summaryrefslogtreecommitdiff
path: root/config.yml.example
Commit message (Collapse)AuthorAgeFilesLines
* Implement ClientKeepAlive optionIgor Drozdov2022-05-121-0/+2
| | | | | | | | | | Git clients sometimes open a connection and leave it idling, like when compressing objects. Settings like timeout client in HAProxy might cause these idle connections to be terminated. Let's send the keepalive message in order to prevent a client from closing
* Make PROXY policy configurableIgor Drozdov2022-05-101-0/+3
| | | | | It would give us more flexibility when we decide to enable PROXY protocol
* Merge branch '541_remove_self_signed_cert_option' into 'main'Igor Drozdov2022-04-261-5/+0
|\ | | | | | | | | Remove `self_signed_cert` option See merge request gitlab-org/gitlab-shell!602
| * Remove `self_signed_cert` optionVasilii Iakliushin2022-04-221-5/+0
| | | | | | | | | | | | Contributes to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/541 Changelog: removed
* | Revert "Abort long-running unauthenticated SSH connections"Igor Drozdov2022-04-251-2/+0
|/ | | | This reverts commit 3a2c8f2c47774a35d840ec8baf54341beede5d43.
* Abort long-running unauthenticated SSH connectionsIgor Drozdov2022-03-301-0/+2
|
* Add docs for grace-period and probes config optionsIgor Drozdov2022-03-241-0/+6
|
* Deprecate self_signed_cert config settingid-deprecate-self-signed-certIgor Drozdov2022-01-121-0/+5
| | | | | | | | | The option isn't required to accept self-signed certs On the other hand, if the option set to true it makes machine-in-the-middle attack possible Let's clarify it in the code that the option is deprecated
* log_format changed from 'text' to 'json'listout2021-05-261-3/+3
| | | | Edited log_format description comment, if for 'text' if a user need 'text' logging
* changed filename extension to .log as json can operate on .log filelistout2021-05-261-1/+1
|
* default log format changed to json, making it reflect in example configlistout2021-05-241-5/+5
|
* gitlab-sshd: Support the PROXY protocolNick Thomas2021-04-121-0/+3
|
* Add monitoring endpoint to sshdBen Kochie2021-02-161-1/+3
| | | | | | | | | | | Add a basic monitoring endpoint to the sshd command. * Listen on localhost port 9122 by default. * Integrate build/version info. * Update example config. https://gitlab.com/gitlab-org/gitlab-shell/-/issues/121 Signed-off-by: Ben Kochie <superq@gmail.com>
* RFC: Simple built-in SSH serverLorenz Brun2021-01-181-0/+12
|
* config: Set a secret exampleZeger-Jan van de Weg2020-10-011-0/+4
| | | | | | | The config.yml.example didn't include a field I was expecting to be there, which lead me to believe the field didn't exist. This change adds the `secret` YAML field, and describes how it interacts with the secrets_file.
* Fix gitlab-shell not handling relative URLs over UNIX socketssh-fix-unix-relative-url-accessStan Hu2020-08-201-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/4498#note_397401883, if you specify a relative path such as: ``` external_url 'http://gitlab.example.com/gitlab' ``` gitlab-shell doesn't have a way to pass the `/gitlab` to the host. For example, let's say we have: ``` gitlab_url: "http+unix://%2Fvar%2Fopt%2Fgitlab%2Fgitlab-workhorse%2Fsocket" ``` If we have `/gitlab` as the relative path, how do we specify what is the UNIX socket path and what is the relative path? If we specify: ``` gitlab_url: "http+unix:///var/opt/gitlab/gitlab-workhorse.socket/gitlab ``` This is ambiguous. Is the socket in `/var/opt/gitlab/gitlab-workhorse.socket/gitlab` or in `/var/opt/gitlab/gitlab-workhorse.socket`? To fix this, this merge request adds an optional `gitlab_relative_url_root` config parameter: ``` gitlab_url: "http+unix://%2Fvar%2Fopt%2Fgitlab%2Fgitlab-workhorse%2Fsocket" gitlab_relative_url_root: /gitlab ``` This is only used with UNIX domain sockets to disambiguate the socket and base URL path. If `gitlab_url` uses `http://` or `https://`, then `gitlab_relative_url_root` is ignored. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/476
* Support new ssl_cert_dir config settingAsh McKenzie2020-07-011-0/+4
|
* Use default puma socket in example configJustin Kromlinger2020-05-281-1/+1
| | | | | | | | The unicorn replacement 'puma' uses a unix socket in the example config [1] instead of a tcp port. Using the non-existing tcp port results in "Internal API unreachable" on git operations. [1] https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/puma.rb.example#L34
* Remove custom_hooks_dir setting457-custom_hooks_dir-setting-in-config-yml-example-is-no-longer-relevantAsh McKenzie2020-05-051-4/+0
| | | | It now lives within gitaly
* Remove an obsolete section from config.yml.exampleNick Thomas2019-10-021-5/+0
|
* Add a comment with all features enabled by defaultIgor2019-06-111-3/+1
| | | | In order to uncomment it in the Makefile of GDK
* Adds distributed tracing instrumentation to GitLab-Shellan-distributed-tracingAndrew Newdigate2019-03-011-0/+4
| | | | Adds distributed tracing instrumentation to GitLab-Shell using LabKit
* Specify a richer scheme to run the migration withNick Thomas2018-09-281-2/+6
|
* Initial feature-flagged go/ruby switchNick Thomas2018-09-281-0/+3
|
* Clean up cmd_exec execution environmentZeger-Jan van de Weg2018-08-241-7/+0
| | | | | | | | | | | Given the gitaly-* now proxy the data from the client to the Gitaly server, the environment variables aren't used. Therefor we don't have to set them either. Only exception to the rule, is the GITALY_TOKEN. These changes also remove the `GIT_TRACE` options, introduced by 192e2bd367494bf66746c8971896a2d9cb84fc92. Part of: https://gitlab.com/gitlab-org/gitaly/issues/1300
* Switch to structured loggingJacob Vosmaer (GitLab)2018-03-191-0/+3
|
* Remove direct redis integrationNick Thomas2018-01-121-17/+0
|
* Remove unused redis bin configuration.remove-redis-cliMarin Jankovski2017-12-121-1/+0
|
* Remove git annex supportPawel Chojnacki2017-02-241-8/+0
|
* Make custom hooks dir configurableSean McGivern2016-12-121-1/+5
| | | | | | | | Add a new configuration option, custom_hooks_dir. When this is set, we will look for global custom hooks in: <custom_hooks_dir>/{pre-receive,update,post-receive}.d/* When this is not set, default to <REPO_PATH>/hooks.
* Enable GIT_TRACE/GIT_TRACE_PACKET/GIT_TRACE_PERFORMANCE by providing the ↵59-git-tracingPaco Guzman2016-09-271-0/+7
| | | | | | git_trace_log_file config key The value of the variable if present must be a writable absolute path. If it’s not the case we log a proper message and not enable tracing to not throw output to the users.
* Sentinel connection parameters in `config.yml` fileGabriel Mazetto2016-08-181-1/+9
|
* Refactor repository paths handling to allow multiple git mount pointsshardsAlejandro Rodríguez2016-06-291-6/+0
|
* Merge branch 'net-read-timeout' into 'master' Douwe Maan2016-02-091-0/+1
|\ | | | | | | | | | | | | | | | | | | | | Increase HTTP timeout and log request durations On some GitLab deployments internal API calls regularly take more than 60 seconds (the default HTTP read timeout of Ruby's Net::HTTP). Until we understand the cause of this slowness, by raising the client timeout in gitlab-shell we can at least spare end users having to retry their `git pull` or `git push`. See merge request !37
| * Use an HTTP timeout of 5 minutes by defaultJacob Vosmaer2016-02-091-0/+1
| |
* | Add relative URL inforelative_url_infoAchilleas Pipinellis2016-02-091-2/+2
|/ | | | [ci skip]
* Be more consistent about default gitlab_urlremove-trailing-slashesJacob Vosmaer2015-12-111-1/+1
|
* Remove trailing slashes from gitlab_urlJacob Vosmaer2015-12-111-5/+5
| | | | | They do not play nice with gitlab-workhorse (or rather Golang net/http DefaultServemux).
* Add support to connect gitlab-shell to Unicorn via UNIX socketKirill Smelkov2015-11-101-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It is well known that UNIX sockets are faster than TCP over loopback. E.g. on my machine according to lmbench[1] they have ~ 2 times lower latency and ~ 2-3 times more throughput compared to TCP over loopback: *Local* Communication latencies in microseconds - smaller is better --------------------------------------------------------------------- Host OS 2p/0K Pipe AF UDP RPC/ TCP RPC/ TCP ctxsw UNIX UDP TCP conn --------- ------------- ----- ----- ---- ----- ----- ----- ----- ---- teco Linux 4.2.0-1 13.8 29.2 26.8 45.0 47.9 48.5 55.5 45. *Local* Communication bandwidths in MB/s - bigger is better ----------------------------------------------------------------------------- Host OS Pipe AF TCP File Mmap Bcopy Bcopy Mem Mem UNIX reread reread (libc) (hand) read write --------- ------------- ---- ---- ---- ------ ------ ------ ------ ---- ----- teco Linux 4.2.0-1 1084 4353 1493 2329.1 3720.7 1613.8 1109.2 3402 1404. The same ratio usually holds for servers. Also UNIX sockets, since they reside on filesystem, besides being faster with less latency, have one another nice property: access permissions to them are managed the same way access to files is. Because of lower latencies and higher throughput - for performance reasons, and for easier security, it makes sense to interconnect services on one machine via UNIX sockets and talk via TCP only to outside world. All internal services inside GitLab can talk to each other via UNIX socket already and only gitlab-shell was missing support to talk to Unicorn via UNIX socket. Let's teach gitlab-shell to talk via UNIX sockets. [1] http://www.bitmover.com/lmbench/ ~~~~ In this patch we - add URI::HTTPUNIX to handle http+unix:// URI scheme - add Net::HTTPUNIX to handle "connect via unix socket and then talk http" - adjust GitlabNet#http_client_for() accordingly - adjust documentation in config.yml.example The http+unix:// scheme is not reinvented anew: the idea about its structure is quite logical an was already established at least in requests-unixsocket python package: http://fixall.online/theres-no-need-to-reinvent-the-wheelhttpsgithubcommsabramorequests-unixsocketurl/241810/ https://github.com/msabramo/requests-unixsocket
* Add a note that changing example configuration files requires changing ↵note_in_configMarin Jankovski2015-06-111-0/+5
| | | | omnibus-gitlab.
* Merge pull request #212 from jirutka/patch-1Dmitriy Zaporozhets2015-04-101-0/+4
|\ | | | | Allow to configure location of the secret file
| * Allow to configure location of the secret fileJakub Jirutka2015-02-081-0/+4
| |
* | Add note about centos for git-annex.Marin Jankovski2015-02-201-0/+1
| |
* | Add a comment about gitlab-shell.Marin Jankovski2015-02-201-0/+2
| |
* | Disable git-annex by defaultDmitriy Zaporozhets2015-02-161-1/+1
| |
* | Add config option to disable git-annexDmitriy Zaporozhets2015-02-161-0/+5
|/
* Merge pull request #172 from bbodenmiller/patch-1Dmitriy Zaporozhets2014-09-261-0/+1
|\ | | | | add note about other HTTPS setup details
| * add note about other HTTPS setup detailsBen Bodenmiller2014-08-231-0/+1
| |
* | Connect to Redis via sockets by defaultJacob Vosmaer2014-09-161-3/+3
| |
* | support using custom redis database, fixes #173Tao2014-09-131-0/+1
| |
View Lorry Controller Status