cookbook 'gitlab', '= 7.7.0'
gitlab
(20) Versions
7.7.0
-
Follow54
Installs/Configures gitlab
cookbook 'gitlab', '= 7.7.0', :supermarket
knife supermarket install gitlab
knife supermarket download gitlab
Gitlab Cookbook
This cookbook will deploy gitlab; a free project and repository management
application.
Gitlab code hosted on github here.
Important changes
Going forward, the cookbook major version (i.e. 6.1.x) will target the
matching stable branch (i.e. 6-1-stable) of the Gitlab application.
The 6.1.x release is not backwards compatible with previous versions targeting
Gitlab master.
For the 7.7.x release of the cookbook, the default Ruby will
be 2.1.2 compiled with ruby_build.
Using a compiled Ruby follows the Gitlab installation guidelines upstream.
If you have a better approach which reduced complexity or reduces converge time,
please open a pull request on Github.
The application home is located in /srv/git/gitlab
in accordance with the Filesystem Hierarchy Standard (FHS) version 2.3.
Requirements
============
-
Hard disk space
- About 600 Mb, plus enough space for repositories in application home
You need to add
mysql::server
orpostgresql::server
to your run_list
if you intend to run the whole application stack on a single instance.
Thegitlab::mysql
andgitlab::postgresql
recipes set up the RDBMS
connection only, to allow for multi-instance architecture. See
Database Attributes
documentation below for RDBMS connection
parameters.
Cookbook dependencies
============
-
- Thanks to Fletcher Nichol for his awesome ruby_build cookbook. This ruby_build LWRP is used to build Ruby 1.9.3 for gitlab.
-
- Thanks to Brian Bianco for this Redis cookbook.
-
Opscode, Inc cookbooks
Attributes
-
gitlab['user']
&gitlab['group']
- Gitlab service user and group for Unicorn Rails app, default
git
- Gitlab service user and group for Unicorn Rails app, default
-
gitlab['home']
- Gitlab top-level home for service account, default
/srv/git
- Gitlab top-level home for service account, default
-
gitlab['app_home']
- Gitlab application home, default
/srv/git/gitlab
- Gitlab application home, default
-
gitlab['email_from']
- Gitlab email from, default
gitlab@ + node.fqdn
- Gitlab email from, default
-
gitlab['support_email']
- Gitlab support email, default
gitlab-support@ + node.fqdn
- Gitlab support email, default
-
gitlab['git_url']
- Github gitlab address, default git://github.com/gitlabhq/gitlabhq.git
-
gitlab['git_branch']
- Defaults to stable GitlabHQ branch matching the major version of this cookbook. e.g. 6.1.x => 6-1-stable
-
gitlab['packages']
- Platform specific OS packages
-
gitlab['trust_local_sshkeys']
-
ssh_config
key for gitlab to trust localhost keys automatically, default yes
-
-
gitlab['install_ruby']
- Attribute to determine whether vendor packages are installed, or Rubies are built, defaults 2.1.2 for Debian and RHEL family platforms.
- If you choose to use a vendor provided package, you will need to use
a role to override the
gitlab['packages']
array.
-
gitlab['https']
- Whether https should be used. Default false
-
gitlab['self_signed_cert']
- Allows self-signed certificates over https protocol. Default false
-
gitlab['certificate_databag_id']
- Encrypted databag name containing certificate file, CA bundle, and key. Default nil
- See certificate cookbook for further information.
-
gitlab['backup_path']
- Path in file system where backups are stored. Default
gitlab['app_home'] + backups/
- Path in file system where backups are stored. Default
-
gitlab['backup_keep_time']
- Units are seconds. Older backups will automatically be deleted when new backup is created. Set to 0 to keep backups forever.
- Defaults to 604800
-
gitlab['listen_ip']
- IP address that nginx will listen on, default
*
(listen on all IPs)
- IP address that nginx will listen on, default
-
gitlab['listen_port']
- Port that nginx will listen on, default to 80 if gitlab['https'] is set to false, 443 if set to true
-
gitlab['web_fqdn']
- An overridable service name, used in gitlab and unicorn configuration files.
Useful if
hostname -f
is not the same as the customer facing hostname. Default is unset. Effective default is node['fqdn']
- An overridable service name, used in gitlab and unicorn configuration files.
Useful if
-
gitlab['nginx_server_names']
- An array with nginx
server_name
matches. Helpful to override default test site pages shipping with some nginx packages. Default[ 'gitlab.*', node['fqdn'] ]
. See nginx server_name documentation for valid matching patterns.
- An array with nginx
-
gitlab['gravatar']['enabled']
- Use Gravatar to fetch user avatars
- Options: "true", "false"
- Default "true"
User privileges
Note, This attributes are useful when you want only admins to create projects and groups. And to restrict username changing.
-
gitlab['default_projects_limit']
- When you create a user this value is their
projects_limit
profile setting. - If you put it at 0, regular users can't create repos.
- Default, 10.
- When you create a user this value is their
-
gitlab['default_can_create_group']
- When you create a user this value is their
can_create_group
profile setting. - Default, true.
- When you create a user this value is their
-
gitlab['username_changing_enabled']
- Disable/enable users changing their username.
- Default, true.
Database Attributes
Note, most of the database attributes have sane defaults. You will only need to change these configuration options if
you're using a non-standard installation. Please see attributes/default.rb
for more information on how a dynamic attribute
is calculated.
-
gitlab['database']['type']
- The database (datastore) to use.
- Options: "mysql", "postgres"
- Default "mysql"
-
gitlab['database']['adapter']
- The Rails adapter to use with the database type
- Options: "mysql", "postgresql"
- Default (varies based on
type
)
-
gitlab['database']['encoding']
- The database encoding
- Default (varies based on
type
)
-
gitlab['database']['host']
- The host (fqdn) where the database exists
- Default
127.0.0.1
-
gitlab['database']['userhost']
- The host (fqdn) from which the database user may connect.
- Default
127.0.0.1
-
gitlab['database']['pool']
- The maximum number of connections to allow
- Default 5
-
gitlab['database']['database']
- The name of the database
- Default
gitlab
-
gitlab['database']['username']
- The username for the database
- Default
gitlab
LDAP Authentication Attributes
-
gitlab'['ldap']['enabled']
- Use LDAP for authentication
- Default: false
-
gitlab['ldap']['host']
- Hostname of your LDAP server
- Default: "_your_ldap_server"
-
gitlab['ldap']['base']
- Base DN for users (e.g. dc=users,dc=example,dc=com)
- Default: "_the_base_where_you_search_for_users"
-
gitlab['ldap']['port']
- LDAP server port
- Default: 636
-
gitlab['ldap']['uid']
- User ID used when searching for users (e.g. uid, cn, or sAMAccountName)
- Default: "sAMAccountName"
-
gitlab['ldap']['method']
- Connection method used with LDAP server
- Options: "ssl", "plain"
- Default: "ssl"
-
gitlab['ldap']['bind_dn']
- Some servers require a username in order to bind.
- Leave default if your server supports anonymous bind.
- Default: "_the_full_dn_of_the_user_you_will_bind_with"
-
gitlab['ldap']['password']
- Some servers require a password in order to bind
- Leave default if your server supports anonymous bind.
- Default: "_the_password_of_the_bind_user"
-
gitlab['ldap']['allow_username_or_email_login']
- If you want to allow users to login using both username and email address even though username (uid) will actually be used
- Default: true
-
gitlab['ldap']['user_filter']
- You can provide a query string here to filter which users will be selected
- Default: ""
Usage
Optionally override application paths using gitlab['git_home'] and gitlab['home'].
Add recipe gitlab::default to run_list. Go grab a lunch, or two, if Ruby has to build.
The default admin credentials for the gitlab application are as follows:
User: admin@local.host
Password: 5iveL!fe
Of course you should change these first thing, once deployed.
Role example for Gitlab with https, and MySQL
name "gitlab_https"
description "Configures and installs gitlab w/ https, and mysql server"
override_attributes "gitlab" => {
"https" => true,
"certificate_databag_id" => "wildcard"
}
run_list "recipe[mysql::server]", "recipe[gitlab]
License and Author
Author: Gerald L. Hevener Jr., M.S.
Copyright: 2012
Author: Eric G. Wolfe
Copyright: 2012
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Dependent cookbooks
Contingent cookbooks
Gitlab Cookbook Changelog
v7.7.0
- Credit to @jeremyolliver for doing most of the work for an 7.x release.
- gitlab branch targets 7-7-stable.
- gitlab shell branch targets 2.4.1.
- Ruby version is 2.1.2.
- mysql cookbook 6.0 related changes.
- This is a potentially breaking change. The gitlab::mysql recipe now sets up a mysql server since the mysql::server recipe no longer exists in the 6.0 version of the mysql cookbook.
- A future release of this cookbook may separate the duties of the mysql server, and the mysql database initialization for gitlab.
- NOTE the database initialization for postgres remains unchanged, and backwards compatible with prior releases.
v6.9.0
- Fix Rubocop warnings
- Issue #76
- Bump version to 6.9
- depsolv problem with modernizr
- Issue #74
- Use database::mysql and database::postgresql for database cookbook library functionality as mysql::ruby postgres::ruby deprecrated.
v6.4.5 - v6.4.6
- Add regression tests for #66 hackery
- Issue #66, #71 regression, update-alternatives hack does not work when install_ruby_path is changed.
v6.4.4
- Issue #62, certificate resource does not exist if nil, and used as name attribute.
v6.4.3
- Issue #66, gitlab service needs a priority > 20, on debian platform.
- Issue #66, update-alternatives hack so gitlab-shell can find Ruby.
- Issue #69, Correct gitlab_url in gitlab-shell config.yml, add regression tests.
- Issue #67, soften cookbook dependencies on unknown platforms.
- Issue #62, Add new user attributes to gitlab.yml, and update documentation.
v6.4.2
- Add a profile script shim, so init script can correct Ruby.
v6.4.1
-
Issue #60 - thanks to @nickryand
- Modified the bundle install command to drop a file on successful completion
- Added the absolute path to the bundler binary installed into the system ruby path.
- Added a more accurate pattern matcher to gitlab service resource so Chef can find unicorn_rails processes instead of finding processes that have the 'gitlab' string in them.
- Changed the background call to script/web and script/background_jobs in the startup script. These are now foreground calls forcing the start script to block until they return (after the processes are up). This prevents the Chef run from completing before the unicorn_rails processes are up.
-
Other fixes/tweaks
- Remove yum dependency hell.
- Change init/database.yml order due to service subscription.
- Add a :80 redirect to :443, avoids default site showing on :80
when
gitlab['https']
set.
-
Update test files
- Pin omnibus version at 11.8.2, redisio remote file resource failure.
- Remove explicit nil on databag_certificate_id, fails on default suite
- Remove support Gemfile, and update travis.yml
- Add bats tests for default/https suites
v6.4.0
- Bump gitlab-shell to v1.8.0
- Bump gitlab to 6.4.0
- Remove stale nginx config file
- Default recipe changes
- Update gitlab-shell config to point at /usr/local/bin/redis-cli
- Fix permissions on .ssh/authorized_keys
- Add rack_attack file
- Add precompile assets execute
- Add logrotate dependency and configuration
v6.1.21
- Add node['database']['userhost'] attribute, fixes #57
- Fix gitlab['listen_port']/gitlab['https'] condition, fixes #58
- Add node['gitlab']['self_signed_cert'] and documentation, fixes #58
- Revert yum-epel changes, COOK-4164 blocking, will re-open
- Fix dependency hell w/ nginx cookbook
- Add rubocop linting
- Add chefspec mysql/postgres http/https branching specs
- Remove unneeded python dependency
v6.1.10
Bugs squashed:
- Re-order database components to fix Ubuntu Test-Kitchen run. #44
- Update port forwarding configuration in kitchen.yml. #46
- Update Satellite paths to fix Gitlab forking. #50
- ruby-build installs to node['gitlab']['home'], avoiding PATH hacks for Rake. Use node['gitlab']['install_ruby_path'] to override. #16
- ruby-build failing on 1.9.3-p448, bump version to 1.9.3-p484.
- Pinned yum dependency on < 3.0.0
Features added:
- Add knob for disabling Gravatar. #51
- Add LDAP Authentication support. #49
Removed:
- sudo cookbook dependency removed. #52
v6.1.0
Clean up some of the code to target 6-1-stable branch
- Move gitlab.home to /srv/git - FHS 2.3
- Use ruby_build to compile 1.9.3 by default per gitlabhq documentation.
- Clean up both cookbook and package dependencies.
- Remove ruby-shadow, included in Omnibus, not needed anyway as no password is set.
- Use gitconfig template, instead of execute.
- Add test-kitchen skeleton, and certificate data_bag integration.
- Add gitlab.certificate_databag_id to deploy certificate from encrypted databag.
- Minor sudo fix in gitlab init script.
- Use nginx_site definition to disable default nginx site.
- Add nginx_server_names array for hostname match precedence over potential default sites matching
_
.
v0.5.0
-
Database back-end changes via @sethvargo
- Adds a mysql and postgresql database creation
- Breaking change: developed against githlabhq/master (sqlite no longer supported)
-
Gitolite deploy changes via @dscheu
- Deploy gitlabhq/gitolite, not sitaramc/gitolite
Add configurable backup paths to Gitlab configuration via @dscheu
v0.3.4
Fix issues with stable snapshot v3.x
- Avoid installing pg, gem which adds extra dependencies
- Add change to default gitolite.rc per upgrade instructions
v0.3.3
Issues #9 and #10
Issue 9: this version MAY fix issues with key generation when
cookbook is invocated via chef-solo. There may exist other
chef-solo blockers within the cookbook. Specifically, File.exists?
guards were added to SSH public key generation code blocks.
Issue 10: this version fixes one minor dependency bug with EPEL
dependencies via metadata and inclusion.
v0.3.2
- Default gitlab branch to stable
v0.3.1
- ISSUE 7: public key template fails to render
- ISSUE 8: unicorn_rails script fails on ruby package platforms
v0.3.0
- Missing bracket
- Change single-quote variable to symbol notation
- install python and symlink redis-cli so hooks work
- HTTPS options for nginx
- Ubuntu/Debian platform compatibility fixes
- FC035: Template uses node attribute directly
v0.2.1
Thanks to Fletcher Nichol for the feedback and fixes :)
- Add
gitlab_branch
attribute. - Fix directory block syntax (do).
v0.2.0
- Epic public release <crowd cheers>
- Moar testing
- Clean up init script
- Fix unicorn config
- Fix gitlab home permissions for nginx
v0.1.0
#Epic refactor
- Write long README
- variable renaming to simplify readability
- refactor dependencies and package lists
- generate ssh keys in Ruby, import to gitolite
- Integrate gitolite recipe into cookbook
- Fix broken ssh problems
- fixup git home permissions
- use system ruby instead of chef-full bundler
- Re-work dependencies; Prefer ruby_build rubies over Redhat shipped
v0.0.1 - v0.0.40
#Prototyping
Added cookbook dependencies for gitlab/gitolite
Prototype attributes for gitlab cookbook
Fixed gitolite support for gitlab in default.rb
Fixed permissions & gl-setup in gitlab default.rb
Edit default.rb in gitlab & gitolite cookbooks
Edit gitolite cmd to add .pub key
Fix code blocks in wrong order gitolite/gitlab ckbks
Refactor gitolite/gitlab ckbks again. Works now.
Add cookbooks redisio & sqlite. Install pkgs for gitlab
Install Gems. Rename config files 4 gitlab cookbook
Config Sqlite DB for gitlab
Add ability to start gitlab & resque
Foodcritic Metric
7.7.0 passed this metric
7.7.0 passed this metric