gitlab.yml.example 23.7 KB
Newer Older
1
# # # # # # # # # # # # # # # # # #
2
# GitLab application config file  #
3
# # # # # # # # # # # # # # # # # #
4
#
5 6
###########################  NOTE  #####################################
# This file should not receive new settings. All configuration options #
7
# * are being moved to ApplicationSetting model!                       #
8
# If a setting requires an application restart say so in that screen.  #
9 10
# If you change this file in a Merge Request, please also create       #
# a MR on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests  #
11 12
########################################################################
#
13
#
14
# How to use:
15 16
# 1. Copy file as gitlab.yml
# 2. Update gitlab -> host with your fully qualified domain name
17
# 3. Update gitlab -> email_from
18
# 4. If you installed Git from source, change git -> bin_path to /usr/local/bin/git
19 20 21
#    IMPORTANT: If Git was installed in a different location use that instead.
#    You can check with `which git`. If a wrong path of Git is specified, it will
#     result in various issues such as failures of GitLab CI builds.
22
# 5. Review this configuration file for other settings you may want to adjust
23

24 25 26 27 28 29 30
production: &base
  #
  # 1. GitLab app settings
  # ==========================

  ## GitLab settings
  gitlab:
31
    ## Web server settings (note: host is the FQDN, do not include http://)
32
    host: localhost
33 34
    port: 80 # Set to 443 if using HTTPS, see installation.md#using-https for additional HTTPS configuration details
    https: false # Set to true if using HTTPS, see installation.md#using-https for additional HTTPS configuration details
35

36 37 38 39 40
    # Uncommment this line below if your ssh host is different from HTTP/HTTPS one
    # (you'd obviously need to replace ssh.host_example.com with your own host).
    # Otherwise, ssh host will be set to the `host:` value above
    # ssh_host: ssh.host_example.com

41
    # Relative URL support
42 43
    # WARNING: We recommend using an FQDN to host GitLab in a root path instead
    # of using a relative URL.
44 45 46
    # Documentation: http://doc.gitlab.com/ce/install/relative_url.html
    # Uncomment and customize the following line to run in a non-root path
    #
47 48
    # relative_url_root: /gitlab

49 50 51 52 53 54 55 56 57
    # Trusted Proxies
    # Customize if you have GitLab behind a reverse proxy which is running on a different machine.
    # Add the IP address for your reverse proxy to the list, otherwise users will appear signed in from that address.
    trusted_proxies:
      # Examples:
      #- 192.168.1.0/24
      #- 192.168.2.1
      #- 2001:0db8::/32

58 59 60
    # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
    # user: git

61 62
    ## Date & Time settings
    # Uncomment and customize if you want to change the default time zone of GitLab application.
63
    # To see all available zones, run `bundle exec rake time:zones:all RAILS_ENV=production`
64 65
    # time_zone: 'UTC'

66 67 68 69 70 71 72
    ## Email settings
    # Uncomment and set to false if you need to disable email sending from GitLab (default: true)
    # email_enabled: true
    # Email address used in the "From" field in mails sent by GitLab
    email_from: example@example.com
    email_display_name: GitLab
    email_reply_to: noreply@example.com
73
    email_subject_suffix: ''
74 75 76

    # Email server smtp settings are in config/initializers/smtp_settings.rb.sample

77
    # default_can_create_group: false  # default: true
78
    # username_changing_enabled: false # default: true - User can change her username/namespace
Izaak Alpert's avatar
Izaak Alpert committed
79

80
    ## Automatic issue closing
Sytse Sijbrandij's avatar
Sytse Sijbrandij committed
81
    # If a commit message matches this regular expression, all issues referenced from the matched text will be closed.
Julien Kirch's avatar
Julien Kirch committed
82
    # This happens when the commit is pushed or merged into the default branch of a project.
Sytse Sijbrandij's avatar
Sytse Sijbrandij committed
83
    # When not specified the default issue_closing_pattern as specified below will be used.
Achilleas Pipinellis's avatar
Achilleas Pipinellis committed
84
    # Tip: you can test your closing pattern at http://rubular.com.
85
    # issue_closing_pattern: '((?:[Cc]los(?:e[sd]?|ing)|[Ff]ix(?:e[sd]|ing)?|[Rr]esolv(?:e[sd]?|ing))(:?) +(?:(?:issues? +)?%{issue_ref}(?:(?:, *| +and +)?)|([A-Z][A-Z0-9_]+-\d+))+)'
86

87 88 89 90 91
    ## Default project features settings
    default_projects_features:
      issues: true
      merge_requests: true
      wiki: true
92
      snippets: false
93
      builds: true
94
      container_registry: true
95

96 97 98 99
    ## Webhook settings
    # Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10)
    # webhook_timeout: 10

100 101
    ## Repository downloads directory
    # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory.
102 103
    # The default is 'shared/cache/archive/' relative to the root of the Rails app.
    # repository_downloads_path: shared/cache/archive/
104

Douwe Maan's avatar
Douwe Maan committed
105
  ## Reply by email
Douwe Maan's avatar
Douwe Maan committed
106
  # Allow users to comment on issues and merge requests by replying to notification emails.
107
  # For documentation on how to set this up, see http://doc.gitlab.com/ce/administration/reply_by_email.html
108
  incoming_email:
Douwe Maan's avatar
Douwe Maan committed
109
    enabled: false
110 111

    # The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to.
112
    # The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`).
113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132
    address: "gitlab-incoming+%{key}@gmail.com"

    # Email account username
    # With third party providers, this is usually the full email address.
    # With self-hosted email servers, this is usually the user part of the email address.
    user: "gitlab-incoming@gmail.com"
    # Email account password
    password: "[REDACTED]"

    # IMAP server host
    host: "imap.gmail.com"
    # IMAP server port
    port: 993
    # Whether the IMAP server uses SSL
    ssl: true
    # Whether the IMAP server uses StartTLS
    start_tls: false

    # The mailbox where incoming mail will end up. Usually "inbox".
    mailbox: "inbox"
133
    # The IDLE command timeout.
134
    idle_timeout: 60
Douwe Maan's avatar
Douwe Maan committed
135

Kamil Trzcinski's avatar
Kamil Trzcinski committed
136 137 138 139 140 141
  ## Build Artifacts
  artifacts:
    enabled: true
    # The location where build artifacts are stored (default: shared/artifacts).
    # path: shared/artifacts

Marin Jankovski's avatar
Marin Jankovski committed
142 143
  ## Git LFS
  lfs:
Marin Jankovski's avatar
Marin Jankovski committed
144
    enabled: true
Marin Jankovski's avatar
Marin Jankovski committed
145 146 147
    # The location where LFS objects are stored (default: shared/lfs-objects).
    # storage_path: shared/lfs-objects

Kamil Trzcinski's avatar
Kamil Trzcinski committed
148 149 150 151 152 153 154 155 156
  ## GitLab Pages
  pages:
    enabled: false
    # The location where pages are stored (default: shared/pages).
    # path: shared/pages

    # The domain under which the pages are served:
    # http://group.example.com/project
    # or project path can be a group page: group.example.com
157
    host: example.com
158 159
    port: 80 # Set to 443 if you serve the pages with HTTPS
    https: false # Set to true if you serve the pages with HTTPS
Kamil Trzcinski's avatar
Kamil Trzcinski committed
160 161
    # external_http: "1.1.1.1:80" # If defined, enables custom domain support in GitLab Pages
    # external_https: "1.1.1.1:443" # If defined, enables custom domain and certificate support in GitLab Pages
Kamil Trzcinski's avatar
Kamil Trzcinski committed
162

163 164 165 166 167 168
  ## Mattermost
  ## For enabling Add to Mattermost button
  mattermost:
    enabled: false
    host: 'https://mattermost.example.com'

169
  ## Gravatar
170
  ## For Libravatar see: http://doc.gitlab.com/ce/customization/libravatar.html
171
  gravatar:
172
    # gravatar urls: possible placeholders: %{hash} %{size} %{email}
173 174
    # plain_url: "http://..."     # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
    # ssl_url:   "https://..."    # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
175

176 177 178 179
  ## Auxiliary jobs
  # Periodically executed jobs, to self-heal Gitlab, do external synchronizations, etc.
  # Please read here for more information: https://github.com/ondrejbartas/sidekiq-cron#adding-cron-job
  cron_jobs:
180 181
    # Flag stuck CI jobs as failed
    stuck_ci_jobs_worker:
182
      cron: "0 * * * *"
183 184
    # Remove expired build artifacts
    expire_build_artifacts_worker:
185
      cron: "50 * * * *"
Jacob Vosmaer's avatar
Jacob Vosmaer committed
186 187
    # Periodically run 'git fsck' on all repositories. If started more than
    # once per hour you will have concurrent 'git fsck' jobs.
188
    repository_check_worker:
Jacob Vosmaer's avatar
Jacob Vosmaer committed
189
      cron: "20 * * * *"
190
    # Send admin emails once a week
Jacob Vosmaer's avatar
Jacob Vosmaer committed
191
    admin_email_worker:
192
      cron: "0 0 * * 0"
193

