diff --git a/assets/runtime/config/gitaly/config.toml b/assets/runtime/config/gitaly/config.toml index 88f84678..6e18163c 100644 --- a/assets/runtime/config/gitaly/config.toml +++ b/assets/runtime/config/gitaly/config.toml @@ -1,18 +1,37 @@ # Example Gitaly configuration file +# Documentation lives at https://docs.gitlab.com/ee/administration/gitaly/ and +# https://docs.gitlab.com/ee//administration/gitaly/reference socket_path = "{{GITALY_SOCKET_PATH}}" +# The directory where Gitaly's executables are stored +bin_dir = "/usr/local/bin/" + # # Optional: listen on a TCP socket. This is insecure (no authentication) # listen_addr = "localhost:9999" -# +# tls_listen_addr = "localhost:8888 # # Optional: export metrics via Prometheus # prometheus_listen_addr = "localhost:9236" -# -# # Git executable settings +# # Optional: configure where the Gitaly creates the sockets for internal connections. If unset, Gitaly will create a randomly +# # named temp directory each time it boots. +# # Non Gitaly clients should never connect to these sockets. +# internal_socket_dir = "/home/git/gitlab/tmp/sockets/private/internal" + +# # Optional: authenticate Gitaly requests using a shared secret +# [auth] +# token = 'abc123secret' +# transitioning = false # Set `transitioning` to true to temporarily allow unauthenticated while rolling out authentication. + +# [tls] +# certificate_path = '/home/git/cert.cert' +# key_path = '/home/git/key.pem' + +# # Git settings # [git] # bin_path = "/usr/bin/git" +# catfile_cache_size = 100 [[storage]] name = "default" @@ -27,9 +46,18 @@ path = "{{GITLAB_REPOS_DIR}}" # # You can optionally configure Gitaly to output JSON-formatted log messages to stdout # [logging] +# # The directory where Gitaly stores extra log files +dir = "{{GITLAB_LOG_DIR}}" # format = "json" -# # Additionally exceptions can be reported to Sentry +# # Optional: Set log level to only log entries with that severity or above +# # One of, in order: debug, info, warn, errror, fatal, panic +# # Defaults to "info" +# level = "warn" +# +# # Additionally exceptions from the Go server can be reported to Sentry # sentry_dsn = "https://:@sentry.io/" +# # Exceptions from gitaly-ruby can also be reported to Sentry +# ruby_sentry_dsn = "https://:@sentry.io/" # # You can optionally configure Gitaly to record histogram latencies on GRPC method calls # [prometheus] @@ -37,21 +65,27 @@ path = "{{GITLAB_REPOS_DIR}}" [gitaly-ruby] # The directory where gitaly-ruby is installed -dir = "/home/git/gitaly/ruby" +dir = "{{GITLAB_GITALY_INSTALL_DIR}}/ruby" # # Gitaly-ruby resident set size (RSS) that triggers a memory restart (bytes) -# max_rss = 300000000 -# +# max_rss = 200000000 +# # # Grace period before a gitaly-ruby process is forcibly terminated after exceeding max_rss (seconds) # graceful_restart_timeout = "10m" -# +# # # Time that gitaly-ruby memory must remain high before a restart (seconds) # restart_delay = "5m" - +# +# # Number of gitaly-ruby worker processes +# num_workers = 2 +# +# # Search path for system gitconfig file (e.g. /etc, /opt/gitlab/embedded/etc) +# # NOTE: This only affects RPCs that use Rugged. +# rugged_git_config_search_path = "/etc" [gitlab-shell] # The directory where gitlab-shell is installed -dir = "/home/git/gitlab-shell" +dir = "{{GITLAB_SHELL_INSTALL_DIR}}" # # You can adjust the concurrency of each RPC endpoint # [[concurrency]] diff --git a/assets/runtime/functions b/assets/runtime/functions index a9aed6dd..17a192e0 100644 --- a/assets/runtime/functions +++ b/assets/runtime/functions @@ -236,7 +236,10 @@ gitlab_configure_gitaly() { echo "Configuring gitlab::gitaly..." update_template ${GITLAB_GITALY_CONFIG} \ GITALY_SOCKET_PATH \ - GITLAB_REPOS_DIR + GITLAB_GITALY_INSTALL_DIR \ + GITLAB_LOG_DIR \ + GITLAB_REPOS_DIR \ + GITLAB_SHELL_INSTALL_DIR update_template ${GITLAB_CONFIG} \ GITALY_CLIENT_PATH \ @@ -623,7 +626,7 @@ gitlab_configure_oauth2_generic() { OAUTH2_GENERIC_USER_NAME \ OAUTH2_GENERIC_USER_EMAIL \ OAUTH2_GENERIC_NAME - else + else exec_as_git sed -i "/name: 'oauth2_generic'/,/{{OAUTH2_GENERIC_NAME}}/d" ${GITLAB_CONFIG} fi }