Commit 6cb65c8c authored by Jakub Jirutka's avatar Jakub Jirutka

Make location of gitlab_workhorse_secret configurable

Hard-coding location of configuration files is very bad practice. This
patch applies the same approach as currently used for
gitlab_shell_secret file.
parent bb6dcf2d
...@@ -505,6 +505,11 @@ production: &base ...@@ -505,6 +505,11 @@ production: &base
# If you use non-standard ssh port you need to specify it # If you use non-standard ssh port you need to specify it
# ssh_port: 22 # ssh_port: 22
workhorse:
# File that contains the secret key for verifying access for gitlab-workhorse.
# Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app).
# secret_file: /home/git/gitlab/.gitlab_workhorse_secret
## Git settings ## Git settings
# CAUTION! # CAUTION!
# Use the default values unless you really know what you are doing # Use the default values unless you really know what you are doing
......
...@@ -387,6 +387,12 @@ Settings.gitlab_shell['ssh_user'] ||= Settings.gitlab.user ...@@ -387,6 +387,12 @@ Settings.gitlab_shell['ssh_user'] ||= Settings.gitlab.user
Settings.gitlab_shell['owner_group'] ||= Settings.gitlab.user Settings.gitlab_shell['owner_group'] ||= Settings.gitlab.user
Settings.gitlab_shell['ssh_path_prefix'] ||= Settings.__send__(:build_gitlab_shell_ssh_path_prefix) Settings.gitlab_shell['ssh_path_prefix'] ||= Settings.__send__(:build_gitlab_shell_ssh_path_prefix)
#
# Workhorse
#
Settings['workhorse'] ||= Settingslogic.new({})
Settings.workhorse['secret_file'] ||= Rails.root.join('.gitlab_workhorse_secret')
# #
# Repositories # Repositories
# #
......
...@@ -168,7 +168,7 @@ module Gitlab ...@@ -168,7 +168,7 @@ module Gitlab
end end
def secret_path def secret_path
Rails.root.join('.gitlab_workhorse_secret') Gitlab.config.workhorse.secret_file
end end
def set_key_and_notify(key, value, expire: nil, overwrite: true) def set_key_and_notify(key, value, expire: nil, overwrite: true)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment