diff options
Diffstat (limited to 'config')
22 files changed, 407 insertions, 112 deletions
diff --git a/config/environments/development.rb b/config/environments/development.rb index 03af7f07864..d7d6aed1602 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -24,6 +24,11 @@ Gitlab::Application.configure do # Expands the lines which load the assets # config.assets.debug = true + + # Adds additional error checking when serving assets at runtime. + # Checks for improperly declared sprockets dependencies. + # Raises helpful error messages. + config.assets.raise_runtime_errors = true # For having correct urls in mails config.action_mailer.default_url_options = { host: 'localhost', port: 3000 } diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index c7b60a1d4b1..4f7f0b6ef19 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -4,7 +4,7 @@ # ########################### NOTE ##################################### # This file should not receive new settings. All configuration options # -# that do not require application restart are being moved to # +# that do not require an application restart are being moved to # # ApplicationSetting model! # # If you change this file in a Merge Request, please also create # # a MR on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests # @@ -96,10 +96,10 @@ production: &base ## Reply by email # Allow users to comment on issues and merge requests by replying to notification emails. - # For documentation on how to set this up, see http://doc.gitlab.com/ce/reply_by_email/README.md - reply_by_email: + # For documentation on how to set this up, see http://doc.gitlab.com/ce/incoming_email/README.html + incoming_email: enabled: false - address: "replies+%{reply_key}@gitlab.example.com" + address: "incoming+%{key}@gitlab.example.com" ## Gravatar ## For Libravatar see: http://doc.gitlab.com/ce/customization/libravatar.html @@ -110,7 +110,23 @@ production: &base # ssl_url: "https://..." # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon # - # 2. Auth settings + # 2. GitLab CI settings + # ========================== + + gitlab_ci: + # Default project notifications settings: + # + # Send emails only on broken builds (default: true) + # all_broken_builds: true + # + # Add pusher to recipients list (default: false) + # add_pusher: true + + # The location where build traces are stored (default: builds/). Relative paths are relative to Rails.root + # builds_path: builds/ + + # + # 3. Auth settings # ========================== ## LDAP settings @@ -180,6 +196,26 @@ production: &base # user_filter: '' + # LDAP attributes that GitLab will use to create an account for the LDAP user. + # The specified attribute can either be the attribute name as a string (e.g. 'mail'), + # or an array of attribute names to try in order (e.g. ['mail', 'email']). + # Note that the user's LDAP login will always be the attribute specified as `uid` above. + attributes: + # The username will be used in paths for the user's own projects + # (like `gitlab.example.com/username/project`) and when mentioning + # them in issues, merge request and comments (like `@username`). + # If the attribute specified for `username` contains an email address, + # the GitLab username will be the part of the email address before the '@'. + username: ['uid', 'userid', 'sAMAccountName'] + email: ['mail', 'email', 'userPrincipalName'] + + # If no full name could be found at the attribute specified for `name`, + # the full name is determined using the attributes specified for + # `first_name` and `last_name`. + name: 'cn' + first_name: 'givenName' + last_name: 'sn' + # GitLab EE only: add more LDAP servers # Choose an ID made of a-z and 0-9 . This ID will be stored in the database # so that GitLab can remember which LDAP server a user belongs to. @@ -216,28 +252,28 @@ production: &base # arguments, followed by optional 'args' which can be either a hash or an array. # Documentation for this is available at http://doc.gitlab.com/ce/integration/omniauth.html providers: - # - { name: 'google_oauth2', + # - { name: 'google_oauth2', # label: 'Google', - # app_id: 'YOUR_APP_ID', + # app_id: 'YOUR_APP_ID', # app_secret: 'YOUR_APP_SECRET', # args: { access_type: 'offline', approval_prompt: '' } } - # - { name: 'twitter', - # app_id: 'YOUR_APP_ID', + # - { name: 'twitter', + # app_id: 'YOUR_APP_ID', # app_secret: 'YOUR_APP_SECRET' } - # - { name: 'github', + # - { name: 'github', # label: 'GitHub', - # app_id: 'YOUR_APP_ID', + # app_id: 'YOUR_APP_ID', # app_secret: 'YOUR_APP_SECRET', # args: { scope: 'user:email' } } - # - { name: 'gitlab', + # - { name: 'gitlab', # label: 'GitLab.com', - # app_id: 'YOUR_APP_ID', + # app_id: 'YOUR_APP_ID', # app_secret: 'YOUR_APP_SECRET', # args: { scope: 'api' } } - # - { name: 'bitbucket', - # app_id: 'YOUR_APP_ID', + # - { name: 'bitbucket', + # app_id: 'YOUR_APP_ID', # app_secret: 'YOUR_APP_SECRET' } - # - { name: 'saml', + # - { name: 'saml', # label: 'Our SAML Provider', # args: { # assertion_consumer_service_url: 'https://gitlab.example.com/users/auth/saml/callback', @@ -246,12 +282,17 @@ production: &base # issuer: 'https://gitlab.example.com', # name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient' # } } + # - { name: 'crowd', + # args: { + # crowd_server_url: 'CROWD SERVER URL', + # application_name: 'YOUR_APP_NAME', + # application_password: 'YOUR_APP_PASSWORD' } } # - # 3. Advanced settings + # 4. Advanced settings # ========================== # GitLab Satellites @@ -265,6 +306,7 @@ production: &base path: "tmp/backups" # Relative paths are relative to Rails.root (default: tmp/backups/) # archive_permissions: 0640 # Permissions for the resulting backup.tar file (default: 0600) # keep_time: 604800 # default: 0 (forever) (in seconds) + # pg_schema: public # default: nil, it means that all schemas will be backed up # upload: # # Fog storage connection settings, see http://fog.io/storage/ . # connection: @@ -277,6 +319,8 @@ production: &base # # Use multipart uploads when file size reaches 100MB, see # # http://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html # multipart_chunk_size: 104857600 + # # Turns on AWS Server-Side Encryption with Amazon S3-Managed Keys for backups, this is optional + # # encryption: 'AES256' ## GitLab Shell settings gitlab_shell: @@ -310,7 +354,7 @@ production: &base timeout: 10 # - # 4. Extra customization + # 5. Extra customization # ========================== extra: @@ -380,7 +424,6 @@ test: user_filter: '' group_base: 'ou=groups,dc=example,dc=com' admin_group: '' - sync_ssh_keys: false staging: <<: *base diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index c47e5dab27c..4c78bd6e2fa 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -18,7 +18,19 @@ class Settings < Settingslogic host.start_with?('www.') ? host[4..-1] : host end - private + def build_gitlab_ci_url + if gitlab_on_standard_port? + custom_port = nil + else + custom_port = ":#{gitlab.port}" + end + [ gitlab.protocol, + "://", + gitlab.host, + custom_port, + gitlab.relative_url_root + ].join('') + end def build_gitlab_shell_ssh_path_prefix if gitlab_shell.ssh_port != 22 @@ -97,6 +109,7 @@ if Settings.ldap['enabled'] || Rails.env.test? server['block_auto_created_users'] = false if server['block_auto_created_users'].nil? server['allow_username_or_email_login'] = false if server['allow_username_or_email_login'].nil? server['active_directory'] = true if server['active_directory'].nil? + server['attributes'] = {} if server['attributes'].nil? server['provider_name'] ||= "ldap#{key}".downcase server['provider_class'] = OmniAuth::Utils.camelize(server['provider_name']) end @@ -158,13 +171,23 @@ Settings.gitlab.default_projects_features['snippets'] = false if Settings. Settings.gitlab.default_projects_features['visibility_level'] = Settings.send(:verify_constant, Gitlab::VisibilityLevel, Settings.gitlab.default_projects_features['visibility_level'], Gitlab::VisibilityLevel::PRIVATE) Settings.gitlab['repository_downloads_path'] = File.absolute_path(Settings.gitlab['repository_downloads_path'] || 'tmp/repositories', Rails.root) Settings.gitlab['restricted_signup_domains'] ||= [] -Settings.gitlab['import_sources'] ||= ['github','bitbucket','gitlab','gitorious','google_code','git'] +Settings.gitlab['import_sources'] ||= ['github','bitbucket','gitlab','gitorious','google_code','fogbugz','git'] + + +# +# CI +# +Settings['gitlab_ci'] ||= Settingslogic.new({}) +Settings.gitlab_ci['all_broken_builds'] = true if Settings.gitlab_ci['all_broken_builds'].nil? +Settings.gitlab_ci['add_pusher'] = false if Settings.gitlab_ci['add_pusher'].nil? +Settings.gitlab_ci['url'] ||= Settings.send(:build_gitlab_ci_url) +Settings.gitlab_ci['builds_path'] = File.expand_path(Settings.gitlab_ci['builds_path'] || "builds/", Rails.root) # # Reply by email # -Settings['reply_by_email'] ||= Settingslogic.new({}) -Settings.reply_by_email['enabled'] = false if Settings.reply_by_email['enabled'].nil? +Settings['incoming_email'] ||= Settingslogic.new({}) +Settings.incoming_email['enabled'] = false if Settings.incoming_email['enabled'].nil? # # Gravatar @@ -196,6 +219,7 @@ Settings.gitlab_shell['ssh_path_prefix'] ||= Settings.send(:build_gitlab_shell_s # Settings['backup'] ||= Settingslogic.new({}) Settings.backup['keep_time'] ||= 0 +Settings.backup['pg_schema'] = nil Settings.backup['path'] = File.expand_path(Settings.backup['path'] || "tmp/backups/", Rails.root) Settings.backup['archive_permissions'] ||= 0600 Settings.backup['upload'] ||= Settingslogic.new({ 'remote_directory' => nil, 'connection' => nil }) @@ -204,6 +228,7 @@ if Settings.backup['upload']['connection'] Settings.backup['upload']['connection'] = Hash[Settings.backup['upload']['connection'].map { |k, v| [k.to_sym, v] }] end Settings.backup['upload']['multipart_chunk_size'] ||= 104857600 +Settings.backup['upload']['encryption'] ||= nil # # Git diff --git a/config/initializers/3_grit_ext.rb b/config/initializers/3_grit_ext.rb deleted file mode 100644 index 6540ac839cb..00000000000 --- a/config/initializers/3_grit_ext.rb +++ /dev/null @@ -1,5 +0,0 @@ -require 'grit' - -Grit::Git.git_binary = Gitlab.config.git.bin_path -Grit::Git.git_timeout = Gitlab.config.git.timeout -Grit::Git.git_max_size = Gitlab.config.git.max_size diff --git a/config/initializers/4_ci_app.rb b/config/initializers/4_ci_app.rb new file mode 100644 index 00000000000..cac8edb32bf --- /dev/null +++ b/config/initializers/4_ci_app.rb @@ -0,0 +1,10 @@ +module GitlabCi + VERSION = Gitlab::VERSION + REVISION = Gitlab::REVISION + + REGISTRATION_TOKEN = SecureRandom.hex(10) + + def self.config + Settings + end +end diff --git a/config/initializers/connection_fix.rb b/config/initializers/connection_fix.rb new file mode 100644 index 00000000000..d831a1838ed --- /dev/null +++ b/config/initializers/connection_fix.rb @@ -0,0 +1,32 @@ +# from http://gist.github.com/238999 +# +# If your workers are inactive for a long period of time, they'll lose +# their MySQL connection. +# +# This hack ensures we re-connect whenever a connection is +# lost. Because, really. why not? +# +# Stick this in RAILS_ROOT/config/initializers/connection_fix.rb (or somewhere similar) +# +# From: +# http://coderrr.wordpress.com/2009/01/08/activerecord-threading-issues-and-resolutions/ + +if defined?(ActiveRecord::ConnectionAdapters::Mysql2Adapter) + module ActiveRecord::ConnectionAdapters + class Mysql2Adapter + alias_method :execute_without_retry, :execute + + def execute(*args) + execute_without_retry(*args) + rescue ActiveRecord::StatementInvalid => e + if e.message =~ /server has gone away/i + warn "Server timed out, retrying" + reconnect! + retry + else + raise e + end + end + end + end +end diff --git a/config/initializers/cookies_serializer.rb b/config/initializers/cookies_serializer.rb new file mode 100644 index 00000000000..43adac8b2c6 --- /dev/null +++ b/config/initializers/cookies_serializer.rb @@ -0,0 +1,3 @@ +# Be sure to restart your server when you modify this file. + +Gitlab::Application.config.action_dispatch.cookies_serializer = :hybrid diff --git a/config/initializers/8_default_url_options.rb b/config/initializers/default_url_options.rb index 8fd27b1d88e..f9f88f95db9 100644 --- a/config/initializers/8_default_url_options.rb +++ b/config/initializers/default_url_options.rb @@ -8,4 +8,4 @@ unless Gitlab.config.gitlab_on_standard_port? default_url_options[:port] = Gitlab.config.gitlab.port end -Rails.application.routes.default_url_options = default_url_options +Gitlab::Application.routes.default_url_options = default_url_options diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 091548348b1..29506970af2 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -148,6 +148,10 @@ Devise.setup do |config| # When someone else invites you to GitLab this time is also used so it should be pretty long. config.reset_password_within = 2.days + # When set to false, does not sign a user in automatically after their password is + # reset. Defaults to true, so a user is signed in automatically after a reset. + config.sign_in_after_reset_password = false + # ==> Configuration for :encryptable # Allow you to use another encryption algorithm besides bcrypt (default). You can use # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1, @@ -238,7 +242,7 @@ Devise.setup do |config| provider_arguments.concat provider['args'] when Hash # A Hash from the configuration will be passed as is. - provider_arguments << provider['args'] + provider_arguments << provider['args'].symbolize_keys end config.omniauth provider['name'].to_sym, *provider_arguments diff --git a/config/initializers/7_omniauth.rb b/config/initializers/omniauth.rb index 70ed10e8275..70ed10e8275 100644 --- a/config/initializers/7_omniauth.rb +++ b/config/initializers/omniauth.rb diff --git a/config/initializers/rack_attack.rb.example b/config/initializers/rack_attack.rb.example index b1bbcca1d61..2155ea14562 100644 --- a/config/initializers/rack_attack.rb.example +++ b/config/initializers/rack_attack.rb.example @@ -4,13 +4,13 @@ # If you change this file in a Merge Request, please also create a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests paths_to_be_protected = [ - "#{Rails.application.config.relative_url_root}/users/password", - "#{Rails.application.config.relative_url_root}/users/sign_in", - "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session.json", - "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session", - "#{Rails.application.config.relative_url_root}/users", - "#{Rails.application.config.relative_url_root}/users/confirmation", - "#{Rails.application.config.relative_url_root}/unsubscribes/" + "#{Gitlab::Application.config.relative_url_root}/users/password", + "#{Gitlab::Application.config.relative_url_root}/users/sign_in", + "#{Gitlab::Application.config.relative_url_root}/api/#{API::API.version}/session.json", + "#{Gitlab::Application.config.relative_url_root}/api/#{API::API.version}/session", + "#{Gitlab::Application.config.relative_url_root}/users", + "#{Gitlab::Application.config.relative_url_root}/users/confirmation", + "#{Gitlab::Application.config.relative_url_root}/unsubscribes/" ] diff --git a/config/initializers/6_rack_profiler.rb b/config/initializers/rack_profiler.rb index 1d958904e8f..7710eeac453 100644 --- a/config/initializers/6_rack_profiler.rb +++ b/config/initializers/rack_profiler.rb @@ -2,7 +2,7 @@ if Rails.env.development? require 'rack-mini-profiler' # initialization is skipped so trigger it - Rack::MiniProfilerRails.initialize!(Rails.application) + Rack::MiniProfilerRails.initialize!(Gitlab::Application) Rack::MiniProfiler.config.position = 'right' Rack::MiniProfiler.config.start_hidden = false diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb index 62a54bc8c63..1b518c3becf 100644 --- a/config/initializers/secret_token.rb +++ b/config/initializers/secret_token.rb @@ -24,3 +24,27 @@ end Gitlab::Application.config.secret_token = find_secure_token Gitlab::Application.config.secret_key_base = find_secure_token + +# CI +def generate_new_secure_token + SecureRandom.hex(64) +end + +if Gitlab::Application.secrets.db_key_base.blank? + warn "Missing `db_key_base` for '#{Rails.env}' environment. The secrets will be generated and stored in `config/secrets.yml`" + + all_secrets = YAML.load_file('config/secrets.yml') if File.exist?('config/secrets.yml') + all_secrets ||= {} + + # generate secrets + env_secrets = all_secrets[Rails.env.to_s] || {} + env_secrets['db_key_base'] ||= generate_new_secure_token + all_secrets[Rails.env.to_s] = env_secrets + + # save secrets + File.open('config/secrets.yml', 'w', 0600) do |file| + file.write(YAML.dump(all_secrets)) + end + + Gitlab::Application.secrets.db_key_base = env_secrets['db_key_base'] +end diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index 6d274cd95a1..04ed9e90df5 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -2,7 +2,12 @@ require 'gitlab/current_settings' include Gitlab::CurrentSettings -Settings.gitlab['session_expire_delay'] = current_application_settings.session_expire_delay + +# allow it to fail: it may to do so when create_from_defaults is executed before migrations are actually done +begin + Settings.gitlab['session_expire_delay'] = current_application_settings.session_expire_delay +rescue +end Gitlab::Application.config.session_store( :redis_store, # Using the cookie_store would enable session replay attacks. @@ -11,5 +16,5 @@ Gitlab::Application.config.session_store( secure: Gitlab.config.gitlab.https, httponly: true, expire_after: Settings.gitlab['session_expire_delay'] * 60, - path: (Rails.application.config.relative_url_root.nil?) ? '/' : Rails.application.config.relative_url_root + path: (Gitlab::Application.config.relative_url_root.nil?) ? '/' : Gitlab::Application.config.relative_url_root ) diff --git a/config/initializers/4_sidekiq.rb b/config/initializers/sidekiq.rb index e856499732e..e856499732e 100644 --- a/config/initializers/4_sidekiq.rb +++ b/config/initializers/sidekiq.rb diff --git a/config/initializers/static_files.rb b/config/initializers/static_files.rb index d9042c652bb..e6d5600edb7 100644 --- a/config/initializers/static_files.rb +++ b/config/initializers/static_files.rb @@ -1,4 +1,4 @@ -app = Rails.application +app = Gitlab::Application if app.config.serve_static_assets # The `ActionDispatch::Static` middleware intercepts requests for static files diff --git a/config/locales/devise.en.yml b/config/locales/devise.en.yml index f3db5b7476e..22070e37f07 100644 --- a/config/locales/devise.en.yml +++ b/config/locales/devise.en.yml @@ -1,60 +1,63 @@ -# Additional translations at http://github.com/plataformatec/devise/wiki/I18n +# Additional translations at https://github.com/plataformatec/devise/wiki/I18n en: + devise: + confirmations: + confirmed: "Your email address has been successfully confirmed." + send_instructions: "You will receive an email with instructions for how to confirm your email address in a few minutes." + send_paranoid_instructions: "If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes." + failure: + already_authenticated: "You are already signed in." + inactive: "Your account is not activated yet." + invalid: "Invalid %{authentication_keys} or password." + locked: "Your account is locked." + last_attempt: "You have one more attempt before your account is locked." + not_found_in_database: "Invalid %{authentication_keys} or password." + timeout: "Your session expired. Please sign in again to continue." + unauthenticated: "You need to sign in or sign up before continuing." + unconfirmed: "You have to confirm your email address before continuing." + mailer: + confirmation_instructions: + subject: "Confirmation instructions" + reset_password_instructions: + subject: "Reset password instructions" + unlock_instructions: + subject: "Unlock instructions" + password_change: + subject: "Password Changed" + omniauth_callbacks: + failure: "Could not authenticate you from %{kind} because \"%{reason}\"." + success: "Successfully authenticated from %{kind} account." + passwords: + no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided." + recently_reset: "Instructions about how to reset your password have already been sent recently. Please wait a few minutes to try again." + send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes." + send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes." + updated: "Your password has been changed successfully. You are now signed in." + updated_not_active: "Your password has been changed successfully." + registrations: + destroyed: "Bye! Your account has been successfully cancelled. We hope to see you again soon." + signed_up: "Welcome! You have signed up successfully." + signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated." + signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked." + signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account." + update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirm link to confirm your new email address." + updated: "Your account has been updated successfully." + sessions: + signed_in: "Signed in successfully." + signed_out: "Signed out successfully." + already_signed_out: "Signed out successfully." + unlocks: + send_instructions: "You will receive an email with instructions for how to unlock your account in a few minutes." + send_paranoid_instructions: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes." + unlocked: "Your account has been unlocked successfully. Please sign in to continue." errors: messages: + already_confirmed: "was already confirmed, please try signing in" + confirmation_period_expired: "needs to be confirmed within %{period}, please request a new one" expired: "has expired, please request a new one" not_found: "not found" - already_confirmed: "was already confirmed, please try signing in" not_locked: "was not locked" not_saved: one: "1 error prohibited this %{resource} from being saved:" other: "%{count} errors prohibited this %{resource} from being saved:" - - devise: - failure: - already_authenticated: 'You are already signed in.' - unauthenticated: 'You need to sign in before continuing.' - unconfirmed: 'You have to confirm your account before continuing.' - locked: 'Your account is locked.' - not_found_in_database: 'Invalid email or password.' - invalid: 'Invalid email or password.' - invalid_token: 'Invalid authentication token.' - timeout: 'Your session expired, please sign in again to continue.' - inactive: 'Your account was not activated yet.' - sessions: - signed_in: '' - signed_out: '' - users_sessions: - user: - signed_in: 'Signed in successfully.' - passwords: - send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.' - updated: 'Your password was changed successfully. You are now signed in.' - updated_not_active: 'Your password was changed successfully.' - send_paranoid_instructions: "If your e-mail exists on our database, you will receive a password recovery link on your e-mail" - confirmations: - send_instructions: 'You will receive an email with instructions about how to confirm your account in a few minutes.' - send_paranoid_instructions: 'If your e-mail exists on our database, you will receive an email with instructions about how to confirm your account in a few minutes.' - confirmed: 'Your account was successfully confirmed. You are now signed in.' - registrations: - signed_up: 'Welcome! You have signed up successfully.' - updated: 'You updated your account successfully.' - destroyed: 'Bye! Your account was successfully cancelled. We hope to see you again soon.' - signed_up_but_unconfirmed: 'A message with a confirmation link has been sent to your email address. Please open the link to activate your account.' - signed_up_but_inactive: 'You have signed up successfully. However, we could not sign you in because your account is not yet activated.' - signed_up_but_locked: 'You have signed up successfully. However, we could not sign you in because your account is locked.' - unlocks: - send_instructions: 'You will receive an email with instructions about how to unlock your account in a few minutes.' - unlocked: 'Your account was successfully unlocked. You are now signed in.' - send_paranoid_instructions: 'If your account exists, you will receive an email with instructions about how to unlock it in a few minutes.' - omniauth_callbacks: - success: 'Successfully authorized from %{kind} account.' - failure: 'Could not authorize you from %{kind} because "%{reason}".' - mailer: - confirmation_instructions: - subject: 'Confirmation instructions' - reset_password_instructions: - subject: 'Reset password instructions' - unlock_instructions: - subject: 'Unlock Instructions'
\ No newline at end of file diff --git a/config/mail_room.yml.example b/config/mail_room.yml.example index dd8edfc42eb..82e1a42058e 100644 --- a/config/mail_room.yml.example +++ b/config/mail_room.yml.example @@ -6,6 +6,8 @@ # :port: 993 # # Whether the IMAP server uses SSL # :ssl: true + # # Whether the IMAP server uses StartTLS + # :start_tls: false # # Email account username. Usually the full email address. # :email: "replies@gitlab.example.com" # # Email account password diff --git a/config/routes.rb b/config/routes.rb index 920ece518ea..ccce40589e7 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -2,6 +2,80 @@ require 'sidekiq/web' require 'api/api' Gitlab::Application.routes.draw do + namespace :ci do + # CI API + Ci::API::API.logger Rails.logger + mount Ci::API::API => '/api' + + resource :lint, only: [:show, :create] + + resources :projects do + collection do + post :add + get :disabled + end + + member do + get :status, to: 'projects#badge' + get :integration + post :toggle_shared_runners + get :dumped_yaml + end + + resources :services, only: [:index, :edit, :update] do + member do + get :test + end + end + + resources :commits, only: [] do + member do + get :status + get :cancel + end + end + + resources :builds, only: [] do + member do + get :cancel + get :status + post :retry + end + end + + resources :runner_projects, only: [:create, :destroy] + + resources :events, only: [:index] + end + + resource :user_sessions do + get :auth + get :callback + end + + namespace :admin do + resources :runners, only: [:index, :show, :update, :destroy] do + member do + put :assign_all + get :resume + get :pause + end + end + + resources :events, only: [:index] + + resources :projects do + resources :runner_projects + end + + resources :builds, only: :index + + resource :application_settings, only: [:show, :update] + end + + root to: 'projects#index' + end + use_doorkeeper do controllers applications: 'oauth/applications', authorized_applications: 'oauth/authorized_applications', @@ -30,7 +104,7 @@ Gitlab::Application.routes.draw do end # Enable Grack support - mount Grack::Auth.new({}), at: '/', constraints: lambda { |request| /[-\/\w\.]+\.git\//.match(request.path_info) }, via: [:get, :post] + mount Grack::AuthSpawner, at: '/', constraints: lambda { |request| /[-\/\w\.]+\.git\//.match(request.path_info) }, via: [:get, :post] # Help get 'help' => 'help#index' @@ -99,6 +173,15 @@ Gitlab::Application.routes.draw do get :new_user_map, path: :user_map post :create_user_map, path: :user_map end + + resource :fogbugz, only: [:create, :new], controller: :fogbugz do + get :status + post :callback + get :jobs + + get :new_user_map, path: :user_map + post :create_user_map, path: :user_map + end end # @@ -134,6 +217,7 @@ Gitlab::Application.routes.draw do end resources :groups, only: [:index] + resources :snippets, only: [:index] root to: 'projects#trending' end @@ -158,6 +242,7 @@ Gitlab::Application.routes.draw do put :unblock put :unlock put :confirm + post :login_as patch :disable_two_factor delete 'remove/:email_id', action: 'remove_email', as: 'remove_email' end @@ -201,6 +286,8 @@ Gitlab::Application.routes.draw do resources :services end + resources :labels + root to: 'dashboard#index' end @@ -252,24 +339,25 @@ Gitlab::Application.routes.draw do # # Dashboard Area # - resource :dashboard, controller: 'dashboard', only: [:show] do - member do - get :issues - get :merge_requests - get :activity - end + resource :dashboard, controller: 'dashboard', only: [] do + get :issues + get :merge_requests + get :activity scope module: :dashboard do resources :milestones, only: [:index, :show] resources :groups, only: [:index] + resources :snippets, only: [:index] - resources :projects, only: [] do + resources :projects, only: [:index] do collection do get :starred end end end + + root to: "dashboard/projects#index" end # @@ -293,7 +381,7 @@ Gitlab::Application.routes.draw do end end - resources :projects, constraints: { id: /[^\/]+/ }, only: [:new, :create] + resources :projects, constraints: { id: /[^\/]+/ }, only: [:index, :new, :create] devise_for :users, controllers: { omniauth_callbacks: :omniauth_callbacks, registrations: :registrations , passwords: :passwords, sessions: :sessions, confirmations: :confirmations } @@ -301,7 +389,7 @@ Gitlab::Application.routes.draw do get '/users/auth/:provider/omniauth_error' => 'omniauth_callbacks#omniauth_error', as: :omniauth_error end - root to: "root#show" + root to: "root#index" # # Project Area @@ -345,6 +433,16 @@ Gitlab::Application.routes.draw do to: 'blob#destroy', constraints: { id: /.+/, format: false } ) + put( + '/blob/*id', + to: 'blob#update', + constraints: { id: /.+/, format: false } + ) + post( + '/blob/*id', + to: 'blob#create', + constraints: { id: /.+/, format: false } + ) end scope do @@ -385,7 +483,10 @@ Gitlab::Application.routes.draw do resource :avatar, only: [:show, :destroy] resources :commit, only: [:show], constraints: { id: /[[:alnum:]]{6,40}/ } do - get :branches, on: :member + member do + get :branches + get :ci + end end resources :compare, only: [:index, :create] @@ -394,6 +495,7 @@ Gitlab::Application.routes.draw do resources :graphs, only: [:show], constraints: { id: /(?:[^.]|\.(?!json$))+/, format: /json/ } do member do get :commits + get :ci end end @@ -406,16 +508,20 @@ Gitlab::Application.routes.draw do end end - resources :wikis, only: [:show, :edit, :destroy, :create], constraints: { id: /[a-zA-Z.0-9_\-\/]+/ } do - collection do - get :pages - put ':id' => 'wikis#update' - get :git_access - end + WIKI_SLUG_ID = { id: /[a-zA-Z.0-9_\-\/]+/ } unless defined? WIKI_SLUG_ID - member do - get 'history' - end + scope do + # Order matters to give priority to these matches + get '/wikis/git_access', to: 'wikis#git_access' + get '/wikis/pages', to: 'wikis#pages', as: 'wiki_pages' + post '/wikis', to: 'wikis#create' + + get '/wikis/*id/history', to: 'wikis#history', as: 'wiki_history', constraints: WIKI_SLUG_ID + get '/wikis/*id/edit', to: 'wikis#edit', as: 'wiki_edit', constraints: WIKI_SLUG_ID + + get '/wikis/*id', to: 'wikis#show', as: 'wiki', constraints: WIKI_SLUG_ID + delete '/wikis/*id', to: 'wikis#destroy', constraints: WIKI_SLUG_ID + put '/wikis/*id', to: 'wikis#update', constraints: WIKI_SLUG_ID end resource :repository, only: [:show, :create] do @@ -475,6 +581,16 @@ Gitlab::Application.routes.draw do resources :branches, only: [:index, :new, :create, :destroy], constraints: { id: Gitlab::Regex.git_reference_regex } resources :tags, only: [:index, :new, :create, :destroy], constraints: { id: Gitlab::Regex.git_reference_regex } resources :protected_branches, only: [:index, :create, :update, :destroy], constraints: { id: Gitlab::Regex.git_reference_regex } + resource :variables, only: [:show, :update] + resources :triggers, only: [:index, :create, :destroy] + resource :ci_settings, only: [:edit, :update, :destroy] + resources :ci_web_hooks, only: [:index, :create, :destroy] do + member do + get :test + end + end + + resources :builds, only: [:show] resources :hooks, only: [:index, :create, :destroy], constraints: { id: /\d+/ } do member do @@ -530,8 +646,14 @@ Gitlab::Application.routes.draw do get ":secret/:filename", action: :show, as: :show, constraints: { filename: /[^\/]+/ } end end - end + resources :runners, only: [:index, :edit, :update, :destroy, :show] do + member do + get :resume + get :pause + end + end + end end end diff --git a/config/schedule.rb b/config/schedule.rb new file mode 100644 index 00000000000..8122f7cc69c --- /dev/null +++ b/config/schedule.rb @@ -0,0 +1,8 @@ +# Use this file to easily define all of your cron jobs. +# +# If you make changes to this file, please create also an issue on +# https://gitlab.com/gitlab-org/omnibus-gitlab/issues . This is necessary +# because the omnibus packages manage cron jobs using Chef instead of Whenever. +every 1.hour do + rake "ci:schedule_builds" +end diff --git a/config/secrets.yml.example b/config/secrets.yml.example new file mode 100644 index 00000000000..6b408ac6031 --- /dev/null +++ b/config/secrets.yml.example @@ -0,0 +1,12 @@ +production: + # db_key_base is used to encrypt for Variables. Ensure that you don't lose it. + # If you change or lose this key you will be unable to access variables stored in database. + # Make sure the secret is at least 30 characters and all random, + # no regular words or you'll be exposed to dictionary attacks. + # db_key_base: + +development: + db_key_base: development + +test: + db_key_base: test diff --git a/config/sidekiq.yml.example b/config/sidekiq.yml.example new file mode 100644 index 00000000000..c691db67c6c --- /dev/null +++ b/config/sidekiq.yml.example @@ -0,0 +1,2 @@ +-- +:concurrency: 5
\ No newline at end of file |