diff --git a/Changelog.md b/Changelog.md index 01913200..07c4f093 100644 --- a/Changelog.md +++ b/Changelog.md @@ -1,5 +1,12 @@ # Changelog +**latest** +- gitlab-shell: upgrade to v.2.6.2 +- gitlab: upgrade to CE v.7.10.0 +- init: removed ENV variables to configure *External Issue Tracker* integration +- init: added `GITLAB_EMAIL_REPLY_TO` configuration option +- init: added `LDAP_BLOCK_AUTO_CREATED_USERS` configuration option + **7.9.4** - gitlab: upgrade to CE v.7.9.4 diff --git a/README.md b/README.md index 487bc9be..df08d926 100644 --- a/README.md +++ b/README.md @@ -42,9 +42,6 @@ - [Twitter](#twitter) - [GitHub](#github) - [External Issue Trackers](#external-issue-trackers) - - [Redmine](#redmine) - - [Jira](#jira) - - [Mantis](#mantis) - [Mapping host user and group](#mapping-host-user-and-group) - [Piwik](#piwik) - [Available Configuration Parameters](#available-configuration-parameters) @@ -660,29 +657,11 @@ For example, if your Client ID is `xxx` and the Client secret is `yyy`, then add ### External Issue Trackers -GitLab can be configured to use third party issue trackers such as Redmine and Atlassian Jira. Use of third party issue trackers have to be configured on a per project basis from the project settings page. This means that the GitLab's issue tracker is always the default tracker unless specified otherwise. +Since version `7.10.0` support for external issue trackers can be enabled in the "Service Templates" section of the settings panel. -#### Redmine +If you are using the [docker-redmine](https://github.com/sameersbn/docker-redmine) image, you can *one up* the gitlab integration with redmine by adding `--volumes-from=gitlab` flag to the docker run command while starting the redmine container. -Support for issue tracking using Redmine can be added by specifying the complete URL of the Redmine web server in the `REDMINE_URL` configuration option. - -For example, if your Redmine server is accessible at `https://redmine.example.com`, then adding `-e 'REDMINE_URL=https://redmine.example.com'` to the docker run command enables Redmine support in GitLab - -If you are using the [docker-redmine](https://github.com/sameersbn/docker-redmine) image, then you can *one up* the gitlab integration with redmine by adding `--volumes-from=gitlab` flag to the docker run command while starting the redmine container. - -By using the above option the `/home/git/data/repositories` directory will be accessible by the redmine container and now you can add your git repository path to your redmine project. If, for example, in your gitlab server you have a project named `opensource/gitlab`, the bare repository will be accessible at `/home/git/data/repositories/opensource/gitlab.git`. - -#### Jira - -Support for issue tracking using Jira can be added by specifying the complete URL of the Jira web server in the `JIRA_URL` configuration option. - -For example, if your Jira server is accessible at `https://jira.example.com`, then adding `-e 'JIRA_URL=https://jira.example.com'` to the docker run command enables Jira support in GitLab - -#### Mantis - -Support for issue tracking using [mantis](https://www.mantisbt.org/) can be added by specifying the complete URL of the mantis web server in the `MANTIS_URL` configuration option. - -For example, if your mantis server is accessible at `https://mantis.example.com`, then adding `-e 'MANTIS_URL=https://mantis.example.com'` to the docker run command enables mantis support in GitLab. +By using the above option the `/home/git/data/repositories` directory will be accessible by the redmine container and now you can add your git repository path to your redmine project. If, for example, in your gitlab server you have a project named `opensource/gitlab`, the bare repository will be accessible at `/home/git/data/repositories/opensource/gitlab.git` in the redmine container. ### Host UID / GID Mapping @@ -723,6 +702,7 @@ Below is the complete list of available options that can be used to customize yo - **GITLAB_ROOT_PASSWORD**: The password for the root user. Defaults to `5iveL!fe`. - **GITLAB_EMAIL**: The email address for the GitLab server. Defaults to `example@example.com`. - **GITLAB_EMAIL_DISPLAY_NAME**: The name displayed in emails sent out by the GitLab mailer. Defaults to `GitLab`. +- **GITLAB_EMAIL_REPLY_TO**: The reply to address of emails sent out by GitLab. Defaults to the `noreply@example.com`. - **GITLAB_EMAIL_ENABLED**: Enable or disable gitlab mailer. Defaults to the `SMTP_ENABLED` configuration. - **GITLAB_USERNAME_CHANGE**: Enable or disable ability for users to change their username. Defaults is `true`. - **GITLAB_CREATE_GROUP**: Enable or disable ability for users to create groups. Defaults is `true`. @@ -783,6 +763,7 @@ Below is the complete list of available options that can be used to customize yo - **LDAP_PASS**: LDAP password - **LDAP_ACTIVE_DIRECTORY**: Specifies if LDAP server is Active Directory LDAP server. If your LDAP server is not AD, set this to `false`. Defaults to `true`, - **LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN**: If enabled, GitLab will ignore everything after the first '@' in the LDAP username submitted by the user on login. Defaults to `false` if `LDAP_UID` is `userPrincipalName`, else `true`. +- **LDAP_BLOCK_AUTO_CREATED_USERS**: Locks down those users until they have been cleared by the admin. Defaults to `false`. - **LDAP_BASE**: Base where we can search for users. No default. - **LDAP_USER_FILTER**: Filter LDAP users. No default. - **OAUTH_ALLOW_SSO**: This allows users to login without having a user account first. User accounts will be created automatically when authentication was successful. Defaults to `false`. @@ -798,8 +779,6 @@ Below is the complete list of available options that can be used to customize yo - **OAUTH_GITLAB_APP_SECRET**: GitLab App Client secret. No defaults. - **OAUTH_BITBUCKET_API_KEY**: BitBucket App Client ID. No defaults. - **OAUTH_BITBUCKET_APP_SECRET**: BitBucket App Client secret. No defaults. -- **REDMINE_URL**: Location of the redmine server, e.g. `-e 'REDMINE_URL=https://redmine.example.com'`. No defaults. -- **JIRA_URL**: Location of the jira server, e.g. `-e 'JIRA_URL=https://jira.example.com'`. No defaults. - **GITLAB_GRAVATAR_ENABLED**: Enables gravatar integration. Defaults to `true`. - **GITLAB_GRAVATAR_HTTP_URL**: Sets a custom gravatar url. Defaults to `http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon`. This can be used for [Libravatar integration](http://doc.gitlab.com/ce/customization/libravatar.html). - **GITLAB_GRAVATAR_HTTPS_URL**: Same as above, but for https. Defaults to `https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon`. diff --git a/VERSION b/VERSION index c638b289..758bb9c8 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -7.9.4 +7.10.0 diff --git a/assets/config/gitlabhq/gitlab.yml b/assets/config/gitlabhq/gitlab.yml index 16c432aa..77ae65e6 100644 --- a/assets/config/gitlabhq/gitlab.yml +++ b/assets/config/gitlabhq/gitlab.yml @@ -2,6 +2,11 @@ # GitLab application config file # # # # # # # # # # # # # # # # # # # # +########################### NOTE ##################################### +# This file should not receive new settings. All configuration options # +# are being moved to ApplicationSetting model! # +######################################################################## +# # How to use: # 1. Copy file as gitlab.yml # 2. Update gitlab -> host with your fully qualified domain name @@ -44,10 +49,11 @@ production: &base # Email address used in the "From" field in mails sent by GitLab email_from: "{{GITLAB_EMAIL}}" email_display_name: "{{GITLAB_EMAIL_DISPLAY_NAME}}" + email_reply_to: "{{GITLAB_EMAIL_REPLY_TO}}" # Email server smtp settings are in config/initializers/smtp_settings.rb.sample - default_can_create_group: {{GITLAB_CREATE_GROUP}} # default: true - User can create groups + default_can_create_group: {{GITLAB_CREATE_GROUP}} # default: true username_changing_enabled: {{GITLAB_USERNAME_CHANGE}} # default: true - User can change her username/namespace ## Default theme ## BASIC = 1 @@ -61,8 +67,8 @@ production: &base # If a commit message matches this regular expression, all issues referenced from the matched text will be closed. # This happens when the commit is pushed or merged into the default branch of a project. # When not specified the default issue_closing_pattern as specified below will be used. - # Tip: you can test your closing pattern at http://rubular.com - # issue_closing_pattern: '((?:[Cc]los(?:e[sd]|ing)|[Ff]ix(?:e[sd]|ing)?) +(?:(?:issues? +)?#\d+(?:(?:, *| +and +)?))+)' + # Tip: you can test your closing pattern at http://rubular.com. + # issue_closing_pattern: '((?:[Cc]los(?:e[sd]?|ing)|[Ff]ix(?:e[sd]|ing)?) +(?:(?:issues? +)?#\d+(?:(?:, *| +and +)?))+)' ## Default project features settings default_projects_features: @@ -81,41 +87,6 @@ production: &base # The default is 'tmp/repositories' relative to the root of the Rails app. # repository_downloads_path: tmp/repositories - ## External issues trackers - issues_tracker: - redmine: - title: "Redmine" - # ## If not nil, link 'Issues' on project page will be replaced with this - # ## Use placeholders: - # ## :project_id - GitLab project identifier - # ## :issues_tracker_id - Project Name or Id in external issue tracker - project_url: "{{REDMINE_URL}}/projects/:issues_tracker_id" - # - # ## If not nil, links from /#\d/ entities from commit messages will replaced with this - # ## Use placeholders: - # ## :project_id - GitLab project identifier - # ## :issues_tracker_id - Project Name or Id in external issue tracker - # ## :id - Issue id (from commit messages) - issues_url: "{{REDMINE_URL}}/issues/:id" - # - # ## If not nil, links to creating new issues will be replaced with this - # ## Use placeholders: - # ## :project_id - GitLab project identifier - # ## :issues_tracker_id - Project Name or Id in external issue tracker - new_issue_url: "{{REDMINE_URL}}/projects/:issues_tracker_id/issues/new" - # - jira: - title: "Atlassian Jira" - project_url: "{{JIRA_URL}}/issues/?jql=project=:issues_tracker_id" - issues_url: "{{JIRA_URL}}/browse/:id" - new_issue_url: "{{JIRA_URL}}/secure/CreateIssue.jspa" - - mantis: - title: "Mantis" - project_url: "{{MANTIS_URL}}/set_project.php?project_id=:issues_tracker_id&ref=view_all_bug_page.php" - issues_url: "{{MANTIS_URL}}/view.php?id=:id" - new_issue_url: "{{MANTIS_URL}}/set_project.php?project_id=:issues_tracker_id&ref=bug_report_page.php" - ## Gravatar ## For Libravatar see: http://doc.gitlab.com/ce/customization/libravatar.html gravatar: @@ -175,6 +146,11 @@ production: &base # disable this setting, because the userPrincipalName contains an '@'. allow_username_or_email_login: {{LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN}} + # To maintain tight control over the number of active users on your GitLab installation, + # enable this setting to keep new users blocked until they have been cleared by the admin + # (default: false). + block_auto_created_users: {{LDAP_BLOCK_AUTO_CREATED_USERS}} + # Base where we can search for users # # Ex. ou=People,dc=gitlab,dc=example @@ -300,6 +276,9 @@ production: &base rack_attack: git_basic_auth: + # Rack Attack IP banning enabled + # enabled: true + # # Whitelist requests from 127.0.0.1 for web proxies (NGINX/Apache) with incorrect headers # ip_whitelist: ["127.0.0.1"] # diff --git a/assets/init b/assets/init index 8427e63f..329bd135 100755 --- a/assets/init +++ b/assets/init @@ -20,6 +20,7 @@ GITLAB_SSH_PORT=${GITLAB_SSH_PORT:-22} GITLAB_HTTPS=${GITLAB_HTTPS:-false} GITLAB_EMAIL=${GITLAB_EMAIL:-example@example.com} GITLAB_EMAIL_DISPLAY_NAME=${GITLAB_EMAIL_DISPLAY_NAME:-GitLab} +GITLAB_EMAIL_REPLY_TO=${GITLAB_EMAIL_REPLY_TO:-noreply@example.com} GITLAB_TIMEZONE=${GITLAB_TIMEZONE:-UTC} GITLAB_USERNAME_CHANGE=${GITLAB_USERNAME_CHANGE:-true} GITLAB_CREATE_GROUP=${GITLAB_CREATE_GROUP:-true} @@ -92,16 +93,13 @@ LDAP_BIND_DN=${LDAP_BIND_DN:-} LDAP_PASS=${LDAP_PASS:-} LDAP_ACTIVE_DIRECTORY=${LDAP_ACTIVE_DIRECTORY:-true} LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN=${LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN:-} +LDAP_BLOCK_AUTO_CREATED_USERS=${LDAP_BLOCK_AUTO_CREATED_USERS:-false} LDAP_BASE=${LDAP_BASE:-} LDAP_USER_FILTER=${LDAP_USER_FILTER:-} GITLAB_HTTPS_HSTS_ENABLED=${GITLAB_HTTPS_HSTS_ENABLED:-true} GITLAB_HTTPS_HSTS_MAXAGE=${GITLAB_HTTPS_HSTS_MAXAGE:-31536000} -REDMINE_URL=${REDMINE_URL:-} -JIRA_URL=${JIRA_URL:-} -MANTIS_URL=${MANTIS_URL:-} - GITLAB_GRAVATAR_ENABLED=${GITLAB_GRAVATAR_ENABLED:-true} GITLAB_GRAVATAR_HTTP_URL=${GITLAB_GRAVATAR_HTTP_URL:-} GITLAB_GRAVATAR_HTTPS_URL=${GITLAB_GRAVATAR_HTTPS_URL:-} @@ -390,6 +388,7 @@ sudo -u git -H sed 's/{{GITLAB_PORT}}/'"${GITLAB_PORT}"'/' -i config/gitlab.yml sudo -u git -H sed 's/{{GITLAB_HTTPS}}/'"${GITLAB_HTTPS}"'/' -i config/gitlab.yml sudo -u git -H sed 's/{{GITLAB_EMAIL}}/'"${GITLAB_EMAIL}"'/' -i config/gitlab.yml sudo -u git -H sed 's/{{GITLAB_EMAIL_DISPLAY_NAME}}/'"${GITLAB_EMAIL_DISPLAY_NAME}"'/' -i config/gitlab.yml +sudo -u git -H sed 's/{{GITLAB_EMAIL_REPLY_TO}}/'"${GITLAB_EMAIL_REPLY_TO}"'/' -i config/gitlab.yml sudo -u git -H sed 's/{{GITLAB_BACKUP_EXPIRY}}/'"${GITLAB_BACKUP_EXPIRY}"'/' -i config/gitlab.yml sudo -u git -H sed 's/{{GITLAB_MAX_SIZE}}/'"${GITLAB_MAX_SIZE}"'/' -i config/gitlab.yml sudo -u git -H sed 's/{{GITLAB_SSH_HOST}}/'"${GITLAB_SSH_HOST}"'/' -i config/gitlab.yml @@ -501,45 +500,10 @@ sudo -u git -H sed 's/{{LDAP_BIND_DN}}/'"${LDAP_BIND_DN}"'/' -i config/gitlab.ym sudo -u git -H sed 's/{{LDAP_PASS}}/'"${LDAP_PASS}"'/' -i config/gitlab.yml sudo -u git -H sed 's/{{LDAP_ACTIVE_DIRECTORY}}/'"${LDAP_ACTIVE_DIRECTORY}"'/' -i config/gitlab.yml sudo -u git -H sed 's/{{LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN}}/'"${LDAP_ALLOW_USERNAME_OR_EMAIL_LOGIN}"'/' -i config/gitlab.yml +sudo -u git -H sed 's/{{LDAP_BLOCK_AUTO_CREATED_USERS}}/'"${LDAP_BLOCK_AUTO_CREATED_USERS}"'/' -i config/gitlab.yml sudo -u git -H sed 's/{{LDAP_BASE}}/'"${LDAP_BASE}"'/' -i config/gitlab.yml sudo -u git -H sed 's/{{LDAP_USER_FILTER}}/'"${LDAP_USER_FILTER}"'/' -i config/gitlab.yml -# apply redmine configuration -if [ -n "${REDMINE_URL}" ]; then - sudo -u git -H sed 's,{{REDMINE_URL}},'"${REDMINE_URL}"',g' -i config/gitlab.yml -else - # remove the redmine configuration block - sudo -u git -H sed '/redmine:/d' -i config/gitlab.yml - sudo -u git -H sed '/title: "Redmine"/d' -i config/gitlab.yml - sudo -u git -H sed '/project_url: "{{REDMINE_URL}}/d' -i config/gitlab.yml - sudo -u git -H sed '/issues_url: "{{REDMINE_URL}}/d' -i config/gitlab.yml - sudo -u git -H sed '/new_issue_url: "{{REDMINE_URL}}/d' -i config/gitlab.yml -fi - -# apply jira configuration -if [ -n "${JIRA_URL}" ]; then - sudo -u git -H sed 's,{{JIRA_URL}},'"${JIRA_URL}"',g' -i config/gitlab.yml -else - # remove the jira configuration block - sudo -u git -H sed '/jira:/d' -i config/gitlab.yml - sudo -u git -H sed '/title: "Atlassian Jira"/d' -i config/gitlab.yml - sudo -u git -H sed '/project_url: "{{JIRA_URL}}/d' -i config/gitlab.yml - sudo -u git -H sed '/issues_url: "{{JIRA_URL}}/d' -i config/gitlab.yml - sudo -u git -H sed '/new_issue_url: "{{JIRA_URL}}/d' -i config/gitlab.yml -fi - -# apply mantis configuration -if [ -n "${MANTIS_URL}" ]; then - sudo -u git -H sed 's,{{MANTIS_URL}},'"${MANTIS_URL}"',g' -i config/gitlab.yml -else - # remove the jira configuration block - sudo -u git -H sed '/mantis:/d' -i config/gitlab.yml - sudo -u git -H sed '/title: "Mantis"/d' -i config/gitlab.yml - sudo -u git -H sed '/project_url: "{{MANTIS_URL}}/d' -i config/gitlab.yml - sudo -u git -H sed '/issues_url: "{{MANTIS_URL}}/d' -i config/gitlab.yml - sudo -u git -H sed '/new_issue_url: "{{MANTIS_URL}}/d' -i config/gitlab.yml -fi - # apply gravatar configuration sudo -u git -H sed 's/{{GITLAB_GRAVATAR_ENABLED}}/'"${GITLAB_GRAVATAR_ENABLED}"'/' -i config/gitlab.yml if [ -n "${GITLAB_GRAVATAR_HTTP_URL}" ]; then diff --git a/assets/setup/install b/assets/setup/install index ea56152e..a9cd0589 100755 --- a/assets/setup/install +++ b/assets/setup/install @@ -1,8 +1,8 @@ #!/bin/bash set -e -GITLAB_VERSION=7.9.4 -GITLAB_SHELL_VERSION=2.6.0 +GITLAB_VERSION=7.10.0 +GITLAB_SHELL_VERSION=2.6.2 GITLAB_HOME="/home/git" GITLAB_INSTALL_DIR="${GITLAB_HOME}/gitlab"