X Stub gitlab-shell config.yml

software/gitlab/TODO

 + remove ssh access, "You won't be able to pull or push ..." warning
+- disable ssh keys management (so gitlab does not mess with webrunner keys) ?
 ~ remove `sudo ...` (or fake it)
 ~ gitlab.yml: git -> bin_path
 - setup basic ~/.gitconfig

software/gitlab/instance-gitlab.cfg.in

@@ -176,6 +176,16 @@ context-extra =
     section directory               directory
     section gitlab_root_shadow      gitlab-root-shadow
 
+
+[gitlab-shell-config.yml]
+<= etc-template
+template= {{ gitlab_shell_config_yml_in }}
+rendered= ${gitlab-shell:etc}/config.yml
+context-extra =
+    section gitlab              gitlab
+    section gitlab_backend      gitlab-backend
+
+
 [nginx-etc-template]
 <= etc-template
 rendered= ${nginx:etc}/${:_buildout_section_name_}
@@ -341,7 +351,7 @@ srv     = ${directory:srv}/redis
 [service-redis]
 recipe  = slapos.cookbook:redis.server
 
-server_bin  = {{ redis_bin }}
+server_bin  = {{ redis_bin }}/redis-server
 
 server_dir  = ${redis:srv}
 config_file = ${directory:etc}/redis.conf

software/gitlab/instance.cfg.in

@@ -36,12 +36,13 @@ context =
     raw nginx_bin                   ${nginx-output:nginx}
     raw mime_types                  ${nginx-output:mime}
     raw postgresql_location         ${postgresql92:location}
-    raw redis_bin                   ${redis28:location}/bin/redis-server
+    raw redis_bin                   ${redis28:location}/bin
 
     raw macrolib_cfg_in             ${macrolib.cfg.in:target}
     raw gitlab_parameters_cfg       ${gitlab-parameters.cfg:target}
     raw database_yml_in             ${database.yml.in:target}
     raw gitlab_yml_in               ${gitlab.yml.in:target}
+    raw gitlab_shell_config_yml_in  ${gitlab-shell-config.yml.in:target}
     raw resque_yml_in               ${resque.yml.in:target}
     raw smtp_settings_rb_in         ${smtp_settings.rb.in:target}
     raw rack_attack_rb_in           ${rack_attack.rb.in:target}

software/gitlab/software.cfg

@@ -84,14 +84,16 @@ git-executable = ${git:location}/bin/git
 [gitlab-repository]
 <= git-repository
 repository = https://gitlab.com/gitlab-org/gitlab-ce.git
-revision = v8.1.2-1-g38039e3ace0ef2a474cca264f045d9518d6a49d0
+revision = v8.1.2-5-ge6e4aa04dc464717ef929a453af0eea11dbc8a03
 location = ${buildout:parts-directory}/gitlab
 
 [gitlab-shell-repository]
 <= git-repository
-repository = https://gitlab.com/gitlab-org/gitlab-shell.git
+repository = https://lab.nexedi.com/kirr/gitlab-shell.git
 # FIXME pin gitlab-shell version properly (wrt gitlab) ?
-revision = v2.6.5-8-g6add33352316af566cec5d827981f1783c59b7f4
+#revision = v2.6.5-8-g6add33352316af566cec5d827981f1783c59b7f4
+branch = x/next
+develop = true
 location = ${buildout:parts-directory}/gitlab-shell
 
 [gitlab-workhorse-repository]
@@ -201,6 +203,10 @@ url     = ${:_profile_base_location_}/template/${:_buildout_section_name_}
 <= download-template
 # md5sum = TODO
 
+[gitlab-shell-config.yml.in]
+<= download-template
+# md5sum = TODO
+
 [resque.yml.in]
 <= download-template
 # md5sum = TODO

software/gitlab/template/gitlab-shell-config.yml.in

+{{ autogenerated }}
+# see:
+# https://gitlab.com/gitlab-org/gitlab-shell/blob/master/config.yml.example
+# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/gitlab-shell-config.yml.erb
+# (last updated for omnibus-gitlab 8.1.0+rc1.ce.0-77-ge349060)
+
+# GitLab user. git by default
+user: {{ gitlab_backend.user }}
+
+# Url to gitlab instance. Used for api calls. Should end with a slash.
+# TODO urlencode
+gitlab_url: "http+unix://{{ unicorn.socket }}/"
+
+http_settings:
+{# we don't need any
+  <%= @http_settings.to_json if @http_settings %>
+#}
+#  user: someone
+#  password: somepass
+#  ca_file: /etc/ssl/cert.pem
+#  ca_path: /etc/pki/tls/certs
+#  self_signed_cert: false
+
+# Repositories path
+# Give the canonicalized absolute pathname,
+# REPOS_PATH MUST NOT CONTAIN ANY SYMLINK!!!
+# Check twice that none of the components is a symlink, including "/home".
+repos_path: "{{ gitlab.repositories }}"
+
+# File used as authorized_keys for gitlab user
+# NOTE not used in slapos version (all access via http only)
+auth_file: "TODO"
+
+# Redis settings used for pushing commit notices to gitlab
+redis:
+  bin: {{ redis.bin }}/redis-cli
+  host: {{ redis_service.ipv6 }}    {# XXX not specify at all ? #}
+  port: {{ redis_service.port }}    {# XXX not specify at all ? #}
+  socket: {{ redis_service.unixsocket }}
+{# we don't use password for redis
+<% if @redis_password %>
+  pass: <%= @redis_password %>
+<% end %>
+#}
+  database: {# <%= @redis_database %> #}
+  namespace: resque:gitlab
+
+# Log file.
+# Default is gitlab-shell.log in the root directory.
+log_file: "{{ gitlab_shell.log }}/gitlab-shell.log"
+
+# Log level. INFO by default
+log_level:
+
+# Audit usernames.
+# Set to true to see real usernames in the logs instead of key ids, which is easier to follow, but
+# incurs an extra API call on every gitlab-shell command.
+audit_usernames:
+
+# Enable git-annex support
+# git-annex allows managing files with git, without checking the file contents into git
+# See https://git-annex.branchable.com/ for documentation
+# If enabled, git-annex needs to be installed on the server where gitlab-shell is setup
+# For Debian and Ubuntu systems this can be done with: sudo apt-get install git-annex
+# For CentOS: sudo yum install epel-release && sudo yum install git-annex
+git_annex_enabled:

software/gitlab/template/gitlab.yml.in

@@ -2,7 +2,7 @@
 # see:
 # https://gitlab.com/gitlab-org/gitlab-ce/blob/master/config/gitlab.yml.example
 # https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb
-# (last updated for v7.13.0.rc2)
+# (last updated for omnibus-gitlab <version> XXX)
 
 {% from 'macrolib.cfg.in' import cfg  with context %}