Commit 4d1aa2d1 authored by Kirill Smelkov's avatar Kirill Smelkov

X Stub gitconfig ; needs fixing in gitlab-workhorse

parent e5f914c6
...@@ -3,8 +3,6 @@ ...@@ -3,8 +3,6 @@
- setup basic ~/.gitconfig - setup basic ~/.gitconfig
- pull request with 1 patch -> merge fast-forward - pull request with 1 patch -> merge fast-forward
- default project limit setting: 10 -> 50
- integrate git-backup in a PBS-style way - integrate git-backup in a PBS-style way
......
...@@ -75,18 +75,13 @@ configuration.sidekiq_shutdown_timeout = 4 ...@@ -75,18 +75,13 @@ configuration.sidekiq_shutdown_timeout = 4
configuration.unicorn_worker_timeout = 60 configuration.unicorn_worker_timeout = 60
configuration.unicorn_worker_processes = 2 configuration.unicorn_worker_processes = 2
# unicorn advanced # unicorn advanced
#configuration.unicorn_tcp_nopush = true not used
configuration.unicorn_backlog_socket = 1024 configuration.unicorn_backlog_socket = 1024
# nginx # nginx
configuration.nginx_client_max_body_size = 250m configuration.nginx_client_max_body_size = 250m
configuration.nginx_redirect_http_to_https = false configuration.nginx_redirect_http_to_https = false
# TODO -> generate certificate automatically
# nginx['ssl_certificate'] = "/etc/gitlab/ssl/#{node['fqdn']}.crt"
# nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/#{node['fqdn']}.key"
# nginx['ssl_client_certificate'] = "/etc/gitlab/ssl/ca.crt" # Most root CA's are included by default
# we don't need - we talk directly to frontend only # we don't need - we talk directly to frontend only
configuration.nginx_ssl_ciphers = ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4 configuration.nginx_ssl_ciphers = ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
......
...@@ -19,6 +19,8 @@ parts = ...@@ -19,6 +19,8 @@ parts =
# TODO gitlab-shell - since compiled shell picks up /usr/bin/env ruby ... ? # TODO gitlab-shell - since compiled shell picks up /usr/bin/env ruby ... ?
gitconfig
gitlab-work gitlab-work
gitlab-shell-work gitlab-shell-work
...@@ -109,7 +111,7 @@ promise = ${:etc}/promise ...@@ -109,7 +111,7 @@ promise = ${:etc}/promise
# gitlab: etc/ log/ ... # gitlab: etc/ log/ ...
# TODO var/run/ (for *.pid .lock) ? # TODO var/run/ (for *.pid .lock) ?
[gitlab] [gitlab-dir]
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
etc = ${directory:etc}/gitlab etc = ${directory:etc}/gitlab
log = ${directory:log}/gitlab log = ${directory:log}/gitlab
...@@ -118,9 +120,27 @@ var = ${directory:var}/gitlab ...@@ -118,9 +120,27 @@ var = ${directory:var}/gitlab
tmp = ${:var}/tmp tmp = ${:var}/tmp
uploads = ${:var}/uploads uploads = ${:var}/uploads
assets = ${:var}/assets assets = ${:var}/assets
backup = ${directory:var}/backup
[gitlab-repo-dir]
recipe = slapos.cookbook:mkdirectory
repositories = ${directory:var}/repositories repositories = ${directory:var}/repositories
# XXX goes away (?) satellites = ${directory:var}/satellites # XXX goes away (?) satellites = ${directory:var}/satellites
backup = ${directory:var}/backup
# gitlab wants it to be drwxrws---
# FIXME does not work for some reason, but probably it is not a blocker for
# gitlab to work ok
mode = 02770
[gitlab]
