Skip to content

Instantly share code, notes, and snippets.

@pruthvi6767

pruthvi6767/gitlab.txt

Created March 22, 2019 20:51
Show Gist options
  • Save pruthvi6767/1fc2a2e3a87fa863c8bbf72b3cf47606 to your computer and use it in GitHub Desktop.
Save pruthvi6767/1fc2a2e3a87fa863c8bbf72b3cf47606 to your computer and use it in GitHub Desktop.
Download ZIP
manual setup
Raw
gitlab.txt
Starting Chef Client, version 13.6.4
resolving cookbooks for run list: ["gitlab"]
Synchronizing Cookbooks:
- gitlab (0.0.1)
- package (0.1.0)
- postgresql (0.1.0)
- redis (0.1.0)
- mattermost (0.1.0)
- registry (0.1.0)
- gitaly (0.1.0)
- runit (4.3.0)
- consul (0.1.0)
- letsencrypt (0.1.0)
- nginx (0.1.0)
- acme (3.1.0)
- crond (0.1.0)
- compat_resource (12.19.1)
Installing Cookbook Gems:
Compiling Cookbooks...
Recipe: gitlab::default
* directory[/etc/gitlab] action create
- change mode from '0755' to '0775'
Converging 243 resources
* directory[/etc/gitlab] action create (up to date)
* directory[Create /var/opt/gitlab] action create (up to date)
* directory[/opt/gitlab/embedded/etc] action create
- create new directory /opt/gitlab/embedded/etc
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* template[/opt/gitlab/embedded/etc/gitconfig] action create
- create new file /opt/gitlab/embedded/etc/gitconfig
- update content in file /opt/gitlab/embedded/etc/gitconfig from none to f8c837
--- /opt/gitlab/embedded/etc/gitconfig 2019-03-22 15:23:59.133999978 +0000
+++ /opt/gitlab/embedded/etc/.chef-gitconfig20190322-11-17jhhpb 2019-03-22 15:23:59.133999978 +0000
@@ -1 +1,12 @@
+[pack]
+ threads = 1
+[receive]
+ fsckObjects = true
+advertisePushOptions = true
+[repack]
+ writeBitmaps = true
+[transfer]
+ hideRefs=^refs/tmp/
+hideRefs=^refs/keep-around/
+hideRefs=^refs/remotes/
- change mode from '' to '0755'
Recipe: gitlab::web-server
* account[Webserver user and group] action create
* group[Webserver user and group] action create
- create group gitlab-www
* linux_user[Webserver user and group] action create
- create user gitlab-www
Recipe: gitlab::users
* directory[/var/opt/gitlab] action create (up to date)
* account[GitLab user and group] action create
* group[GitLab user and group] action create
- create group git
* linux_user[GitLab user and group] action create
- create user git
* template[/var/opt/gitlab/.gitconfig] action create
- create new file /var/opt/gitlab/.gitconfig
- update content in file /var/opt/gitlab/.gitconfig from none to b924e8
--- /var/opt/gitlab/.gitconfig 2019-03-22 15:23:59.603462449 +0000
+++ /var/opt/gitlab/.chef-.gitconfig20190322-11-15mvfs6.gitconfig 2019-03-22 15:23:59.603462449 +0000
@@ -1 +1,12 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+[user]
+ name = GitLab
+ email = [email protected]
+[core]
+ autocrlf = input
+[gc]
+ auto = 0
- change mode from '' to '0644'
- change owner from '' to 'git'
- change group from '' to 'git'
* directory[/var/opt/gitlab/.bundle] action create
- create new directory /var/opt/gitlab/.bundle
- change owner from '' to 'git'
- change group from '' to 'git'
Recipe: gitlab::gitlab-shell
* storage_directory[/var/opt/gitlab/.ssh] action create
* ruby_block[directory resource: /var/opt/gitlab/.ssh] action run
- execute the ruby block directory resource: /var/opt/gitlab/.ssh
* directory[/var/log/gitlab/gitlab-shell/] action create
- create new directory /var/log/gitlab/gitlab-shell/
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[/var/opt/gitlab/gitlab-shell] action create
- create new directory /var/opt/gitlab/gitlab-shell
- change mode from '' to '0700'
- change owner from '' to 'git'
* templatesymlink[Create a config.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-shell/config.yml] action create
- create new file /var/opt/gitlab/gitlab-shell/config.yml
- update content in file /var/opt/gitlab/gitlab-shell/config.yml from none to 0ea240
--- /var/opt/gitlab/gitlab-shell/config.yml 2019-03-22 15:23:59.993016413 +0000
+++ /var/opt/gitlab/gitlab-shell/.chef-config20190322-11-1bgy384.yml 2019-03-22 15:23:59.993016413 +0000
@@ -1 +1,36 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+# GitLab user. git by default
+user: git
+
+# Url to gitlab instance. Used for api calls. Should end with a slash.
+gitlab_url: "http://127.0.0.1:8080"
+
+http_settings:
+
+# user: someone
+# password: somepass
+# ca_file: /etc/ssl/cert.pem
+# ca_path: /etc/pki/tls/certs
+# self_signed_cert: false
+
+# File used as authorized_keys for gitlab user
+auth_file: "/var/opt/gitlab/.ssh/authorized_keys"
+
+# Log file.
+# Default is gitlab-shell.log in the root directory.
+log_file: "/var/log/gitlab/gitlab-shell/gitlab-shell.log"
+
+# Log level. INFO by default
+log_level:
+
+
+# Audit usernames.
+# Set to true to see real usernames in the logs instead of key ids, which is easier to follow, but
+# incurs an extra API call on every gitlab-shell command.
+audit_usernames:
+
+
- change mode from '' to '0640'
- change owner from '' to 'root'
- change group from '' to 'git'
* link[Link /opt/gitlab/embedded/service/gitlab-shell/config.yml to /var/opt/gitlab/gitlab-shell/config.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-shell/config.yml to /var/opt/gitlab/gitlab-shell/config.yml
* link[/opt/gitlab/embedded/service/gitlab-shell/.gitlab_shell_secret] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-shell/.gitlab_shell_secret to /opt/gitlab/embedded/service/gitlab-rails/.gitlab_shell_secret
* execute[/opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-keys check-permissions] action run
- execute /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-keys check-permissions
* bash[Set proper security context on ssh files for selinux] action run (skipped due to only_if)
Recipe: gitlab::gitlab-rails
* storage_directory[/var/opt/gitlab/git-data] action create
* ruby_block[directory resource: /var/opt/gitlab/git-data] action run
- execute the ruby block directory resource: /var/opt/gitlab/git-data
* storage_directory[/var/opt/gitlab/git-data/repositories] action create
* ruby_block[directory resource: /var/opt/gitlab/git-data/repositories] action run
- execute the ruby block directory resource: /var/opt/gitlab/git-data/repositories
* directory[/var/log/gitlab] action create
- change owner from 'root' to 'git'
* storage_directory[/var/opt/gitlab/gitlab-rails/shared] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/shared
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/artifacts] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/artifacts] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/shared/artifacts
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/external-diffs] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/external-diffs] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/shared/external-diffs
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/lfs-objects] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/lfs-objects] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/shared/lfs-objects
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/packages] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/packages] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/shared/packages
* storage_directory[/var/opt/gitlab/gitlab-rails/uploads] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/uploads] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/uploads
* storage_directory[/var/opt/gitlab/gitlab-ci/builds] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-ci/builds] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-ci/builds
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/cache] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/cache] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/shared/cache
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/tmp] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/tmp] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/shared/tmp
* storage_directory[/var/opt/gitlab/gitlab-rails/shared/pages] action create
* ruby_block[directory resource: /var/opt/gitlab/gitlab-rails/shared/pages] action run
- execute the ruby block directory resource: /var/opt/gitlab/gitlab-rails/shared/pages
* directory[create /var/opt/gitlab/gitlab-rails/etc] action create
- create new directory /var/opt/gitlab/gitlab-rails/etc
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[create /opt/gitlab/etc/gitlab-rails] action create
- create new directory /opt/gitlab/etc/gitlab-rails
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[create /var/opt/gitlab/gitlab-rails/working] action create
- create new directory /var/opt/gitlab/gitlab-rails/working
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[create /var/opt/gitlab/gitlab-rails/tmp] action create
- create new directory /var/opt/gitlab/gitlab-rails/tmp
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[create /var/opt/gitlab/gitlab-rails/upgrade-status] action create
- create new directory /var/opt/gitlab/gitlab-rails/upgrade-status
- change mode from '' to '0700'
- change owner from '' to 'git'
* directory[create /var/log/gitlab/gitlab-rails] action create
- create new directory /var/log/gitlab/gitlab-rails
- change mode from '' to '0700'
- change owner from '' to 'git'
* storage_directory[/var/opt/gitlab/backups] action create
* ruby_block[directory resource: /var/opt/gitlab/backups] action run
- execute the ruby block directory resource: /var/opt/gitlab/backups
* directory[/var/opt/gitlab/gitlab-rails] action create
- change owner from 'root' to 'git'
* directory[/var/opt/gitlab/gitlab-ci] action create
- change owner from 'root' to 'git'
* file[/var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key] action create (skipped due to only_if)
* template[/opt/gitlab/etc/gitlab-rails/gitlab-rails-rc] action create
- create new file /opt/gitlab/etc/gitlab-rails/gitlab-rails-rc
- update content in file /opt/gitlab/etc/gitlab-rails/gitlab-rails-rc from none to 81d695
--- /opt/gitlab/etc/gitlab-rails/gitlab-rails-rc 2019-03-22 15:24:03.748716174 +0000
+++ /opt/gitlab/etc/gitlab-rails/.chef-gitlab-rails-rc20190322-11-1bfk6i6 2019-03-22 15:24:03.748716174 +0000
@@ -1 +1,3 @@
+gitlab_user='git'
+gitlab_group='git'
* file[/opt/gitlab/embedded/service/gitlab-rails/.secret] action delete (up to date)
* file[/var/opt/gitlab/gitlab-rails/etc/secret] action delete (up to date)
* templatesymlink[Create a database.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/database.yml] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/database.yml
- update content in file /var/opt/gitlab/gitlab-rails/etc/database.yml from none to ba7f50
--- /var/opt/gitlab/gitlab-rails/etc/database.yml 2019-03-22 15:24:03.758704738 +0000
+++ /var/opt/gitlab/gitlab-rails/etc/.chef-database20190322-11-ot4wv3.yml 2019-03-22 15:24:03.758704738 +0000
@@ -1 +1,24 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+production:
+ adapter: postgresql
+ encoding: unicode
+ collation:
+ database: gitlabhq_production
+ pool: 10
+ username: "gitlab"
+ password:
+ host: "/var/opt/gitlab/postgresql"
+ port: 5432
+ socket:
+ sslmode:
+ sslcompression: 0
+ sslrootcert:
+ sslca:
+ load_balancing: {"hosts":[]}
+ prepared_statements: false
+ statements_limit: 1000
+ fdw:
- change mode from '' to '0640'
- change owner from '' to 'root'
- change group from '' to 'git'
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/database.yml to /var/opt/gitlab/gitlab-rails/etc/database.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/config/database.yml to /var/opt/gitlab/gitlab-rails/etc/database.yml
* templatesymlink[Create a secrets.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/secrets.yml] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/secrets.yml
- update content in file /var/opt/gitlab/gitlab-rails/etc/secrets.yml from none to 6c733f
- suppressed sensitive resource
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/secrets.yml to /var/opt/gitlab/gitlab-rails/etc/secrets.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/config/secrets.yml to /var/opt/gitlab/gitlab-rails/etc/secrets.yml
* templatesymlink[Create a resque.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/resque.yml] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/resque.yml
- update content in file /var/opt/gitlab/gitlab-rails/etc/resque.yml from none to ec4232
--- /var/opt/gitlab/gitlab-rails/etc/resque.yml 2019-03-22 15:24:03.788670427 +0000
+++ /var/opt/gitlab/gitlab-rails/etc/.chef-resque20190322-11-1l765ko.yml 2019-03-22 15:24:03.788670427 +0000
@@ -1 +1,3 @@
+production:
+ url: unix:/var/opt/gitlab/redis/redis.socket
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/resque.yml to /var/opt/gitlab/gitlab-rails/etc/resque.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/config/resque.yml to /var/opt/gitlab/gitlab-rails/etc/resque.yml
* templatesymlink[Create a redis.cache.yml and create a symlink to Rails root] action create (skipped due to not_if)
* templatesymlink[Create a redis.queues.yml and create a symlink to Rails root] action create (skipped due to not_if)
* templatesymlink[Create a redis.shared_state.yml and create a symlink to Rails root] action create (skipped due to not_if)
* templatesymlink[Create a smtp_settings.rb and create a symlink to Rails root] action delete
* file[/var/opt/gitlab/gitlab-rails/etc/smtp_settings.rb] action delete (up to date)
* link[/opt/gitlab/embedded/service/gitlab-rails/config/initializers/smtp_settings.rb] action delete (up to date)
(up to date)
* templatesymlink[Create a gitlab.yml and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/gitlab.yml] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/gitlab.yml
- update content in file /var/opt/gitlab/gitlab-rails/etc/gitlab.yml from none to e77815
--- /var/opt/gitlab/gitlab-rails/etc/gitlab.yml 2019-03-22 15:24:03.818636117 +0000
+++ /var/opt/gitlab/gitlab-rails/etc/.chef-gitlab20190322-11-eqy3qa.yml 2019-03-22 15:24:03.818636117 +0000
@@ -1 +1,571 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+production: &base
+ #
+ # 1. GitLab app settings
+ # ==========================
+
+ ## GitLab settings
+ gitlab:
+ ## Web server settings (note: host is the FQDN, do not include http://)
+ host: gitlab.example.com
+ port: 80
+ https: false
+
+ # Uncommment this line below if your ssh host is different from HTTP/HTTPS one
+ # (you'd obviously need to replace ssh.host_example.com with your own host).
+ # Otherwise, ssh host will be set to the `host:` value above
+ ssh_host:
+
+ # WARNING: See config/application.rb under "Relative url support" for the list of
+ # other files that need to be changed for relative url support
+ relative_url_root:
+
+ # Trusted Proxies
+ # Customize if you have GitLab behind a reverse proxy which is running on a different machine.
+ # Add the IP address for your reverse proxy to the list, otherwise users will appear signed in from that address.
+ trusted_proxies:
+
+ # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
+ user: git
+
+ ## Date & Time settings
+ time_zone:
+
+ ## Email settings
+ # Uncomment and set to false if you need to disable email sending from GitLab (default: true)
+ email_enabled:
+ # Email address used in the "From" field in mails sent by GitLab
+ email_from: [email protected]
+ email_display_name:
+ email_reply_to:
+ email_subject_suffix:
+
+ # Email server smtp settings are in [a separate file](initializers/smtp_settings.rb.sample).
+
+ ## User settings
+ default_can_create_group: # default: true
+ username_changing_enabled: # default: true - User can change her username/namespace
+ ## Default theme
+ ## 1 - Graphite
+ ## 2 - Charcoal
+ ## 3 - Green
+ ## 4 - Gray
+ ## 5 - Violet
+ ## 6 - Blue
+ default_theme: # default: 2
+
+ ## Automatic issue closing
+ # If a commit message matches this regular expression, all issues referenced from the matched text will be closed.
+ # This happens when the commit is pushed or merged into the default branch of a project.
+ # When not specified the default issue_closing_pattern as specified below will be used.
+ # Tip: you can test your closing pattern at http://rubular.com
+ issue_closing_pattern:
+
+ ## Default project features settings
+ default_projects_features:
+ issues:
+ merge_requests:
+ wiki:
+ snippets:
+ builds:
+ container_registry:
+
+ ## Webhook settings
+ # Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10)
+ webhook_timeout:
+
+ ## Repository downloads directory
+ # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory.
+ # The default is 'tmp/repositories' relative to the root of the Rails app.
+ repository_downloads_path:
+
+ ## Impersonation settings
+ impersonation_enabled:
+
+ usage_ping_enabled:
+
+ ## Reply by email
+ # Allow users to comment on issues and merge requests by replying to notification emails.
+ # For documentation on how to set this up, see https://docs.gitlab.com/ce/administration/reply_by_email.html
+ incoming_email:
+ enabled: false
+
+ # The email address including the `%{key}` placeholder that will be replaced to reference the item being replied to.
+ # The placeholder can be omitted but if present, it must appear in the "user" part of the address (before the `@`).
+ address:
+
+ # Email account username
+ # With third party providers, this is usually the full email address.
+ # With self-hosted email servers, this is usually the user part of the email address.
+ user:
+ # Email account password
+ password:
+
+ # IMAP server host
+ host:
+ # IMAP server port
+ port:
+ # Whether the IMAP server uses SSL
+ ssl:
+ # Whether the IMAP server uses StartTLS
+ start_tls:
+
+ # The mailbox where incoming mail will end up. Usually "inbox".
+ mailbox: "inbox"
+ # The IDLE command timeout.
+ idle_timeout:
+
+ ## Build Artifacts
+ artifacts:
+ enabled: true
+ # The location where Build Artifacts are stored (default: shared/artifacts).
+ path: /var/opt/gitlab/gitlab-rails/shared/artifacts
+ object_store:
+ enabled: false
+ direct_upload: false
+ background_upload: true
+ proxy_download: false
+ remote_directory: "artifacts"
+ connection: {}
+
+ ## External merge request diffs
+ external_diffs:
+ enabled:
+ # The location where merge request diffs are stored (default: shared/external-diffs).
+ storage_path: /var/opt/gitlab/gitlab-rails/shared/external-diffs
+ object_store:
+ enabled: false
+ direct_upload: false
+ background_upload: true
+ proxy_download: false
+ remote_directory: "external-diffs"
+ connection: {}
+
+ ## Git LFS
+ lfs:
+ enabled:
+ # The location where LFS objects are stored (default: shared/lfs-objects).
+ storage_path: /var/opt/gitlab/gitlab-rails/shared/lfs-objects
+ object_store:
+ enabled: false
+ direct_upload: false
+ background_upload: true
+ proxy_download: false
+ remote_directory: "lfs-objects"
+ connection: {}
+
+ ## Uploads
+ uploads:
+ # The location where uploads objects are stored (default: public/).
+ storage_path: /opt/gitlab/embedded/service/gitlab-rails/public
+ object_store:
+ enabled: false
+ direct_upload: false
+ background_upload: true
+ proxy_download: false
+ remote_directory: "uploads"
+ connection: {}
+
+ ## Packages (maven repository so far) EE only
+ packages:
+ enabled:
+ # The location where build packages are stored (default: shared/packages).
+ storage_path: /var/opt/gitlab/gitlab-rails/shared/packages
+ object_store:
+ enabled: false
+ direct_upload: false
+ background_upload: true
+ proxy_download: false
+ remote_directory: "packages"
+ connection: {}
+
+ ## Container Registry
+ registry:
+ enabled: false
+ host:
+ port:
+ api_url: # internal address to the registry, will be used by GitLab to directly communicate with API
+ path:
+ key: /var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key
+ issuer: omnibus-gitlab-issuer
+
+ mattermost:
+ enabled: false
+ host:
+
+ ## GitLab Pages
+ pages:
+ enabled: false
+ access_control: false
+ path: /var/opt/gitlab/gitlab-rails/shared/pages
+ host:
+ port:
+ https: false
+ external_http: null
+ external_https: null
+ artifacts_server: true
+ admin:
+ address: unix:/var/opt/gitlab/gitlab-pages/admin.socket
+ certificate:
+
+ ## Gravatar
+ ## For Libravatar see: https://docs.gitlab.com/ce/customization/libravatar.html
+ gravatar:
+ # gravatar urls: possible placeholders: %{hash} %{size} %{email}
+ plain_url: # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
+ ssl_url: # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
+
+ ## Sidekiq
+ sidekiq:
+ log_format: default
+
+ ## Auxiliary jobs
+ # Periodically executed jobs, to self-heal GitLab, do external synchronizations, etc.
+ # Please read here for more information: https://github.com/ondrejbartas/sidekiq-cron#adding-cron-job
+ cron_jobs:
+ # Flag stuck CI builds as failed
+ stuck_ci_jobs_worker:
+ cron:
+ # Remove expired build artifacts
+ expire_build_artifacts_worker:
+ cron:
+ # Schedule pipelines in the near future
+ pipeline_schedule_worker:
+ cron:
+ # Periodically run 'git fsck' on all repositories. If started more than
+ # once per hour you will have concurrent 'git fsck' jobs.
+ repository_check_worker:
+ cron:
+ # Send admin emails once a week
+ admin_email_worker:
+ cron:
+
+ # Remove outdated repository archives
+ repository_archive_cache_worker:
+ cron:
+
+ # Archive live traces which have not been archived yet
+ ci_archive_traces_cron_worker:
+ cron:
+
+ # Verify custom GitLab Pages domains
+ pages_domain_verification_cron_worker:
+ cron:
+
+ ##
+ # GitLab EE only jobs:
+
+ # Snapshot active users statistics
+
+ # In addition to refreshing users when they log in,
+ # periodically refresh LDAP users membership.
+ # NOTE: This will only take effect if LDAP is enabled
+
+ # GitLab LDAP group sync worker
+ # NOTE: This will only take effect if LDAP is enabled
+
+ # GitLab Geo prune event log worker
+ # NOTE: This will only take effect if Geo is enabled (primary node only)
+
+ # GitLab Geo repository sync worker
+ # NOTE: This will only take effect if Geo is enabled
+
+ # GitLab Geo file download dispatch worker
+ # NOTE: This will only take effect if Geo is enabled
+
+ # GitLab Geo repository verification primary batch worker
+ # NOTE: This will only take effect if Geo is enabled
+
+ # GitLab Geo repository verification secondary scheduler worker
+ # NOTE: This will only take effect if Geo is enabled
+
+ # GitLab Geo migrated local files clean up worker
+ # NOTE: This will only take effect if Geo is enabled (secondary nodes only)
+
+ # Export pseudonymized data in CSV format for analysis
+
+ #
+ # 2. GitLab CI settings
+ # ==========================
+
+ gitlab_ci:
+ # Default project notifications settings:
+ #
+ # Send emails only on broken builds (default: true)
+ all_broken_builds:
+ #
+ # Add pusher to recipients list (default: false)
+ add_pusher:
+
+ # The location where build traces are stored (default: builds/). Relative paths are relative to Rails.root
+ builds_path: /var/opt/gitlab/gitlab-ci/builds
+
+ #
+ # 3. Auth settings
+ # ==========================
+
+ ## LDAP settings
+ # You can inspect a sample of the LDAP users with login access by running:
+ # bundle exec rake gitlab:ldap:check RAILS_ENV=production
+ ldap:
+ enabled: false
+ sync_time:
+ host:
+ port:
+ uid:
+ method: # "tls" or "ssl" or "plain"
+ bind_dn:
+ password:
+ active_directory:
+ allow_username_or_email_login:
+ lowercase_usernames:
+ base:
+ user_filter:
+
+ ## EE only
+ group_base:
+ admin_group:
+ sync_ssh_keys:
+ sync_time:
+
+ ## Smartcard authentication settings
+ smartcard:
+ # Allow smartcard authentication
+ enabled: false
+
+ # Path to a file containing a CA certificate
+ ca_file: "/etc/gitlab/ssl/CA.pem"
+
+ # Port where the client side certificate is requested by the webserver (NGINX/Apache)
+ client_certificate_required_port: 3444
+
+ ## Kerberos settings
+ kerberos:
+ # Allow the HTTP Negotiate authentication method for Git clients
+ enabled:
+
+ # Kerberos 5 keytab file. The keytab file must be readable by the GitLab user,
+ # and should be different from other keytabs in the system.
+ # (default: use default keytab from Krb5 config)
+ keytab:
+
+ # The Kerberos service name to be used by GitLab.
+ # (default: accept any service name in keytab file)
+ service_principal_name:
+
+ # Dedicated port: Git before 2.4 does not fall back to Basic authentication if Negotiate fails.
+ # To support both Basic and Negotiate methods with older versions of Git, configure
+ # nginx to proxy GitLab on an extra port (e.g. 8443) and uncomment the following lines
+ # to dedicate this port to Kerberos authentication. (default: false)
+ use_dedicated_port:
+ port:
+ https:
+
+
+ ## OmniAuth settings
+ omniauth:
+ # Allow login via Twitter, Google, etc. using OmniAuth providers
+ enabled:
+
+ # Uncomment this to automatically sign in with a specific omniauth provider's without
+ # showing GitLab's sign-in page (default: show the GitLab sign-in page)
+ auto_sign_in_with_provider:
+
+ # Sync user's email address from the specified Omniauth provider every time the user logs
+ # in (default: nil). And consequently make this field read-only.
+
+ # Sync user's profile from the specified Omniauth providers every time the user logs in (default: empty).
+ # Define the allowed providers using an array, e.g. ["cas3", "saml", "twitter"],
+ # or as true/false to allow all providers or none.
+ # sync_profile_from_provider: []
+
+ # Select which info to sync from the providers above. (default: email).
+ # Define the synced profile info using an array. Available options are "name", "email" and "location"
+ # e.g. ["name", "email", "location"] or as true to sync all available.
+ # This consequently will make the selected attributes read-only.
+ # sync_profile_attributes: true
+
+ # CAUTION!
+ # This allows users to login without having a user account first. Define the allowed
+ # providers using an array, e.g. ["saml", "twitter"]
+ # User accounts will be created automatically when authentication was successful.
+ allow_single_sign_on: ["saml"]
+
+ # Locks down those users until they have been cleared by the admin (default: true).
+ block_auto_created_users:
+ # Look up new users in LDAP servers. If a match is found (same uid), automatically
+ # link the omniauth identity with the LDAP account. (default: false)
+ auto_link_ldap_user:
+
+ # Allow users with existing accounts to login and auto link their account via SAML
+ # login, without having to do a manual login first and manually add SAML
+ # (default: false)
+ auto_link_saml_user: null
+
+ # Set different Omniauth providers as external so that all users creating accounts
+ # via these providers will not be able to have access to internal projects. You
+ # will need to use the full name of the provider, like `google_oauth2` for Google.
+ # Refer to the examples below for the full names of the supported providers.
+ # (default: [])
+ external_providers: null
+
+ ## Auth providers
+ # Uncomment the following lines and fill in the data of the auth provider you want to use
+ # If your favorite auth provider is not listed you can use others:
+ # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Custom-omniauth-provider-configurations
+ # The 'app_id' and 'app_secret' parameters are always passed as the first two
+ # arguments, followed by optional 'args' which can be either a hash or an array.
+ # Documentation for this is available at https://docs.gitlab.com/ce/integration/omniauth.html
+ providers:
+ # - { name: 'google_oauth2', app_id: 'YOUR APP ID',
+ # app_secret: 'YOUR APP SECRET',
+ # args: { access_type: 'offline', approval_prompt: '' } }
+ # - { name: 'twitter', app_id: 'YOUR APP ID',
+ # app_secret: 'YOUR APP SECRET'}
+ # - { name: 'github', app_id: 'YOUR APP ID',
+ # app_secret: 'YOUR APP SECRET',
+ # args: { scope: 'user:email' } }
+
+ # Shared file storage settings
+ shared:
+ path: /var/opt/gitlab/gitlab-rails/shared
+
+ # Gitaly settings
+ # This setting controls whether GitLab uses Gitaly
+ # Eventually Gitaly use will become mandatory and
+ # this option will disappear.
+ gitaly:
+ client_path: /opt/gitlab/embedded/bin
+ token: ""
+
+
+ #
+ # 4. Advanced settings
+ # ==========================
+
+ ## Repositories settings
+ repositories:
+ # Paths where repositories can be stored. Give the canonicalized absolute pathname.
+ # NOTE: REPOS PATHS MUST NOT CONTAIN ANY SYMLINK!!!
+ storages: {"default":{"path":"/var/opt/gitlab/git-data/repositories","gitaly_address":"unix:/var/opt/gitlab/gitaly/gitaly.socket"}}
+
+ ## Backup settings
+ backup:
+ path: "/var/opt/gitlab/backups" # Relative paths are relative to Rails.root (default: tmp/backups/)
+ archive_permissions: # Permissions for the resulting backup.tar file (default: 0600)
+ keep_time: # default: 0 (forever) (in seconds)
+ pg_schema: # default: nil, it means that all schemas will be backed up
+ upload:
+ # Fog storage connection settings, see http://fog.io/storage/ .
+ connection:
+ # The remote 'directory' to store your backups. For S3, this would be the bucket name.
+ remote_directory:
+ multipart_chunk_size:
+ encryption:
+ encryption_key:
+ storage_class:
+
+ ## Pseudonymizer settings
+ pseudonymizer:
+ manifest:
+ upload:
+ remote_directory:
+ connection: {}
+
+ ## GitLab Shell settings
+ gitlab_shell:
+ path: /opt/gitlab/embedded/service/gitlab-shell/
+ hooks_path: /opt/gitlab/embedded/service/gitlab-shell/hooks/
+
+ # Git over HTTP
+ upload_pack:
+ receive_pack:
+
+ # If you use non-standard ssh port you need to specify it
+ ssh_port:
+
+ # Git import/fetch timeout
+ git_timeout: 10800
+
+ ## Git settings
+ # CAUTION!
+ # Use the default values unless you really know what you are doing
+ git:
+ bin_path: /opt/gitlab/embedded/bin/git
+
+ monitoring:
+ # Time between sampling of unicorn socket metrics, in seconds
+ unicorn_sampler_interval: 10
+ # IP whitelist controlling access to monitoring endpoints
+ ip_whitelist:
+ - "127.0.0.0/8"
+ - "::1/128"
+ # Sidekiq exporter is webserver built in to Sidekiq to expose Prometheus metrics
+ sidekiq_exporter:
+ enabled: true
+ address: 127.0.0.1
+ port: 8082
+
+ #
+ # 5. Extra customization
+ # ==========================
+
+ extra:
+
+
+ rack_attack:
+ git_basic_auth:
+
+
+development:
+ <<: *base
+
+test:
+ <<: *base
+ gravatar:
+ enabled: true
+ gitlab:
+ host: localhost
+ port: 80
+
+ # When you run tests we clone and setup gitlab-shell
+ # In order to setup it correctly you need to specify
+ # your system username you use to run GitLab
+ # user: YOUR_USERNAME
+ repositories:
+ storages:
+ default: { "path": "tmp/tests/repositories/" }
+ gitlab_shell:
+ path: tmp/tests/gitlab-shell/
+ hooks_path: tmp/tests/gitlab-shell/hooks/
+ issues_tracker:
+ redmine:
+ title: "Redmine"
+ project_url: "http://redmine/projects/:issues_tracker_id"
+ issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
+ new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
+ jira:
+ title: "JIRA"
+ url: https://samplecompany.example.net
+ project_key: PROJECT
+ ldap:
+ enabled: false
+ servers:
+ main:
+ label: ldap
+ host: 127.0.0.1
+ port: 3890
+ uid: 'uid'
+ method: 'plain' # "tls" or "ssl" or "plain"
+ base: 'dc=example,dc=com'
+ user_filter: ''
+ group_base: 'ou=groups,dc=example,dc=com'
+ admin_group: ''
+ sync_ssh_keys: false
+
+staging:
+ <<: *base
- change mode from '' to '0640'
- change owner from '' to 'root'
- change group from '' to 'git'
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml to /var/opt/gitlab/gitlab-rails/etc/gitlab.yml] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml to /var/opt/gitlab/gitlab-rails/etc/gitlab.yml
* templatesymlink[Create a rack_attack.rb and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/rack_attack.rb] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/rack_attack.rb
- update content in file /var/opt/gitlab/gitlab-rails/etc/rack_attack.rb from none to a61b95
--- /var/opt/gitlab/gitlab-rails/etc/rack_attack.rb 2019-03-22 15:24:03.858590370 +0000
+++ /var/opt/gitlab/gitlab-rails/etc/.chef-rack_attack20190322-11-1v8z2e5.rb 2019-03-22 15:24:03.858590370 +0000
@@ -1 +1,32 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+# 1. Rename this file to rack_attack.rb
+# 2. Review the paths_to_be_protected and add any other path you need protecting
+#
+
+paths_to_be_protected = [
+ "#{Rails.application.config.relative_url_root}/users/password",
+ "#{Rails.application.config.relative_url_root}/users/sign_in",
+ "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session.json",
+ "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session",
+ "#{Rails.application.config.relative_url_root}/users",
+ "#{Rails.application.config.relative_url_root}/users/confirmation",
+ "#{Rails.application.config.relative_url_root}/unsubscribes/",
+ "#{Rails.application.config.relative_url_root}/import/github/personal_access_token",
+]
+
+# Create one big regular expression that matches strings starting with any of
+# the paths_to_be_protected.
+paths_regex = Regexp.union(paths_to_be_protected.map { |path| /\A#{Regexp.escape(path)}/ })
+rack_attack_enabled = Gitlab.config.rack_attack.git_basic_auth['enabled']
+
+unless Rails.env.test? || !rack_attack_enabled
+ Rack::Attack.throttle('protected paths', limit: 10, period: 60.seconds) do |req|
+ if req.post? && req.path =~ paths_regex
+ req.ip
+ end
+ end
+end
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
* link[Link /opt/gitlab/embedded/service/gitlab-rails/config/initializers/rack_attack.rb to /var/opt/gitlab/gitlab-rails/etc/rack_attack.rb] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/config/initializers/rack_attack.rb to /var/opt/gitlab/gitlab-rails/etc/rack_attack.rb
* templatesymlink[Create a gitlab_workhorse_secret and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/gitlab_workhorse_secret] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/gitlab_workhorse_secret
- update content in file /var/opt/gitlab/gitlab-rails/etc/gitlab_workhorse_secret from none to 3ddbd4
- suppressed sensitive resource
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
* link[Link /opt/gitlab/embedded/service/gitlab-rails/.gitlab_workhorse_secret to /var/opt/gitlab/gitlab-rails/etc/gitlab_workhorse_secret] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/.gitlab_workhorse_secret to /var/opt/gitlab/gitlab-rails/etc/gitlab_workhorse_secret
* templatesymlink[Create a gitlab_shell_secret and create a symlink to Rails root] action create
* template[/var/opt/gitlab/gitlab-rails/etc/gitlab_shell_secret] action create
- create new file /var/opt/gitlab/gitlab-rails/etc/gitlab_shell_secret
- update content in file /var/opt/gitlab/gitlab-rails/etc/gitlab_shell_secret from none to 7b7e25
- suppressed sensitive resource
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
* link[Link /opt/gitlab/embedded/service/gitlab-rails/.gitlab_shell_secret to /var/opt/gitlab/gitlab-rails/etc/gitlab_shell_secret] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/.gitlab_shell_secret to /var/opt/gitlab/gitlab-rails/etc/gitlab_shell_secret
* templatesymlink[Create a gitlab_pages_secret and create a symlink to Rails root] action create (skipped due to only_if)
* link[/opt/gitlab/embedded/service/gitlab-rails/config/initializers/relative_url.rb] action delete (up to date)
* file[/var/opt/gitlab/gitlab-rails/etc/relative_url.rb] action delete (up to date)
* env_dir[/opt/gitlab/etc/gitlab-rails/env] action create
* directory[/opt/gitlab/etc/gitlab-rails/env] action create
- create new directory /opt/gitlab/etc/gitlab-rails/env
* file[/opt/gitlab/etc/gitlab-rails/env/HOME] action create
- create new file /opt/gitlab/etc/gitlab-rails/env/HOME
- update content in file /opt/gitlab/etc/gitlab-rails/env/HOME from none to 205bb9
--- /opt/gitlab/etc/gitlab-rails/env/HOME 2019-03-22 15:24:03.918521749 +0000
+++ /opt/gitlab/etc/gitlab-rails/env/.chef-HOME20190322-11-1pms9vn 2019-03-22 15:24:03.918521749 +0000
@@ -1 +1,2 @@
+/var/opt/gitlab
* file[/opt/gitlab/etc/gitlab-rails/env/RAILS_ENV] action create
- create new file /opt/gitlab/etc/gitlab-rails/env/RAILS_ENV
- update content in file /opt/gitlab/etc/gitlab-rails/env/RAILS_ENV from none to ab8e18
--- /opt/gitlab/etc/gitlab-rails/env/RAILS_ENV 2019-03-22 15:24:03.938498875 +0000
+++ /opt/gitlab/etc/gitlab-rails/env/.chef-RAILS_ENV20190322-11-1e6ahrv 2019-03-22 15:24:03.928510312 +0000
@@ -1 +1,2 @@
+production
* file[/opt/gitlab/etc/gitlab-rails/env/LD_PRELOAD] action create
- create new file /opt/gitlab/etc/gitlab-rails/env/LD_PRELOAD
- update content in file /opt/gitlab/etc/gitlab-rails/env/LD_PRELOAD from none to f79114
--- /opt/gitlab/etc/gitlab-rails/env/LD_PRELOAD 2019-03-22 15:24:03.948487438 +0000
+++ /opt/gitlab/etc/gitlab-rails/env/.chef-LD_PRELOAD20190322-11-1r42sul 2019-03-22 15:24:03.948487438 +0000
@@ -1 +1,2 @@
+/opt/gitlab/embedded/lib/libjemalloc.so
* file[/opt/gitlab/etc/gitlab-rails/env/SIDEKIQ_MEMORY_KILLER_MAX_RSS] action create
- create new file /opt/gitlab/etc/gitlab-rails/env/SIDEKIQ_MEMORY_KILLER_MAX_RSS
- update content in file /opt/gitlab/etc/gitlab-rails/env/SIDEKIQ_MEMORY_KILLER_MAX_RSS from none to dd80d7
--- /opt/gitlab/etc/gitlab-rails/env/SIDEKIQ_MEMORY_KILLER_MAX_RSS 2019-03-22 15:24:03.948487438 +0000
+++ /opt/gitlab/etc/gitlab-rails/env/.chef-SIDEKIQ_MEMORY_KILLER_MAX_RSS20190322-11-1rj7mtt 2019-03-22 15:24:03.948487438 +0000
@@ -1 +1,2 @@
+2000000
* file[/opt/gitlab/etc/gitlab-rails/env/BUNDLE_GEMFILE] action create
- create new file /opt/gitlab/etc/gitlab-rails/env/BUNDLE_GEMFILE
- update content in file /opt/gitlab/etc/gitlab-rails/env/BUNDLE_GEMFILE from none to 28d586
--- /opt/gitlab/etc/gitlab-rails/env/BUNDLE_GEMFILE 2019-03-22 15:24:03.948487438 +0000
+++ /opt/gitlab/etc/gitlab-rails/env/.chef-BUNDLE_GEMFILE20190322-11-pl1z1w 2019-03-22 15:24:03.948487438 +0000
@@ -1 +1,2 @@
+/opt/gitlab/embedded/service/gitlab-rails/Gemfile
* file[/opt/gitlab/etc/gitlab-rails/env/PATH] action create
- create new file /opt/gitlab/etc/gitlab-rails/env/PATH
- update content in file /opt/gitlab/etc/gitlab-rails/env/PATH from none to d5dc07
--- /opt/gitlab/etc/gitlab-rails/env/PATH 2019-03-22 15:24:03.958476001 +0000
+++ /opt/gitlab/etc/gitlab-rails/env/.chef-PATH20190322-11-10sbtl1 2019-03-22 15:24:03.958476001 +0000
@@ -1 +1,2 @@
+/opt/gitlab/bin:/opt/gitlab/embedded/bin:/bin:/usr/bin
* file[/opt/gitlab/etc/gitlab-rails/env/ICU_DATA] action create
- create new file /opt/gitlab/etc/gitlab-rails/env/ICU_DATA
- update content in file /opt/gitlab/etc/gitlab-rails/env/ICU_DATA from none to a04260
--- /opt/gitlab/etc/gitlab-rails/env/ICU_DATA 2019-03-22 15:24:03.968464565 +0000
+++ /opt/gitlab/etc/gitlab-rails/env/.chef-ICU_DATA20190322-11-1tlf9ii 2019-03-22 15:24:03.968464565 +0000
@@ -1 +1,2 @@
+/opt/gitlab/embedded/share/icu/current
* file[/opt/gitlab/etc/gitlab-rails/env/PYTHONPATH] action create
- create new file /opt/gitlab/etc/gitlab-rails/env/PYTHONPATH
- update content in file /opt/gitlab/etc/gitlab-rails/env/PYTHONPATH from none to 990cc2
--- /opt/gitlab/etc/gitlab-rails/env/PYTHONPATH 2019-03-22 15:24:03.968464565 +0000
+++ /opt/gitlab/etc/gitlab-rails/env/.chef-PYTHONPATH20190322-11-14gzxou 2019-03-22 15:24:03.968464565 +0000
@@ -1 +1,2 @@
+/opt/gitlab/embedded/lib/python3.4/site-packages
* file[/opt/gitlab/etc/gitlab-rails/env/EXECJS_RUNTIME] action create
- create new file /opt/gitlab/etc/gitlab-rails/env/EXECJS_RUNTIME
- update content in file /opt/gitlab/etc/gitlab-rails/env/EXECJS_RUNTIME from none to 75081b
--- /opt/gitlab/etc/gitlab-rails/env/EXECJS_RUNTIME 2019-03-22 15:24:03.978453128 +0000
+++ /opt/gitlab/etc/gitlab-rails/env/.chef-EXECJS_RUNTIME20190322-11-1f1cwvl 2019-03-22 15:24:03.978453128 +0000
@@ -1 +1,2 @@
+Disabled
* file[/opt/gitlab/etc/gitlab-rails/env/TZ] action create
- create new file /opt/gitlab/etc/gitlab-rails/env/TZ
- update content in file /opt/gitlab/etc/gitlab-rails/env/TZ from none to 983a95
--- /opt/gitlab/etc/gitlab-rails/env/TZ 2019-03-22 15:24:03.978453128 +0000
+++ /opt/gitlab/etc/gitlab-rails/env/.chef-TZ20190322-11-1mjuooh 2019-03-22 15:24:03.978453128 +0000
@@ -1 +1,2 @@
+:/etc/localtime
* link[/opt/gitlab/embedded/service/gitlab-rails/tmp] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/tmp to /var/opt/gitlab/gitlab-rails/tmp
* link[/opt/gitlab/embedded/service/gitlab-rails/public/uploads] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/public/uploads to /var/opt/gitlab/gitlab-rails/uploads
* link[/opt/gitlab/embedded/service/gitlab-rails/log] action create
- create symlink at /opt/gitlab/embedded/service/gitlab-rails/log to /var/log/gitlab/gitlab-rails
