by running:
  #   bundle exec rake gitlab:ldap:check RAILS_ENV=production
104 105
  ldap:
    enabled: false
106
    servers:
107
      main: # 'main' is the GitLab 'provider ID' of this LDAP server
108 109 110 111 112 113 114 115 116
        ## label
        #
        # A human-friendly name for your LDAP server. It is OK to change the label later,
        # for instance if you find out it is too large to fit on the web page.
        #
        # Example: 'Paris' or 'Acme, Ltd.'
        label: 'LDAP'

        host: '_your_ldap_server'
117
        port: 389
118
        uid: 'sAMAccountName'
119
        method: 'plain' # "tls" or "ssl" or "plain"
120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152
        bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
        password: '_the_password_of_the_bind_user'

        # This setting specifies if LDAP server is Active Directory LDAP server.
        # For non AD servers it skips the AD specific queries.
        # If your LDAP server is not AD, set this to false.
        active_directory: true

        # If allow_username_or_email_login is enabled, GitLab will ignore everything
        # after the first '@' in the LDAP username submitted by the user on login.
        #
        # Example:
        # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
        # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
        #
        # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
        # disable this setting, because the userPrincipalName contains an '@'.
        allow_username_or_email_login: false

        # Base where we can search for users
        #
        #   Ex. ou=People,dc=gitlab,dc=example
        #
        base: ''

        # Filter LDAP users
        #
        #   Format: RFC 4515 http://tools.ietf.org/search/rfc4515
        #   Ex. (employeeType=developer)
        #
        #   Note: GitLab does not support omniauth-ldap's custom filter syntax.
        #
        user_filter: ''
153

154 155 156 157 158 159 160
      # GitLab EE only: add more LDAP servers
      # Choose an ID made of a-z and 0-9 . This ID will be stored in the database
      # so that GitLab can remember which LDAP server a user belongs to.
      # uswest2:
      #   label:
      #   host:
      #   ....
161 162


163
  ## OmniAuth settings
164
  omniauth:
165
    # Allow login via Twitter, Google, etc. using OmniAuth providers
166 167 168
    enabled: false

    # CAUTION!
169
    # This allows users to login without having a user account first (default: false).
170 171
    # User accounts will be created automatically when authentication was successful.
    allow_single_sign_on: false
172
    # Locks down those users until they have been cleared by the admin (default: true).
173 174 175
    block_auto_created_users: true

    ## Auth providers
176 177
    # Uncomment the following lines and fill in the data of the auth provider you want to use
    # If your favorite auth provider is not listed you can use others:
Drew Blessing's avatar
Drew Blessing committed
178
    # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations
179 180
    # The 'app_id' and 'app_secret' parameters are always passed as the first two
    # arguments, followed by optional 'args' which can be either a hash or an array.
dosire's avatar
dosire committed
181
    # Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html
182
    providers:
Douwe Maan's avatar
Douwe Maan committed
183 184
      # - { name: 'google_oauth2', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET',
185
      #     args: { access_type: 'offline', approval_prompt: '' } }
Douwe Maan's avatar
Douwe Maan committed
186 187 188 189
      # - { name: 'twitter', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET'}
      # - { name: 'github', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET',
190
      #     args: { scope: 'user:email' } }
Douwe Maan's avatar
Douwe Maan committed
191 192
      # - { name: 'gitlab', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET',
193
      #     args: { scope: 'api' } }
Douwe Maan's avatar
Douwe Maan committed
194 195
      # - { name: 'bitbucket', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET'}
196 197 198 199 200 201 202 203 204 205 206



  #
  # 3. Advanced settings
  # ==========================

  # GitLab Satellites
  satellites:
    # Relative paths are relative to Rails.root (default: tmp/repo_satellites/)
    path: /home/git/gitlab-satellites/
207
    timeout: 30
208 209 210 211 212

  ## Backup settings
  backup:
    path: "tmp/backups"   # Relative paths are relative to Rails.root (default: tmp/backups/)
    # keep_time: 604800   # default: 0 (forever) (in seconds)
213 214 215 216
    # upload:
    #   # Fog storage connection settings, see http://fog.io/storage/ .
    #   connection:
    #     provider: AWS
217
    #     region: eu-west-1
218 219 220 221
    #     aws_access_key_id: AKIAKIAKI
    #     aws_secret_access_key: 'secret123'
    #   # The remote 'directory' to store your backups. For S3, this would be the bucket name.
    #   remote_directory: 'my.s3.bucket'
222 223 224

  ## GitLab Shell settings
  gitlab_shell:
225 226
    path: /home/git/gitlab-shell/

227 228 229 230 231 232 233 234
    # REPOS_PATH MUST NOT BE A SYMLINK!!!
    repos_path: /home/git/repositories/
    hooks_path: /home/git/gitlab-shell/hooks/

    # Git over HTTP
    upload_pack: true
    receive_pack: true

235
    # If you use non-standard ssh port you need to specify it
236 237 238
    # ssh_port: 22

  ## Git settings
Riyad Preukschas's avatar
Riyad Preukschas committed
239
  # CAUTION!
240 241 242
  # Use the default values unless you really know what you are doing
  git:
    bin_path: /usr/bin/git
dosire's avatar
dosire committed
243 244 245
    # The next value is the maximum memory size grit can use
    # Given in number of bytes per git object (e.g. a commit)
    # This value can be increased if you have very large commits
246
    max_size: 20971520 # 20.megabytes
247
    # Git timeout to read a commit, in seconds
248 249
    timeout: 10

250 251 252 253
  #
  # 4. Extra customization
  # ==========================

254
  extra:
255 256 257
    ## Google analytics. Uncomment if you want it
    # google_analytics_id: '_your_tracking_id'

Sebastian Winkler's avatar
Sebastian Winkler committed
258 259 260 261
    ## Piwik analytics.
    # piwik_url: '_your_piwik_url'
    # piwik_site_id: '_your_piwik_site_id'

262 263
  rack_attack:
    git_basic_auth:
264 265 266
      # Rack Attack IP banning enabled
      # enabled: true
      #
267 268 269
      # Whitelist requests from 127.0.0.1 for web proxies (NGINX/Apache) with incorrect headers
      # ip_whitelist: ["127.0.0.1"]
      #
270 271 272 273 274 275 276 277 278
      # Limit the number of Git HTTP authentication attempts per IP
      # maxretry: 10
      #
      # Reset the auth attempt counter per IP after 60 seconds
      # findtime: 60
      #
      # Ban an IP for one hour (3600s) after too many auth attempts
      # bantime: 3600

279
development:
280
  <<: *base
281 282

test:
283
  <<: *base
284 285 286 287
  gravatar:
    enabled: true
  gitlab:
    host: localhost
288
    port: 80
289 290

    # When you run tests we clone and setup gitlab-shell
291
    # In order to setup it correctly you need to specify
292
    # your system username you use to run GitLab
293
    # user: YOUR_USERNAME
294 295 296 297 298 299
  satellites:
    path: tmp/tests/gitlab-satellites/
  gitlab_shell:
    path: tmp/tests/gitlab-shell/
    repos_path: tmp/tests/repositories/
    hooks_path: tmp/tests/gitlab-shell/hooks/
300 301
  issues_tracker:
    redmine:
302
      title: "Redmine"
303
      project_url: "http://redmine/projects/:issues_tracker_id"
304
      issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
305
      new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
306 307 308
  ldap:
    enabled: false
    servers:
309
      main:
310 311 312 313 314 315 316 317 318 319
        label: ldap
        host: 127.0.0.1
        port: 3890
        uid: 'uid'
        method: 'plain' # "tls" or "ssl" or "plain"
        base: 'dc=example,dc=com'
        user_filter: ''
        group_base: 'ou=groups,dc=example,dc=com'
        admin_group: ''
        sync_ssh_keys: false
320 321

staging:
322
  <<: *base