Commit 5e227fdb authored by iv's avatar iv

gitlab: Sync upstream configs from omnibus-gitlab 8.8.7+ce.1-0-g5116476

Like f6f97d72 - pristine copy from omnibus-gitlab 8.8.7+ce.1-0-g5116476

Changes are:

    - gitlab.yml.erb
      Add gitlab_default_projects_features_container_registry variable to be used by docker containers

    - nginx.conf.erb
      Docker related password storage
      https://gitlab.com/gitlab-org/omnibus-gitlab/issues/1218 (commit f74472d4)

    - rack_attack.rb.erb
      Disable Rack Attack throttling if admin disables it in config file

    - smtp_settings.rb.erb
      If authentication is not enabled for smtp, don't place it in the config.

The following files stay the same:

    - database.yml.erb
    - gitconfig.erb
    - gitlab-shell-config.yml.erb
    - nginx-gitlab-http.conf.erb
    - resque.yml.erb
    - unicorn.rb.erb
parent 64e2d666
......@@ -73,6 +73,7 @@ production: &base
wiki: <%= @gitlab_default_projects_features_wiki %>
snippets: <%= @gitlab_default_projects_features_snippets %>
builds: <%= @gitlab_default_projects_features_builds %>
container_registry: <%= @gitlab_default_projects_features_container_registry %>
## Webhook settings
# Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10)
......@@ -124,6 +125,16 @@ production: &base
# The location where LFS objects are stored (default: shared/lfs-objects).
storage_path: <%= @lfs_storage_path %>
## Container Registry
registry:
enabled: <%= @registry_enabled %>
host: <%= @registry_host %>
port: <%= @registry_port %>
api_url: <%= @registry_api_url %> # internal address to the registry, will be used by GitLab to directly communicate with API
path: <%= @registry_path %>
key: <%= @registry_key_path %>
issuer: <%= @registry_issuer %>
## GitLab Pages (EE only)
pages:
enabled: <%= @pages_enabled %>
......
......@@ -51,5 +51,9 @@ http {
include <%= @gitlab_mattermost_http_config %>;
<% end %>
<% if @gitlab_registry_http_config %>
include <%= @gitlab_registry_http_config %>;
<% end %>
<%= @custom_nginx_config %>
}
......@@ -20,8 +20,9 @@ paths_to_be_protected = [
# Create one big regular expression that matches strings starting with any of
# the paths_to_be_protected.
paths_regex = Regexp.union(paths_to_be_protected.map { |path| /\A#{Regexp.escape(path)}/ })
rack_attack_enabled = Gitlab.config.rack_attack.git_basic_auth['enabled']
unless Rails.env.test?
unless Rails.env.test? || !rack_attack_enabled
Rack::Attack.throttle('protected paths', limit: <%= @rate_limit_requests_per_period %>, period: <%= @rate_limit_period %>.seconds) do |req|
if req.post? && req.path =~ paths_regex
req.ip
......
......@@ -2,16 +2,15 @@
# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
# and run `sudo gitlab-ctl reconfigure`.
<% rails_app = @app == 'gitlab' ? 'Gitlab' : 'GitlabCi' %>
<% container = @app == 'gitlab' ? 'gitlab-rails' : 'gitlab-ci' %>
if Rails.env.production?
<%= rails_app %>::Application.config.action_mailer.delivery_method = :smtp
Gitlab::Application.config.action_mailer.delivery_method = :smtp
ActionMailer::Base.smtp_settings = {
<% unless @smtp_authentication.nil? %>
authentication: <%= @smtp_authentication.to_s.to_sym.inspect %>,
<% end %>
<% %w{ address port user_name password domain enable_starttls_auto tls ssl openssl_verify_mode ca_path ca_file }.each do |key| %>
<% value = node['gitlab'][container]["smtp_#{key}"] %>
<% value = node['gitlab']['gitlab-rails']["smtp_#{key}"] %>
<%= "#{key}: #{value.inspect}," unless value.nil? %>
<% end %>
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment