Commit e2d2d4f0 authored by Martin Mai's avatar Martin Mai
Browse files

init

parents
FROM alpine:3.5
ENV OPENSSL_VERSION 1.0.2e-r0
RUN apk --no-cache --update add \
ca-certificates \
caddy \
curl \
"openssl>=${OPENSSL_VERSION}"
EXPOSE 80 443 2015
ENTRYPOINT ["caddy"]
# change gitlab configuration
```
cp \
gitlab/volumes/etc/gitlab/gitlab.rb-dist \
gitlab/volumes/etc/gitlab/gitlab.rb
edit volumes/etc/gitlab/gitlab.rb
#or
#edit gitlab/init-config.sh
#bash gitlab/misc/init-config.sh
#hostname
edit caddy-conf/caddyfile
#perhaps set ip for ssh
edit gitlab/docker-compose.yml
# start reverse-proxy and gitlab
```
docker-compose up -d
```
docker-compose exec \
gitlab gitlab-ctl reconfigure
```
# change initial gitlab password (web interface)
initial value:
grep 'initial_root_password' gitlab/volumes/etc/gitlab/gitlab.rb
login with user "root"
#See https://caddyserver.com/docs/caddyfile
#https://gitlab.rz.uni-bamberg.de {
https://:443 {
#see https://caddyserver.com/docs/tls
tls self_signed
#tls off
#dfn-pki
##tls /data/cert.pem /data/key.pem
#letsencrypt
##tls your-mail@domain.de
log / /data/gitlab.log "[gitlab] - {when} - {remote} - {proto} {method} {path} - {status} {size}"
proxy / http://gitlab:80 {
transparent
websocket
}
}
#See https://caddyserver.com/docs/caddyfile
#https://gitlab.rz.uni-bamberg.de {
#https://:443 {
uniba_change_me_caddy_url {
#see https://caddyserver.com/docs/tls
tls self_signed
#tls off
#dfn-pki
##tls /data/cert.pem /data/key.pem
#letsencrypt
##tls your-mail@domain.de
log / /data/gitlab.log "[gitlab] - {when} - {remote} - {proto} {method} {path} - {status} {size}"
proxy / http://gitlab:80 {
transparent
websocket
}
}
version: "2"
networks:
caddynet:
driver: bridge
services:
caddy:
build:
context: .
dockerfile: Dockerfile-caddy
image: caddy
restart: always
cap_add:
- NET_BIND_SERVICE
user: root
networks:
- caddynet
ports:
#- example for specific IP "141.13.99.99:80:80"
- "80:80"
- "443:443"
command: -type http -port 80 -http2=false -conf /data/caddyfile
read_only: true
working_dir: /data
environment:
- CADDYPATH=/data
volumes:
- ./caddy-conf:/data:rw
gitlab:
extends:
file: gitlab/docker-compose.yml
service: gitlab
networks:
- caddynet
\ No newline at end of file
version: "2"
networks:
caddynet:
driver: bridge
services:
caddy:
build:
context: .
dockerfile: Dockerfile-caddy
image: caddy
restart: always
cap_add:
- NET_BIND_SERVICE
user: root
networks:
- caddynet
ports:
#- example for specific IP "141.13.99.99:80:80"
#- "80:80"
#- "443:443"
- "uniba_de_change_me_ports_80"
- "uniba_de_change_me_ports_443"
command: -type http -port 80 -http2=false -conf /data/caddyfile
read_only: true
working_dir: /data
environment:
- CADDYPATH=/data
volumes:
- ./caddy-conf:/data:rw
gitlab:
extends:
file: gitlab/docker-compose.yml
service: gitlab
networks:
- caddynet
\ No newline at end of file
version: '2'
services:
gitlab:
image: gitlab/gitlab-ce:8.14.5-ce.0
restart: always
expose:
- 22
- 80
- 443
ports:
#- "141.13.240.109:22:22"
- "uniba_de_change_me_ports"
volumes:
- ./volumes/etc/gitlab:/etc/gitlab
- ./volumes/var/opt/gitlab:/var/opt/gitlab
- ./volumes/var/log/gitlab:/var/log/gitlab
- ./volumes/root/uniba.de/share:/root/uniba.de/share
- ./volumes/.git:/.git
## Configuration options with # in front are not active and they were
## valid at install time. Updating the package does not update this file
## automatically.
## Latest options listed at:
## https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template
## Url on which GitLab will be reachable.
## For more details on configuring external_url see:
## https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/configuration.md#configuring-the-external-url-for-gitlab
# external_url 'GENERATED_EXTERNAL_URL' # default: http://hostname
external_url 'uniba_de_change_me_external_url' # default: http://hostname
#external_url 'https://dockerunitest.tk' # default: http://hostname
## Note: configuration settings below are optional.
## Uncomment and change the value.
############################
# gitlab.yml configuration #
############################
# gitlab_rails['gitlab_ssh_host'] = 'ssh.host_example.com'
# gitlab_rails['time_zone'] = 'UTC'
# gitlab_rails['gitlab_email_enabled'] = true
# gitlab_rails['gitlab_email_from'] = 'example@example.com'
gitlab_rails['gitlab_email_from'] = 'uniba_de_change_me_gitlab_email_from'
# gitlab_rails['gitlab_email_display_name'] = 'Example'
# gitlab_rails['gitlab_email_reply_to'] = 'noreply@example.com'
gitlab_rails['gitlab_email_reply_to'] = 'uniba_de_change_me_gitlab_email_reply_to'
# gitlab_rails['gitlab_default_can_create_group'] = true
# gitlab_rails['gitlab_username_changing_enabled'] = true
# gitlab_rails['gitlab_default_theme'] = 2
# gitlab_rails['gitlab_default_projects_features_issues'] = true
# See http://doc.gitlab.com/ce/customization/issue_closing.html for more information about this pattern.
# gitlab_rails['gitlab_issue_closing_pattern'] = "((?:[Cc]los(?:e[sd]?|ing)|[Ff]ix(?:e[sd]|ing)?) +(?:(?:issues? +)?%{issue_ref}(?:(?:, *| +and +)?))+)"
