gitlab.yml.example 12.5 KB
Newer Older
1
# # # # # # # # # # # # # # # # # #
2
# GitLab application config file  #
3
# # # # # # # # # # # # # # # # # #
4 5
#
# How to use:
6 7 8 9 10
# 1. Copy file as gitlab.yml
# 2. Update gitlab -> host with your fully qualified domain name
# 3. Update gitlab -> email_from
# 4. If you installed Git from source, change git -> bin_path to /usr/local/bin/git
# 5. Review this configuration file for other settings you may want to adjust
11

12 13 14 15 16 17 18
production: &base
  #
  # 1. GitLab app settings
  # ==========================

  ## GitLab settings
  gitlab:
19
    ## Web server settings (note: host is the FQDN, do not include http://)
20
    host: localhost
21 22
    port: 80 # Set to 443 if using HTTPS, see installation.md#using-https for additional HTTPS configuration details
    https: false # Set to true if using HTTPS, see installation.md#using-https for additional HTTPS configuration details
23

24 25 26 27 28
    # Uncommment this line below if your ssh host is different from HTTP/HTTPS one
    # (you'd obviously need to replace ssh.host_example.com with your own host).
    # Otherwise, ssh host will be set to the `host:` value above
    # ssh_host: ssh.host_example.com

29 30
    # WARNING: See config/application.rb under "Relative url support" for the list of
    # other files that need to be changed for relative url support
31 32 33 34 35
    # relative_url_root: /gitlab

    # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
    # user: git

36 37
    ## Date & Time settings
    # Uncomment and customize if you want to change the default time zone of GitLab application.
38
    # To see all available zones, run `bundle exec rake time:zones:all RAILS_ENV=production`
39 40
    # time_zone: 'UTC'

41
    ## Email settings
42 43
    # Uncomment and set to false if you need to disable email sending from GitLab (default: true)
    # email_enabled: true
44
    # Email address used in the "From" field in mails sent by GitLab
45
    email_from: example@example.com
46
    email_display_name: GitLab
47

48
    # Email server smtp settings are in config/initializers/smtp_settings.rb.sample
49

50
    # default_can_create_group: false  # default: true
51
    # username_changing_enabled: false # default: true - User can change her username/namespace
Izaak Alpert's avatar
Izaak Alpert committed
52 53 54 55 56 57
    ## Default theme
    ##   BASIC  = 1
    ##   MARS   = 2
    ##   MODERN = 3
    ##   GRAY   = 4
    ##   COLOR  = 5
Izaak Alpert's avatar
Izaak Alpert committed
58
    # default_theme: 2 # default: 2
Izaak Alpert's avatar
Izaak Alpert committed
59

60
    ## Automatic issue closing
Sytse Sijbrandij's avatar
Sytse Sijbrandij committed
61
    # If a commit message matches this regular expression, all issues referenced from the matched text will be closed.
Julien Kirch's avatar
Julien Kirch committed
62
    # This happens when the commit is pushed or merged into the default branch of a project.
Sytse Sijbrandij's avatar
Sytse Sijbrandij committed
63
    # When not specified the default issue_closing_pattern as specified below will be used.
64
    # Tip: you can test your closing pattern at http://rubular.com
65
    # issue_closing_pattern: '((?:[Cc]los(?:e[sd]|ing)|[Ff]ix(?:e[sd]|ing)?) +(?:(?:issues? +)?#\d+(?:(?:, *| +and +)?))+)'
66

67 68 69 70 71
    ## Default project features settings
    default_projects_features:
      issues: true
      merge_requests: true
      wiki: true
72
      snippets: false
73
      visibility_level: "private"  # can be "private" | "internal" | "public"
74

75 76 77 78
    ## Webhook settings
    # Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10)
    # webhook_timeout: 10

79 80
    ## Repository downloads directory
    # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory.
81
    # The default is 'tmp/repositories' relative to the root of the Rails app.
82 83
    # repository_downloads_path: tmp/repositories

84
  ## External issues trackers
85
  issues_tracker:
86
    # redmine:
87
    #   title: "Redmine"
88 89 90 91 92
    #   ## If not nil, link 'Issues' on project page will be replaced with this
    #   ## Use placeholders:
    #   ##  :project_id        - GitLab project identifier
    #   ##  :issues_tracker_id - Project Name or Id in external issue tracker
    #   project_url: "http://redmine.sample/projects/:issues_tracker_id"
93
    #
94 95 96 97 98 99
    #   ## If not nil, links from /#\d/ entities from commit messages will replaced with this
    #   ## Use placeholders:
    #   ##  :project_id        - GitLab project identifier
    #   ##  :issues_tracker_id - Project Name or Id in external issue tracker
    #   ##  :id                - Issue id (from commit messages)
    #   issues_url: "http://redmine.sample/issues/:id"
100
    #
Philzen's avatar
Philzen committed
101
    #   ## If not nil, links to creating new issues will be replaced with this
102 103 104 105
    #   ## Use placeholders:
    #   ##  :project_id        - GitLab project identifier
    #   ##  :issues_tracker_id - Project Name or Id in external issue tracker
    #   new_issue_url: "http://redmine.sample/projects/:issues_tracker_id/issues/new"
106
    #
107
    # jira:
108
    #   title: "Atlassian Jira"
109 110 111
    #   project_url: "http://jira.sample/issues/?jql=project=:issues_tracker_id"
    #   issues_url: "http://jira.sample/browse/:id"
    #   new_issue_url: "http://jira.sample/secure/CreateIssue.jspa"
112

113
  ## Gravatar
114
  ## For Libravatar see: http://doc.gitlab.com/ce/customization/libravatar.html
115
  gravatar:
116
    enabled: true                 # Use user avatar image from Gravatar.com (default: true)
117
    # gravatar urls: possible placeholders: %{hash} %{size} %{email}
118 119
    # plain_url: "http://..."     # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
    # ssl_url:   "https://..."    # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
120 121 122 123 124 125

  #
  # 2. Auth settings
  # ==========================

  ## LDAP settings
126 127
  # You can inspect a sample of the LDAP users with login access by running:
  #   bundle exec rake gitlab:ldap:check RAILS_ENV=production
128 129
  ldap:
    enabled: false
130
    servers:
131
      main: # 'main' is the GitLab 'provider ID' of this LDAP server
132 133 134 135 136 137 138 139 140
        ## label
        #
        # A human-friendly name for your LDAP server. It is OK to change the label later,
        # for instance if you find out it is too large to fit on the web page.
        #
        # Example: 'Paris' or 'Acme, Ltd.'
        label: 'LDAP'

        host: '_your_ldap_server'
141
        port: 389
142
        uid: 'sAMAccountName'
143
        method: 'plain' # "tls" or "ssl" or "plain"
144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176
        bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
        password: '_the_password_of_the_bind_user'

        # This setting specifies if LDAP server is Active Directory LDAP server.
        # For non AD servers it skips the AD specific queries.
        # If your LDAP server is not AD, set this to false.
        active_directory: true

        # If allow_username_or_email_login is enabled, GitLab will ignore everything
        # after the first '@' in the LDAP username submitted by the user on login.
        #
        # Example:
        # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
        # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
        #
        # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
        # disable this setting, because the userPrincipalName contains an '@'.
        allow_username_or_email_login: false

        # Base where we can search for users
        #
        #   Ex. ou=People,dc=gitlab,dc=example
        #
        base: ''

        # Filter LDAP users
        #
        #   Format: RFC 4515 http://tools.ietf.org/search/rfc4515
        #   Ex. (employeeType=developer)
        #
        #   Note: GitLab does not support omniauth-ldap's custom filter syntax.
        #
        user_filter: ''
177

178 179 180 181 182 183 184
      # GitLab EE only: add more LDAP servers
      # Choose an ID made of a-z and 0-9 . This ID will be stored in the database
      # so that GitLab can remember which LDAP server a user belongs to.
      # uswest2:
      #   label:
      #   host:
      #   ....
185 186


187
  ## OmniAuth settings
188
  omniauth:
189
    # Allow login via Twitter, Google, etc. using OmniAuth providers
190 191 192
    enabled: false

    # CAUTION!
193
    # This allows users to login without having a user account first (default: false).
194 195
    # User accounts will be created automatically when authentication was successful.
    allow_single_sign_on: false
196
    # Locks down those users until they have been cleared by the admin (default: true).
197 198 199
    block_auto_created_users: true

    ## Auth providers
200 201
    # Uncomment the following lines and fill in the data of the auth provider you want to use
    # If your favorite auth provider is not listed you can use others:
Drew Blessing's avatar
Drew Blessing committed
202
    # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations
203 204
    # The 'app_id' and 'app_secret' parameters are always passed as the first two
    # arguments, followed by optional 'args' which can be either a hash or an array.
dosire's avatar
dosire committed
205
    # Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html
206
    providers:
Douwe Maan's avatar
Douwe Maan committed
207 208
      # - { name: 'google_oauth2', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET',
209
      #     args: { access_type: 'offline', approval_prompt: '' } }
Douwe Maan's avatar
Douwe Maan committed
210 211 212 213
      # - { name: 'twitter', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET'}
      # - { name: 'github', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET',
214
      #     args: { scope: 'user:email' } }
Douwe Maan's avatar
Douwe Maan committed
215 216
      # - { name: 'gitlab', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET',
217
      #     args: { scope: 'api' } }
Douwe Maan's avatar
Douwe Maan committed
218 219
      # - { name: 'bitbucket', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET'}
220 221 222 223 224 225 226 227 228 229 230



