8 files changed, 32 insertions, 25 deletions
diff --git a/config/application.rb b/config/application.rb
index fa399533e52..7e899cc3b5b 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -31,7 +31,7 @@ module Gitlab
     config.encoding = "utf-8"
 
     # Configure sensitive parameters which will be filtered from the log file.
-    config.filter_parameters.push(:password, :password_confirmation, :private_token)
+    config.filter_parameters.push(:password, :password_confirmation, :private_token, :otp_attempt)
 
     # Enable escaping HTML in JSON.
     config.active_support.escape_html_entities_in_json = true
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index ba40671b162..bd2081688d1 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -12,6 +12,9 @@
 # 2. Update gitlab -> host with your fully qualified domain name
 # 3. Update gitlab -> email_from
 # 4. If you installed Git from source, change git -> bin_path to /usr/local/bin/git
+#    IMPORTANT: If Git was installed in a different location use that instead.
+#    You can check with `which git`. If a wrong path of Git is specified, it will
+#     result in various issues such as failures of GitLab CI builds.
 # 5. Review this configuration file for other settings you may want to adjust
 
 production: &base
@@ -76,7 +79,6 @@ production: &base
       merge_requests: true
       wiki: true
       snippets: false
-      visibility_level: "private"  # can be "private" | "internal" | "public"
 
     ## Webhook settings
     # Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10)
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 0abd34fc3e0..e5ac66a2323 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -132,6 +132,7 @@ Settings.gitlab.default_projects_features['wiki']           = true if Settings.g
 Settings.gitlab.default_projects_features['snippets']       = false if Settings.gitlab.default_projects_features['snippets'].nil?
 Settings.gitlab.default_projects_features['visibility_level']    = Settings.send(:verify_constant, Gitlab::VisibilityLevel, Settings.gitlab.default_projects_features['visibility_level'], Gitlab::VisibilityLevel::PRIVATE)
 Settings.gitlab['repository_downloads_path'] = File.absolute_path(Settings.gitlab['repository_downloads_path'] || 'tmp/repositories', Rails.root)
+Settings.gitlab['restricted_signup_domains'] ||= []
 
 #
 # Gravatar
diff --git a/config/initializers/6_rack_profiler.rb b/config/initializers/6_rack_profiler.rb
index bdad6202b11..38a5fa98dc2 100644
--- a/config/initializers/6_rack_profiler.rb
+++ b/config/initializers/6_rack_profiler.rb
@@ -5,4 +5,5 @@ if Rails.env.development?
   Rack::MiniProfilerRails.initialize!(Rails.application)
   Rack::MiniProfiler.config.position = 'right'
   Rack::MiniProfiler.config.start_hidden = true
+  Rack::MiniProfiler.config.skip_paths << '/specs'
 end
diff --git a/config/initializers/8_default_url_options.rb b/config/initializers/8_default_url_options.rb
index 8c1b56846d2..8fd27b1d88e 100644
--- a/config/initializers/8_default_url_options.rb
+++ b/config/initializers/8_default_url_options.rb
@@ -1,13 +1,11 @@
-unless Rails.env.test?
-  default_url_options = {
-    host:        Gitlab.config.gitlab.host,
-    protocol:    Gitlab.config.gitlab.protocol,
-    script_name: Gitlab.config.gitlab.relative_url_root
-  }
+default_url_options = {
+  host:        Gitlab.config.gitlab.host,
+  protocol:    Gitlab.config.gitlab.protocol,
+  script_name: Gitlab.config.gitlab.relative_url_root
+}
 
-  unless Gitlab.config.gitlab_on_standard_port?
-    default_url_options[:port] = Gitlab.config.gitlab.port
-  end
-
-  Rails.application.routes.default_url_options = default_url_options
+unless Gitlab.config.gitlab_on_standard_port?
+  default_url_options[:port] = Gitlab.config.gitlab.port
 end
+
+Rails.application.routes.default_url_options = default_url_options
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 9dce495106f..091548348b1 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -1,14 +1,14 @@
 # Use this hook to configure devise mailer, warden hooks and so forth. The first
 # four configuration values can also be set straight in your models.
 Devise.setup do |config|
-  # ==> Mailer Configuration
-  # Configure the e-mail address which will be shown in Devise::Mailer,
-  # note that it will be overwritten if you use your own mailer class with default "from" parameter.
-  config.mailer_sender = "GitLab <#{Gitlab.config.gitlab.email_from}>"
-
+  config.warden do |manager|
+    manager.default_strategies(scope: :user).unshift :two_factor_authenticatable
+    manager.default_strategies(scope: :user).unshift :two_factor_backupable
+  end
 
+  # ==> Mailer Configuration
   # Configure the class responsible to send e-mails.
-  # config.mailer = "Devise::Mailer"
+  config.mailer = "DeviseMailer"
 
   # ==> ORM configuration
   # Load and configure the ORM. Supports :active_record (default) and
diff --git a/config/locales/doorkeeper.en.yml b/config/locales/doorkeeper.en.yml
index c5b6b75e7f6..a4032a21420 100644
--- a/config/locales/doorkeeper.en.yml
+++ b/config/locales/doorkeeper.en.yml
@@ -31,7 +31,7 @@ en:
       messages:
         # Common error messages
         invalid_request: 'The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed.'
-        invalid_redirect_uri: 'The redirect uri included is not valid.'
+        invalid_redirect_uri: 'The redirect URI included is not valid.'
         unauthorized_client: 'The client is not authorized to perform this request using this method.'
         access_denied: 'The resource owner or authorization server denied the request.'
         invalid_scope: 'The requested scope is invalid, unknown, or malformed.'
@@ -63,11 +63,11 @@ en:
     flash:
       applications:
         create:
-          notice: 'Application created.'
+          notice: 'The application was created successfully.'
         destroy:
-          notice: 'Application deleted.'
+          notice: 'The application was deleted successfully.'
         update:
-          notice: 'Application updated.'
+          notice: 'The application was updated successfully.'
       authorized_applications:
         destroy:
-          notice: 'Application revoked.'
+          notice: 'The application was revoked access.'
diff --git a/config/routes.rb b/config/routes.rb
index e059f5830f5..bf2cb6421c5 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -226,6 +226,11 @@ Gitlab::Application.routes.draw do
       resources :keys
       resources :emails, only: [:index, :create, :destroy]
       resource :avatar, only: [:destroy]
+      resource :two_factor_auth, only: [:new, :create, :destroy] do
+        member do
+          post :codes
+        end
+      end
     end
   end
 
@@ -435,7 +440,7 @@ Gitlab::Application.routes.draw do
           member do
             # tree viewer logs
             get 'logs_tree', constraints: { id: Gitlab::Regex.git_reference_regex }
-            get 'logs_tree/:path' => 'refs#logs_tree', as: :logs_file, constraints: {
+            get 'logs_tree/*path' => 'refs#logs_tree', as: :logs_file, constraints: {
               id: Gitlab::Regex.git_reference_regex,
               path: /.*/
             }