Fix whitespace in many administration docs

Many code blocks are 4spaced, and they render in GitLab without coloring as a result, even though they are fenced with a language label. If in a list, other items will render as being in a code block too, even if not meant to. This fixes all these issues for many admin docs in /high_availability and /auth (part 1)

Fix whitespace in many administration docs
Many code blocks are 4spaced, and they render in GitLab without coloring as a result, even though they are fenced with a language label. If in a list, other items will render as being in a code block too, even if not meant to. This fixes all these issues for many admin docs in /high_availability and /auth (part 1)
735e1f2c · Marcel Amirault · Evan Read · e105232c · 735e1f2c · 735e1f2c
Commit 735e1f2c authored Jul 12, 2019 by Marcel Amirault Committed by Evan Read Jul 12, 2019
17 changed files
--- a/doc/administration/auth/authentiq.md
+++ b/doc/administration/auth/authentiq.md
@@ -8,47 +8,48 @@ Authentiq will generate a Client ID and the accompanying Client Secret for you t
 1. On your GitLab server, open the configuration file:
-    For omnibus installation
+   For omnibus installation
-    ```sh
-    sudo editor /etc/gitlab/gitlab.rb
-    ```
-    For installations from source:
+   ```sh
+   sudo editor /etc/gitlab/gitlab.rb
+   ```
-    ```sh
+   For installations from source:
-    sudo -u git -H editor /home/git/gitlab/config/gitlab.yml
-    ```
+   ```sh
+   sudo -u git -H editor /home/git/gitlab/config/gitlab.yml
+   ```
 1. See [Initial OmniAuth Configuration](../../integration/omniauth.md#initial-omniauth-configuration) for initial settings to enable single sign-on and add Authentiq as an OAuth provider.
 1. Add the provider configuration for Authentiq:
-    For Omnibus packages:
+   For Omnibus packages:
-    ```ruby
+   ```ruby
-    gitlab_rails['omniauth_providers'] = [
+   gitlab_rails['omniauth_providers'] = [
-      {
+     {
-        "name" => "authentiq",
+       "name" => "authentiq",
-        "app_id" => "YOUR_CLIENT_ID",
+       "app_id" => "YOUR_CLIENT_ID",
-        "app_secret" => "YOUR_CLIENT_SECRET",
+       "app_secret" => "YOUR_CLIENT_SECRET",
-        "args" => {
+       "args" => {
-               "scope": 'aq:name email~rs address aq:push'
+              "scope": 'aq:name email~rs address aq:push'
-         }
+        }
-      }
+     }
-    ]
+   ]
-    ```
+   ```
-    For installations from source:
+   For installations from source:
-    ```yaml
+   ```yaml
-    - { name: 'authentiq',
+   - { name: 'authentiq',
-        app_id: 'YOUR_CLIENT_ID',
+       app_id: 'YOUR_CLIENT_ID',
-        app_secret: 'YOUR_CLIENT_SECRET',
+       app_secret: 'YOUR_CLIENT_SECRET',
-        args: {
+       args: {
-               scope: 'aq:name email~rs address aq:push'
+              scope: 'aq:name email~rs address aq:push'
-              }
+             }
-      }
+     }
-    ```
+   ```
 1. The `scope` is set to request the user's name, email (required and signed), and permission to send push notifications to sign in on subsequent visits.
   See [OmniAuth Authentiq strategy](https://github.com/AuthentiqID/omniauth-authentiq/wiki/Scopes,-callback-url-configuration-and-responses) for more information on scopes and modifiers.

--- a/doc/administration/auth/crowd.md
+++ b/doc/administration/auth/crowd.md
@@ -6,55 +6,56 @@
 1. Go through the 'Add application' steps, entering the appropriate details.
   The screenshot below shows an example configuration.
-    ![Example Crowd application configuration](img/crowd_application.png)
+   ![Example Crowd application configuration](img/crowd_application.png)
 ## Configure GitLab
 1. On your GitLab server, open the configuration file.
-    **Omnibus:**
+   **Omnibus:**
-    ```sh
+   ```sh
-      sudo editor /etc/gitlab/gitlab.rb
+     sudo editor /etc/gitlab/gitlab.rb
-    ```
+   ```
-    **Source:**
+   **Source:**
-    ```sh
+   ```sh
-      cd /home/git/gitlab
+     cd /home/git/gitlab
-      sudo -u git -H editor config/gitlab.yml
+     sudo -u git -H editor config/gitlab.yml
-    ```
+   ```
 1. See [Initial OmniAuth Configuration](../../integration/omniauth.md#initial-omniauth-configuration)
   for initial settings.
 1. Add the provider configuration:
-    **Omnibus:**
+   **Omnibus:**
-    ```ruby
+   ```ruby
-      gitlab_rails['omniauth_providers'] = [
+     gitlab_rails['omniauth_providers'] = [
-        {
+       {
-          "name" => "crowd",
+         "name" => "crowd",
-          "args" => {
+         "args" => {
-            "crowd_server_url" => "CROWD_SERVER_URL",
+           "crowd_server_url" => "CROWD_SERVER_URL",
-            "application_name" => "YOUR_APP_NAME",
+           "application_name" => "YOUR_APP_NAME",
-            "application_password" => "YOUR_APP_PASSWORD"
+           "application_password" => "YOUR_APP_PASSWORD"
-          }
+         }
-        }
+       }
-      ]
+     ]
-    ```
+   ```
-    **Source:**
+   **Source:**
-    ```
+   ```
-       - { name: 'crowd',
+      - { name: 'crowd',
-           args: {
+          args: {
-             crowd_server_url: 'CROWD_SERVER_URL',
+            crowd_server_url: 'CROWD_SERVER_URL',
-             application_name: 'YOUR_APP_NAME',
+            application_name: 'YOUR_APP_NAME',
-             application_password: 'YOUR_APP_PASSWORD' } }
+            application_password: 'YOUR_APP_PASSWORD' } }
-    ```
+   ```
 1. Change `CROWD_SERVER_URL` to the URL of your Crowd server.
 1. Change `YOUR_APP_NAME` to the application name from Crowd applications page.
 1. Change `YOUR_APP_PASSWORD` to the application password you've set.
@@ -77,4 +78,4 @@ could not authorize you from Crowd because invalid credentials
 Please make sure the Crowd users who need to login to GitLab are authorized to [the application](#configure-a-new-crowd-application) in the step of **Authorisation**. This could be verified by try "Authentication test" for Crowd as of 2.11.
 ![Example Crowd application authorisation configuration](img/crowd_application_authorisation.png)
\ No newline at end of file
--- a/doc/administration/auth/google_secure_ldap.md
+++ b/doc/administration/auth/google_secure_ldap.md
@@ -66,7 +66,7 @@ values obtained during the LDAP client configuration earlier:
 1. Edit `/etc/gitlab/gitlab.rb`:
-    ```ruby
+   ```ruby
   gitlab_rails['ldap_enabled'] = true
   gitlab_rails['ldap_servers'] = YAML.load <<-EOS # remember to close this block with 'EOS' below
     main: # 'main' is the GitLab 'provider ID' of this LDAP server
@@ -127,7 +127,7 @@ values obtained during the LDAP client configuration earlier:
           AcZSFJQjdg5BTyvdEDhaYUKGdRw=
           -----END PRIVATE KEY-----
   EOS
-    ```
+   ```
 1. Save the file and [reconfigure] GitLab for the changes to take effect.
@@ -137,7 +137,7 @@ values obtained during the LDAP client configuration earlier:
 1. Edit `config/gitlab.yml`:
-    ```yaml
+   ```yaml
   ldap:
     enabled: true
     servers:

--- a/doc/administration/auth/jwt.md
+++ b/doc/administration/auth/jwt.md
@@ -3,65 +3,65 @@
 To enable the JWT OmniAuth provider, you must register your application with JWT.
 JWT will provide you with a secret key for you to use.
-1.  On your GitLab server, open the configuration file.
+1. On your GitLab server, open the configuration file.
-    For Omnibus GitLab:
+   For Omnibus GitLab:
-    ```sh
+   ```sh
-    sudo editor /etc/gitlab/gitlab.rb
+   sudo editor /etc/gitlab/gitlab.rb
-    ```
+   ```
-    For installations from source:
+   For installations from source:
-    ```sh
+   ```sh
-    cd /home/git/gitlab
+   cd /home/git/gitlab
-    sudo -u git -H editor config/gitlab.yml
+   sudo -u git -H editor config/gitlab.yml
-    ```
+   ```
-1.  See [Initial OmniAuth Configuration](../../integration/omniauth.md#initial-omniauth-configuration) for initial settings.
+1. See [Initial OmniAuth Configuration](../../integration/omniauth.md#initial-omniauth-configuration) for initial settings.
-1.  Add the provider configuration.
+1. Add the provider configuration.
-    For Omnibus GitLab:
+   For Omnibus GitLab:
-    ```ruby
+   ```ruby
-    gitlab_rails['omniauth_providers'] = [
+   gitlab_rails['omniauth_providers'] = [
-      { name: 'jwt',
+     { name: 'jwt',
-        args: {
+       args: {
-          secret: 'YOUR_APP_SECRET',
+         secret: 'YOUR_APP_SECRET',
-          algorithm: 'HS256', # Supported algorithms: 'RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512'
+         algorithm: 'HS256', # Supported algorithms: 'RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512'
-          uid_claim: 'email',
+         uid_claim: 'email',
-          required_claims: ['name', 'email'],
+         required_claims: ['name', 'email'],
-          info_maps: { name: 'name', email: 'email' },
+         info_maps: { name: 'name', email: 'email' },
-          auth_url: 'https://example.com/',
+         auth_url: 'https://example.com/',
-          valid_within: 3600 # 1 hour
+         valid_within: 3600 # 1 hour
-        }
+       }
-      }
+     }
-    ]
+   ]
-    ```
+   ```
-    For installation from source:
+   For installation from source:
-    ```
+   ```
-    - { name: 'jwt',
+   - { name: 'jwt',
-        args: {
+       args: {
-          secret: 'YOUR_APP_SECRET',
+         secret: 'YOUR_APP_SECRET',
-          algorithm: 'HS256', # Supported algorithms: 'RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512'
+         algorithm: 'HS256', # Supported algorithms: 'RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'HS256', 'HS384', 'HS512'
-          uid_claim: 'email',
+         uid_claim: 'email',
-          required_claims: ['name', 'email'],
+         required_claims: ['name', 'email'],
-          info_map: { name: 'name', email: 'email' },
+         info_map: { name: 'name', email: 'email' },
-          auth_url: 'https://example.com/',
+         auth_url: 'https://example.com/',
-          valid_within: 3600 # 1 hour
+         valid_within: 3600 # 1 hour
-        }
+       }
-      }
+     }
-    ```
+   ```
-    NOTE: **Note:** For more information on each configuration option refer to
+   NOTE: **Note:** For more information on each configuration option refer to
-    the [OmniAuth JWT usage documentation](https://github.com/mbleigh/omniauth-jwt#usage).
+   the [OmniAuth JWT usage documentation](https://github.com/mbleigh/omniauth-jwt#usage).
-1.  Change `YOUR_APP_SECRET` to the client secret and set `auth_url` to your redirect URL.
+1. Change `YOUR_APP_SECRET` to the client secret and set `auth_url` to your redirect URL.
-1.  Save the configuration file.
+1. Save the configuration file.
-1.  [Reconfigure][] or [restart GitLab][] for the changes to take effect if you
+1. [Reconfigure][] or [restart GitLab][] for the changes to take effect if you
-    installed GitLab via Omnibus or from source respectively.
+   installed GitLab via Omnibus or from source respectively.
 On the sign in page there should now be a JWT icon below the regular sign in form.
 Click the icon to begin the authentication process. JWT will ask the user to

--- a/doc/administration/auth/ldap-ee.md
+++ b/doc/administration/auth/ldap-ee.md
@@ -85,19 +85,19 @@ following.
 1. Edit `/etc/gitlab/gitlab.rb`:
-    ```ruby
+   ```ruby
-    gitlab_rails['ldap_servers'] = YAML.load <<-EOS
+   gitlab_rails['ldap_servers'] = YAML.load <<-EOS
-    main:
+   main:
-      ## snip...
+     ## snip...
-      ##
+     ##
-      ## Base where we can search for groups
+     ## Base where we can search for groups
-      ##
+     ##
-      ##   Ex. ou=groups,dc=gitlab,dc=example
+     ##   Ex. ou=groups,dc=gitlab,dc=example
-      ##
+     ##
-      ##
+     ##
-      group_base: ou=groups,dc=example,dc=com
+     group_base: ou=groups,dc=example,dc=com
-    EOS
+   EOS
-    ```
+   ```
 1. [Reconfigure GitLab][reconfigure] for the changes to take effect.
@@ -105,14 +105,14 @@ following.
 1. Edit `/home/git/gitlab/config/gitlab.yml`:
-    ```yaml
+   ```yaml
-    production:
+   production:
-      ldap:
+     ldap:
-        servers:
+       servers:
-          main:
+         main:
-            # snip...
+           # snip...
-            group_base: ou=groups,dc=example,dc=com
+           group_base: ou=groups,dc=example,dc=com
-    ```
+   ```
 1. [Restart GitLab][restart] for the changes to take effect.
@@ -140,30 +140,30 @@ group, as opposed to the full DN.
 1. Edit `/etc/gitlab/gitlab.rb`:
-    ```ruby
+   ```ruby
-    gitlab_rails['ldap_servers'] = YAML.load <<-EOS
+   gitlab_rails['ldap_servers'] = YAML.load <<-EOS
-    main:
+   main:
-      ## snip...
+     ## snip...
-      ##
+     ##
-      ## Base where we can search for groups
+     ## Base where we can search for groups
-      ##
+     ##
-      ##   Ex. ou=groups,dc=gitlab,dc=example
+     ##   Ex. ou=groups,dc=gitlab,dc=example
-      ##
+     ##
-      ##
+     ##
-      group_base: ou=groups,dc=example,dc=com
+     group_base: ou=groups,dc=example,dc=com
-      ##
+     ##
-      ## The CN of a group containing GitLab administrators
+     ## The CN of a group containing GitLab administrators
-      ##
+     ##
-      ##   Ex. administrators
+     ##   Ex. administrators
-      ##
+     ##
-      ##   Note: Not `cn=administrators` or the full DN
+     ##   Note: Not `cn=administrators` or the full DN
-      ##
+     ##
-      ##
+     ##
-      admin_group: my_admin_group
+     admin_group: my_admin_group
-    EOS
+   EOS
-    ```
+   ```
 1. [Reconfigure GitLab][reconfigure] for the changes to take effect.
@@ -171,15 +171,15 @@ group, as opposed to the full DN.
 1. Edit `/home/git/gitlab/config/gitlab.yml`:
-    ```yaml
+   ```yaml
-    production:
+   production:
-      ldap:
+     ldap:
-        servers:
+       servers:
-          main:
+         main:
-            # snip...
+           # snip...
-            group_base: ou=groups,dc=example,dc=com
+           group_base: ou=groups,dc=example,dc=com
-            admin_group: my_admin_group
+           admin_group: my_admin_group
-    ```
+   ```
 1. [Restart GitLab][restart] for the changes to take effect.
@@ -191,7 +191,6 @@ to lock down user abilities to invite new members to a group. When enabled follo
 1. Only administrator can manage memberships of any group including access levels.
 2. Users are not allowed to share project with other groups or invite members to a project created in a group.
 ## Adjusting LDAP user sync schedule
 > Introduced in GitLab Enterprise Edition Starter.
@@ -211,9 +210,9 @@ sync to run once every 12 hours at the top of the hour.
 1. Edit `/etc/gitlab/gitlab.rb`:
-    ```ruby
+   ```ruby
-    gitlab_rails['ldap_sync_worker_cron'] = "0 */12 * * *"
+   gitlab_rails['ldap_sync_worker_cron'] = "0 */12 * * *"
-    ```
+   ```
 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect.
@@ -221,11 +220,11 @@ sync to run once every 12 hours at the top of the hour.
 1. Edit `config/gitlab.yaml`:
-    ```yaml
+   ```yaml
-    cron_jobs:
+   cron_jobs:
-      ldap_sync_worker_cron:
+     ldap_sync_worker_cron:
-        "0 */12 * * *"
+       "0 */12 * * *"
-    ```
+   ```
 1. [Restart GitLab](../restart_gitlab.md#installations-from-source) for the changes to take effect.
@@ -252,9 +251,9 @@ sync to run once every 2 hours at the top of the hour.
 1. Edit `/etc/gitlab/gitlab.rb`:
-    ```ruby
+   ```ruby
-    gitlab_rails['ldap_group_sync_worker_cron'] = "0 */2 * * * *"
+   gitlab_rails['ldap_group_sync_worker_cron'] = "0 */2 * * * *"
-    ```
+   ```
 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect.
@@ -262,11 +261,11 @@ sync to run once every 2 hours at the top of the hour.
 1. Edit `config/gitlab.yaml`:
-    ```yaml
+   ```yaml
-    cron_jobs:
+   cron_jobs:
-      ldap_group_sync_worker_cron:
+     ldap_group_sync_worker_cron:
-          "*/30 * * * *"
+         "*/30 * * * *"
-    ```
+   ```
 1. [Restart GitLab](../restart_gitlab.md#installations-from-source) for the changes to take effect.
@@ -283,20 +282,20 @@ task.
 1. Edit `/etc/gitlab/gitlab.rb`:
-    ```ruby
+   ```ruby
-    gitlab_rails['ldap_servers'] = YAML.load <<-EOS
+   gitlab_rails['ldap_servers'] = YAML.load <<-EOS
-    main:
+   main:
-      ## snip...
+     ## snip...
-      ##
+     ##
-      ## An array of CNs of groups containing users that should be considered external
+     ## An array of CNs of groups containing users that should be considered external
-      ##
+     ##
-      ##   Ex. ['interns', 'contractors']
+     ##   Ex. ['interns', 'contractors']
-      ##
+     ##
-      ##   Note: Not `cn=interns` or the full DN
+     ##   Note: Not `cn=interns` or the full DN
-      ##
+     ##
-      external_groups: ['interns', 'contractors']
+     external_groups: ['interns', 'contractors']
-    EOS
+   EOS
-    ```
+   ```
 1. [Reconfigure GitLab][reconfigure] for the changes to take effect.
@@ -304,14 +303,14 @@ task.
 1. Edit `config/gitlab.yaml`:
-    ```yaml
+   ```yaml
-    production:
+   production:
-      ldap:
+     ldap:
-        servers:
+       servers:
-          main:
+         main:
-            # snip...
+           # snip...
-            external_groups: ['interns', 'contractors']
+           external_groups: ['interns', 'contractors']
-    ```
+   ```
 1. [Restart GitLab][restart] for the changes to take effect.
@@ -436,66 +435,71 @@ step of the sync.
 1. Start a Rails console
-    ```bash
+   ```bash
-    # For Omnibus installations
+   # For Omnibus installations
-    sudo gitlab-rails console
+   sudo gitlab-rails console
-    # For installations from source
+   # For installations from source
-    sudo -u git -H bundle exec rails console production
+   sudo -u git -H bundle exec rails console production
-    ```
+   ```
 1. Set the log level to debug (only for this session):
-    ```ruby
+   ```ruby
-    Rails.logger.level = Logger::DEBUG
+   Rails.logger.level = Logger::DEBUG
-    ```
+   ```
 1. Choose a GitLab group to test with. This group should have an LDAP group link
   already configured. If the output is `nil`, the group could not be found.
   If a bunch of group attributes are output, your group was found successfully.
-    ```ruby
+   ```ruby
-    group = Group.find_by(name: 'my_group')
+   group = Group.find_by(name: 'my_group')
+   # Output
+   => #<Group:0x007fe825196558 id: 1234, name: "my_group"...>
+   ```
-    # Output
-    => #<Group:0x007fe825196558 id: 1234, name: "my_group"...>
-    ```
 1. Run a group sync for this particular group.
-    ```ruby
+   ```ruby
-    EE::Gitlab::Auth::LDAP::Sync::Group.execute_all_providers(group)
+   EE::Gitlab::Auth::LDAP::Sync::Group.execute_all_providers(group)
-    ```
+   ```
 1. Look through the output of the sync. See [example log output](#example-log-output)
   below for more information about the output.
 1. If you still aren't able to see why the user isn't being added, query the
   LDAP group directly to see what members are listed. Still in the Rails console,
   run the following query:
-    ```ruby
+   ```ruby
-    adapter = Gitlab::Auth::LDAP::Adapter.new('ldapmain') # If `main` is the LDAP provider
+   adapter = Gitlab::Auth::LDAP::Adapter.new('ldapmain') # If `main` is the LDAP provider
-    ldap_group = EE::Gitlab::Auth::LDAP::Group.find_by_cn('group_cn_here', adapter)
+   ldap_group = EE::Gitlab::Auth::LDAP::Group.find_by_cn('group_cn_here', adapter)
+   # Output
+   => #<EE::Gitlab::Auth::LDAP::Group:0x007fcbdd0bb6d8
+   ```
-    # Output
-    => #<EE::Gitlab::Auth::LDAP::Group:0x007fcbdd0bb6d8
-    ```
 1. Query the LDAP group's member DNs and see if the user's DN is in the list.
   One of the DNs here should match the 'Identifier' from the LDAP identity
   checked earlier. If it doesn't, the user does not appear to be in the LDAP
   group.
-    ```ruby
+   ```ruby
-    ldap_group.member_dns
+   ldap_group.member_dns
+   # Output
+   => ["uid=john,ou=people,dc=example,dc=com", "uid=mary,ou=people,dc=example,dc=com"]
+   ```
-    # Output
-    => ["uid=john,ou=people,dc=example,dc=com", "uid=mary,ou=people,dc=example,dc=com"]
-    ```
 1. Some LDAP servers don't store members by DN. Rather, they use UIDs instead.
   If you didn't see results from the last query, try querying by UIDs instead.
-    ```ruby
+   ```ruby
-    ldap_group.member_uids
+   ldap_group.member_uids
-    # Output
+   # Output
-    => ['john','mary']
+   => ['john','mary']
-    ```
+   ```
 #### Example log output

--- a/doc/administration/auth/ldap.md
+++ b/doc/administration/auth/ldap.md
@@ -398,30 +398,30 @@ The `user_filter` DN can contain special characters. For example:
 - A comma:
-    ```
+  ```
-    OU=GitLab, Inc,DC=gitlab,DC=com
+  OU=GitLab, Inc,DC=gitlab,DC=com
-    ```
+  ```
 - Open and close brackets:
-    ```
+  ```
-    OU=Gitlab (Inc),DC=gitlab,DC=com
+  OU=Gitlab (Inc),DC=gitlab,DC=com
-    ```
+  ```
-    These characters must be escaped as documented in 
+  These characters must be escaped as documented in
-    [RFC 4515](https://tools.ietf.org/search/rfc4515).
+  [RFC 4515](https://tools.ietf.org/search/rfc4515).
 - Escape commas with `\2C`. For example:
-    ```
+  ```
-    OU=GitLab\2C Inc,DC=gitlab,DC=com
+  OU=GitLab\2C Inc,DC=gitlab,DC=com
-    ```
+  ```
 - Escape open and close brackets with `\28` and `\29`, respectively. For example:
-    ```
+  ```
-    OU=Gitlab \28Inc\29,DC=gitlab,DC=com
+  OU=Gitlab \28Inc\29,DC=gitlab,DC=com
-    ```
+  ```
 ## Enabling LDAP sign-in for existing GitLab users
@@ -445,13 +445,13 @@ the configuration option `lowercase_usernames`. By default, this configuration o
 1. Edit `/etc/gitlab/gitlab.rb`:
-    ```ruby
+   ```ruby
-    gitlab_rails['ldap_servers'] = YAML.load <<-EOS
+   gitlab_rails['ldap_servers'] = YAML.load <<-EOS
-    main:
+   main:
-      # snip...
+     # snip...
-      lowercase_usernames: true
+     lowercase_usernames: true
-    EOS
+   EOS
-    ```
+   ```
 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect.
@@ -459,14 +459,14 @@ the configuration option `lowercase_usernames`. By default, this configuration o
 1. Edit `config/gitlab.yaml`:
-    ```yaml
+   ```yaml
-    production:
+   production:
-      ldap:
+     ldap:
-        servers:
+       servers:
-          main:
+         main:
-            # snip...
+           # snip...
-            lowercase_usernames: true
+           lowercase_usernames: true
-    ```
+   ```
 1. [Restart GitLab](../restart_gitlab.md#installations-from-source) for the changes to take effect.
@@ -519,13 +519,13 @@ ldapsearch -H ldaps://$host:$port -D "$bind_dn" -y bind_dn_password.txt  -b "$ba
 - Run the following check command to make sure that the LDAP settings are
  correct and GitLab can see your users:
-    ```bash
+  ```bash
-    # For Omnibus installations
+  # For Omnibus installations
-    sudo gitlab-rake gitlab:ldap:check
+  sudo gitlab-rake gitlab:ldap:check
-    # For installations from source
+  # For installations from source
-    sudo -u git -H bundle exec rake gitlab:ldap:check RAILS_ENV=production
+  sudo -u git -H bundle exec rake gitlab:ldap:check RAILS_ENV=production
-    ```
+  ```
 ### Connection Refused

--- a/doc/administration/auth/oidc.md
+++ b/doc/administration/auth/oidc.md
@@ -5,76 +5,76 @@ GitLab can use [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0
 To enable the OpenID Connect OmniAuth provider, you must register your application with an OpenID Connect provider.
 The OpenID Connect will provide you with a client details and secret for you to use.
-1.  On your GitLab server, open the configuration file.
+1. On your GitLab server, open the configuration file.
-    For Omnibus GitLab:
+   For Omnibus GitLab:
-    ```sh
+   ```sh
-    sudo editor /etc/gitlab/gitlab.rb
+   sudo editor /etc/gitlab/gitlab.rb
-    ```
+   ```
-    For installations from source:
+   For installations from source:
-    ```sh
+   ```sh
-    cd /home/git/gitlab
+   cd /home/git/gitlab
-    sudo -u git -H editor config/gitlab.yml
+   sudo -u git -H editor config/gitlab.yml
-    ```
+   ```
-    See [Initial OmniAuth Configuration](../../integration/omniauth.md#initial-omniauth-configuration) for initial settings.
+   See [Initial OmniAuth Configuration](../../integration/omniauth.md#initial-omniauth-configuration) for initial settings.
-1.  Add the provider configuration.
+1. Add the provider configuration.
-    For Omnibus GitLab:
+   For Omnibus GitLab:
-    ```ruby
+   ```ruby
-    gitlab_rails['omniauth_providers'] = [
+   gitlab_rails['omniauth_providers'] = [
-      { 'name' => 'openid_connect',
+     { 'name' => 'openid_connect',
-        'label' => '<your_oidc_label>',
+       'label' => '<your_oidc_label>',
-        'args' => {
+       'args' => {
-          "name' => 'openid_connect',
+         "name' => 'openid_connect',
-          'scope' => ['openid','profile'],
+         'scope' => ['openid','profile'],
-          'response_type' => 'code',
+         'response_type' => 'code',
-          'issuer' => '<your_oidc_url>',
+         'issuer' => '<your_oidc_url>',
-          'discovery' => true,
+         'discovery' => true,
-          'client_auth_method' => 'query',
+         'client_auth_method' => 'query',
-          'uid_field' => '<uid_field>',
+         'uid_field' => '<uid_field>',
-          'client_options' => {
+         'client_options' => {
-            'identifier' => '<your_oidc_client_id>',
+           'identifier' => '<your_oidc_client_id>',
-            'secret' => '<your_oidc_client_secret>',
+           'secret' => '<your_oidc_client_secret>',
-            'redirect_uri' => '<your_gitlab_url>/users/auth/openid_connect/callback'
+           'redirect_uri' => '<your_gitlab_url>/users/auth/openid_connect/callback'
-          }
+         }
-        }
+       }
-      }
+     }
-    ]
+   ]
-    ```
+   ```
-    For installation from source:
+   For installation from source:
-    ```yaml
+   ```yaml
-      - { name: 'openid_connect',
+     - { name: 'openid_connect',
-          label: '<your_oidc_label>',
+         label: '<your_oidc_label>',
-          args: {
+         args: {
-            name: 'openid_connect',
+           name: 'openid_connect',
-            scope: ['openid','profile'],
+           scope: ['openid','profile'],
-            response_type: 'code',
+           response_type: 'code',
-            issuer: '<your_oidc_url>',
+           issuer: '<your_oidc_url>',
-            discovery: true,
+           discovery: true,
-            client_auth_method: 'query',
+           client_auth_method: 'query',
-            uid_field: '<uid_field>',
+           uid_field: '<uid_field>',
-            client_options: {
+           client_options: {
-              identifier: '<your_oidc_client_id>',
+             identifier: '<your_oidc_client_id>',
-              secret: '<your_oidc_client_secret>',
+             secret: '<your_oidc_client_secret>',
-              redirect_uri: '<your_gitlab_url>/users/auth/openid_connect/callback'
+             redirect_uri: '<your_gitlab_url>/users/auth/openid_connect/callback'
-            }
+           }
-          }
+         }
-        }
+       }
-    ```
+   ```
-    > **Note:**
+   > **Note:**
-    >
+   >
-    > - For more information on each configuration option refer to
+   > - For more information on each configuration option refer to
-        the [OmniAuth OpenID Connect usage documentation](https://github.com/m0n9oose/omniauth_openid_connect#usage) and
+       the [OmniAuth OpenID Connect usage documentation](https://github.com/m0n9oose/omniauth_openid_connect#usage) and
-        the [OpenID Connect Core 1.0 specification](https://openid.net/specs/openid-connect-core-1_0.html).
+       the [OpenID Connect Core 1.0 specification](https://openid.net/specs/openid-connect-core-1_0.html).
 1. For the configuration above, change the values for the provider to match your OpenID Connect client setup. Use the following as a guide:
    - `<your_oidc_label>` is the label that will be displayed on the login page.

--- a/doc/administration/auth/okta.md
+++ b/doc/administration/auth/okta.md
@@ -16,7 +16,7 @@ The following documentation enables Okta as a SAML provider.
 1. Next, you'll need the to fill in the SAML general config. Here's an example
   image.
-    ![Okta admin panel view](img/okta_admin_panel.png)
+   ![Okta admin panel view](img/okta_admin_panel.png)
 1. The last part of the configuration is the feedback section where you can
   just say you're a customer and creating an app for internal use.
@@ -24,7 +24,7 @@ The following documentation enables Okta as a SAML provider.
   profile. Click on the SAML 2.0 config instructions button which should
   look like the following:
-    ![Okta SAML settings](img/okta_saml_settings.png)
+   ![Okta SAML settings](img/okta_saml_settings.png)
 1. On the screen that comes up take note of the
   **Identity Provider Single Sign-On URL** which you'll use for the
@@ -38,112 +38,112 @@ Now that the Okta app is configured, it's time to enable it in GitLab.
 ## Configure GitLab
-1.  On your GitLab server, open the configuration file:
+1. On your GitLab server, open the configuration file:
-    **For Omnibus GitLab installations**
+   **For Omnibus GitLab installations**
-    ```sh
+   ```sh
-    sudo editor /etc/gitlab/gitlab.rb
+   sudo editor /etc/gitlab/gitlab.rb
-    ```
+   ```
-    **For installations from source**
+   **For installations from source**
-    ```sh
+   ```sh
-    cd /home/git/gitlab
+   cd /home/git/gitlab
-    sudo -u git -H editor config/gitlab.yml
+   sudo -u git -H editor config/gitlab.yml
-    ```
+   ```
-1.  See [Initial OmniAuth Configuration](../../integration/omniauth.md#initial-omniauth-configuration)
+1. See [Initial OmniAuth Configuration](../../integration/omniauth.md#initial-omniauth-configuration)
-    for initial settings.
+   for initial settings.
-1.  To allow your users to use Okta to sign up without having to manually create
+1. To allow your users to use Okta to sign up without having to manually create
-    an account first, don't forget to add the following values to your
+   an account first, don't forget to add the following values to your
-    configuration:
+   configuration:
-    **For Omnibus GitLab installations**
+   **For Omnibus GitLab installations**
-    ```ruby
+   ```ruby
-    gitlab_rails['omniauth_allow_single_sign_on'] = ['saml']
+   gitlab_rails['omniauth_allow_single_sign_on'] = ['saml']
-    gitlab_rails['omniauth_block_auto_created_users'] = false
+   gitlab_rails['omniauth_block_auto_created_users'] = false
-    ```
+   ```
-    **For installations from source**
+   **For installations from source**
-    ```yaml
+   ```yaml
-    allow_single_sign_on: ["saml"]
+   allow_single_sign_on: ["saml"]
-    block_auto_created_users: false
+   block_auto_created_users: false
-    ```
+   ```
-1.  You can also automatically link Okta users with existing GitLab users if
+1. You can also automatically link Okta users with existing GitLab users if
-    their email addresses match by adding the following setting:
+   their email addresses match by adding the following setting:
-    **For Omnibus GitLab installations**
+   **For Omnibus GitLab installations**
-    ```ruby
+   ```ruby
-    gitlab_rails['omniauth_auto_link_saml_user'] = true
+   gitlab_rails['omniauth_auto_link_saml_user'] = true
-    ```
+   ```
-    **For installations from source**
+   **For installations from source**
-    ```yaml
+   ```yaml
-    auto_link_saml_user: true
+   auto_link_saml_user: true
-    ```
+   ```
-1.  Add the provider configuration.
+1. Add the provider configuration.
-      >**Notes:**
+   >**Notes:**
-      >
+   >
-      >- Change the value for `assertion_consumer_service_url` to match the HTTPS endpoint
+   >- Change the value for `assertion_consumer_service_url` to match the HTTPS endpoint
-         of GitLab (append `users/auth/saml/callback` to the HTTPS URL of your GitLab
+      of GitLab (append `users/auth/saml/callback` to the HTTPS URL of your GitLab
-         installation to generate the correct value).
+      installation to generate the correct value).
-      >   
+   >
-      >- To get the `idp_cert_fingerprint` fingerprint, first download the
+   >- To get the `idp_cert_fingerprint` fingerprint, first download the
-         certificate from the Okta app you registered and then run:
+      certificate from the Okta app you registered and then run:
-         `openssl x509 -in okta.cert -noout -fingerprint`. Substitute `okta.cert`
+      `openssl x509 -in okta.cert -noout -fingerprint`. Substitute `okta.cert`
-         with the location of your certificate.
+      with the location of your certificate.
-      >
+   >
-      >- Change the value of `idp_sso_target_url`, with the value of the
+   >- Change the value of `idp_sso_target_url`, with the value of the
-         **Identity Provider Single Sign-On URL** from the step when you
+      **Identity Provider Single Sign-On URL** from the step when you
-         configured the Okta app.
+      configured the Okta app.
-      >     
+   >
-      >- Change the value of `issuer` to the value of the **Audience Restriction** from your Okta app configuration. This will identify GitLab
+   >- Change the value of `issuer` to the value of the **Audience Restriction** from your Okta app configuration. This will identify GitLab
-         to the IdP.
+      to the IdP.
-      >     
+   >
-      >- Leave `name_identifier_format` as-is.
+   >- Leave `name_identifier_format` as-is.
-    **For Omnibus GitLab installations**
+   **For Omnibus GitLab installations**
-    ```ruby
+   ```ruby
-    gitlab_rails['omniauth_providers'] = [
+   gitlab_rails['omniauth_providers'] = [
-      {
+     {
-        name: 'saml',
+       name: 'saml',
-        args: {
+       args: {
-                 assertion_consumer_service_url: 'https://gitlab.example.com/users/auth/saml/callback',
+                assertion_consumer_service_url: 'https://gitlab.example.com/users/auth/saml/callback',
-                 idp_cert_fingerprint: '43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8',
+                idp_cert_fingerprint: '43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8',
-                 idp_sso_target_url: 'https://gitlab.oktapreview.com/app/gitlabdev773716_gitlabsaml_1/exk8odl81tBrjpD4B0h7/sso/saml',
+                idp_sso_target_url: 'https://gitlab.oktapreview.com/app/gitlabdev773716_gitlabsaml_1/exk8odl81tBrjpD4B0h7/sso/saml',
-                 issuer: 'https://gitlab.example.com',
+                issuer: 'https://gitlab.example.com',
-                 name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
+                name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
-               },
+              },
-        label: 'Okta' # optional label for SAML login button, defaults to "Saml"
+       label: 'Okta' # optional label for SAML login button, defaults to "Saml"
-      }
+     }
-    ]
+   ]
-    ```
+   ```
-    **For installations from source**
+   **For installations from source**
-    ```yaml
+   ```yaml
-    - {
+   - {
-        name: 'saml',
+       name: 'saml',
-        args: {
+       args: {
-               assertion_consumer_service_url: 'https://gitlab.example.com/users/auth/saml/callback',
+              assertion_consumer_service_url: 'https://gitlab.example.com/users/auth/saml/callback',
-               idp_cert_fingerprint: '43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8',
+              idp_cert_fingerprint: '43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8',
-               idp_sso_target_url: 'https://gitlab.oktapreview.com/app/gitlabdev773716_gitlabsaml_1/exk8odl81tBrjpD4B0h7/sso/saml',
+              idp_sso_target_url: 'https://gitlab.oktapreview.com/app/gitlabdev773716_gitlabsaml_1/exk8odl81tBrjpD4B0h7/sso/saml',
-               issuer: 'https://gitlab.example.com',
+              issuer: 'https://gitlab.example.com',
-               name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
+              name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
-             },
+            },
-        label: 'Okta' # optional label for SAML login button, defaults to "Saml"
+       label: 'Okta' # optional label for SAML login button, defaults to "Saml"
-      }
+     }
-    ```
+   ```
 1. [Reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) or [restart](../restart_gitlab.md#installations-from-source) GitLab for Omnibus and installations
   from source respectively for the changes to take effect.

--- a/doc/administration/auth/smartcard.md
+++ b/doc/administration/auth/smartcard.md
@@ -56,11 +56,11 @@ attribute. As a prerequisite, you must use an LDAP server that:
 1. Edit `/etc/gitlab/gitlab.rb`:
-    ```ruby
+   ```ruby
-    gitlab_rails['smartcard_enabled'] = true
+   gitlab_rails['smartcard_enabled'] = true
-    gitlab_rails['smartcard_ca_file'] = "/etc/ssl/certs/CA.pem"
+   gitlab_rails['smartcard_ca_file'] = "/etc/ssl/certs/CA.pem"
-    gitlab_rails['smartcard_client_certificate_required_port'] = 3444
+   gitlab_rails['smartcard_client_certificate_required_port'] = 3444
-    ```
+   ```
 1. Save the file and [reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure)
   GitLab for the changes to take effect.
@@ -154,15 +154,15 @@ attribute. As a prerequisite, you must use an LDAP server that:
 1. Edit `/etc/gitlab/gitlab.rb`:
-    ```ruby
+   ```ruby
-    gitlab_rails['ldap_servers'] = YAML.load <<-EOS
+   gitlab_rails['ldap_servers'] = YAML.load <<-EOS
-    main:
+   main:
-      # snip...
+     # snip...
-      # Enable smartcard authentication against the LDAP server. Valid values
+     # Enable smartcard authentication against the LDAP server. Valid values
-      # are "false", "optional", and "required".
+     # are "false", "optional", and "required".
-      smartcard_auth: optional
+     smartcard_auth: optional
-    EOS
+   EOS
-    ```
+   ```
 1. Save the file and [reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure)
   GitLab for the changes to take effect.
@@ -171,16 +171,16 @@ attribute. As a prerequisite, you must use an LDAP server that:
 1. Edit `config/gitlab.yml`:
-    ```yaml
+   ```yaml
-    production:
+   production:
-      ldap:
+     ldap:
-        servers:
+       servers:
-          main:
+         main:
-            # snip...
+           # snip...
-            # Enable smartcard authentication against the LDAP server. Valid values
+           # Enable smartcard authentication against the LDAP server. Valid values
-            # are "false", "optional", and "required".
+           # are "false", "optional", and "required".
-            smartcard_auth: optional
+           smartcard_auth: optional
-    ```
+   ```
 1. Save the file and [restart](../restart_gitlab.md#installations-from-source)
   GitLab for the changes to take effect.
@@ -191,9 +191,9 @@ attribute. As a prerequisite, you must use an LDAP server that:
 1. Edit `/etc/gitlab/gitlab.rb`:
-    ```ruby
+   ```ruby
-    gitlab_rails['smartcard_required_for_git_access'] = true
+   gitlab_rails['smartcard_required_for_git_access'] = true
-    ```
+   ```
 1. Save the file and [reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure)
   GitLab for the changes to take effect.
@@ -202,13 +202,13 @@ attribute. As a prerequisite, you must use an LDAP server that:
 1. Edit `config/gitlab.yml`:
-    ```yaml
+   ```yaml
-    ## Smartcard authentication settings
+   ## Smartcard authentication settings
-    smartcard:
+   smartcard:
-      # snip...
+     # snip...
-      # Browser session with smartcard sign-in is required for Git access
+     # Browser session with smartcard sign-in is required for Git access
-      required_for_git_access: true
+     required_for_git_access: true
-    ```
+   ```
 1. Save the file and [restart](../restart_gitlab.md#installations-from-source)
   GitLab for the changes to take effect.
--- a/doc/administration/high_availability/consul.md
+++ b/doc/administration/high_availability/consul.md
@@ -26,27 +26,27 @@ On each Consul node perform the following:
 1. Edit `/etc/gitlab/gitlab.rb` replacing values noted in the `# START user configuration` section:
-    ```ruby
+   ```ruby
-    # Disable all components except Consul
+   # Disable all components except Consul
-    roles ['consul_role']
+   roles ['consul_role']
-    # START user configuration
+   # START user configuration
-    # Replace placeholders:
+   # Replace placeholders:
-    #
+   #
-    # Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z
+   # Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z
-    # with the addresses gathered for CONSUL_SERVER_NODES
+   # with the addresses gathered for CONSUL_SERVER_NODES
-    consul['configuration'] = {
+   consul['configuration'] = {
-      server: true,
+     server: true,
-      retry_join: %w(Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z)
+     retry_join: %w(Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z)
-    }
+   }
-    # Disable auto migrations
+   # Disable auto migrations
-    gitlab_rails['auto_migrate'] = false
+   gitlab_rails['auto_migrate'] = false
-    #
+   #
-    # END user configuration
+   # END user configuration
-    ```
+   ```
-    > `consul_role` was introduced with GitLab 10.3
+   > `consul_role` was introduced with GitLab 10.3
 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes
   to take effect.
@@ -77,6 +77,7 @@ check the [Troubleshooting section](#troubleshooting) before proceeding.
 ### Checking cluster membership
 To see which nodes are part of the cluster, run the following on any member in the cluster
 ```
 # /opt/gitlab/embedded/bin/consul members
 Node            Address               Status  Type    Build  Protocol  DC
@@ -112,18 +113,18 @@ You will see messages like the following in `gitlab-ctl tail consul` output if y
 2017-09-25_19:53:41.74356     2017/09/25 19:53:41 [ERR] agent: failed to sync remote state: No cluster leader
 ```
 To fix this:
 1. Pick an address on each node that all of the other nodes can reach this node through.
 1. Update your `/etc/gitlab/gitlab.rb`
-    ```ruby
+   ```ruby
-    consul['configuration'] = {
+   consul['configuration'] = {
-      ...
+     ...
-      bind_addr: 'IP ADDRESS'
+     bind_addr: 'IP ADDRESS'
-    }
+   }
-    ```
+   ```
 1. Run `gitlab-ctl reconfigure`
 If you still see the errors, you may have to [erase the consul database and reinitialize](#recreate-from-scratch) on the affected node.
@@ -144,12 +145,13 @@ To fix this:
 1. Pick an address on the node that all of the other nodes can reach this node through.
 1. Update your `/etc/gitlab/gitlab.rb`
-    ```ruby
+   ```ruby
-    consul['configuration'] = {
+   consul['configuration'] = {
-      ...
+     ...
-      bind_addr: 'IP ADDRESS'
+     bind_addr: 'IP ADDRESS'
-    }
+   }
-    ```
+   ```
 1. Run `gitlab-ctl reconfigure`
 ### Outage recovery
@@ -157,6 +159,7 @@ To fix this:
 If you lost enough server agents in the cluster to break quorum, then the cluster is considered failed, and it will not function without manual intervenetion.
 #### Recreate from scratch
 By default, GitLab does not store anything in the consul cluster that cannot be recreated. To erase the consul database and reinitialize
 ```
@@ -168,4 +171,5 @@ By default, GitLab does not store anything in the consul cluster that cannot be
 After this, the cluster should start back up, and the server agents rejoin. Shortly after that, the client agents should rejoin as well.
 #### Recover a failed cluster
 If you have taken advantage of consul to store other data, and want to restore the failed cluster, please follow the [Consul guide](https://www.consul.io/docs/guides/outage.html) to recover a failed cluster.
--- a/doc/administration/high_availability/database.md
+++ b/doc/administration/high_availability/database.md
--- a/doc/administration/high_availability/gitlab.md
+++ b/doc/administration/high_availability/gitlab.md
@@ -7,33 +7,33 @@
 1. If necessary, install the NFS client utility packages using the following
   commands:
-    ```
+   ```
-    # Ubuntu/Debian
+   # Ubuntu/Debian
-    apt-get install nfs-common
+   apt-get install nfs-common
-    # CentOS/Red Hat
+   # CentOS/Red Hat
-    yum install nfs-utils nfs-utils-lib
+   yum install nfs-utils nfs-utils-lib
-    ```
+   ```
 1. Specify the necessary NFS shares. Mounts are specified in
   `/etc/fstab`. The exact contents of `/etc/fstab` will depend on how you chose
   to configure your NFS server. See [NFS documentation](nfs.md) for the various
   options. Here is an example snippet to add to `/etc/fstab`:
-    ```
+   ```
-    10.1.0.1:/var/opt/gitlab/.ssh /var/opt/gitlab/.ssh nfs4 defaults,soft,rsize=1048576,wsize=1048576,noatime,nofail,lookupcache=positive 0 2
+   10.1.0.1:/var/opt/gitlab/.ssh /var/opt/gitlab/.ssh nfs4 defaults,soft,rsize=1048576,wsize=1048576,noatime,nofail,lookupcache=positive 0 2
-    10.1.0.1:/var/opt/gitlab/gitlab-rails/uploads /var/opt/gitlab/gitlab-rails/uploads nfs4 defaults,soft,rsize=1048576,wsize=1048576,noatime,nofail,lookupcache=positive 0 2
+   10.1.0.1:/var/opt/gitlab/gitlab-rails/uploads /var/opt/gitlab/gitlab-rails/uploads nfs4 defaults,soft,rsize=1048576,wsize=1048576,noatime,nofail,lookupcache=positive 0 2
-    10.1.0.1:/var/opt/gitlab/gitlab-rails/shared /var/opt/gitlab/gitlab-rails/shared nfs4 defaults,soft,rsize=1048576,wsize=1048576,noatime,nofail,lookupcache=positive 0 2
+   10.1.0.1:/var/opt/gitlab/gitlab-rails/shared /var/opt/gitlab/gitlab-rails/shared nfs4 defaults,soft,rsize=1048576,wsize=1048576,noatime,nofail,lookupcache=positive 0 2
-    10.1.0.1:/var/opt/gitlab/gitlab-ci/builds /var/opt/gitlab/gitlab-ci/builds nfs4 defaults,soft,rsize=1048576,wsize=1048576,noatime,nofail,lookupcache=positive 0 2
+   10.1.0.1:/var/opt/gitlab/gitlab-ci/builds /var/opt/gitlab/gitlab-ci/builds nfs4 defaults,soft,rsize=1048576,wsize=1048576,noatime,nofail,lookupcache=positive 0 2
-    10.1.0.1:/var/opt/gitlab/git-data /var/opt/gitlab/git-data nfs4 defaults,soft,rsize=1048576,wsize=1048576,noatime,nofail,lookupcache=positive 0 2
+   10.1.0.1:/var/opt/gitlab/git-data /var/opt/gitlab/git-data nfs4 defaults,soft,rsize=1048576,wsize=1048576,noatime,nofail,lookupcache=positive 0 2
-    ```
+   ```
 1. Create the shared directories. These may be different depending on your NFS
   mount locations.
-    ```
+   ```
-    mkdir -p /var/opt/gitlab/.ssh /var/opt/gitlab/gitlab-rails/uploads /var/opt/gitlab/gitlab-rails/shared /var/opt/gitlab/gitlab-ci/builds /var/opt/gitlab/git-data
+   mkdir -p /var/opt/gitlab/.ssh /var/opt/gitlab/gitlab-rails/uploads /var/opt/gitlab/gitlab-rails/shared /var/opt/gitlab/gitlab-ci/builds /var/opt/gitlab/git-data
-    ```
+   ```
 1. Download/install GitLab Omnibus using **steps 1 and 2** from
   [GitLab downloads](https://about.gitlab.com/downloads). Do not complete other
@@ -46,52 +46,52 @@
   added NFS mounts in the default data locations. Additionally the UID and GIDs
   given are just examples and you should configure with your preferred values.
-    ```ruby
+   ```ruby
-    external_url 'https://gitlab.example.com'
+   external_url 'https://gitlab.example.com'
-    # Prevent GitLab from starting if NFS data mounts are not available
+   # Prevent GitLab from starting if NFS data mounts are not available
-    high_availability['mountpoint'] = '/var/opt/gitlab/git-data'
+   high_availability['mountpoint'] = '/var/opt/gitlab/git-data'
-    # Disable components that will not be on the GitLab application server
+   # Disable components that will not be on the GitLab application server
-    roles ['application_role']
+   roles ['application_role']
-    nginx['enable'] = true
+   nginx['enable'] = true
-    # PostgreSQL connection details
+   # PostgreSQL connection details
-    gitlab_rails['db_adapter'] = 'postgresql'
+   gitlab_rails['db_adapter'] = 'postgresql'
-    gitlab_rails['db_encoding'] = 'unicode'
+   gitlab_rails['db_encoding'] = 'unicode'
-    gitlab_rails['db_host'] = '10.1.0.5' # IP/hostname of database server
+   gitlab_rails['db_host'] = '10.1.0.5' # IP/hostname of database server
-    gitlab_rails['db_password'] = 'DB password'
+   gitlab_rails['db_password'] = 'DB password'
-    # Redis connection details
+   # Redis connection details
-    gitlab_rails['redis_port'] = '6379'
+   gitlab_rails['redis_port'] = '6379'
-    gitlab_rails['redis_host'] = '10.1.0.6' # IP/hostname of Redis server
+   gitlab_rails['redis_host'] = '10.1.0.6' # IP/hostname of Redis server
-    gitlab_rails['redis_password'] = 'Redis Password'
+   gitlab_rails['redis_password'] = 'Redis Password'
-    # Ensure UIDs and GIDs match between servers for permissions via NFS
+   # Ensure UIDs and GIDs match between servers for permissions via NFS
-    user['uid'] = 9000
+   user['uid'] = 9000
-    user['gid'] = 9000
+   user['gid'] = 9000
-    web_server['uid'] = 9001
+   web_server['uid'] = 9001
-    web_server['gid'] = 9001
+   web_server['gid'] = 9001
-    registry['uid'] = 9002
+   registry['uid'] = 9002
-    registry['gid'] = 9002
+   registry['gid'] = 9002
-    ```
+   ```
 1. [Enable monitoring](#enable-monitoring)
-    > **Note:** To maintain uniformity of links across HA clusters, the `external_url`
+   > **Note:** To maintain uniformity of links across HA clusters, the `external_url`
-    on the first application server as well as the additional application
+   on the first application server as well as the additional application
-    servers should point to the external url that users will use to access GitLab.
+   servers should point to the external url that users will use to access GitLab.
-    In a typical HA setup, this will be the url of the load balancer which will
+   In a typical HA setup, this will be the url of the load balancer which will
-    route traffic to all GitLab application servers in the HA cluster.
+   route traffic to all GitLab application servers in the HA cluster.
-    >
+   >
-    > **Note:** When you specify `https` in the `external_url`, as in the example
+   > **Note:** When you specify `https` in the `external_url`, as in the example
-    above, GitLab assumes you have SSL certificates in `/etc/gitlab/ssl/`. If
+   above, GitLab assumes you have SSL certificates in `/etc/gitlab/ssl/`. If
-    certificates are not present, Nginx will fail to start. See
+   certificates are not present, Nginx will fail to start. See
-    [Nginx documentation](https://docs.gitlab.com/omnibus/settings/nginx.html#enable-https)
+   [Nginx documentation](https://docs.gitlab.com/omnibus/settings/nginx.html#enable-https)
-    for more information.
+   for more information.
-    >
+   >
-    > **Note:** It is best to set the `uid` and `gid`s prior to the initial reconfigure
+   > **Note:** It is best to set the `uid` and `gid`s prior to the initial reconfigure
-    of GitLab. Omnibus will not recursively `chown` directories if set after the initial reconfigure.
+   of GitLab. Omnibus will not recursively `chown` directories if set after the initial reconfigure.
 ## First GitLab application server
@@ -114,12 +114,12 @@ need some extra configuration.
   secondary servers **prior to** running the first `reconfigure` in the steps
   above.
-    ```ruby
+   ```ruby
-    gitlab_shell['secret_token'] = 'fbfb19c355066a9afb030992231c4a363357f77345edd0f2e772359e5be59b02538e1fa6cae8f93f7d23355341cea2b93600dab6d6c3edcdced558fc6d739860'
+   gitlab_shell['secret_token'] = 'fbfb19c355066a9afb030992231c4a363357f77345edd0f2e772359e5be59b02538e1fa6cae8f93f7d23355341cea2b93600dab6d6c3edcdced558fc6d739860'
-    gitlab_rails['otp_key_base'] = 'b719fe119132c7810908bba18315259ed12888d4f5ee5430c42a776d840a396799b0a5ef0a801348c8a357f07aa72bbd58e25a84b8f247a25c72f539c7a6c5fa'
+   gitlab_rails['otp_key_base'] = 'b719fe119132c7810908bba18315259ed12888d4f5ee5430c42a776d840a396799b0a5ef0a801348c8a357f07aa72bbd58e25a84b8f247a25c72f539c7a6c5fa'
-    gitlab_rails['secret_key_base'] = '6e657410d57c71b4fc3ed0d694e7842b1895a8b401d812c17fe61caf95b48a6d703cb53c112bc01ebd197a85da81b18e29682040e99b4f26594772a4a2c98c6d'
+   gitlab_rails['secret_key_base'] = '6e657410d57c71b4fc3ed0d694e7842b1895a8b401d812c17fe61caf95b48a6d703cb53c112bc01ebd197a85da81b18e29682040e99b4f26594772a4a2c98c6d'
-    gitlab_rails['db_key_base'] = 'bf2e47b68d6cafaef1d767e628b619365becf27571e10f196f98dc85e7771042b9203199d39aff91fcb6837c8ed83f2a912b278da50999bb11a2fbc0fba52964'
+   gitlab_rails['db_key_base'] = 'bf2e47b68d6cafaef1d767e628b619365becf27571e10f196f98dc85e7771042b9203199d39aff91fcb6837c8ed83f2a912b278da50999bb11a2fbc0fba52964'
-    ```
+   ```
 1. Run `touch /etc/gitlab/skip-auto-reconfigure` to prevent database migrations
   from running on upgrade. Only the primary GitLab application server should

--- a/doc/administration/high_availability/monitoring_node.md
+++ b/doc/administration/high_availability/monitoring_node.md
@@ -20,44 +20,44 @@ Omnibus:
 1. Edit `/etc/gitlab/gitlab.rb` and add the contents:
-    ```ruby
+   ```ruby
-    external_url 'http://gitlab.example.com'
+   external_url 'http://gitlab.example.com'
-    # Enable Prometheus
+   # Enable Prometheus
-    prometheus['enable'] = true
+   prometheus['enable'] = true
-    prometheus['listen_address'] = '0.0.0.0:9090'
+   prometheus['listen_address'] = '0.0.0.0:9090'
-    prometheus['monitor_kubernetes'] = false
+   prometheus['monitor_kubernetes'] = false
-    # Enable Grafana
+   # Enable Grafana
-    grafana['enable'] = true
+   grafana['enable'] = true
-    grafana['admin_password'] = 'toomanysecrets'
+   grafana['admin_password'] = 'toomanysecrets'
-    # Enable service discovery for Prometheus
+   # Enable service discovery for Prometheus
-    consul['enable'] = true
+   consul['enable'] = true
-    consul['monitoring_service_discovery'] =  true
+   consul['monitoring_service_discovery'] =  true
-    # Replace placeholders
+   # Replace placeholders
-    # Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z
+   # Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z
-    # with the addresses of the Consul server nodes
+   # with the addresses of the Consul server nodes
-    consul['configuration'] = {
+   consul['configuration'] = {
-       retry_join: %w(Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z),
+      retry_join: %w(Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z),
-    }
+   }
-    # Disable all other services
+   # Disable all other services
-    gitlab_rails['auto_migrate'] = false
+   gitlab_rails['auto_migrate'] = false
-    alertmanager['enable'] = false
+   alertmanager['enable'] = false
-    gitaly['enable'] = false
+   gitaly['enable'] = false
-    gitlab_monitor['enable'] = false
+   gitlab_monitor['enable'] = false
-    gitlab_workhorse['enable'] = false
+   gitlab_workhorse['enable'] = false
-    nginx['enable'] = true
+   nginx['enable'] = true
-    postgres_exporter['enable'] = false
+   postgres_exporter['enable'] = false
-    postgresql['enable'] = false
+   postgresql['enable'] = false
-    redis['enable'] = false
+   redis['enable'] = false
-    redis_exporter['enable'] = false
+   redis_exporter['enable'] = false
-    sidekiq['enable'] = false
+   sidekiq['enable'] = false
-    unicorn['enable'] = false
+   unicorn['enable'] = false
-    node_exporter['enable'] = false
+   node_exporter['enable'] = false
-    ```
+   ```
 1. Run `sudo gitlab-ctl reconfigure` to compile the configuration.

--- a/doc/administration/high_availability/nfs.md
+++ b/doc/administration/high_availability/nfs.md
@@ -42,8 +42,8 @@ maintaining ID mapping without LDAP, in most cases you should enable numeric UID
 and GIDs (which is off by default in some cases) for simplified permission
 management between systems:
-  - [NetApp instructions](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-24367A9F-E17B-4725-ADC1-02D86F56F78E.html)
+- [NetApp instructions](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-24367A9F-E17B-4725-ADC1-02D86F56F78E.html)
-  - For non-NetApp devices, disable NFSv4 `idmapping` by performing opposite of [enable NFSv4 idmapper](https://wiki.archlinux.org/index.php/NFS#Enabling_NFSv4_idmapping)
+- For non-NetApp devices, disable NFSv4 `idmapping` by performing opposite of [enable NFSv4 idmapper](https://wiki.archlinux.org/index.php/NFS#Enabling_NFSv4_idmapping)
 ### Improving NFS performance with GitLab
@@ -87,10 +87,10 @@ on an Linux NFS server, do the following:
 1. On the NFS server, run:
-    ```sh
+   ```sh
-    echo 0 > /proc/sys/fs/leases-enable
+   echo 0 > /proc/sys/fs/leases-enable
-    sysctl -w fs.leases-enable=0
+   sysctl -w fs.leases-enable=0
-    ```
+   ```
 1. Restart the NFS server process. For example, on CentOS run `service nfs restart`.

--- a/doc/administration/high_availability/pgbouncer.md
+++ b/doc/administration/high_availability/pgbouncer.md
@@ -105,39 +105,39 @@ It is recommended to run pgbouncer alongside the `gitlab-rails` service, or on i
 1. On your database node, ensure the following is set in your `/etc/gitlab/gitlab.rb`
-    ```ruby
+   ```ruby
-    postgresql['pgbouncer_user_password'] = 'PGBOUNCER_USER_PASSWORD_HASH'
+   postgresql['pgbouncer_user_password'] = 'PGBOUNCER_USER_PASSWORD_HASH'
-    postgresql['sql_user_password'] = 'SQL_USER_PASSWORD_HASH'
+   postgresql['sql_user_password'] = 'SQL_USER_PASSWORD_HASH'
-    postgresql['listen_address'] = 'XX.XX.XX.Y' # Where XX.XX.XX.Y is the ip address on the node postgresql should listen on
+   postgresql['listen_address'] = 'XX.XX.XX.Y' # Where XX.XX.XX.Y is the ip address on the node postgresql should listen on
-    postgresql['md5_auth_cidr_addresses'] = %w(AA.AA.AA.B/32) # Where AA.AA.AA.B is the IP address of the pgbouncer node
+   postgresql['md5_auth_cidr_addresses'] = %w(AA.AA.AA.B/32) # Where AA.AA.AA.B is the IP address of the pgbouncer node
-    ```
+   ```
 1. Run `gitlab-ctl reconfigure`
-    **Note:** If the database was already running, it will need to be restarted after reconfigure by running `gitlab-ctl restart postgresql`.
+   **Note:** If the database was already running, it will need to be restarted after reconfigure by running `gitlab-ctl restart postgresql`.
 1. On the node you are running pgbouncer on, make sure the following is set in `/etc/gitlab/gitlab.rb`
-    ```ruby
+   ```ruby
-    pgbouncer['enable'] = true
+   pgbouncer['enable'] = true
-    pgbouncer['databases'] = {
+   pgbouncer['databases'] = {
-      gitlabhq_production: {
+     gitlabhq_production: {
-        host: 'DATABASE_HOST',
+       host: 'DATABASE_HOST',
-        user: 'pgbouncer',
+       user: 'pgbouncer',
-        password: 'PGBOUNCER_USER_PASSWORD_HASH'
+       password: 'PGBOUNCER_USER_PASSWORD_HASH'
-      }
+     }
-    }
+   }
-    ```
+   ```
 1. Run `gitlab-ctl reconfigure`
 1. On the node running unicorn, make sure the following is set in `/etc/gitlab/gitlab.rb`
-    ```ruby
+   ```ruby
-    gitlab_rails['db_host'] = 'PGBOUNCER_HOST'
+   gitlab_rails['db_host'] = 'PGBOUNCER_HOST'
-    gitlab_rails['db_port'] = '6432'
+   gitlab_rails['db_port'] = '6432'
-    gitlab_rails['db_password'] = 'SQL_USER_PASSWORD'
+   gitlab_rails['db_password'] = 'SQL_USER_PASSWORD'
-    ```
+   ```
 1. Run `gitlab-ctl reconfigure`
@@ -147,28 +147,28 @@ It is recommended to run pgbouncer alongside the `gitlab-rails` service, or on i
 > [Introduced](https://gitlab.com/gitlab-org/omnibus-gitlab/issues/3786) in GitLab 12.0.
-  If you enable Monitoring, it must be enabled on **all** pgbouncer servers.
+If you enable Monitoring, it must be enabled on **all** pgbouncer servers.
-  1. Create/edit `/etc/gitlab/gitlab.rb` and add the following configuration:
+1. Create/edit `/etc/gitlab/gitlab.rb` and add the following configuration:
-     ```ruby
+   ```ruby
-     # Enable service discovery for Prometheus
+   # Enable service discovery for Prometheus
-     consul['enable'] = true
+   consul['enable'] = true
-     consul['monitoring_service_discovery'] =  true
+   consul['monitoring_service_discovery'] =  true
-     # Replace placeholders
+   # Replace placeholders
-     # Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z
+   # Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z
-     # with the addresses of the Consul server nodes
+   # with the addresses of the Consul server nodes
-     consul['configuration'] = {
+   consul['configuration'] = {
-        retry_join: %w(Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z),
+      retry_join: %w(Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z),
-     }
+   }
-     # Set the network addresses that the exporters will listen on
+   # Set the network addresses that the exporters will listen on
-     node_exporter['listen_address'] = '0.0.0.0:9100'
+   node_exporter['listen_address'] = '0.0.0.0:9100'
-     pgbouncer_exporter['listen_address'] = '0.0.0.0:9188'
+   pgbouncer_exporter['listen_address'] = '0.0.0.0:9188'
-     ```
+   ```
-  1. Run `sudo gitlab-ctl reconfigure` to compile the configuration.
+1. Run `sudo gitlab-ctl reconfigure` to compile the configuration.
 ### Interacting with pgbouncer
@@ -190,6 +190,7 @@ pgbouncer=#
 The password you will be prompted for is the PGBOUNCER_USER_PASSWORD
 To get some basic information about the instance, run
 ```shell
 pgbouncer=# show databases; show clients; show servers;
        name         |   host    | port |      database       | force_user | pool_size | reserve_pool | pool_mode | max_connections | current_connections

--- a/doc/administration/high_availability/redis.md
+++ b/doc/administration/high_availability/redis.md
--- a/doc/administration/high_availability/redis_source.md
+++ b/doc/administration/high_availability/redis_source.md