  #
  # 3. Advanced settings
  # ==========================

  # GitLab Satellites
  satellites:
    # Relative paths are relative to Rails.root (default: tmp/repo_satellites/)
    path: /home/git/gitlab-satellites/
231
    timeout: 30
232 233 234 235 236

  ## Backup settings
  backup:
    path: "tmp/backups"   # Relative paths are relative to Rails.root (default: tmp/backups/)
    # keep_time: 604800   # default: 0 (forever) (in seconds)
237 238 239 240
    # upload:
    #   # Fog storage connection settings, see http://fog.io/storage/ .
    #   connection:
    #     provider: AWS
241
    #     region: eu-west-1
242 243 244 245
    #     aws_access_key_id: AKIAKIAKI
    #     aws_secret_access_key: 'secret123'
    #   # The remote 'directory' to store your backups. For S3, this would be the bucket name.
    #   remote_directory: 'my.s3.bucket'
246 247 248

  ## GitLab Shell settings
  gitlab_shell:
249 250
    path: /home/git/gitlab-shell/

251 252 253 254 255 256 257 258
    # REPOS_PATH MUST NOT BE A SYMLINK!!!
    repos_path: /home/git/repositories/
    hooks_path: /home/git/gitlab-shell/hooks/

    # Git over HTTP
    upload_pack: true
    receive_pack: true

259
    # If you use non-standard ssh port you need to specify it
260 261 262
    # ssh_port: 22

  ## Git settings
Riyad Preukschas's avatar
Riyad Preukschas committed
263
  # CAUTION!
264 265 266
  # Use the default values unless you really know what you are doing
  git:
    bin_path: /usr/bin/git
dosire's avatar
dosire committed
267 268 269
    # The next value is the maximum memory size grit can use
    # Given in number of bytes per git object (e.g. a commit)
    # This value can be increased if you have very large commits
270
    max_size: 20971520 # 20.megabytes
271
    # Git timeout to read a commit, in seconds
272 273
    timeout: 10

274 275 276 277
  #
  # 4. Extra customization
  # ==========================

278
  extra:
279 280 281
    ## Google analytics. Uncomment if you want it
    # google_analytics_id: '_your_tracking_id'

Sebastian Winkler's avatar
Sebastian Winkler committed
282 283 284 285
    ## Piwik analytics.
    # piwik_url: '_your_piwik_url'
    # piwik_site_id: '_your_piwik_site_id'

286 287
  rack_attack:
    git_basic_auth:
288 289 290
      # Whitelist requests from 127.0.0.1 for web proxies (NGINX/Apache) with incorrect headers
      # ip_whitelist: ["127.0.0.1"]
      #
291 292 293 294 295 296 297 298 299
      # Limit the number of Git HTTP authentication attempts per IP
      # maxretry: 10
      #
      # Reset the auth attempt counter per IP after 60 seconds
      # findtime: 60
      #
      # Ban an IP for one hour (3600s) after too many auth attempts
      # bantime: 3600

300
development:
301
  <<: *base
302 303

test:
304
  <<: *base
305 306 307 308
  gravatar:
    enabled: true
  gitlab:
    host: localhost
309
    port: 80
310 311

    # When you run tests we clone and setup gitlab-shell
312
    # In order to setup it correctly you need to specify
313
    # your system username you use to run GitLab
314
    # user: YOUR_USERNAME
315 316 317 318 319 320
  satellites:
    path: tmp/tests/gitlab-satellites/
  gitlab_shell:
    path: tmp/tests/gitlab-shell/
    repos_path: tmp/tests/repositories/
    hooks_path: tmp/tests/gitlab-shell/hooks/
321 322
  issues_tracker:
    redmine:
323
      title: "Redmine"
324
      project_url: "http://redmine/projects/:issues_tracker_id"
325
      issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
326
      new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
327 328 329
  ldap:
    enabled: false
    servers:
330
      main:
331 332 333 334 335 336 337 338 339 340
        label: ldap
        host: 127.0.0.1
        port: 3890
        uid: 'uid'
        method: 'plain' # "tls" or "ssl" or "plain"
        base: 'dc=example,dc=com'
        user_filter: ''
        group_base: 'ou=groups,dc=example,dc=com'
        admin_group: ''
        sync_ssh_keys: false
341 342

staging:
343
  <<: *base