etc = ${gitlab-dir:etc}
log = ${gitlab-dir:log}
var = ${gitlab-dir:var}
tmp = ${gitlab-dir:tmp}
uploads = ${gitlab-dir:uploads}
assets = ${gitlab-dir:assets}
backup = ${gitlab-dir:backup}
repositories = ${gitlab-repo-dir:repositories}
# gitlab-shell: etc/ log/ gitlab_shell_secret ... # gitlab-shell: etc/ log/ gitlab_shell_secret ...
...@@ -240,6 +260,15 @@ context-extra = ...@@ -240,6 +260,15 @@ context-extra =
section gitlab_workhorse gitlab-workhorse section gitlab_workhorse gitlab-workhorse
section unicorn unicorn section unicorn unicorn
[gitconfig]
<= etc-template
template= {{ gitconfig_in }}
# NOTE put directly into $HOME/ - this way git will pick it up
rendered= ${directory:home}/.${:_buildout_section_name_}
# TODO log: logrotate # TODO log: logrotate
...@@ -249,9 +278,10 @@ context-extra = ...@@ -249,9 +278,10 @@ context-extra =
[gitlab-bin] [gitlab-bin]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:bin}/${:_buildout_section_name_} wrapper-path = ${directory:bin}/${:_buildout_section_name_}
# NOTE HOME needed to pick gitconfig
environment = environment =
BUNDLE_GEMFILE = {{ gitlab_repository_location + '/Gemfile' }} BUNDLE_GEMFILE = {{ gitlab_repository_location + '/Gemfile' }}
# HOME = ... (needed ?) better yes HOME = ${directory:home}
# PATH = ... TODO # PATH = ... TODO
RAILS_ENV = production RAILS_ENV = production
# XXX here vvv ? # XXX here vvv ?
...@@ -446,8 +476,10 @@ command-line = {{ gitlab_workhorse }} ...@@ -446,8 +476,10 @@ command-line = {{ gitlab_workhorse }}
# XXX for git to be available on path # XXX for git to be available on path
# XXX for ruby to be available on path (gitlab-workhorse -> gitlab-shell -> hooks on push) # XXX for ruby to be available on path (gitlab-workhorse -> gitlab-shell -> hooks on push)
# XXX for gitconfig to be pickable
environment = environment =
PATH={{ git_location }}/bin:{{ ruby_location }}/bin:%(PATH)s PATH={{ git_location }}/bin:{{ ruby_location }}/bin:%(PATH)s
HOME=${directory:home}
###################### ######################
......
...@@ -53,5 +53,7 @@ context = ...@@ -53,5 +53,7 @@ context =
raw nginx_conf_in ${nginx.conf.in:target} raw nginx_conf_in ${nginx.conf.in:target}
raw nginx_gitlab_http_conf_in ${nginx-gitlab-http.conf.in:target} raw nginx_gitlab_http_conf_in ${nginx-gitlab-http.conf.in:target}
raw gitconfig_in ${gitconfig.in:target}
# XXX hack - better use ${gitlab-shell-repository:location} directly # XXX hack - better use ${gitlab-shell-repository:location} directly
raw gitlab_shell ${gitlab-shell-repository:location} raw gitlab_shell ${gitlab-shell-repository:location}
...@@ -229,6 +229,10 @@ url = ${:_profile_base_location_}/template/${:_buildout_section_name_} ...@@ -229,6 +229,10 @@ url = ${:_profile_base_location_}/template/${:_buildout_section_name_}
<= download-template <= download-template
# md5sum = TODO # md5sum = TODO
[gitconfig.in]
<= download-template
# md5sum = TODO
[versions] [versions]
rubygemsrecipe = 0.2.2 rubygemsrecipe = 0.2.2
......
{{ autogenerated }}
# global git configuration for GitLab
#
{% from 'macrolib.cfg.in' import cfg with context %}
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/attributes/default.rb
# don't waste memory when packing (each thread uses own work memory)
# besides it packs better with 1 thread
[pack]
threads = 1
# don't allow corrupt/broken objects to go in
[receive]
fsckObjects = true
# https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/gitconfig.erb
[user]
name = {{ cfg('email_display_name') }}
{# XXX email_from -> name@fqdn ? #}
email = {{ cfg('email_from') }}
[core]
autocrlf = input
...@@ -19,8 +19,7 @@ production: &base ...@@ -19,8 +19,7 @@ production: &base
port: {{ external_url.port or default_port[external_url.scheme] }} port: {{ external_url.port or default_port[external_url.scheme] }}
https: {{ cfg_https }} https: {{ cfg_https }}
# XXX temp workaround for gitlab not building correct url for host being ipv6 addr url: {{ cfg('external_url') }}
url: {{ backend_info.url }}
user: {{ backend_info.user }} user: {{ backend_info.user }}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment