gitlab.yml.example 12.3 KB
Newer Older
1
# # # # # # # # # # # # # # # # # #
2
# GitLab application config file  #
3
# # # # # # # # # # # # # # # # # #
4
#
5 6 7 8 9
###########################  NOTE  #####################################
# This file should not receive new settings. All configuration options #
# are being moved to ApplicationSetting model!                         #
########################################################################
#
10
# How to use:
11 12 13 14 15
# 1. Copy file as gitlab.yml
# 2. Update gitlab -> host with your fully qualified domain name
# 3. Update gitlab -> email_from
# 4. If you installed Git from source, change git -> bin_path to /usr/local/bin/git
# 5. Review this configuration file for other settings you may want to adjust
16

17 18 19 20 21 22 23
production: &base
  #
  # 1. GitLab app settings
  # ==========================

  ## GitLab settings
  gitlab:
24
    ## Web server settings (note: host is the FQDN, do not include http://)
25
    host: localhost
26 27
    port: 80 # Set to 443 if using HTTPS, see installation.md#using-https for additional HTTPS configuration details
    https: false # Set to true if using HTTPS, see installation.md#using-https for additional HTTPS configuration details
28

29 30 31 32 33
    # Uncommment this line below if your ssh host is different from HTTP/HTTPS one
    # (you'd obviously need to replace ssh.host_example.com with your own host).
    # Otherwise, ssh host will be set to the `host:` value above
    # ssh_host: ssh.host_example.com

34 35
    # WARNING: See config/application.rb under "Relative url support" for the list of
    # other files that need to be changed for relative url support
36 37 38 39 40
    # relative_url_root: /gitlab

    # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
    # user: git

41 42
    ## Date & Time settings
    # Uncomment and customize if you want to change the default time zone of GitLab application.
43
    # To see all available zones, run `bundle exec rake time:zones:all RAILS_ENV=production`
44 45
    # time_zone: 'UTC'

46
    ## Email settings
47 48
    # Uncomment and set to false if you need to disable email sending from GitLab (default: true)
    # email_enabled: true
49
    # Email address used in the "From" field in mails sent by GitLab
50
    email_from: example@example.com
51
    email_display_name: GitLab
52
    email_reply_to: noreply@example.com
53

54
    # Email server smtp settings are in config/initializers/smtp_settings.rb.sample
55

56
    # default_can_create_group: false  # default: true
57
    # username_changing_enabled: false # default: true - User can change her username/namespace
Izaak Alpert's avatar
Izaak Alpert committed
58 59 60 61 62 63
    ## Default theme
    ##   BASIC  = 1
    ##   MARS   = 2
    ##   MODERN = 3
    ##   GRAY   = 4
    ##   COLOR  = 5
Izaak Alpert's avatar
Izaak Alpert committed
64
    # default_theme: 2 # default: 2
Izaak Alpert's avatar
Izaak Alpert committed
65

66
    ## Automatic issue closing
Sytse Sijbrandij's avatar
Sytse Sijbrandij committed
67
    # If a commit message matches this regular expression, all issues referenced from the matched text will be closed.
Julien Kirch's avatar
Julien Kirch committed
68
    # This happens when the commit is pushed or merged into the default branch of a project.
Sytse Sijbrandij's avatar
Sytse Sijbrandij committed
69
    # When not specified the default issue_closing_pattern as specified below will be used.
Achilleas Pipinellis's avatar
Achilleas Pipinellis committed
70
    # Tip: you can test your closing pattern at http://rubular.com.
71
    # issue_closing_pattern: '((?:[Cc]los(?:e[sd]?|ing)|[Ff]ix(?:e[sd]|ing)?) +(?:(?:issues? +)?#\d+(?:(?:, *| +and +)?))+)'
72

73 74 75 76 77
    ## Default project features settings
    default_projects_features:
      issues: true
      merge_requests: true
      wiki: true
78
      snippets: false
79
      visibility_level: "private"  # can be "private" | "internal" | "public"
80

81 82 83 84
    ## Webhook settings
    # Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10)
    # webhook_timeout: 10

85 86
    ## Repository downloads directory
    # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory.
87
    # The default is 'tmp/repositories' relative to the root of the Rails app.
88 89
    # repository_downloads_path: tmp/repositories

90
  ## Gravatar
91
  ## For Libravatar see: http://doc.gitlab.com/ce/customization/libravatar.html
92
  gravatar:
93
    enabled: true                 # Use user avatar image from Gravatar.com (default: true)
94
    # gravatar urls: possible placeholders: %{hash} %{size} %{email}
95 96
    # plain_url: "http://..."     # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
    # ssl_url:   "https://..."    # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
97 98 99 100 101 102

  #
  # 2. Auth settings
  # ==========================

  ## LDAP settings
103 104
  # You can inspect a sample of the LDAP users with login access by running:
  #   bundle exec rake gitlab:ldap:check RAILS_ENV=production
105 106
  ldap:
    enabled: false
107
    servers:
108 109 110 111 112 113 114 115 116
      ##########################################################################
      #
      # Since GitLab 7.4, LDAP servers get ID's (below the ID is 'main'). GitLab
      # Enterprise Edition now supports connecting to multiple LDAP servers.
      #
      # If you are updating from the old (pre-7.4) syntax, you MUST give your
      # old server the ID 'main'.
      #
      ##########################################################################
117
      main: # 'main' is the GitLab 'provider ID' of this LDAP server
118 119 120 121 122 123 124 125 126
        ## label
        #
        # A human-friendly name for your LDAP server. It is OK to change the label later,
        # for instance if you find out it is too large to fit on the web page.
        #
        # Example: 'Paris' or 'Acme, Ltd.'
        label: 'LDAP'

        host: '_your_ldap_server'
127
        port: 389
128
        uid: 'sAMAccountName'
129
        method: 'plain' # "tls" or "ssl" or "plain"
130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148
        bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
        password: '_the_password_of_the_bind_user'

        # This setting specifies if LDAP server is Active Directory LDAP server.
        # For non AD servers it skips the AD specific queries.
        # If your LDAP server is not AD, set this to false.
        active_directory: true

        # If allow_username_or_email_login is enabled, GitLab will ignore everything
        # after the first '@' in the LDAP username submitted by the user on login.
        #
        # Example:
        # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
        # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
        #
        # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
        # disable this setting, because the userPrincipalName contains an '@'.
        allow_username_or_email_login: false

149 150 151
        # To maintain tight control over the number of active users on your GitLab installation,
        # enable this setting to keep new users blocked until they have been cleared by the admin 
        # (default: false).
152 153
        block_auto_created_users: false

154 155 156 157 158 159 160 161 162 163 164 165 166 167
        # Base where we can search for users
        #
        #   Ex. ou=People,dc=gitlab,dc=example
        #
        base: ''

        # Filter LDAP users
        #
        #   Format: RFC 4515 http://tools.ietf.org/search/rfc4515
        #   Ex. (employeeType=developer)
        #
        #   Note: GitLab does not support omniauth-ldap's custom filter syntax.
        #
        user_filter: ''
168

169 170 171 172 173 174 175
      # GitLab EE only: add more LDAP servers
      # Choose an ID made of a-z and 0-9 . This ID will be stored in the database
      # so that GitLab can remember which LDAP server a user belongs to.
      # uswest2:
      #   label:
      #   host:
      #   ....
176 177


178
  ## OmniAuth settings
179
  omniauth:
180
    # Allow login via Twitter, Google, etc. using OmniAuth providers
181 182 183
    enabled: false

    # CAUTION!
184
    # This allows users to login without having a user account first (default: false).
185 186
    # User accounts will be created automatically when authentication was successful.
    allow_single_sign_on: false
187
    # Locks down those users until they have been cleared by the admin (default: true).
188 189 190
    block_auto_created_users: true

    ## Auth providers
191 192
    # Uncomment the following lines and fill in the data of the auth provider you want to use
    # If your favorite auth provider is not listed you can use others:
Drew Blessing's avatar
Drew Blessing committed
193
    # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations
194 195
    # The 'app_id' and 'app_secret' parameters are always passed as the first two
    # arguments, followed by optional 'args' which can be either a hash or an array.
dosire's avatar
dosire committed
196
    # Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html
197
    providers:
Douwe Maan's avatar
Douwe Maan committed
198 199
      # - { name: 'google_oauth2', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET',
200
      #     args: { access_type: 'offline', approval_prompt: '' } }
Douwe Maan's avatar
Douwe Maan committed
201 202 203 204
      # - { name: 'twitter', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET'}
      # - { name: 'github', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET',
205
      #     args: { scope: 'user:email' } }
Douwe Maan's avatar
Douwe Maan committed
206 207
      # - { name: 'gitlab', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET',
208
      #     args: { scope: 'api' } }
Douwe Maan's avatar
Douwe Maan committed
209 210
      # - { name: 'bitbucket', app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET'}
211 212 213 214 215 216 217 218 219 220 221



  #
  # 3. Advanced settings
  # ==========================

  # GitLab Satellites
  satellites:
    # Relative paths are relative to Rails.root (default: tmp/repo_satellites/)
    path: /home/git/gitlab-satellites/
222
    timeout: 30
223 224 225 226 227

  ## Backup settings
  backup:
    path: "tmp/backups"   # Relative paths are relative to Rails.root (default: tmp/backups/)
    # keep_time: 604800   # default: 0 (forever) (in seconds)
228 229 230 231
    # upload:
    #   # Fog storage connection settings, see http://fog.io/storage/ .
    #   connection:
    #     provider: AWS
232
    #     region: eu-west-1
233 234 235 236
    #     aws_access_key_id: AKIAKIAKI
    #     aws_secret_access_key: 'secret123'
    #   # The remote 'directory' to store your backups. For S3, this would be the bucket name.
    #   remote_directory: 'my.s3.bucket'
237 238 239

  ## GitLab Shell settings
  gitlab_shell:
240 241
    path: /home/git/gitlab-shell/

242 243 244 245 246 247 248 249
    # REPOS_PATH MUST NOT BE A SYMLINK!!!
    repos_path: /home/git/repositories/
    hooks_path: /home/git/gitlab-shell/hooks/

    # Git over HTTP
    upload_pack: true
    receive_pack: true

250
    # If you use non-standard ssh port you need to specify it
251 252 253
    # ssh_port: 22

  ## Git settings
Riyad Preukschas's avatar
Riyad Preukschas committed
254
  # CAUTION!
255 256 257
  # Use the default values unless you really know what you are doing
  git:
    bin_path: /usr/bin/git
dosire's avatar
dosire committed
258 259 260
    # The next value is the maximum memory size grit can use
    # Given in number of bytes per git object (e.g. a commit)
    # This value can be increased if you have very large commits
261
    max_size: 20971520 # 20.megabytes
262
    # Git timeout to read a commit, in seconds
263 264
    timeout: 10

265 266 267 268
  #
  # 4. Extra customization
  # ==========================

269
  extra:
270 271 272
    ## Google analytics. Uncomment if you want it
    # google_analytics_id: '_your_tracking_id'

Sebastian Winkler's avatar
Sebastian Winkler committed
273 274 275 276
    ## Piwik analytics.
    # piwik_url: '_your_piwik_url'
    # piwik_site_id: '_your_piwik_site_id'

277 278
  rack_attack:
    git_basic_auth:
279 280 281
      # Rack Attack IP banning enabled
      # enabled: true
      #
282 283 284
      # Whitelist requests from 127.0.0.1 for web proxies (NGINX/Apache) with incorrect headers
      # ip_whitelist: ["127.0.0.1"]
      #
285 286 287 288 289 290 291 292 293
      # Limit the number of Git HTTP authentication attempts per IP
      # maxretry: 10
      #
      # Reset the auth attempt counter per IP after 60 seconds
      # findtime: 60
      #
      # Ban an IP for one hour (3600s) after too many auth attempts
      # bantime: 3600

294
development:
295
  <<: *base
296 297

test:
298
  <<: *base
299 300 301 302
  gravatar:
    enabled: true
  gitlab:
    host: localhost
303
    port: 80
304 305

    # When you run tests we clone and setup gitlab-shell
306
    # In order to setup it correctly you need to specify
307
    # your system username you use to run GitLab
308
    # user: YOUR_USERNAME
309 310 311 312 313 314
  satellites:
    path: tmp/tests/gitlab-satellites/
  gitlab_shell:
    path: tmp/tests/gitlab-shell/
    repos_path: tmp/tests/repositories/
    hooks_path: tmp/tests/gitlab-shell/hooks/
315 316
  issues_tracker:
    redmine:
317
      title: "Redmine"
318
      project_url: "http://redmine/projects/:issues_tracker_id"
319
      issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
320
      new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
321 322 323
  ldap:
    enabled: false
    servers:
324
      main:
325 326 327 328 329 330 331 332 333 334
        label: ldap
        host: 127.0.0.1
        port: 3890
        uid: 'uid'
        method: 'plain' # "tls" or "ssl" or "plain"
        base: 'dc=example,dc=com'
        user_filter: ''
        group_base: 'ou=groups,dc=example,dc=com'
        admin_group: ''
        sync_ssh_keys: false
335 336

staging:
337
  <<: *base