194 195 196
    # Remove outdated repository archives
    repository_archive_cache_worker:
      cron: "0 * * * *"
197

Kamil Trzcinski's avatar
Kamil Trzcinski committed
198 199
  registry:
    # enabled: true
200
    # host: registry.example.com
201 202
    # port: 5005
    # api_url: http://localhost:5000/ # internal address to the registry, will be used by GitLab to directly communicate with API
203
    # key: config/registry.key
204
    # path: shared/registry
205
    # issuer: gitlab-issuer
Kamil Trzcinski's avatar
Kamil Trzcinski committed
206

207
  #
208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224
  # 2. GitLab CI settings
  # ==========================

  gitlab_ci:
    # Default project notifications settings:
    #
    # Send emails only on broken builds (default: true)
    # all_broken_builds: true
    #
    # Add pusher to recipients list (default: false)
    # add_pusher: true

    # The location where build traces are stored (default: builds/). Relative paths are relative to Rails.root
    # builds_path: builds/

  #
  # 3. Auth settings
225 226 227
  # ==========================

  ## LDAP settings
228 229
  # You can inspect a sample of the LDAP users with login access by running:
  #   bundle exec rake gitlab:ldap:check RAILS_ENV=production
230 231
  ldap:
    enabled: false
232
    servers:
233 234 235 236 237 238 239 240 241
      ##########################################################################
      #
      # Since GitLab 7.4, LDAP servers get ID's (below the ID is 'main'). GitLab
      # Enterprise Edition now supports connecting to multiple LDAP servers.
      #
      # If you are updating from the old (pre-7.4) syntax, you MUST give your
      # old server the ID 'main'.
      #
      ##########################################################################
242
      main: # 'main' is the GitLab 'provider ID' of this LDAP server
243 244 245 246 247 248 249 250 251
        ## label
        #
        # A human-friendly name for your LDAP server. It is OK to change the label later,
        # for instance if you find out it is too large to fit on the web page.
        #
        # Example: 'Paris' or 'Acme, Ltd.'
        label: 'LDAP'

        host: '_your_ldap_server'
252
        port: 389
253
        uid: 'sAMAccountName'
254
        method: 'plain' # "tls" or "ssl" or "plain"
255 256
        bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
        password: '_the_password_of_the_bind_user'
257

258 259 260 261 262
        # Set a timeout, in seconds, for LDAP queries. This helps avoid blocking
        # a request if the LDAP server becomes unresponsive.
        # A value of 0 means there is no timeout.
        timeout: 10

263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278
        # This setting specifies if LDAP server is Active Directory LDAP server.
        # For non AD servers it skips the AD specific queries.
        # If your LDAP server is not AD, set this to false.
        active_directory: true

        # If allow_username_or_email_login is enabled, GitLab will ignore everything
        # after the first '@' in the LDAP username submitted by the user on login.
        #
        # Example:
        # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
        # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
        #
        # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
        # disable this setting, because the userPrincipalName contains an '@'.
        allow_username_or_email_login: false

279
        # To maintain tight control over the number of active users on your GitLab installation,
280
        # enable this setting to keep new users blocked until they have been cleared by the admin
281
        # (default: false).
282 283
        block_auto_created_users: false

284 285 286 287 288 289 290 291 292 293 294 295 296 297
        # Base where we can search for users
        #
        #   Ex. ou=People,dc=gitlab,dc=example
        #
        base: ''

        # Filter LDAP users
        #
        #   Format: RFC 4515 http://tools.ietf.org/search/rfc4515
        #   Ex. (employeeType=developer)
        #
        #   Note: GitLab does not support omniauth-ldap's custom filter syntax.
        #
        user_filter: ''
298

299
        # LDAP attributes that GitLab will use to create an account for the LDAP user.
Douwe Maan's avatar
Douwe Maan committed
300 301
        # The specified attribute can either be the attribute name as a string (e.g. 'mail'),
        # or an array of attribute names to try in order (e.g. ['mail', 'email']).
302 303 304 305 306
        # Note that the user's LDAP login will always be the attribute specified as `uid` above.
        attributes:
          # The username will be used in paths for the user's own projects
          # (like `gitlab.example.com/username/project`) and when mentioning
          # them in issues, merge request and comments (like `@username`).
307
          # If the attribute specified for `username` contains an email address,
308 309 310 311 312
          # the GitLab username will be the part of the email address before the '@'.
          username: ['uid', 'userid', 'sAMAccountName']
          email:    ['mail', 'email', 'userPrincipalName']

          # If no full name could be found at the attribute specified for `name`,
313
          # the full name is determined using the attributes specified for
314 315 316 317 318
          # `first_name` and `last_name`.
          name:       'cn'
          first_name: 'givenName'
          last_name:  'sn'

319 320 321 322 323 324 325
      # GitLab EE only: add more LDAP servers
      # Choose an ID made of a-z and 0-9 . This ID will be stored in the database
      # so that GitLab can remember which LDAP server a user belongs to.
      # uswest2:
      #   label:
      #   host:
      #   ....
326 327


328
  ## OmniAuth settings
329
  omniauth:
330
    # Allow login via Twitter, Google, etc. using OmniAuth providers
331 332
    enabled: false

333 334 335 336
    # Uncomment this to automatically sign in with a specific omniauth provider's without
    # showing GitLab's sign-in page (default: show the GitLab sign-in page)
    # auto_sign_in_with_provider: saml

337
    # CAUTION!
338 339
    # This allows users to login without having a user account first. Define the allowed providers
    # using an array, e.g. ["saml", "twitter"], or as true/false to allow all providers or none.
340
    # User accounts will be created automatically when authentication was successful.
341 342
    allow_single_sign_on: ["saml"]

343
    # Locks down those users until they have been cleared by the admin (default: true).
344
    block_auto_created_users: true
345 346 347
    # Look up new users in LDAP servers. If a match is found (same uid), automatically
    # link the omniauth identity with the LDAP account. (default: false)
    auto_link_ldap_user: false
348

349 350 351 352 353
    # Allow users with existing accounts to login and auto link their account via SAML
    # login, without having to do a manual login first and manually add SAML
    # (default: false)
    auto_link_saml_user: false

Patricio Cano's avatar
Patricio Cano committed
354 355 356 357 358 359 360
    # Set different Omniauth providers as external so that all users creating accounts
    # via these providers will not be able to have access to internal projects. You
    # will need to use the full name of the provider, like `google_oauth2` for Google.
    # Refer to the examples below for the full names of the supported providers.
    # (default: [])
    external_providers: []

361
    ## Auth providers
362 363
    # Uncomment the following lines and fill in the data of the auth provider you want to use
    # If your favorite auth provider is not listed you can use others:
Drew Blessing's avatar
Drew Blessing committed
364
    # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations
365 366
    # The 'app_id' and 'app_secret' parameters are always passed as the first two
    # arguments, followed by optional 'args' which can be either a hash or an array.
dosire's avatar
dosire committed
367
    # Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html
368
    providers:
tduehr's avatar
tduehr committed
369 370 371 372 373 374 375 376 377
      # See omniauth-cas3 for more configuration details
      # - { name: 'cas3',
      #     label: 'cas3',
      #     args: {
      #             url: 'https://sso.example.com',
      #             disable_ssl_verification: false,
      #             login_url: '/cas/login',
      #             service_validate_url: '/cas/p3/serviceValidate',
      #             logout_url: '/cas/logout'} }
378 379 380 381 382 383 384 385 386 387
      # - { name: 'authentiq',
      #     # for client credentials (client ID and secret), go to https://www.authentiq.com/
      #     app_id: 'YOUR_CLIENT_ID',
      #     app_secret: 'YOUR_CLIENT_SECRET',
      #     args: {
      #             scope: 'aq:name email~rs address aq:push'
      #             # redirect_uri parameter is optional except when 'gitlab.host' in this file is set to 'localhost'
      #             # redirect_uri: 'YOUR_REDIRECT_URI'
      #           }
      #   }
388 389
      # - { name: 'github',
      #     app_id: 'YOUR_APP_ID',
Douwe Maan's avatar
Douwe Maan committed
390
      #     app_secret: 'YOUR_APP_SECRET',
391 392
      #     url: "https://github.com/",
      #     verify_ssl: true,
393
      #     args: { scope: 'user:email' } }
Douwe Maan's avatar
Douwe Maan committed
394 395 396
      # - { name: 'bitbucket',
      #     app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET' }
397 398
      # - { name: 'gitlab',
      #     app_id: 'YOUR_APP_ID',
Douwe Maan's avatar
Douwe Maan committed
399
      #     app_secret: 'YOUR_APP_SECRET',
400
      #     args: { scope: 'api' } }
Douwe Maan's avatar
Douwe Maan committed
401 402 403 404 405
      # - { name: 'google_oauth2',
      #     app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET',
      #     args: { access_type: 'offline', approval_prompt: '' } }
      # - { name: 'facebook',
406
      #     app_id: 'YOUR_APP_ID',
407
      #     app_secret: 'YOUR_APP_SECRET' }
Douwe Maan's avatar
Douwe Maan committed
408 409 410 411
      # - { name: 'twitter',
      #     app_id: 'YOUR_APP_ID',
      #     app_secret: 'YOUR_APP_SECRET' }
      #
412
      # - { name: 'saml',
413
      #     label: 'Our SAML Provider',
Patricio Cano's avatar
Patricio Cano committed
414 415
      #     groups_attribute: 'Groups',
      #     external_groups: ['Contractors', 'Freelancers'],
416 417 418 419 420 421 422
      #     args: {
      #             assertion_consumer_service_url: 'https://gitlab.example.com/users/auth/saml/callback',
      #             idp_cert_fingerprint: '43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8',
      #             idp_sso_target_url: 'https://login.example.com/idp',
      #             issuer: 'https://gitlab.example.com',
      #             name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
      #           } }
Patricio Cano's avatar
Patricio Cano committed
423
      #
Valery Sizov's avatar
Valery Sizov committed
424 425 426 427 428
      # - { name: 'crowd',
      #     args: {
      #       crowd_server_url: 'CROWD SERVER URL',
      #       application_name: 'YOUR_APP_NAME',
      #       application_password: 'YOUR_APP_PASSWORD' } }
429 430 431 432 433 434
      #
      # - { name: 'auth0',
      #     args: {
      #       client_id: 'YOUR_AUTH0_CLIENT_ID',
      #       client_secret: 'YOUR_AUTH0_CLIENT_SECRET',
      #       namespace: 'YOUR_AUTH0_DOMAIN' } }
435