# gitlab_rails['gitlab_default_projects_features_merge_requests'] = true
# gitlab_rails['gitlab_default_projects_features_wiki'] = true
# gitlab_rails['gitlab_default_projects_features_snippets'] = false
gitlab_rails['gitlab_default_projects_features_builds'] = true
gitlab_rails['gitlab_default_projects_features_container_registry'] = true
# gitlab_rails['gitlab_repository_downloads_path'] = 'tmp/repositories'
gitlab_rails['gravatar_enabled'] = false
# gitlab_rails['gravatar_plain_url'] = 'http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon'
# gitlab_rails['gravatar_ssl_url'] = 'https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon'
# gitlab_rails['stuck_ci_builds_worker_cron'] = "0 0 * * *"
# See http://docs.gitlab.com/ce/ci/yaml/README.html#artifacts:expire_in
# gitlab_rails['expire_build_artifacts_worker_cron'] = "50 * * * *"
# gitlab_rails['repository_check_worker_cron'] = "20 * * * *"
# gitlab_rails['admin_email_worker_cron'] = "0 0 * * 0"
# gitlab_rails['repository_archive_cache_worker_cron'] = "0 * * * *"
# gitlab_rails['historical_data_worker_cron'] = "0 12 * * *"
# gitlab_rails['update_all_mirrors_worker_cron'] = "0 * * * *"
# gitlab_rails['update_all_remote_mirrors_worker_cron'] = "30 * * * *"
# gitlab_rails['ldap_sync_worker_cron'] = "30 1 * * *"
# gitlab_rails['geo_bulk_notify_worker_cron'] = "*/10 * * * * *"
# gitlab_rails['webhook_timeout'] = 10
# gitlab_rails['trusted_proxies'] = []
## Reply by email
# Allow users to comment on issues and merge requests by replying to notification emails.
# For documentation on how to set this up, see http://doc.gitlab.com/ce/incoming_email/README.html
# gitlab_rails['incoming_email_enabled'] = true
#
# # The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to.
# # The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`).
# gitlab_rails['incoming_email_address'] = "gitlab-incoming+%{key}@gmail.com"
#
# # Email account username
# # With third party providers, this is usually the full email address.
# # With self-hosted email servers, this is usually the user part of the email address.
# gitlab_rails['incoming_email_email'] = "gitlab-incoming@gmail.com"
# # Email account password
# gitlab_rails['incoming_email_password'] = "[REDACTED]"
#
# # IMAP server host
# gitlab_rails['incoming_email_host'] = "imap.gmail.com"
# # IMAP server port
# gitlab_rails['incoming_email_port'] = 993
# # Whether the IMAP server uses SSL
# gitlab_rails['incoming_email_ssl'] = true
# # Whether the IMAP server uses StartTLS
# gitlab_rails['incoming_email_start_tls'] = false
#
# # The mailbox where incoming mail will end up. Usually "inbox".
# gitlab_rails['incoming_email_mailbox_name'] = "inbox"
#
# gitlab_rails['incoming_email_log_directory'] = "/var/log/gitlab/mailroom"
## Build Artifacts
# gitlab_rails['artifacts_enabled'] = true
# gitlab_rails['artifacts_path'] = "/mnt/storage/artifacts"
## Git LFS
# gitlab_rails['lfs_enabled'] = true
# gitlab_rails['lfs_storage_path'] = "/mnt/storage/lfs-objects"
## ElasticSearch (EE only)
# gitlab_rails['elasticsearch_enabled'] = false
# gitlab_rails['elasticsearch_host'] = "localhost"
# gitlab_rails['elasticsearch_port'] = 9200
## GitLab Pages (EE only)
# gitlab_rails['pages_path'] = "/mnt/storage/pages"
## For setting up LDAP
## see https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md#setting-up-ldap-sign-in
## Be careful not to break the indentation in the ldap_servers block. It is in
## yaml format and the spaces must be retained. Using tabs will not work.
#gitlab_rails['ldap_enabled'] = true
##gitlab_rails['ldap_servers'] = YAML.load <<-'EOS' # remember to close this block with 'EOS' below
# main: # 'main' is the GitLab 'provider ID' of this LDAP server
# label: 'LDAP'
## host: 'XXXXX'
# port: 389
# uid: 'sAMAccountName'
# method: 'plain' # "tls" or "ssl" or "plain"
## bind_dn: 'XXXXXX'
## password: 'XXXXX'
# active_directory: true
## allow_username_or_email_login: false
## block_auto_created_users: false
# base: 'dc=uni-bamberg,dc=de'
# user_filter: '(|(memberOf=CN='
# attributes:
# username: 'userprincipalname'
# email: ['mail', 'email', 'userPrincipalName']
# name: 'displayname'
# first_name: 'givenName'
# last_name: 'sn'
# ## EE only
# group_base: ''
# admin_group: ''
# sync_ssh_keys: false
#
# secondary: # 'secondary' is the GitLab 'provider ID' of second LDAP server
# label: 'LDAP'
# host: '_your_ldap_server'
# port: 389
# uid: 'sAMAccountName'
# method: 'plain' # "tls" or "ssl" or "plain"
# bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
# password: '_the_password_of_the_bind_user'
# active_directory: true
# allow_username_or_email_login: false
# block_auto_created_users: false
# base: ''
# user_filter: ''
# attributes:
# username: ['uid', 'userid', 'sAMAccountName']
# email: ['mail', 'email', 'userPrincipalName']
# name: 'displayname'
# first_name: 'givenName'
# last_name: 'sn'
# ## EE only
# group_base: ''
# admin_group: ''
# sync_ssh_keys: false
##EOS
## Setting up Kerberos (EE only)
## See http://doc.gitlab.com/ee/integration/kerberos.html#http-git-access
# gitlab_rails['kerberos_enabled'] = true
# gitlab_rails['kerberos_keytab'] = /etc/http.keytab
# gitlab_rails['kerberos_service_principal_name'] = HTTP/gitlab.example.com@EXAMPLE.COM
# gitlab_rails['kerberos_use_dedicated_port'] = true
# gitlab_rails['kerberos_port'] = 8443
# gitlab_rails['kerberos_https'] = true
## For setting up omniauth
## see https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md#omniauth-google-twitter-github-login
# gitlab_rails['omniauth_enabled'] = false
# gitlab_rails['omniauth_allow_single_sign_on'] = ['saml']
# gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'
# gitlab_rails['omniauth_block_auto_created_users'] = true
# gitlab_rails['omniauth_auto_link_ldap_user'] = false
# gitlab_rails['omniauth_auto_link_saml_user'] = false
# gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2']
# gitlab_rails['omniauth_providers'] = [
# {
# "name" => "google_oauth2",
# "app_id" => "YOUR APP ID",
# "app_secret" => "YOUR APP SECRET",
# "args" => { "access_type" => "offline", "approval_prompt" => "" }
# }
# ]
#
# If you setup bitbucket importer under omniauth providers you will need to add the keys
# which will allow connection between bitbucket and gitlab.
# For details see http://doc.gitlab.com/ce/integration/bitbucket.html
# gitlab_rails['bitbucket'] = {
# 'known_hosts_key' => 'bitbucket.org,207.223.240.182 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==',
# 'private_key' => '-----BEGIN RSA PRIVATE KEY-----
# MIIEowIBAAKCAQEAyXxYHwz2KjcwSjTREwlhYHqrf/8U0UM8ej3cqQ551gE4Wo3t
# -----END RSA PRIVATE KEY-----',
# 'public_key' => 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJfFgfDPYqN git@gitlab.example.com'
# }
## For setting up backups
## see https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md#backups
# gitlab_rails['manage_backup_path'] = true
# gitlab_rails['backup_path'] = "/var/opt/gitlab/backups"
# gitlab_rails['backup_archive_permissions'] = 0644 # See: http://doc.gitlab.com/ce/raketasks/backup_restore.html#backup-archive-permissions
# gitlab_rails['backup_pg_schema'] = 'public'
# gitlab_rails['backup_keep_time'] = 604800
# gitlab_rails['backup_upload_connection'] = {
# 'provider' => 'AWS',
# 'region' => 'eu-west-1',
# 'aws_access_key_id' => 'AKIAKIAKI',
# 'aws_secret_access_key' => 'secret123'
# }
# gitlab_rails['backup_upload_remote_directory'] = 'my.s3.bucket'
# gitlab_rails['backup_multipart_chunk_size'] = 104857600
# gitlab_rails['backup_encryption'] = 'AES256' # Turns on AWS Server-Side Encryption with Amazon S3-Managed Keys for backups
## For setting up different data storing directory
## see https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md#storing-git-data-in-an-alternative-directory
## If you want to use a single non-default directory to store git data use
## a path that doesn't contain symlinks.
# git_data_dirs({"default" => "/var/opt/gitlab/git-data"})
## For storing GitLab application uploads, eg. LFS objects, build artifacts
## see https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/shared_files.md
# gitlab_rails['shared_path'] = '/var/opt/gitlab/gitlab-rails/shared'
# DEPRECATED: gitlab_rails['satellites_timeout'] = 30
## GitLab Shell settings for GitLab
# gitlab_rails['gitlab_shell_ssh_port'] = 22
# gitlab_rails['git_max_size'] = 20971520
# gitlab_rails['git_timeout'] = 10
## Extra customization
# gitlab_rails['extra_google_analytics_id'] = '_your_tracking_id'
# gitlab_rails['extra_piwik_url'] = '_your_piwik_url'
# gitlab_rails['extra_piwik_site_id'] = '_your_piwik_site_id'
# gitlab_rails['env'] = {
# 'BUNDLE_GEMFILE' => "/opt/gitlab/embedded/service/gitlab-rails/Gemfile",
# 'PATH' => "/opt/gitlab/bin:/opt/gitlab/embedded/bin:/bin:/usr/bin"
# }
# gitlab_rails['rack_attack_git_basic_auth'] = {
# 'enabled' => true,
# 'ip_whitelist' => ["127.0.0.1"],
# 'maxretry' => 10,
# 'findtime' => 60,
# 'bantime' => 3600
# }
# gitlab_rails['rack_attack_protected_paths'] = [
# '/users/password',
# '/users/sign_in',
# '/api/#{API::API.version}/session.json',
# '/api/#{API::API.version}/session',
# '/users',
# '/users/confirmation',
# '/unsubscribes/',
# '/import/github/personal_access_token'
# ]
# We do not recommend changing these directories.
# gitlab_rails['dir'] = "/var/opt/gitlab/gitlab-rails"
# gitlab_rails['log_directory'] = "/var/log/gitlab/gitlab-rails"
###############################
# GitLab application settings #
###############################
# gitlab_rails['uploads_directory'] = "/var/opt/gitlab/gitlab-rails/uploads"
# gitlab_rails['rate_limit_requests_per_period'] = 10
# gitlab_rails['rate_limit_period'] = 60
# Change the initial default admin password.
# Only applicable on inital setup, changing this setting after database is created and seeded
# won't yield any change.
gitlab_rails['initial_root_password'] = "uniba_de_change_me_initial_root_password"
# Enable or disable automatic database migrations
# gitlab_rails['auto_migrate'] = true
############################
# GitLab database settings #
############################
## see https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/database.md#database-settings
## Only needed if you use an external database.
# gitlab_rails['db_adapter'] = "postgresql"
# gitlab_rails['db_encoding'] = "unicode"
# gitlab_rails['db_collation'] = nil
# gitlab_rails['db_database'] = "gitlabhq_production"
# gitlab_rails['db_pool'] = 10
# gitlab_rails['db_username'] = "gitlab"
# gitlab_rails['db_password'] = nil
# gitlab_rails['db_host'] = nil
# gitlab_rails['db_port'] = 5432
# gitlab_rails['db_socket'] = nil
# gitlab_rails['db_sslmode'] = nil
# gitlab_rails['db_sslrootcert'] = nil
#########################
# GitLab redis settings #
#########################
## see https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/redis.md#redis-settings
## Connect to your own redis instance.
## Redis TCP connection
# gitlab_rails['redis_host'] = "127.0.0.1"
# gitlab_rails['redis_port'] = 6379
# gitlab_rails['redis_password'] = nil
# gitlab_rails['redis_database'] = 0
## Redis local UNIX socket (will be disabled if TCP method is used)
# gitlab_rails['redis_socket'] = "/var/opt/gitlab/redis/redis.socket"
## Sentinel support
## To have sentinel working, you must enable Redis TCP connection support
## above ## and define a few sentinel hosts below (to get a reliable setup
## at least 3 hosts).
## You don't need to list every sentinel host, but the ones unlisted will
## not be used in a fail-over situation to query for the new master.
# gitlab_rails['redis_sentinels'] = [
# {'host' => '127.0.0.1', 'port' => 26379},
# ]
################################
# GitLab email server settings #
################################
# see https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/smtp.md#smtp-settings
# Use smtp instead of sendmail/postfix.
# gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_enable'] = true
# gitlab_rails['smtp_address'] = "smtp.server"
gitlab_rails['smtp_address'] = "uniba_de_change_me_smtp_address"
# gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_port'] = 465
# gitlab_rails['smtp_user_name'] = "smtp user"
# gitlab_rails['smtp_password'] = "smtp password"
# gitlab_rails['smtp_domain'] = "example.com"
gitlab_rails['smtp_domain'] = "uniba_de_change_me_smtp_domain"
# gitlab_rails['smtp_authentication'] = "login"
# gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_enable_starttls_auto'] = true
# gitlab_rails['smtp_tls'] = false
# gitlab_rails['smtp_tls'] = false
# gitlab_rails['smtp_openssl_verify_mode'] = 'none' # Can be: 'none', 'peer', 'client_once', 'fail_if_no_peer_cert', see http://api.rubyonrails.org/classes/ActionMailer/Base.html
# gitlab_rails['smtp_ca_path'] = "/etc/ssl/certs"
# gitlab_rails['smtp_ca_file'] = "/etc/ssl/certs/ca-certificates.crt"
###############################
# Container Registry settings #
###############################
# See https://docs.gitlab.com/ce/administration/container_registry.html
#
# registry_external_url 'https://registry.gitlab.example.com'
## Settings used by GitLab application
# gitlab_rails['registry_enabled'] = true
# gitlab_rails['registry_host'] = "registry.gitlab.example.com"
# gitlab_rails['registry_port'] = "5005"
# gitlab_rails['registry_path'] = "/var/opt/gitlab/gitlab-rails/shared/registry"
#
## Do not change the following 3 settings unless you know what you are doing
#
# gitlab_rails['registry_api_url'] = "http://localhost:5000"
# gitlab_rails['registry_key_path'] = "/var/opt/gitlab/gitlab-rails/certificate.key"
# gitlab_rails['registry_issuer'] = "omnibus-gitlab-issuer"
## Settings used by Registry application
# registry['enable'] = true
# registry['username'] = "registry"
# registry['group'] = "registry"
# registry['uid'] = nil
# registry['gid'] = nil
# registry['dir'] = "/var/opt/gitlab/registry"
# registry['registry_http_addr'] = "localhost:5000"
# registry['debug_addr'] = "localhost:5001"
# registry['log_directory'] = "/var/log/gitlab/registry"
# registry['log_level'] = "info"
# registry['rootcertbundle'] = "/var/opt/gitlab/registry/certificate.crt"
# registry['storage_delete_enabled'] = true
# # Registry backend storage, see http://docs.gitlab.com/ce/administration/container_registry.html#container-registry-storage-driver
# registry['storage'] = {
# 's3' => {
# 'accesskey' => 'AKIAKIAKI',
# 'secretkey' => 'secret123',
# 'bucket' => 'gitlab-registry-bucket-AKIAKIAKI'
# }
# }
####################
# GitLab Workhorse #
####################
# see https://gitlab.com/gitlab-org/gitlab-workhorse/blob/master/README.md
# gitlab_workhorse['enable'] = true
# gitlab_workhorse['ha'] = false
# gitlab_workhorse['listen_network'] = "unix"
# gitlab_workhorse['listen_umask'] = 000
# gitlab_workhorse['listen_addr'] = "/var/opt/gitlab/gitlab-workhorse/socket"
# gitlab_workhorse['auth_backend'] = "http://localhost:8080"
# gitlab_workhorse['auth_socket'] = "''" # the empty string is the default in gitlab-workhorse option parser
# gitlab_workhorse['pprof_listen_addr'] = "''" # put an empty string on the command line
# gitlab_workhorse['dir'] = "/var/opt/gitlab/gitlab-workhorse"
# gitlab_workhorse['log_directory'] = "/var/log/gitlab/gitlab-workhorse"
# gitlab_workhorse['proxy_headers_timeout'] = "1m0s"
# gitlab_workhorse['api_limit'] = 0 # limit number of concurrent API requests, defaults to 0 which is unlimited
# gitlab_workhorse['api_queue_limit'] = 0 # limit number of API requests allowed to be queued, defaults to 0 which disables queuing
# gitlab_workhorse['api_queue_duration'] = "30s" # duration after which we timeout requests if they sit too long in the queue
# gitlab_workhorse['env'] = {
# 'PATH' => "/opt/gitlab/bin:/opt/gitlab/embedded/bin:/bin:/usr/bin"
# }
###############
# GitLab user #
###############
## see https://gitlab.com/gitlab-org/omnibus-gitlab/tree/master/README.md#changing-the-name-of-the-git-user-group
## Modify default git user.
# user['username'] = "git"
# user['group'] = "git"
# user['uid'] = nil
# user['gid'] = nil
# # The shell for the git user
# user['shell'] = "/bin/sh"
# # The home directory for the git user
# user['home'] = "/var/opt/gitlab"
# user['git_user_name'] = "GitLab"
# user['git_user_email'] = "gitlab@#{node['fqdn']}"
##################
# GitLab Unicorn #
##################
## Tweak unicorn settings.
# unicorn['worker_timeout'] = 60
# unicorn['worker_processes'] = 2
## Advanced settings
# unicorn['listen'] = '127.0.0.1'
# unicorn['port'] = 8080
# unicorn['socket'] = '/var/opt/gitlab/gitlab-rails/sockets/gitlab.socket'
# unicorn['pidfile'] = '/opt/gitlab/var/unicorn/unicorn.pid'
# unicorn['tcp_nopush'] = true
# unicorn['backlog_socket'] = 1024
# Make sure somaxconn is equal or higher then backlog_socket
# unicorn['somaxconn'] = 1024
# We do not recommend changing this setting
# unicorn['log_directory'] = "/var/log/gitlab/unicorn"