Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


gitlab (20) Versions 7.7.0

Installs/Configures gitlab

cookbook 'gitlab', '= 7.7.0', :supermarket
cookbook 'gitlab', '= 7.7.0'
knife supermarket install gitlab
knife supermarket download gitlab
Quality 100%

Gitlab Cookbook

Build Status

This cookbook will deploy gitlab; a free project and repository management

Gitlab code hosted on github here.

Important changes

Going forward, the cookbook major version (i.e. 6.1.x) will target the
matching stable branch (i.e. 6-1-stable) of the Gitlab application.
The 6.1.x release is not backwards compatible with previous versions targeting
Gitlab master.

For the 7.7.x release of the cookbook, the default Ruby will
be 2.1.2 compiled with ruby_build.
Using a compiled Ruby follows the Gitlab installation guidelines upstream.
If you have a better approach which reduced complexity or reduces converge time,
please open a pull request on Github.

The application home is located in /srv/git/gitlab
in accordance with the Filesystem Hierarchy Standard (FHS) version 2.3.



  • Hard disk space

    • About 600 Mb, plus enough space for repositories in application home
  • You need to add mysql::server or postgresql::server to your run_list
    if you intend to run the whole application stack on a single instance.
    The gitlab::mysql and gitlab::postgresql recipes set up the RDBMS
    connection only, to allow for multi-instance architecture. See
    Database Attributes documentation below for RDBMS connection

Cookbook dependencies



  • gitlab['user'] & gitlab['group']

    • Gitlab service user and group for Unicorn Rails app, default git
  • gitlab['home']

    • Gitlab top-level home for service account, default /srv/git
  • gitlab['app_home']

    • Gitlab application home, default /srv/git/gitlab
  • gitlab['email_from']

    • Gitlab email from, default gitlab@ + node.fqdn
  • gitlab['support_email']

    • Gitlab support email, default gitlab-support@ + node.fqdn
  • gitlab['git_url']

    • Github gitlab address, default git://
  • gitlab['git_branch']

    • Defaults to stable GitlabHQ branch matching the major version of this cookbook. e.g. 6.1.x => 6-1-stable
  • gitlab['packages']

    • Platform specific OS packages
  • gitlab['trust_local_sshkeys']

    • ssh_config key for gitlab to trust localhost keys automatically, default yes
  • gitlab['install_ruby']

    • Attribute to determine whether vendor packages are installed, or Rubies are built, defaults 2.1.2 for Debian and RHEL family platforms.
    • If you choose to use a vendor provided package, you will need to use a role to override the gitlab['packages'] array.
  • gitlab['https']

    • Whether https should be used. Default false
  • gitlab['self_signed_cert']

    • Allows self-signed certificates over https protocol. Default false
  • gitlab['certificate_databag_id']

    • Encrypted databag name containing certificate file, CA bundle, and key. Default nil
    • See certificate cookbook for further information.
  • gitlab['backup_path']

    • Path in file system where backups are stored. Default gitlab['app_home'] + backups/
  • gitlab['backup_keep_time']

    • Units are seconds. Older backups will automatically be deleted when new backup is created. Set to 0 to keep backups forever.
    • Defaults to 604800
  • gitlab['listen_ip']

    • IP address that nginx will listen on, default * (listen on all IPs)
  • gitlab['listen_port']

    • Port that nginx will listen on, default to 80 if gitlab['https'] is set to false, 443 if set to true
  • gitlab['web_fqdn']

    • An overridable service name, used in gitlab and unicorn configuration files. Useful if hostname -f is not the same as the customer facing hostname. Default is unset. Effective default is node['fqdn']
  • gitlab['nginx_server_names']

    • An array with nginx server_name matches. Helpful to override default test site pages shipping with some nginx packages. Default [ 'gitlab.*', node['fqdn'] ]. See nginx server_name documentation for valid matching patterns.
  • gitlab['gravatar']['enabled']

    • Use Gravatar to fetch user avatars
    • Options: "true", "false"
    • Default "true"

User privileges

Note, This attributes are useful when you want only admins to create projects and groups. And to restrict username changing.

  • gitlab['default_projects_limit']

    • When you create a user this value is their projects_limit profile setting.
    • If you put it at 0, regular users can't create repos.
    • Default, 10.
  • gitlab['default_can_create_group']

    • When you create a user this value is their can_create_group profile setting.
    • Default, true.
  • gitlab['username_changing_enabled']

    • Disable/enable users changing their username.
    • Default, true.

Database Attributes

Note, most of the database attributes have sane defaults. You will only need to change these configuration options if
you're using a non-standard installation. Please see attributes/default.rb for more information on how a dynamic attribute
is calculated.

  • gitlab['database']['type']

    • The database (datastore) to use.
    • Options: "mysql", "postgres"
    • Default "mysql"
  • gitlab['database']['adapter']

    • The Rails adapter to use with the database type
    • Options: "mysql", "postgresql"
    • Default (varies based on type)
  • gitlab['database']['encoding']

    • The database encoding
    • Default (varies based on type)
  • gitlab['database']['host']

    • The host (fqdn) where the database exists
    • Default
  • gitlab['database']['userhost']

    • The host (fqdn) from which the database user may connect.
    • Default
  • gitlab['database']['pool']

    • The maximum number of connections to allow
    • Default 5
  • gitlab['database']['database']

    • The name of the database
    • Default gitlab
  • gitlab['database']['username']

    • The username for the database
    • Default gitlab

LDAP Authentication Attributes

  • gitlab'['ldap']['enabled']

    • Use LDAP for authentication
    • Default: false
  • gitlab['ldap']['host']

    • Hostname of your LDAP server
    • Default: "_your_ldap_server"
  • gitlab['ldap']['base']

    • Base DN for users (e.g. dc=users,dc=example,dc=com)
    • Default: "_the_base_where_you_search_for_users"
  • gitlab['ldap']['port']

    • LDAP server port
    • Default: 636
  • gitlab['ldap']['uid']

    • User ID used when searching for users (e.g. uid, cn, or sAMAccountName)
    • Default: "sAMAccountName"
  • gitlab['ldap']['method']

    • Connection method used with LDAP server
    • Options: "ssl", "plain"
    • Default: "ssl"
  • gitlab['ldap']['bind_dn']

    • Some servers require a username in order to bind.
    • Leave default if your server supports anonymous bind.
    • Default: "_the_full_dn_of_the_user_you_will_bind_with"
  • gitlab['ldap']['password']

    • Some servers require a password in order to bind
    • Leave default if your server supports anonymous bind.
    • Default: "_the_password_of_the_bind_user"
  • gitlab['ldap']['allow_username_or_email_login']

    • If you want to allow users to login using both username and email address even though username (uid) will actually be used
    • Default: true
  • gitlab['ldap']['user_filter']

    • You can provide a query string here to filter which users will be selected
    • Default: ""


Optionally override application paths using gitlab['git_home'] and gitlab['home'].

Add recipe gitlab::default to run_list. Go grab a lunch, or two, if Ruby has to build.

The default admin credentials for the gitlab application are as follows:

Password: 5iveL!fe

Of course you should change these first thing, once deployed.

Role example for Gitlab with https, and MySQL

name "gitlab_https"
description "Configures and installs gitlab w/ https, and mysql server"
override_attributes "gitlab" => {
  "https" => true,
  "certificate_databag_id" => "wildcard"
run_list "recipe[mysql::server]", "recipe[gitlab]

License and Author

Author: Gerald L. Hevener Jr., M.S.
Copyright: 2012

Author: Eric G. Wolfe
Copyright: 2012

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
See the License for the specific language governing permissions and
limitations under the License.

Gitlab Cookbook Changelog


  • Credit to @jeremyolliver for doing most of the work for an 7.x release.
    • gitlab branch targets 7-7-stable.
    • gitlab shell branch targets 2.4.1.
    • Ruby version is 2.1.2.
  • mysql cookbook 6.0 related changes.
    • This is a potentially breaking change. The gitlab::mysql recipe now sets up a mysql server since the mysql::server recipe no longer exists in the 6.0 version of the mysql cookbook.
    • A future release of this cookbook may separate the duties of the mysql server, and the mysql database initialization for gitlab.
    • NOTE the database initialization for postgres remains unchanged, and backwards compatible with prior releases.


  • Fix Rubocop warnings
  • Issue #76
    • Bump version to 6.9
    • depsolv problem with modernizr
  • Issue #74
    • Use database::mysql and database::postgresql for database cookbook library functionality as mysql::ruby postgres::ruby deprecrated.

v6.4.5 - v6.4.6

  • Add regression tests for #66 hackery
  • Issue #66, #71 regression, update-alternatives hack does not work when install_ruby_path is changed.


  • Issue #62, certificate resource does not exist if nil, and used as name attribute.


  • Issue #66, gitlab service needs a priority > 20, on debian platform.
  • Issue #66, update-alternatives hack so gitlab-shell can find Ruby.
  • Issue #69, Correct gitlab_url in gitlab-shell config.yml, add regression tests.
  • Issue #67, soften cookbook dependencies on unknown platforms.
  • Issue #62, Add new user attributes to gitlab.yml, and update documentation.


  • Add a profile script shim, so init script can correct Ruby.


  • Issue #60 - thanks to @nickryand

    • Modified the bundle install command to drop a file on successful completion
    • Added the absolute path to the bundler binary installed into the system ruby path.
    • Added a more accurate pattern matcher to gitlab service resource so Chef can find unicorn_rails processes instead of finding processes that have the 'gitlab' string in them.
    • Changed the background call to script/web and script/background_jobs in the startup script. These are now foreground calls forcing the start script to block until they return (after the processes are up). This prevents the Chef run from completing before the unicorn_rails processes are up.
  • Other fixes/tweaks

    • Remove yum dependency hell.
    • Change init/database.yml order due to service subscription.
    • Add a :80 redirect to :443, avoids default site showing on :80 when gitlab['https'] set.
  • Update test files

    • Pin omnibus version at 11.8.2, redisio remote file resource failure.
    • Remove explicit nil on databag_certificate_id, fails on default suite
    • Remove support Gemfile, and update travis.yml
    • Add bats tests for default/https suites


  • Bump gitlab-shell to v1.8.0
  • Bump gitlab to 6.4.0
  • Remove stale nginx config file
  • Default recipe changes
    • Update gitlab-shell config to point at /usr/local/bin/redis-cli
    • Fix permissions on .ssh/authorized_keys
    • Add rack_attack file
    • Add precompile assets execute
    • Add logrotate dependency and configuration


  • Add node['database']['userhost'] attribute, fixes #57
  • Fix gitlab['listen_port']/gitlab['https'] condition, fixes #58
  • Add node['gitlab']['self_signed_cert'] and documentation, fixes #58
  • Revert yum-epel changes, COOK-4164 blocking, will re-open
    • Fix dependency hell w/ nginx cookbook
  • Add rubocop linting
  • Add chefspec mysql/postgres http/https branching specs
  • Remove unneeded python dependency


Bugs squashed:

  • Re-order database components to fix Ubuntu Test-Kitchen run. #44
  • Update port forwarding configuration in kitchen.yml. #46
  • Update Satellite paths to fix Gitlab forking. #50
  • ruby-build installs to node['gitlab']['home'], avoiding PATH hacks for Rake. Use node['gitlab']['install_ruby_path'] to override. #16
  • ruby-build failing on 1.9.3-p448, bump version to 1.9.3-p484.
  • Pinned yum dependency on < 3.0.0

Features added:

  • Add knob for disabling Gravatar. #51
  • Add LDAP Authentication support. #49


  • sudo cookbook dependency removed. #52


Clean up some of the code to target 6-1-stable branch

  • Move gitlab.home to /srv/git - FHS 2.3
  • Use ruby_build to compile 1.9.3 by default per gitlabhq documentation.
  • Clean up both cookbook and package dependencies.
  • Remove ruby-shadow, included in Omnibus, not needed anyway as no password is set.
  • Use gitconfig template, instead of execute.
  • Add test-kitchen skeleton, and certificate data_bag integration.
    • Add gitlab.certificate_databag_id to deploy certificate from encrypted databag.
  • Minor sudo fix in gitlab init script.
  • Use nginx_site definition to disable default nginx site.
  • Add nginx_server_names array for hostname match precedence over potential default sites matching _.


  • Database back-end changes via @sethvargo

    • Adds a mysql and postgresql database creation
    • Breaking change: developed against githlabhq/master (sqlite no longer supported)
  • Gitolite deploy changes via @dscheu

    • Deploy gitlabhq/gitolite, not sitaramc/gitolite
  • Add configurable backup paths to Gitlab configuration via @dscheu


Fix issues with stable snapshot v3.x

  • Avoid installing pg, gem which adds extra dependencies
  • Add change to default gitolite.rc per upgrade instructions


Issues #9 and #10

Issue 9: this version MAY fix issues with key generation when
cookbook is invocated via chef-solo. There may exist other
chef-solo blockers within the cookbook. Specifically, File.exists?
guards were added to SSH public key generation code blocks.

Issue 10: this version fixes one minor dependency bug with EPEL
dependencies via metadata and inclusion.


  • Default gitlab branch to stable


  • ISSUE 7: public key template fails to render
  • ISSUE 8: unicorn_rails script fails on ruby package platforms


  • Missing bracket
  • Change single-quote variable to symbol notation
  • install python and symlink redis-cli so hooks work
  • HTTPS options for nginx
  • Ubuntu/Debian platform compatibility fixes
  • FC035: Template uses node attribute directly


Thanks to Fletcher Nichol for the feedback and fixes :)

  • Add gitlab_branch attribute.
  • Fix directory block syntax (do).


  • Epic public release <crowd cheers>
  • Moar testing
  • Clean up init script
  • Fix unicorn config
  • Fix gitlab home permissions for nginx


#Epic refactor

  • Write long README
  • variable renaming to simplify readability
  • refactor dependencies and package lists
  • generate ssh keys in Ruby, import to gitolite
  • Integrate gitolite recipe into cookbook
  • Fix broken ssh problems
  • fixup git home permissions
  • use system ruby instead of chef-full bundler
  • Re-work dependencies; Prefer ruby_build rubies over Redhat shipped

v0.0.1 - v0.0.40


Added cookbook dependencies for gitlab/gitolite
Prototype attributes for gitlab cookbook
Fixed gitolite support for gitlab in default.rb
Fixed permissions & gl-setup in gitlab default.rb
Edit default.rb in gitlab & gitolite cookbooks
Edit gitolite cmd to add .pub key
Fix code blocks in wrong order gitolite/gitlab ckbks
Refactor gitolite/gitlab ckbks again. Works now.
Add cookbooks redisio & sqlite. Install pkgs for gitlab
Install Gems. Rename config files 4 gitlab cookbook
Config Sqlite DB for gitlab
Add ability to start gitlab & resque

Foodcritic Metric

7.7.0 passed this metric