tduehr's avatar
tduehr committed
436 437 438 439
    # SSO maximum session duration in seconds. Defaults to CAS default of 8 hours.
    # cas3:
    #   session_duration: 28800

440 441 442 443
  # Shared file storage settings
  shared:
    # path: /mnt/gitlab # Default: shared

444 445 446 447 448 449 450 451 452 453
  # Gitaly settings
  gitaly:
    # The socket_path setting is optional and obsolete. When this is set
    # GitLab assumes it can reach a Gitaly services via a Unix socket at
    # this path. When this is commented out GitLab will not use Gitaly.
    # 
    # This setting is obsolete because we expect it to be moved under
    # repositories/storages in GitLab 9.1.
    #
    # socket_path: tmp/sockets/gitaly.socket
454 455

  #
456
  # 4. Advanced settings
457 458 459
  # ==========================

  # GitLab Satellites
460 461 462 463
  #
  # Note for maintainers: keep the satellites.path setting until GitLab 9.0 at
  # least. This setting is fed to 'rm -rf' in
  # db/migrate/20151023144219_remove_satellites.rb
464 465 466
  satellites:
    path: /home/git/gitlab-satellites/

467 468 469
  ## Repositories settings
  repositories:
    # Paths where repositories can be stored. Give the canonicalized absolute pathname.
Elan Ruusamäe's avatar
Elan Ruusamäe committed
470 471 472
    # IMPORTANT: None of the path components may be symlink, because
    # gitlab-shell invokes Dir.pwd inside the repository path and that results
    # real path not the symlink.
473
    storages: # You must have at least a `default` storage path.
474 475
      default:
        path: /home/git/repositories/
476

477 478 479
  ## Backup settings
  backup:
    path: "tmp/backups"   # Relative paths are relative to Rails.root (default: tmp/backups/)
480
    # archive_permissions: 0640 # Permissions for the resulting backup.tar file (default: 0600)
481
    # keep_time: 604800   # default: 0 (forever) (in seconds)
482
    # pg_schema: public     # default: nil, it means that all schemas will be backed up
483 484 485 486
    # upload:
    #   # Fog storage connection settings, see http://fog.io/storage/ .
    #   connection:
    #     provider: AWS
487
    #     region: eu-west-1
488 489 490 491
    #     aws_access_key_id: AKIAKIAKI
    #     aws_secret_access_key: 'secret123'
    #   # The remote 'directory' to store your backups. For S3, this would be the bucket name.
    #   remote_directory: 'my.s3.bucket'
492 493 494
    #   # Use multipart uploads when file size reaches 100MB, see
    #   #  http://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html
    #   multipart_chunk_size: 104857600
495 496
    #   # Turns on AWS Server-Side Encryption with Amazon S3-Managed Keys for backups, this is optional
    #   # encryption: 'AES256'
497 498
    #   # Specifies Amazon S3 storage class to use for backups, this is optional
    #   # storage_class: 'STANDARD'
499

500 501
  ## GitLab Shell settings
  gitlab_shell:
502
    path: /home/git/gitlab-shell/
503 504
    hooks_path: /home/git/gitlab-shell/hooks/

505 506 507 508
    # File that contains the secret key for verifying access for gitlab-shell.
    # Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app).
    # secret_file: /home/git/gitlab/.gitlab_shell_secret

509 510 511 512
    # Git over HTTP
    upload_pack: true
    receive_pack: true

513
    # If you use non-standard ssh port you need to specify it
514 515 516
    # ssh_port: 22

  ## Git settings
Riyad Preukschas's avatar
Riyad Preukschas committed
517
  # CAUTION!
518 519 520
  # Use the default values unless you really know what you are doing
  git:
    bin_path: /usr/bin/git
dosire's avatar
dosire committed
521 522 523
    # The next value is the maximum memory size grit can use
    # Given in number of bytes per git object (e.g. a commit)
    # This value can be increased if you have very large commits
524
    max_size: 20971520 # 20.megabytes
525
    # Git timeout to read a commit, in seconds
526 527
    timeout: 10

528 529 530 531 532 533 534 535 536 537
  ## Webpack settings
  # If enabled, this will tell rails to serve frontend assets from the webpack-dev-server running
  # on a given port instead of serving directly from /assets/webpack. This is only indended for use
  # in development.
  webpack:
    # dev_server:
    #   enabled: true
    #   host: localhost
    #   port: 3808

538
  #
539
  # 5. Extra customization
540 541
  # ==========================

542
  extra:
543 544 545
    ## Google analytics. Uncomment if you want it
    # google_analytics_id: '_your_tracking_id'

Sebastian Winkler's avatar
Sebastian Winkler committed
546 547 548 549
    ## Piwik analytics.
    # piwik_url: '_your_piwik_url'
    # piwik_site_id: '_your_piwik_site_id'

550 551
  rack_attack:
    git_basic_auth:
552 553 554
      # Rack Attack IP banning enabled
      # enabled: true
      #
555 556 557
      # Whitelist requests from 127.0.0.1 for web proxies (NGINX/Apache) with incorrect headers
      # ip_whitelist: ["127.0.0.1"]
      #
558 559 560 561 562 563 564 565 566
      # Limit the number of Git HTTP authentication attempts per IP
      # maxretry: 10
      #
      # Reset the auth attempt counter per IP after 60 seconds
      # findtime: 60
      #
      # Ban an IP for one hour (3600s) after too many auth attempts
      # bantime: 3600

567
development:
568
  <<: *base
569 570

test:
571
  <<: *base
572 573
  gravatar:
    enabled: true
Marin Jankovski's avatar
Marin Jankovski committed
574 575
  lfs:
    enabled: false
576 577
  gitlab:
    host: localhost
578
    port: 80
579 580

    # When you run tests we clone and setup gitlab-shell
581
    # In order to setup it correctly you need to specify
582
    # your system username you use to run GitLab
583
    # user: YOUR_USERNAME
584 585
  satellites:
    path: tmp/tests/gitlab-satellites/
586 587
  repositories:
    storages:
588 589
      default:
        path: tmp/tests/repositories/
590
  backup:
591
    path: tmp/tests/backups
592 593 594
  gitlab_shell:
    path: tmp/tests/gitlab-shell/
    hooks_path: tmp/tests/gitlab-shell/hooks/
595 596
  issues_tracker:
    redmine:
597
      title: "Redmine"
598
      project_url: "http://redmine/projects/:issues_tracker_id"
599
      issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
600
      new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
601 602
    jira:
      title: "JIRA"
603
      url: https://sample_company.atlassian.net
604
      project_key: PROJECT
605 606 607
  ldap:
    enabled: false
    servers:
608
      main:
609 610 611 612 613 614 615 616 617
        label: ldap
        host: 127.0.0.1
        port: 3890
        uid: 'uid'
        method: 'plain' # "tls" or "ssl" or "plain"
        base: 'dc=example,dc=com'
        user_filter: ''
        group_base: 'ou=groups,dc=example,dc=com'
        admin_group: ''
618 619

staging:
620
  <<: *base