Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kirill Smelkov
slapos
Commits
b8d35c8d
Commit
b8d35c8d
authored
Nov 11, 2015
by
Kirill Smelkov
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
X secure secrets (and move them all into 1 place)
parent
117f23de
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
17 additions
and
15 deletions
+17
-15
software/gitlab/instance-gitlab.cfg.in
software/gitlab/instance-gitlab.cfg.in
+16
-12
software/gitlab/instance.cfg.in
software/gitlab/instance.cfg.in
+0
-2
software/gitlab/software.cfg
software/gitlab/software.cfg
+1
-1
No files found.
software/gitlab/instance-gitlab.cfg.in
View file @
b8d35c8d
# GitLab instance
# NOTE instance/software layout is inspired by gitlab omnibus
# NOTE all services are interconnected via unix sockets - because of easier
# security and performance reasons.
# security and performance reasons (unix has 2x less latency and more
# throughput compared to tcp over loopback).
[buildout]
extends = {{ gitlab_parameters_cfg }}
parts =
...
...
@@ -16,7 +17,7 @@ parts =
gitlab-{{ prog }}
{% endfor %}
# TODO gitlab-shell - since compiled shell picks up /usr/bin/env ruby ...
# TODO gitlab-shell - since compiled shell picks up /usr/bin/env ruby ...
?
gitlab-root-shadow
gitlab-shell-root-shadow
...
...
@@ -116,7 +117,7 @@ repositories = ${directory:srv}/repositories
backup = ${directory:srv}/backup
# gitlab-shell: etc/ log/ gitlab_shell_secret
e
...
# gitlab-shell: etc/ log/ gitlab_shell_secret ...
[gitlab-shell-dir]
recipe = slapos.cookbook:mkdirectory
etc = ${directory:etc}/gitlab-shell
...
...
@@ -125,7 +126,14 @@ log = ${directory:log}/gitlab-shell
[gitlab-shell]
etc = ${gitlab-shell-dir:etc}
log = ${gitlab-shell-dir:log}
secret = ${:etc}/gitlab_shell_secret
secret = ${secrets:secrets}/gitlab_shell_secret
[secrets]
recipe = slapos.cookbook:mkdirectory
secrets = ${directory:srv}/secrets
mode = 0700
...
...
@@ -293,6 +301,7 @@ update-command =
${:tune-command}
# XXX store
# NOTE there is no need to link/create .gitlab_shell_secret - we set path to it
# in gitlab & gitlab-shell configs, and gitlab creates it on its first start
[gitlab-root-shadow]
...
...
@@ -302,7 +311,7 @@ tune-command =
# secret* tmp/ log/
rm -f .secret &&
rm -rf log tmp &&
ln -sf ${
gitlab:etc}/
secret .secret &&
ln -sf ${
secrets:secrets}/gitlab_rails_
secret .secret &&
ln -sf ${gitlab:log} log &&
ln -sf ${gitlab:tmp} tmp &&
# config/
...
...
@@ -311,6 +320,7 @@ tune-command =
ln -sf ${gitlab.yml:rendered} gitlab.yml &&
ln -sf ${database.yml:rendered} database.yml &&
ln -sf ${resque.yml:rendered} resque.yml &&
ln -sf ${secrets:secrets}/gitlab_secrets.yml secrets.yml &&
# config/initializers/
cd initializers &&
ln -sf ${rack_attack.rb:rendered} rack_attack.rb &&
...
...
@@ -333,12 +343,7 @@ tune-command =
# etc/
# service/
# unicorn
# sidekiq
# 4. services
#####################
# Postgresql db #
...
...
@@ -384,7 +389,6 @@ port =
#############
# Redis #
#############
[redis]
recipe = slapos.cookbook:mkdirectory
srv = ${directory:srv}/redis
...
...
software/gitlab/instance.cfg.in
View file @
b8d35c8d
...
...
@@ -12,11 +12,9 @@ offline = true
[switch-softwaretype]
recipe = slapos.cookbook:softwaretype
default = $${instance-gitlab.cfg:rendered}
#single-default = $${dynamic-template-powerdns:rendered}
[instance-gitlab.cfg]
#<= jinja2-template-base
recipe = slapos.recipe.template:jinja2
mode = 0644
template= ${instance-gitlab.cfg.in:target}
...
...
software/gitlab/software.cfg
View file @
b8d35c8d
...
...
@@ -83,7 +83,7 @@ git-executable = ${git:location}/bin/git
[gitlab-repository]
<= git-repository
repository = https://gitlab.com/gitlab-org/gitlab-ce.git
revision = v8.1.
2-5-ge6e4aa04dc464717ef929a453af0eea11dbc8a03
revision = v8.1.
3-9-g0350a36f28bfb19fddf570c9f77e181e32efc149
location = ${buildout:parts-directory}/gitlab
[gitlab-shell-repository]
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment