[DRE-commits] [gitlab] 03/04: update gitlab.yml.example
Praveen Arimbrathodiyil
praveen at moszumanska.debian.org
Tue Sep 12 12:39:53 UTC 2017
This is an automated email from the git hooks/post-receive script.
praveen pushed a commit to branch master
in repository gitlab.
commit efab522bee54d2900c530a09c29f584255313e07
Author: Pirate Praveen <praveen at debian.org>
Date: Tue Sep 12 17:43:12 2017 +0530
update gitlab.yml.example
---
debian/conf/gitlab.yml.example | 447 ++++++++++++++++++++++++++++++++++-------
1 file changed, 376 insertions(+), 71 deletions(-)
diff --git a/debian/conf/gitlab.yml.example b/debian/conf/gitlab.yml.example
index f639b59..c77d4bc 100644
--- a/debian/conf/gitlab.yml.example
+++ b/debian/conf/gitlab.yml.example
@@ -4,8 +4,8 @@
#
########################### NOTE #####################################
# This file should not receive new settings. All configuration options #
-# that do not require an application restart are being moved to #
-# ApplicationSetting model! #
+# * are being moved to ApplicationSetting model! #
+# If a setting requires an application restart say so in that screen. #
# If you change this file in a Merge Request, please also create #
# a MR on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests #
########################################################################
@@ -31,7 +31,6 @@ production: &base
## GitLab settings
gitlab:
## Web server settings (note: host is the FQDN, do not include http://)
- # Using environmental variables from /etc/gitlab/gitlab-debian.conf
#host: localhost
#port: 80 # Set to 443 if using HTTPS, see installation.md#using-https for additional HTTPS configuration details
https: false # Set to true if using HTTPS, see installation.md#using-https for additional HTTPS configuration details
@@ -41,12 +40,25 @@ production: &base
# Otherwise, ssh host will be set to the `host:` value above
# ssh_host: ssh.host_example.com
- # WARNING: See config/application.rb under "Relative url support" for the list of
- # other files that need to be changed for relative url support
+ # Relative URL support
+ # WARNING: We recommend using an FQDN to host GitLab in a root path instead
+ # of using a relative URL.
+ # Documentation: http://doc.gitlab.com/ce/install/relative_url.html
+ # Uncomment and customize the following line to run in a non-root path
+ #
# relative_url_root: /gitlab
+ # Trusted Proxies
+ # Customize if you have GitLab behind a reverse proxy which is running on a different machine.
+ # Add the IP address for your reverse proxy to the list, otherwise users will appear signed in from that address.
+ trusted_proxies:
+ # Examples:
+ #- 192.168.1.0/24
+ #- 192.168.2.1
+ #- 2001:0db8::/32
+
# Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
- user: GITLAB_USER #gitlab_user (DON'T REMOVE THIS COMMENT)
+ user: git #gitlab_user (DON'T REMOVE THIS COMMENT)
user_home: /var/lib/gitlab
## Date & Time settings
@@ -62,33 +74,28 @@ production: &base
# email_from: example at example.com
# email_display_name: GitLab
# email_reply_to: noreply at example.com
+ # email_subject_suffix: ''
# Email server smtp settings are in config/initializers/smtp_settings.rb.sample
# default_can_create_group: false # default: true
# username_changing_enabled: false # default: true - User can change her username/namespace
- ## Default theme ID
- ## 1 - Graphite
- ## 2 - Charcoal
- ## 3 - Green
- ## 4 - Gray
- ## 5 - Violet
- ## 6 - Blue
- # default_theme: 2 # default: 2
## Automatic issue closing
# If a commit message matches this regular expression, all issues referenced from the matched text will be closed.
# This happens when the commit is pushed or merged into the default branch of a project.
# When not specified the default issue_closing_pattern as specified below will be used.
# Tip: you can test your closing pattern at http://rubular.com.
- # issue_closing_pattern: '((?:[Cc]los(?:e[sd]?|ing)|[Ff]ix(?:e[sd]|ing)?) +(?:(?:issues? +)?#\d+(?:(?:, *| +and +)?))+)'
+ # issue_closing_pattern: '((?:[Cc]los(?:e[sd]?|ing)|[Ff]ix(?:e[sd]|ing)?|[Rr]esolv(?:e[sd]?|ing))(:?) +(?:(?:issues? +)?%{issue_ref}(?:(?:, *| +and +)?)|([A-Z][A-Z0-9_]+-\d+))+)'
## Default project features settings
default_projects_features:
issues: true
merge_requests: true
wiki: true
- snippets: false
+ snippets: true
+ builds: true
+ container_registry: true
## Webhook settings
# Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10)
@@ -96,24 +103,114 @@ production: &base
## Repository downloads directory
# When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory.
- # The default is 'tmp/repositories' relative to the root of the Rails app.
- # repository_downloads_path: tmp/repositories
+ # The default is 'shared/cache/archive/' relative to the root of the Rails app.
+ # repository_downloads_path: shared/cache/archive/
## Reply by email
# Allow users to comment on issues and merge requests by replying to notification emails.
- # For documentation on how to set this up, see http://doc.gitlab.com/ce/incoming_email/README.html
+ # For documentation on how to set this up, see http://doc.gitlab.com/ce/administration/reply_by_email.html
incoming_email:
enabled: false
- address: "incoming+%{key}@gitlab.example.com"
+
+ # The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to.
+ # The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`).
+ address: "gitlab-incoming+%{key}@gmail.com"
+
+ # Email account username
+ # With third party providers, this is usually the full email address.
+ # With self-hosted email servers, this is usually the user part of the email address.
+ user: "gitlab-incoming at gmail.com"
+ # Email account password
+ password: "[REDACTED]"
+
+ # IMAP server host
+ host: "imap.gmail.com"
+ # IMAP server port
+ port: 993
+ # Whether the IMAP server uses SSL
+ ssl: true
+ # Whether the IMAP server uses StartTLS
+ start_tls: false
+
+ # The mailbox where incoming mail will end up. Usually "inbox".
+ mailbox: "inbox"
+ # The IDLE command timeout.
+ idle_timeout: 60
+
+ ## Build Artifacts
+ artifacts:
+ enabled: true
+ # The location where build artifacts are stored (default: shared/artifacts).
+ # path: shared/artifacts
+
+ ## Git LFS
+ lfs:
+ enabled: true
+ # The location where LFS objects are stored (default: shared/lfs-objects).
+ # storage_path: shared/lfs-objects
+
+ ## GitLab Pages
+ pages:
+ enabled: false
+ # The location where pages are stored (default: shared/pages).
+ # path: shared/pages
+
+ # The domain under which the pages are served:
+ # http://group.example.com/project
+ # or project path can be a group page: group.example.com
+ host: example.com
+ port: 80 # Set to 443 if you serve the pages with HTTPS
+ https: false # Set to true if you serve the pages with HTTPS
+ # external_http: ["1.1.1.1:80", "[2001::1]:80"] # If defined, enables custom domain support in GitLab Pages
+ # external_https: ["1.1.1.1:443", "[2001::1]:443"] # If defined, enables custom domain and certificate support in GitLab Pages
+
+ ## Mattermost
+ ## For enabling Add to Mattermost button
+ mattermost:
+ enabled: false
+ host: 'https://mattermost.example.com'
## Gravatar
## For Libravatar see: http://doc.gitlab.com/ce/customization/libravatar.html
gravatar:
- enabled: true # Use user avatar image from Gravatar.com (default: true)
- # gravatar urls: possible placeholders: %{hash} %{size} %{email}
+ # gravatar urls: possible placeholders: %{hash} %{size} %{email} %{username}
# plain_url: "http://..." # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
# ssl_url: "https://..." # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
+ ## Auxiliary jobs
+ # Periodically executed jobs, to self-heal Gitlab, do external synchronizations, etc.
+ # Please read here for more information: https://github.com/ondrejbartas/sidekiq-cron#adding-cron-job
+ cron_jobs:
+ # Flag stuck CI jobs as failed
+ stuck_ci_jobs_worker:
+ cron: "0 * * * *"
+ # Execute scheduled triggers
+ pipeline_schedule_worker:
+ cron: "19 * * * *"
+ # Remove expired build artifacts
+ expire_build_artifacts_worker:
+ cron: "50 * * * *"
+ # Periodically run 'git fsck' on all repositories. If started more than
+ # once per hour you will have concurrent 'git fsck' jobs.
+ repository_check_worker:
+ cron: "20 * * * *"
+ # Send admin emails once a week
+ admin_email_worker:
+ cron: "0 0 * * 0"
+
+ # Remove outdated repository archives
+ repository_archive_cache_worker:
+ cron: "0 * * * *"
+
+ registry:
+ # enabled: true
+ # host: registry.example.com
+ # port: 5005
+ # api_url: http://localhost:5000/ # internal address to the registry, will be used by GitLab to directly communicate with API
+ # key: config/registry.key
+ # path: shared/registry
+ # issuer: gitlab-issuer
+
#
# 2. GitLab CI settings
# ==========================
@@ -135,7 +232,8 @@ production: &base
# ==========================
## LDAP settings
- # You can inspect a sample of the LDAP users with login access by running:
+ # You can test connections and inspect a sample of the LDAP users with login
+ # access by running:
# bundle exec rake gitlab:ldap:check RAILS_ENV=production
ldap:
enabled: false
@@ -158,13 +256,50 @@ production: &base
# Example: 'Paris' or 'Acme, Ltd.'
label: 'LDAP'
+ # Example: 'ldap.mydomain.com'
host: '_your_ldap_server'
- port: 389
- uid: 'sAMAccountName'
- method: 'plain' # "tls" or "ssl" or "plain"
+ # This port is an example, it is sometimes different but it is always an integer and not a string
+ port: 389 # usually 636 for SSL
+ uid: 'sAMAccountName' # This should be the attribute, not the value that maps to uid.
+
+ # Examples: 'america\\momo' or 'CN=Gitlab Git,CN=Users,DC=mydomain,DC=com'
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
password: '_the_password_of_the_bind_user'
-
+
+ # Encryption method. The "method" key is deprecated in favor of
+ # "encryption".
+ #
+ # Examples: "start_tls" or "simple_tls" or "plain"
+ #
+ # Deprecated values: "tls" was replaced with "start_tls" and "ssl" was
+ # replaced with "simple_tls".
+ #
+ encryption: 'plain'
+
+ # Enables SSL certificate verification if encryption method is
+ # "start_tls" or "simple_tls". (Defaults to false for backward-
+ # compatibility)
+ verify_certificates: false
+
+ # Specifies the path to a file containing a PEM-format CA certificate,
+ # e.g. if you need to use an internal CA.
+ #
+ # Example: '/etc/ca.pem'
+ #
+ ca_file: ''
+
+ # Specifies the SSL version for OpenSSL to use, if the OpenSSL default
+ # is not appropriate.
+ #
+ # Example: 'TLSv1_1'
+ #
+ ssl_version: ''
+
+ # Set a timeout, in seconds, for LDAP queries. This helps avoid blocking
+ # a request if the LDAP server becomes unresponsive.
+ # A value of 0 means there is no timeout.
+ timeout: 10
+
# This setting specifies if LDAP server is Active Directory LDAP server.
# For non AD servers it skips the AD specific queries.
# If your LDAP server is not AD, set this to false.
@@ -188,17 +323,20 @@ production: &base
# Base where we can search for users
#
- # Ex. ou=People,dc=gitlab,dc=example
+ # Ex. 'ou=People,dc=gitlab,dc=example' or 'DC=mydomain,DC=com'
#
base: ''
# Filter LDAP users
#
- # Format: RFC 4515 http://tools.ietf.org/search/rfc4515
+ # Format: RFC 4515 https://tools.ietf.org/search/rfc4515
# Ex. (employeeType=developer)
#
# Note: GitLab does not support omniauth-ldap's custom filter syntax.
#
+ # Example for getting only specific users:
+ # '(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'
+ #
user_filter: ''
# LDAP attributes that GitLab will use to create an account for the LDAP user.
@@ -209,13 +347,13 @@ production: &base
# The username will be used in paths for the user's own projects
# (like `gitlab.example.com/username/project`) and when mentioning
# them in issues, merge request and comments (like `@username`).
- # If the attribute specified for `username` contains an email address,
+ # If the attribute specified for `username` contains an email address,
# the GitLab username will be the part of the email address before the '@'.
username: ['uid', 'userid', 'sAMAccountName']
email: ['mail', 'email', 'userPrincipalName']
# If no full name could be found at the attribute specified for `name`,
- # the full name is determined using the attributes specified for
+ # the full name is determined using the attributes specified for
# `first_name` and `last_name`.
name: 'cn'
first_name: 'givenName'
@@ -239,16 +377,34 @@ production: &base
# showing GitLab's sign-in page (default: show the GitLab sign-in page)
# auto_sign_in_with_provider: saml
+ # Sync user's email address from the specified Omniauth provider every time the user logs
+ # in (default: nil). And consequently make this field read-only.
+ # sync_email_from_provider: cas3
+
# CAUTION!
- # This allows users to login without having a user account first (default: false).
+ # This allows users to login without having a user account first. Define the allowed providers
+ # using an array, e.g. ["saml", "twitter"], or as true/false to allow all providers or none.
# User accounts will be created automatically when authentication was successful.
- allow_single_sign_on: false
+ allow_single_sign_on: ["saml"]
+
# Locks down those users until they have been cleared by the admin (default: true).
block_auto_created_users: true
# Look up new users in LDAP servers. If a match is found (same uid), automatically
# link the omniauth identity with the LDAP account. (default: false)
auto_link_ldap_user: false
+ # Allow users with existing accounts to login and auto link their account via SAML
+ # login, without having to do a manual login first and manually add SAML
+ # (default: false)
+ auto_link_saml_user: false
+
+ # Set different Omniauth providers as external so that all users creating accounts
+ # via these providers will not be able to have access to internal projects. You
+ # will need to use the full name of the provider, like `google_oauth2` for Google.
+ # Refer to the examples below for the full names of the supported providers.
+ # (default: [])
+ external_providers: []
+
## Auth providers
# Uncomment the following lines and fill in the data of the auth provider you want to use
# If your favorite auth provider is not listed you can use others:
@@ -257,29 +413,53 @@ production: &base
# arguments, followed by optional 'args' which can be either a hash or an array.
# Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html
providers:
- # - { name: 'google_oauth2',
- # label: 'Google',
- # app_id: 'YOUR_APP_ID',
- # app_secret: 'YOUR_APP_SECRET',
- # args: { access_type: 'offline', approval_prompt: '' } }
- # - { name: 'twitter',
- # app_id: 'YOUR_APP_ID',
- # app_secret: 'YOUR_APP_SECRET' }
- # - { name: 'github',
- # label: 'GitHub',
- # app_id: 'YOUR_APP_ID',
+ # See omniauth-cas3 for more configuration details
+ # - { name: 'cas3',
+ # label: 'cas3',
+ # args: {
+ # url: 'https://sso.example.com',
+ # disable_ssl_verification: false,
+ # login_url: '/cas/login',
+ # service_validate_url: '/cas/p3/serviceValidate',
+ # logout_url: '/cas/logout'} }
+ # - { name: 'authentiq',
+ # # for client credentials (client ID and secret), go to https://www.authentiq.com/developers
+ # app_id: 'YOUR_CLIENT_ID',
+ # app_secret: 'YOUR_CLIENT_SECRET',
+ # args: {
+ # scope: 'aq:name email~rs address aq:push'
+ # # callback_url parameter is optional except when 'gitlab.host' in this file is set to 'localhost'
+ # # callback_url: 'YOUR_CALLBACK_URL'
+ # }
+ # }
+ # - { name: 'github',
+ # app_id: 'YOUR_APP_ID',
# app_secret: 'YOUR_APP_SECRET',
+ # url: "https://github.com/",
+ # verify_ssl: true,
# args: { scope: 'user:email' } }
- # - { name: 'gitlab',
- # label: 'GitLab.com',
- # app_id: 'YOUR_APP_ID',
+ # - { name: 'bitbucket',
+ # app_id: 'YOUR_APP_ID',
+ # app_secret: 'YOUR_APP_SECRET' }
+ # - { name: 'gitlab',
+ # app_id: 'YOUR_APP_ID',
# app_secret: 'YOUR_APP_SECRET',
# args: { scope: 'api' } }
- # - { name: 'bitbucket',
- # app_id: 'YOUR_APP_ID',
+ # - { name: 'google_oauth2',
+ # app_id: 'YOUR_APP_ID',
+ # app_secret: 'YOUR_APP_SECRET',
+ # args: { access_type: 'offline', approval_prompt: '' } }
+ # - { name: 'facebook',
+ # app_id: 'YOUR_APP_ID',
# app_secret: 'YOUR_APP_SECRET' }
- # - { name: 'saml',
+ # - { name: 'twitter',
+ # app_id: 'YOUR_APP_ID',
+ # app_secret: 'YOUR_APP_SECRET' }
+ #
+ # - { name: 'saml',
# label: 'Our SAML Provider',
+ # groups_attribute: 'Groups',
+ # external_groups: ['Contractors', 'Freelancers'],
# args: {
# assertion_consumer_service_url: 'https://gitlab.example.com/users/auth/saml/callback',
# idp_cert_fingerprint: '43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8',
@@ -287,24 +467,54 @@ production: &base
# issuer: 'https://gitlab.example.com',
# name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
# } }
+ #
# - { name: 'crowd',
# args: {
# crowd_server_url: 'CROWD SERVER URL',
# application_name: 'YOUR_APP_NAME',
# application_password: 'YOUR_APP_PASSWORD' } }
+ #
+ # - { name: 'auth0',
+ # args: {
+ # client_id: 'YOUR_AUTH0_CLIENT_ID',
+ # client_secret: 'YOUR_AUTH0_CLIENT_SECRET',
+ # namespace: 'YOUR_AUTH0_DOMAIN' } }
+ # SSO maximum session duration in seconds. Defaults to CAS default of 8 hours.
+ # cas3:
+ # session_duration: 28800
+ # Shared file storage settings
+ shared:
+ # path: /mnt/gitlab # Default: shared
+ # Gitaly settings
+ gitaly:
+ # Default Gitaly authentication token. Can be overriden per storage. Can
+ # be left blank when Gitaly is running locally on a Unix socket, which
+ # is the normal way to deploy Gitaly.
+ token:
#
# 4. Advanced settings
# ==========================
- # GitLab Satellites
- satellites:
- # Relative paths are relative to Rails.root (default: tmp/repo_satellites/)
- path: /home/git/gitlab-satellites/
- timeout: 30
+ ## Repositories settings
+ repositories:
+ # Paths where repositories can be stored. Give the canonicalized absolute pathname.
+ # IMPORTANT: None of the path components may be symlink, because
+ # gitlab-shell invokes Dir.pwd inside the repository path and that results
+ # real path not the symlink.
+ storages: # You must have at least a `default` storage path.
+ default:
+ path: /var/lib/gitlab/repositories/
+ gitaly_address: unix:/var/lib/gitlab/tmp/sockets/private/gitaly.socket # TCP connections are supported too (e.g. tcp://host:port)
+ # gitaly_token: 'special token' # Optional: override global gitaly.token for this storage.
+ failure_count_threshold: 10 # number of failures before stopping attempts
+ failure_wait_time: 30 # Seconds after an access failure before allowing access again
+ failure_reset_time: 1800 # Time in seconds to expire failures
+ storage_timeout: 5 # Time in seconds to wait before aborting a storage access attempt
+
## Backup settings
backup:
@@ -324,26 +534,35 @@ production: &base
# # Use multipart uploads when file size reaches 100MB, see
# # http://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html
# multipart_chunk_size: 104857600
+ # # Turns on AWS Server-Side Encryption with Amazon S3-Managed Keys for backups, this is optional
+ # # encryption: 'AES256'
+ # # Specifies Amazon S3 storage class to use for backups, this is optional
+ # # storage_class: 'STANDARD'
## GitLab Shell settings
gitlab_shell:
path: /usr/share/gitlab-shell/
-
- # REPOS_PATH MUST NOT BE A SYMLINK!!!
- repos_path: /var/lib/gitlab/repositories/
hooks_path: /usr/share/gitlab-shell/hooks/
# File that contains the secret key for verifying access for gitlab-shell.
# Default is '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app).
- secret_file: /var/lib/gitlab/.gitlab_shell_secret
+ # secret_file: /var/lib/gitlab/.gitlab_shell_secret
# Git over HTTP
upload_pack: true
receive_pack: true
+ # Git import/fetch timeout
+ # git_timeout: 800
+
# If you use non-standard ssh port you need to specify it
# ssh_port: 22
+ workhorse:
+ # File that contains the secret key for verifying access for gitlab-workhorse.
+ # Default is '.gitlab_workhorse_secret' relative to Rails.root (i.e. root of the GitLab app).
+ # secret_file: /var/lib/gitlab/.gitlab_workhorse_secret
+
## Git settings
# CAUTION!
# Use the default values unless you really know what you are doing
@@ -356,6 +575,31 @@ production: &base
# Git timeout to read a commit, in seconds
timeout: 10
+ ## Webpack settings
+ # If enabled, this will tell rails to serve frontend assets from the webpack-dev-server running
+ # on a given port instead of serving directly from /assets/webpack. This is only indended for use
+ # in development.
+ webpack:
+ # dev_server:
+ # enabled: true
+ # host: localhost
+ # port: 3808
+
+ ## Monitoring
+ # Built in monitoring settings
+ monitoring:
+ # Time between sampling of unicorn socket metrics, in seconds
+ # unicorn_sampler_interval: 10
+ # IP whitelist to access monitoring endpoints
+ ip_whitelist:
+ - 127.0.0.0/8
+
+ # Sidekiq exporter is webserver built in to Sidekiq to expose Prometheus metrics
+ sidekiq_exporter:
+ # enabled: true
+ # address: localhost
+ # port: 3807
+
#
# 5. Extra customization
# ==========================
@@ -392,6 +636,8 @@ test:
<<: *base
gravatar:
enabled: true
+ lfs:
+ enabled: false
gitlab:
host: localhost
port: 80
@@ -399,25 +645,85 @@ test:
# When you run tests we clone and setup gitlab-shell
# In order to setup it correctly you need to specify
# your system username you use to run GitLab
- user: gitlab
- email_from: example at example.com
- email_display_name: GitLab
- email_reply_to: noreply at example.com
- satellites:
- path: tmp/tests/gitlab-satellites/
+ # user: YOUR_USERNAME
+ pages:
+ path: tmp/tests/pages
+ repositories:
+ storages:
+ default:
+ path: tmp/tests/repositories/
+ gitaly_address: unix:tmp/tests/gitaly/gitaly.socket
+ failure_count_threshold: 999999
+ failure_wait_time: 0
+ storage_timeout: 30
+ broken:
+ path: tmp/tests/non-existent-repositories
+ gitaly_address: unix:tmp/tests/gitaly/gitaly.socket
+
+ gitaly:
+ enabled: true
+ token: secret
backup:
path: tmp/tests/backups
gitlab_shell:
- path: /usr/share/gitlab-shell/
- repos_path: tmp/tests/repositories/
- hooks_path: /usr/share/gitlab-shell/hooks/
- secret_file: tmp/tests/gitlab-shell/.gitlab_shell_secret
+ path: tmp/tests/gitlab-shell/
+ hooks_path: tmp/tests/gitlab-shell/hooks/
issues_tracker:
redmine:
title: "Redmine"
project_url: "http://redmine/projects/:issues_tracker_id"
issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
+ jira:
+ title: "JIRA"
+ url: https://sample_company.atlassian.net
+ project_key: PROJECT
+
+ omniauth:
+ enabled: true
+ allow_single_sign_on: true
+ external_providers: []
+
+ providers:
+ - { name: 'cas3',
+ label: 'cas3',
+ args: { url: 'https://sso.example.com',
+ disable_ssl_verification: false,
+ login_url: '/cas/login',
+ service_validate_url: '/cas/p3/serviceValidate',
+ logout_url: '/cas/logout'} }
+ - { name: 'github',
+ app_id: 'YOUR_APP_ID',
+ app_secret: 'YOUR_APP_SECRET',
+ url: "https://github.com/",
+ verify_ssl: false,
+ args: { scope: 'user:email' } }
+ - { name: 'bitbucket',
+ app_id: 'YOUR_APP_ID',
+ app_secret: 'YOUR_APP_SECRET' }
+ - { name: 'gitlab',
+ app_id: 'YOUR_APP_ID',
+ app_secret: 'YOUR_APP_SECRET',
+ args: { scope: 'api' } }
+ - { name: 'google_oauth2',
+ app_id: 'YOUR_APP_ID',
+ app_secret: 'YOUR_APP_SECRET',
+ args: { access_type: 'offline', approval_prompt: '' } }
+ - { name: 'facebook',
+ app_id: 'YOUR_APP_ID',
+ app_secret: 'YOUR_APP_SECRET' }
+ - { name: 'twitter',
+ app_id: 'YOUR_APP_ID',
+ app_secret: 'YOUR_APP_SECRET' }
+ - { name: 'auth0',
+ args: {
+ client_id: 'YOUR_AUTH0_CLIENT_ID',
+ client_secret: 'YOUR_AUTH0_CLIENT_SECRET',
+ namespace: 'YOUR_AUTH0_DOMAIN' } }
+ - { name: 'authentiq',
+ app_id: 'YOUR_CLIENT_ID',
+ app_secret: 'YOUR_CLIENT_SECRET',
+ args: { scope: 'aq:name email~rs address aq:push' } }
ldap:
enabled: false
servers:
@@ -426,12 +732,11 @@ test:
host: 127.0.0.1
port: 3890
uid: 'uid'
- method: 'plain' # "tls" or "ssl" or "plain"
+ encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
base: 'dc=example,dc=com'
user_filter: ''
group_base: 'ou=groups,dc=example,dc=com'
admin_group: ''
- sync_ssh_keys: false
staging:
<<: *base
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/gitlab.git
More information about the Pkg-ruby-extras-commits
mailing list