GitLab de Baptiste MOINE

description.html

<div style="display: block; text-align: center; margin: 0 auto;" id="description">
    <a href="https://www.bmoine.fr/" title="Parcours de professionnalisation - Baptiste MOINE" target="_blank">
        <img height="180px" src="https://www.bmoine.fr/assets/images/icon.svg" alt="Logo de Baptiste MOINE">
    </a>
    <p>Bienvenue sur l'instance GitLab de <a href="http://www.bmoine.fr" title="Baptiste MOINE">Baptiste MOINE</a>.</p>
    <p>Sur cette instance, vous trouverez des projets open source sur lesquels je travaille.</p>
    <p>Certains projets peuvent ne pas apparaître sur cette instance, mais vous pouvez trouver l'ensemble de mes projets sur <a title="Suivez mes projets opensource sur GitHub" href="https://github.com/Creased">GitHub</a>, <a title="Suivez mes projets opensource sur GitLab" href="https://gitlab.com/Creased">GitLab</a>, <a title="Suivez mes projets opensource sur Docker Hub" href="https://hub.docker.com/r/creased/">Docker Hub</a>, <a title="Suivez mes projets opensource sur IBM Bluemix" href="https://hub.jazz.net/user/creased">Bluemix</a>, sur cette <a title="Suivez mes projets opensource sur GitLab" href="https://git.bmoine.fr/Creased">instance GitLab</a> et sur mon <a title="Suivez mes activités et projets professionnels" href="https://www.bmoine.fr/">site personnel</a>.</p>
    <p>Vous pouvez également me retrouver sur mon&nbsp;:</p>
    <ul>
        <li><p>Keybase&nbsp;: <a title="Fiabilisons nos échanges sur différents réseaux" href="https://keybase.io/Creased">@Creased</a></p></li>
        <li><p>Adresse e-mail&nbsp;: <a title="Contactez-moi par e-mail" href="mailto:[email protected]">Baptiste MOINE &lt;[email protected]&gt;</a> | PGP : <a title="Ajoutez ma clé publique PGP à votre keyring pour assurer des communications sécurisées" href="https://keyserver.pgp.com/vkd/SubmitSearch.event?SearchCriteria=0x5802D817860B5424">0x860B5424</a></p></li>
        <li><p>Mastodon&nbsp;: <a title="Suivez-moi et ne passez à côté d'aucune information" href="https://mastodon.xyz/@Creased">@Creased</a></p></li>
        <li><p>Twitter&nbsp;: <a title="Suivez-moi et ne passez à côté d'aucune information" href="https://twitter.com/Creased_">@Creased_</a></p></li>
        <li><p>LinkedIn&nbsp;: <a title="Découvrez mes projets et rejoignez-moi sur le plus vaste des réseaux sociaux professionnels" href="https://www.linkedin.com/in/bmoine/">bmoine</a></p></li>
    </ul>
</div>

gitlab.rb

registry_external_url 'https://registry.bmoine.fr'
registry_nginx['enable'] = true
registry_nginx['listen_port'] = 80
registry_nginx['listen_https'] = false
registry_nginx['proxy_set_headers'] = {
 "Host" => "$http_host",
 "X-Real-IP" => "$remote_addr",
 "X-Forwarded-For" => "$proxy_add_x_forwarded_for",
 "X-Forwarded-Proto" => "https",
 "X-Forwarded-Ssl" => "on"
}

gitlab.yml

# This file is managed by gitlab-ctl. Manual changes will be
# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
# and run `sudo gitlab-ctl reconfigure`.

production: &base
  #
  # 1. GitLab app settings
  # ==========================

  ## GitLab settings
  gitlab:
    ## Web server settings (note: host is the FQDN, do not include http://)
    host: git.bmoine.fr
    port: 443
    https: true

    # Uncommment this line below if your ssh host is different from HTTP/HTTPS one
    # (you'd obviously need to replace ssh.host_example.com with your own host).
    # Otherwise, ssh host will be set to the `host:` value above
    ssh_host:

    # WARNING: See config/application.rb under "Relative url support" for the list of
    # other files that need to be changed for relative url support
    relative_url_root:

    # Trusted Proxies
    # Customize if you have GitLab behind a reverse proxy which is running on a different machine.
    # Add the IP address for your reverse proxy to the list, otherwise users will appear signed in from that address.
    trusted_proxies:

    # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
    user: git

    ## Date & Time settings
    time_zone: 'Europe/Paris'

    ## Email settings
    # Uncomment and set to false if you need to disable email sending from GitLab (default: true)
    email_enabled:
    # Email address used in the "From" field in mails sent by GitLab
    email_from: [email protected]
    email_display_name: GitLab
    email_reply_to: [email protected]
    email_subject_suffix:

    # Email server smtp settings are in [a separate file](initializers/smtp_settings.rb.sample).

    ## User settings
    default_can_create_group: true  # default: true
    username_changing_enabled: true # default: true - User can change her username/namespace
    ## Default theme
    ##   1 - Graphite
    ##   2 - Charcoal
    ##   3 - Green
    ##   4 - Gray
    ##   5 - Violet
    ##   6 - Blue
    default_theme: 2 # default: 2

    ## Automatic issue closing
    # If a commit message matches this regular expression, all issues referenced from the matched text will be closed.
    # This happens when the commit is pushed or merged into the default branch of a project.
    # When not specified the default issue_closing_pattern as specified below will be used.
    # Tip: you can test your closing pattern at http://rubular.com
    issue_closing_pattern:

    ## Default project features settings
    default_projects_features:
      issues: true
      merge_requests: true
      wiki: true
      snippets: false
      builds:
      container_registry:

    ## Webhook settings
    # Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10)
    webhook_timeout: 10

    ## Repository downloads directory
    # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory.
    # The default is 'tmp/repositories' relative to the root of the Rails app.
    repository_downloads_path:

  ## Reply by email
  # Allow users to comment on issues and merge requests by replying to notification emails.
  # For documentation on how to set this up, see https://docs.gitlab.com/ce/administration/reply_by_email.html
  incoming_email:
    enabled: false

    # The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to.
    # The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`).
    address:

    # Email account username
    # With third party providers, this is usually the full email address.
    # With self-hosted email servers, this is usually the user part of the email address.
    user:
    # Email account password
    password:

    # IMAP server host
    host:
    # IMAP server port
    port:
    # Whether the IMAP server uses SSL
    ssl:
    # Whether the IMAP server uses StartTLS
    start_tls:

    # The mailbox where incoming mail will end up. Usually "inbox".
    mailbox: 'inbox'
    # The IDLE command timeout.
    idle_timeout:

  ## Build Artifacts
  artifacts:
    enabled: true
    # The location where Build Artifacts are stored (default: shared/artifacts).
    path: /var/opt/gitlab/gitlab-rails/shared/artifacts

  ## Git LFS
  lfs:
    enabled: true
    # The location where LFS objects are stored (default: shared/lfs-objects).
    storage_path: /var/opt/gitlab/gitlab-rails/shared/lfs-objects

  ## Container Registry
  registry:
    enabled: true
    host: registry.bmoine.fr
    port:
    api_url: http://localhost:5000 # internal address to the registry, will be used by GitLab to directly communicate with API
    path: /var/opt/gitlab/gitlab-rails/shared/registry
    key: /var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key
    issuer: omnibus-gitlab-issuer

  mattermost:
    enabled: false
    host:

  ## GitLab Pages
  pages:
    enabled: false
    path: /var/opt/gitlab/gitlab-rails/shared/pages
    host:
    port:
    https: false
    external_http: nil
    external_https: nil

  ## Gravatar
  ## For Libravatar see: https://docs.gitlab.com/ce/customization/libravatar.html
  gravatar:
    # gravatar urls: possible placeholders: %{hash} %{size} %{email}
    plain_url: 'http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon'     # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
    ssl_url:   'https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon'    # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon

  ## Auxiliary jobs
  # Periodically executed jobs, to self-heal GitLab, do external synchronizations, etc.
  # Please read here for more information: https://github.com/ondrejbartas/sidekiq-cron#adding-cron-job
  cron_jobs:
    # Flag stuck CI builds as failed
    stuck_ci_jobs_worker:
      cron: ""
    # Remove expired build artifacts
    expire_build_artifacts_worker:
      cron: ""
    # Schedule pipelines in the near future
    trigger_schedule_worker:
      cron: ""
    # Periodically run 'git fsck' on all repositories. If started more than
    # once per hour you will have concurrent 'git fsck' jobs.
    repository_check_worker:
      cron: ""
    # Send admin emails once a week
    admin_email_worker:
      cron: ""

    # Remove outdated repository archives
    repository_archive_cache_worker:
      cron: ""

    ##
    # GitLab EE only jobs:

    # Snapshot active users statistics

    # In addition to refreshing users when they log in,
    # periodically refresh LDAP users membership.
    # NOTE: This will only take effect if LDAP is enabled

    # Gitlab Geo nodes notification worker
    # NOTE: This will only take effect if Geo is enabled

    # GitLab Geo backfill worker
    # NOTE: This will only take effect if Geo is enabled

    # GitLab Geo file download worker
    # NOTE: This will only take effect if Geo is enabled

  #
  # 2. GitLab CI settings
  # ==========================

  gitlab_ci:
    # Default project notifications settings:
    #
    # Send emails only on broken builds (default: true)
    all_broken_builds:
    #
    # Add pusher to recipients list (default: false)
    add_pusher:

    # The location where build traces are stored (default: builds/). Relative paths are relative to Rails.root
    builds_path: /var/opt/gitlab/gitlab-ci/builds

  #
  # 3. Auth settings
  # ==========================

  ## LDAP settings
  # You can inspect a sample of the LDAP users with login access by running:
  #   bundle exec rake gitlab:ldap:check RAILS_ENV=production
  ldap:
    enabled: false
    sync_time:
    host:
    port:
    uid:
    method:  # "tls" or "ssl" or "plain"
    bind_dn:
    password:
    active_directory:
    allow_username_or_email_login:
    base:
    user_filter:

    ## EE only
    group_base:
    admin_group:
    sync_ssh_keys:
    sync_time:

  ## Kerberos settings
  kerberos:
    # Allow the HTTP Negotiate authentication method for Git clients
    enabled:

    # Kerberos 5 keytab file. The keytab file must be readable by the GitLab user,
    # and should be different from other keytabs in the system.
    # (default: use default keytab from Krb5 config)
    keytab:

    # The Kerberos service name to be used by GitLab.
    # (default: accept any service name in keytab file)
    service_principal_name:

    # Dedicated port: Git before 2.4 does not fall back to Basic authentication if Negotiate fails.
    # To support both Basic and Negotiate methods with older versions of Git, configure
    # nginx to proxy GitLab on an extra port (e.g. 8443) and uncomment the following lines
    # to dedicate this port to Kerberos authentication. (default: false)
    use_dedicated_port:
    port:
    https:


  ## OmniAuth settings
  omniauth:
    # Allow login via Twitter, Google, etc. using OmniAuth providers
    enabled: false

    # Uncomment this to automatically sign in with a specific omniauth provider's without
    # showing GitLab's sign-in page (default: show the GitLab sign-in page)
    auto_sign_in_with_provider:

    # CAUTION!
    # This allows users to login without having a user account first. Define the allowed
    # providers using an array, e.g. ["saml", "twitter"]
    # User accounts will be created automatically when authentication was successful.
    allow_single_sign_on: ["saml"]

    # Locks down those users until they have been cleared by the admin (default: true).
    block_auto_created_users:
    # Look up new users in LDAP servers. If a match is found (same uid), automatically
    # link the omniauth identity with the LDAP account. (default: false)
    auto_link_ldap_user:

    # Allow users with existing accounts to login and auto link their account via SAML
    # login, without having to do a manual login first and manually add SAML
    # (default: false)
    auto_link_saml_user: null

    # Set different Omniauth providers as external so that all users creating accounts
    # via these providers will not be able to have access to internal projects. You
    # will need to use the full name of the provider, like `google_oauth2` for Google.
    # Refer to the examples below for the full names of the supported providers.
    # (default: [])
    external_providers: null

    ## Auth providers
    # Uncomment the following lines and fill in the data of the auth provider you want to use
    # If your favorite auth provider is not listed you can use others:
    # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations
    # The 'app_id' and 'app_secret' parameters are always passed as the first two
    # arguments, followed by optional 'args' which can be either a hash or an array.
    # Documentation for this is available at https://docs.gitlab.com/ce/integration/omniauth.html
    providers:
      # - { name: 'google_oauth2', app_id: 'YOUR APP ID',
      #     app_secret: 'YOUR APP SECRET',
      #     args: { access_type: 'offline', approval_prompt: '' } }
      # - { name: 'twitter', app_id: 'YOUR APP ID',
      #     app_secret: 'YOUR APP SECRET'}
      # - { name: 'github', app_id: 'YOUR APP ID',
      #     app_secret: 'YOUR APP SECRET',
      #     args: { scope: 'user:email' } }
      - {"name":"gitlab","app_id":"TO_REPLACE","app_secret":"TO_REPLACE","args":{"scope":"api"}}

  # Shared file storage settings
  shared:
    path: /var/opt/gitlab/gitlab-rails/shared

  # Gitaly settings
  # This setting controls whether GitLab uses Gitaly
  # Eventually Gitaly use will become mandatory and
  # this option will disappear.
  gitaly:
    enabled: true


  #
  # 4. Advanced settings
  # ==========================

  ## Repositories settings
  repositories:
    # Paths where repositories can be stored. Give the canonicalized absolute pathname.
    # NOTE: REPOS PATHS MUST NOT CONTAIN ANY SYMLINK!!!
    storages: {"default":{"path":"/var/opt/gitlab/git-data/repositories","gitaly_address":"unix:/var/opt/gitlab/gitaly/gitaly.socket"}}

  ## Backup settings
  backup:
    path: "/var/opt/gitlab/backups"   # Relative paths are relative to Rails.root (default: tmp/backups/)
    archive_permissions:  # Permissions for the resulting backup.tar file (default: 0600)
    keep_time: 14515200   # default: 0 (forever) (in seconds)
    pg_schema:    # default: nil, it means that all schemas will be backed up
    upload:
      # Fog storage connection settings, see http://fog.io/storage/ .
      connection:
      # The remote 'directory' to store your backups. For S3, this would be the bucket name.
      remote_directory:
      multipart_chunk_size:
      encryption:
      storage_class:

  ## GitLab Shell settings
  gitlab_shell:
    path: /opt/gitlab/embedded/service/gitlab-shell/
    hooks_path: /opt/gitlab/embedded/service/gitlab-shell/hooks/

    # Git over HTTP
    upload_pack:
    receive_pack:

    # If you use non-standard ssh port you need to specify it
    ssh_port:

  ## Git settings
  # CAUTION!
  # Use the default values unless you really know what you are doing
  git:
    bin_path: /opt/gitlab/embedded/bin/git
    # The next value is the maximum memory size grit can use
    # Given in number of bytes per git object (e.g. a commit)
    # This value can be increased if you have very large commits
    max_size:
    # Git timeout to read a commit, in seconds
    timeout:

  #
  # 5. Extra customization
  # ==========================

  extra:


  rack_attack:
    git_basic_auth:


development:
  <<: *base

test:
  <<: *base
  gravatar:
    enabled: true
  gitlab:
    host: localhost
    port: 80

    # When you run tests we clone and setup gitlab-shell
    # In order to setup it correctly you need to specify
    # your system username you use to run GitLab
    # user: YOUR_USERNAME
  repositories:
    storages:
      default: { "path": "tmp/tests/repositories/" }
  gitlab_shell:
    path: tmp/tests/gitlab-shell/
    hooks_path: tmp/tests/gitlab-shell/hooks/
  issues_tracker:
    redmine:
      title: "Redmine"
      project_url: "http://redmine/projects/:issues_tracker_id"
      issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
      new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
    jira:
      title: "JIRA"
      url: https://samplecompany.example.net
      project_key: PROJECT
  ldap:
    enabled: false
    servers:
      main:
        label: ldap
        host: 127.0.0.1
        port: 3890
        uid: 'uid'
        method: 'plain' # "tls" or "ssl" or "plain"
        base: 'dc=example,dc=com'
        user_filter: ''
        group_base: 'ou=groups,dc=example,dc=com'
        admin_group: ''
        sync_ssh_keys: false

staging:
  <<: *base

logo.svg

smtp_settings.rb

# This file is managed by gitlab-ctl. Manual changes will be
# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
# and run `sudo gitlab-ctl reconfigure`.

if Rails.env.production?
  Gitlab::Application.config.action_mailer.delivery_method = :smtp

  ActionMailer::Base.delivery_method = :smtp
  ActionMailer::Base.smtp_settings = {
    authentication: :login,
    address: "ssl0.ovh.net",
    port: "465",
    user_name: "[email protected]",
    password: "PASSWORD_TO_REPLACE",
    domain: "ssl0.ovh.net",
    enable_starttls_auto: true,
    tls: true,



    ca_file: "/opt/gitlab/embedded/ssl/certs/cacert.pem",
  }
end