* link[/var/log/gitlab/gitlab-rails/sidekiq.log] action create
- create symlink at /var/log/gitlab/gitlab-rails/sidekiq.log to /var/log/gitlab/sidekiq/current
* file[/opt/gitlab/embedded/service/gitlab-rails/db/schema.rb] action create
- change owner from 'root' to 'git'
* remote_file[/var/opt/gitlab/gitlab-rails/VERSION] action create
- create new file /var/opt/gitlab/gitlab-rails/VERSION
- update content in file /var/opt/gitlab/gitlab-rails/VERSION from none to d9f29f
--- /var/opt/gitlab/gitlab-rails/VERSION 2019-03-22 15:24:04.008418817 +0000
+++ /var/opt/gitlab/gitlab-rails/.chef-VERSION20190322-11-e1j7mw 2019-03-22 15:24:04.008418817 +0000
@@ -1 +1,2 @@
+11.9.0
* remote_file[/var/opt/gitlab/gitlab-rails/REVISION] action create
- create new file /var/opt/gitlab/gitlab-rails/REVISION
- update content in file /var/opt/gitlab/gitlab-rails/REVISION from none to 490c3f
--- /var/opt/gitlab/gitlab-rails/REVISION 2019-03-22 15:24:04.008418817 +0000
+++ /var/opt/gitlab/gitlab-rails/.chef-REVISION20190322-11-knsz0e 2019-03-22 15:24:04.008418817 +0000
@@ -1 +1,2 @@
+a47124c
* file[/var/opt/gitlab/gitlab-rails/RUBY_VERSION] action create
- create new file /var/opt/gitlab/gitlab-rails/RUBY_VERSION
- update content in file /var/opt/gitlab/gitlab-rails/RUBY_VERSION from none to 07c7b9
--- /var/opt/gitlab/gitlab-rails/RUBY_VERSION 2019-03-22 15:24:04.018407381 +0000
+++ /var/opt/gitlab/gitlab-rails/.chef-RUBY_VERSION20190322-11-rnrk6i 2019-03-22 15:24:04.018407381 +0000
@@ -1 +1,2 @@
+ruby 2.5.3p105 (2018-10-18 revision 65156) [x86_64-linux]
* execute[clear the gitlab-rails cache] action nothing (skipped due to action :nothing)
* file[/var/opt/gitlab/gitlab-rails/config.ru] action delete (up to date)
Recipe: gitlab::add_trusted_certs
* directory[/etc/gitlab/trusted-certs] action create
- create new directory /etc/gitlab/trusted-certs
- change mode from '' to '0755'
* directory[/opt/gitlab/embedded/ssl/certs] action create (up to date)
* file[/opt/gitlab/embedded/ssl/certs/README] action create
- create new file /opt/gitlab/embedded/ssl/certs/README
- update content in file /opt/gitlab/embedded/ssl/certs/README from none to 623059
--- /opt/gitlab/embedded/ssl/certs/README 2019-03-22 15:24:04.028395944 +0000
+++ /opt/gitlab/embedded/ssl/certs/.chef-README20190322-11-1anaxca 2019-03-22 15:24:04.028395944 +0000
@@ -1 +1,4 @@
+This directory is managed by omnibus-gitlab.
+ Any file placed in this directory will be ignored
+. Place certificates in /etc/gitlab/trusted-certs.
- change mode from '' to '0644'
* ruby_block[Move existing certs and link to /opt/gitlab/embedded/ssl/certs] action run
* Moving existing certificates found in /opt/gitlab/embedded/ssl/certs
* Symlinking existing certificates found in /etc/gitlab/trusted-certs
- execute the ruby block Move existing certs and link to /opt/gitlab/embedded/ssl/certs
Recipe: gitlab::default
* service[create a temporary unicorn service] action nothing (skipped due to action :nothing)
* service[create a temporary puma service] action nothing (skipped due to action :nothing)
* service[create a temporary sidekiq service] action nothing (skipped due to action :nothing)
* service[create a temporary mailroom service] action nothing (skipped due to action :nothing)
Recipe: redis::enable
* account[user and group for redis] action create
* group[user and group for redis] action create
- create group gitlab-redis
* linux_user[user and group for redis] action create
- create user gitlab-redis
* group[Socket group] action create (up to date)
* directory[/var/opt/gitlab/redis] action create
- create new directory /var/opt/gitlab/redis
- change mode from '' to '0750'
- change owner from '' to 'gitlab-redis'
- change group from '' to 'git'
* directory[/var/log/gitlab/redis] action create
- create new directory /var/log/gitlab/redis
- change mode from '' to '0700'
- change owner from '' to 'gitlab-redis'
* template[/var/opt/gitlab/redis/redis.conf] action create
- create new file /var/opt/gitlab/redis/redis.conf
- update content in file /var/opt/gitlab/redis/redis.conf from none to 46b4a3
--- /var/opt/gitlab/redis/redis.conf 2019-03-22 15:24:04.308075713 +0000
+++ /var/opt/gitlab/redis/.chef-redis20190322-11-1gujrta.conf 2019-03-22 15:24:04.308075713 +0000
@@ -1 +1,1062 @@
+# This file is managed by gitlab-ctl. Manual changes will be
+# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
+# and run `sudo gitlab-ctl reconfigure`.
+
+# Redis configuration file example.
+#
+# Note that in order to read the configuration file, Redis must be
+# started with the file path as first argument:
+#
+# ./redis-server /path/to/redis.conf
+
+# Note on units: when memory size is needed, it is possible to specify
+# it in the usual form of 1k 5GB 4M and so forth:
+#
+# 1k => 1000 bytes
+# 1kb => 1024 bytes
+# 1m => 1000000 bytes
+# 1mb => 1024*1024 bytes
+# 1g => 1000000000 bytes
+# 1gb => 1024*1024*1024 bytes
+#
+# units are case insensitive so 1GB 1Gb 1gB are all the same.
+
+################################## INCLUDES ###################################
+
+# Include one or more other config files here. This is useful if you
+# have a standard template that goes to all Redis servers but also need
+# to customize a few per-server settings. Include files can include
+# other files, so use this wisely.
+#
+# Notice option "include" won't be rewritten by command "CONFIG REWRITE"
+# from admin or Redis Sentinel. Since Redis always uses the last processed
+# line as value of a configuration directive, you'd better put includes
+# at the beginning of this file to avoid overwriting config change at runtime.
+#
+# If instead you are interested in using includes to override configuration
+# options, it is better to use include as the last line.
+#
+# include /path/to/local.conf
+# include /path/to/other.conf
+
+################################## NETWORK #####################################
+
+# By default, if no "bind" configuration directive is specified, Redis listens
+# for connections from all the network interfaces available on the server.
+# It is possible to listen to just one or multiple selected interfaces using
+# the "bind" configuration directive, followed by one or more IP addresses.
+#
+# Examples:
+#
+# bind 192.168.1.100 10.0.0.1
+# bind 127.0.0.1 ::1
+#
+# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
+# internet, binding to all the interfaces is dangerous and will expose the
+# instance to everybody on the internet. So by default we uncomment the
+# following bind directive, that will force Redis to listen only into
+# the IPv4 lookback interface address (this means Redis will be able to
+# accept connections only from clients running into the same computer it
+# is running).
+#
+# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
+# JUST COMMENT THE FOLLOWING LINE.
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+bind 127.0.0.1
+
+# Protected mode is a layer of security protection, in order to avoid that
+# Redis instances left open on the internet are accessed and exploited.
+#
+# When protected mode is on and if:
+#
+# 1) The server is not binding explicitly to a set of addresses using the
+# "bind" directive.
+# 2) No password is configured.
+#
+# The server only accepts connections from clients connecting from the
+# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
+# sockets.
+#
+# By default protected mode is enabled. You should disable it only if
+# you are sure you want clients from other hosts to connect to Redis
+# even if no authentication is configured, nor a specific set of interfaces
+# are explicitly listed using the "bind" directive.
+# protected-mode yes
+
+# Accept connections on the specified port, default is 6379 (IANA #815344).
+# If port 0 is specified Redis will not listen on a TCP socket.
+port 0
+
+# TCP listen() backlog.
+#
+# In high requests-per-second environments you need an high backlog in order
+# to avoid slow clients connections issues. Note that the Linux kernel
+# will silently truncate it to the value of /proc/sys/net/core/somaxconn so
+# make sure to raise both the value of somaxconn and tcp_max_syn_backlog
+# in order to get the desired effect.
+tcp-backlog 511
+
+# Unix socket.
+#
+# Specify the path for the Unix socket that will be used to listen for
+# incoming connections. There is no default, so Redis will not listen
+# on a unix socket when not specified.
+#
+unixsocket /var/opt/gitlab/redis/redis.socket
+unixsocketperm 777
+
+# Close the connection after a client is idle for N seconds (0 to disable)
+timeout 60
+
+# TCP keepalive.
+#
+# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence
+# of communication. This is useful for two reasons:
+#
+# 1) Detect dead peers.
+# 2) Take the connection alive from the point of view of network
+# equipment in the middle.
+#
+# On Linux, the specified value (in seconds) is the period used to send ACKs.
+# Note that to close the connection the double of the time is needed.
+# On other kernels the period depends on the kernel configuration.
+#
+# A reasonable value for this option is 300 seconds, which is the new
+# Redis default starting with Redis 3.2.1.
+tcp-keepalive 300
+
+################################# GENERAL #####################################
+
+# By default Redis does not run as a daemon. Use 'yes' if you need it.
+# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
+daemonize no
+
+# If you run Redis from upstart or systemd, Redis can interact with your
+# supervision tree. Options:
+# supervised no - no supervision interaction
+# supervised upstart - signal upstart by putting Redis into SIGSTOP mode
+# supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET
+# supervised auto - detect upstart or systemd method based on
+# UPSTART_JOB or NOTIFY_SOCKET environment variables
+# Note: these supervision methods only signal "process is ready."
+# They do not enable continuous liveness pings back to your supervisor.
+# supervised no
+
+# If a pid file is specified, Redis writes it where specified at startup
+# and removes it at exit.
+#
+# When the server runs non daemonized, no pid file is created if none is
+# specified in the configuration. When the server is daemonized, the pid file
+# is used even if not specified, defaulting to "/var/run/redis.pid".
+#
+# Creating a pid file is best effort: if Redis is not able to create it
+# nothing bad happens, the server will start and run normally.
+pidfile "/var/run/redis_0.pid"
+
+# Specify the server verbosity level.
+# This can be one of:
+# debug (a lot of information, useful for development/testing)
+# verbose (many rarely useful info, but not a mess like the debug level)
+# notice (moderately verbose, what you want in production probably)
+# warning (only very important / critical messages are logged)
+loglevel notice
+
+# Specify the log file name. Also the empty string can be used to force
+# Redis to log on the standard output. Note that if you use standard
+# output for logging but daemonize, logs will be sent to /dev/null
+logfile ""
+
+# To enable logging to the system logger, just set 'syslog-enabled' to yes,
+# and optionally update the other syslog parameters to suit your needs.
+# syslog-enabled no
+
+# Specify the syslog identity.
+# syslog-ident redis
+
+# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
+# syslog-facility local0
+
+# Set the number of databases. The default database is DB 0, you can select
+# a different one on a per-connection basis using SELECT <dbid> where
+# dbid is a number between 0 and 'databases'-1
+databases 16
+
+################################ SNAPSHOTTING ################################
+#
+# Save the DB on disk:
+#
+# save <seconds> <changes>
+#
+# Will save the DB if both the given number of seconds and the given
+# number of write operations against the DB occurred.
+#
+# In the example below the behaviour will be to save:
+# after 900 sec (15 min) if at least 1 key changed
+# after 300 sec (5 min) if at least 10 keys changed
+# after 60 sec if at least 10000 keys changed
+#
+# Note: you can disable saving completely by commenting out all "save" lines.
+#
+# It is also possible to remove all the previously configured save
+# points by adding a save directive with a single empty string argument
+# like in the following example:
+#
+# save ""
+
+save 900 1
+save 300 10
+save 60 10000
+
+# By default Redis will stop accepting writes if RDB snapshots are enabled
+# (at least one save point) and the latest background save failed.
+# This will make the user aware (in a hard way) that data is not persisting
+# on disk properly, otherwise chances are that no one will notice and some
+# disaster will happen.
+#
+# If the background saving process will start working again Redis will
+# automatically allow writes again.
+#
+# However if you have setup your proper monitoring of the Redis server
+# and persistence, you may want to disable this feature so that Redis will
+# continue to work as usual even if there are problems with disk,
+# permissions, and so forth.
+stop-writes-on-bgsave-error yes
+
+# Compress string objects using LZF when dump .rdb databases?
+# For default that's set to 'yes' as it's almost always a win.
+# If you want to save some CPU in the saving child set it to 'no' but
+# the dataset will likely be bigger if you have compressible values or keys.
+rdbcompression yes
+
+# Since version 5 of RDB a CRC64 checksum is placed at the end of the file.
+# This makes the format more resistant to corruption but there is a performance
+# hit to pay (around 10%) when saving and loading RDB files, so you can disable it
+# for maximum performances.
+#
+# RDB files created with checksum disabled have a checksum of zero that will
+# tell the loading code to skip the check.
+rdbchecksum yes
+
+# The filename where to dump the DB
+dbfilename "dump.rdb"
+
+# The working directory.
+#
+# The DB will be written inside this directory, with the filename specified
+# above using the 'dbfilename' configuration directive.
+#
+# The Append Only File will also be created inside this directory.
+#
+# Note that you must specify a directory here, not a file name.
+dir "/var/opt/gitlab/redis"
+
+################################# REPLICATION #################################
+
+# Master-Slave replication. Use slaveof to make a Redis instance a copy of
+# another Redis server. A few things to understand ASAP about Redis replication.
+#
+# 1) Redis replication is asynchronous, but you can configure a master to
+# stop accepting writes if it appears to be not connected with at least
+# a given number of slaves.
+# 2) Redis slaves are able to perform a partial resynchronization with the
+# master if the replication link is lost for a relatively small amount of
+# time. You may want to configure the replication backlog size (see the next
+# sections of this file) with a sensible value depending on your needs.
+# 3) Replication is automatic and does not need user intervention. After a
+# network partition slaves automatically try to reconnect to masters
+# and resynchronize with them.
+#
+# slaveof <masterip> <masterport>
+
+
+# If the master is password protected (using the "requirepass" configuration
+# directive below) it is possible to tell the slave to authenticate before
+# starting the replication synchronization process, otherwise the master will
+# refuse the slave request.
+#
+# masterauth <master-password>
+
+
+# When a slave loses its connection with the master, or when the replication
+# is still in progress, the slave can act in two different ways:
+#
+# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will
+# still reply to client requests, possibly with out of date data, or the
+# data set may just be empty if this is the first synchronization.
+#
+# 2) if slave-serve-stale-data is set to 'no' the slave will reply with
+# an error "SYNC with master in progress" to all the kind of commands
+# but to INFO and SLAVEOF.
+#
+slave-serve-stale-data yes
+
+# You can configure a slave instance to accept writes or not. Writing against
+# a slave instance may be useful to store some ephemeral data (because data
+# written on a slave will be easily deleted after resync with the master) but
+# may also cause problems if clients are writing to it because of a
+# misconfiguration.
+#
+# Since Redis 2.6 by default slaves are read-only.
+#
+# Note: read only slaves are not designed to be exposed to untrusted clients
+# on the internet. It's just a protection layer against misuse of the instance.
+# Still a read only slave exports by default all the administrative commands
+# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve
+# security of read only slaves using 'rename-command' to shadow all the
+# administrative / dangerous commands.
+slave-read-only yes
+
+# Replication SYNC strategy: disk or socket.
+#
+# -------------------------------------------------------
+# WARNING: DISKLESS REPLICATION IS EXPERIMENTAL CURRENTLY
+# -------------------------------------------------------
+#
+# New slaves and reconnecting slaves that are not able to continue the replication
+# process just receiving differences, need to do what is called a "full
+# synchronization". An RDB file is transmitted from the master to the slaves.
+# The transmission can happen in two different ways:
+#
+# 1) Disk-backed: The Redis master creates a new process that writes the RDB
+# file on disk. Later the file is transferred by the parent
+# process to the slaves incrementally.
+# 2) Diskless: The Redis master creates a new process that directly writes the
+# RDB file to slave sockets, without touching the disk at all.
+#
+# With disk-backed replication, while the RDB file is generated, more slaves
+# can be queued and served with the RDB file as soon as the current child producing
+# the RDB file finishes its work. With diskless replication instead once
+# the transfer starts, new slaves arriving will be queued and a new transfer
+# will start when the current one terminates.
+#
+# When diskless replication is used, the master waits a configurable amount of
+# time (in seconds) before starting the transfer in the hope that multiple slaves
+# will arrive and the transfer can be parallelized.
+#
+# With slow disks and fast (large bandwidth) networks, diskless replication
+# works better.
+# repl-diskless-sync no
+
+# When diskless replication is enabled, it is possible to configure the delay
+# the server waits in order to spawn the child that transfers the RDB via socket
+# to the slaves.
+#
+# This is important since once the transfer starts, it is not possible to serve
+# new slaves arriving, that will be queued for the next RDB transfer, so the server
+# waits a delay in order to let more slaves arrive.
+#
+# The delay is specified in seconds, and by default is 5 seconds. To disable
+# it entirely just set it to 0 seconds and the transfer will start ASAP.
+# repl-diskless-sync-delay 5
+
+# Slaves send PINGs to server in a predefined interval. It's possible to change
+# this interval with the repl_ping_slave_period option. The default value is 10
+# seconds.
+#
+# repl-ping-slave-period 10
+
+# The following option sets the replication timeout for:
+#
+# 1) Bulk transfer I/O during SYNC, from the point of view of slave.
+# 2) Master timeout from the point of view of slaves (data, pings).
+# 3) Slave timeout from the point of view of masters (REPLCONF ACK pings).
+#
+# It is important to make sure that this value is greater than the value
+# specified for repl-ping-slave-period otherwise a timeout will be detected
+# every time there is low traffic between the master and the slave.
+#
+# repl-timeout 60
+
+# Disable TCP_NODELAY on the slave socket after SYNC?
+#
+# If you select "yes" Redis will use a smaller number of TCP packets and
+# less bandwidth to send data to slaves. But this can add a delay for
+# the data to appear on the slave side, up to 40 milliseconds with
+# Linux kernels using a default configuration.
+#
+# If you select "no" the delay for data to appear on the slave side will
+# be reduced but more bandwidth will be used for replication.
+#
+# By default we optimize for low latency, but in very high traffic conditions
+# or when the master and slaves are many hops away, turning this to "yes" may
+# be a good idea.
+repl-disable-tcp-nodelay no
+
+# Set the replication backlog size. The backlog is a buffer that accumulates
+# slave data when slaves are disconnected for some time, so that when a slave
+# wants to reconnect again, often a full resync is not needed, but a partial
+# resync is enough, just passing the portion of data the slave missed while
+# disconnected.
+#
+# The bigger the replication backlog, the longer the time the slave can be
+# disconnected and later be able to perform a partial resynchronization.
+#
+# The backlog is only allocated once there is at least a slave connected.
+#
+# repl-backlog-size 1mb
+
+# After a master has no longer connected slaves for some time, the backlog
+# will be freed. The following option configures the amount of seconds that
+# need to elapse, starting from the time the last slave disconnected, for
+# the backlog buffer to be freed.
+#
+# A value of 0 means to never release the backlog.
+#
+# repl-backlog-ttl 3600
+
+# The slave priority is an integer number published by Redis in the INFO output.
+# It is used by Redis Sentinel in order to select a slave to promote into a
+# master if the master is no longer working correctly.
+#
+# A slave with a low priority number is considered better for promotion, so
+# for instance if there are three slaves with priority 10, 100, 25 Sentinel will
+# pick the one with priority 10, that is the lowest.
+#
+# However a special priority of 0 marks the slave as not able to perform the
+# role of master, so a slave with priority of 0 will never be selected by
+# Redis Sentinel for promotion.
+#
+# By default the priority is 100.
+slave-priority 100
+
+# It is possible for a master to stop accepting writes if there are less than
+# N slaves connected, having a lag less or equal than M seconds.
+#
+# The N slaves need to be in "online" state.
+#
+# The lag in seconds, that must be <= the specified value, is calculated from
+# the last ping received from the slave, that is usually sent every second.
+#
+# This option does not GUARANTEE that N replicas will accept the write, but
+# will limit the window of exposure for lost writes in case not enough slaves
+# are available, to the specified number of seconds.
+#
+# For example to require at least 3 slaves with a lag <= 10 seconds use:
+#
+# min-slaves-to-write 3
+# min-slaves-max-lag 10
+#
+# Setting one or the other to 0 disables the feature.
+#
+# By default min-slaves-to-write is set to 0 (feature disabled) and
+# min-slaves-max-lag is set to 10.
+
+# A Redis master is able to list the address and port of the attached
+# slaves in different ways. For example the "INFO replication" section
+# offers this information, which is used, among other tools, by
+# Redis Sentinel in order to discover slave instances.
+# Another place where this info is available is in the output of the
+# "ROLE" command of a masteer.
+#
+# The listed IP and address normally reported by a slave is obtained
+# in the following way:
+#
+# IP: The address is auto detected by checking the peer address
+# of the socket used by the slave to connect with the master.
+#
+# Port: The port is communicated by the slave during the replication
+# handshake, and is normally the port that the slave is using to
+# list for connections.
+#
+# However when port forwarding or Network Address Translation (NAT) is
+# used, the slave may be actually reachable via different IP and port
+# pairs. The following two options can be used by a slave in order to
+# report to its master a specific set of IP and port, so that both INFO
+# and ROLE will report those values.
+#
+# There is no need to use both the options if you need to override just
+# the port or the IP address.
+#
+
+
+
+################################## SECURITY ###################################
+
+# Require clients to issue AUTH <PASSWORD> before processing any other
+# commands. This might be useful in environments in which you do not trust
+# others with access to the host running redis-server.
+#
+# This should stay commented out for backward compatibility and because most
+# people do not need auth (e.g. they run their own servers).
+#
+# Warning: since Redis is pretty fast an outside user can try up to
+# 150k passwords per second against a good box. This means that you should
+# use a very strong password otherwise it will be very easy to break.
+#
+
+
+# Command renaming.
+#
+# It is possible to change the name of dangerous commands in a shared
+# environment. For instance the CONFIG command may be renamed into something
+# hard to guess so that it will still be available for internal-use tools
+# but not available for general clients.
+#
+# Example:
+#
+# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
+#
+# It is also possible to completely kill a command by renaming it into
+# an empty string:
+#
+# rename-command CONFIG ""
+#
+# Please note that changing the name of commands that are logged into the
+# AOF file or transmitted to slaves may cause problems.
+
+################################### LIMITS ####################################
+
+# Set the max number of connected clients at the same time. By default
+# this limit is set to 10000 clients, however if the Redis server is not
+# able to configure the process file limit to allow for the specified limit
+# the max number of allowed clients is set to the current file limit
+# minus 32 (as Redis reserves a few file descriptors for internal uses).
+#
+# Once the limit is reached Redis will close all the new connections sending
+# an error 'max number of clients reached'.
+#
+maxclients 10000
+
+# Don't use more memory than the specified amount of bytes.
+# When the memory limit is reached Redis will try to remove keys
+# according to the eviction policy selected (see maxmemory-policy).
+#
+# If Redis can't remove keys according to the policy, or if the policy is
+# set to 'noeviction', Redis will start to reply with errors to commands
+# that would use more memory, like SET, LPUSH, and so on, and will continue
+# to reply to read-only commands like GET.
+#
+# This option is usually useful when using Redis as an LRU cache, or to set
+# a hard memory limit for an instance (using the 'noeviction' policy).
+#
+# WARNING: If you have slaves attached to an instance with maxmemory on,
+# the size of the output buffers needed to feed the slaves are subtracted
+# from the used memory count, so that network problems / resyncs will
+# not trigger a loop where keys are evicted, and in turn the output
+# buffer of slaves is full with DELs of keys evicted triggering the deletion
+# of more keys, and so forth until the database is completely emptied.
+#
+# In short... if you have slaves attached it is suggested that you set a lower
+# limit for maxmemory so that there is some free RAM on the system for slave
+# output buffers (but this is not needed if the policy is 'noeviction').
+#
+# maxmemory <bytes>
+maxmemory 0
+
+# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
+# is reached. You can select among five behaviors:
+#
+# volatile-lru -> remove the key with an expire set using an LRU algorithm
+# allkeys-lru -> remove any key according to the LRU algorithm
+# volatile-random -> remove a random key with an expire set
+# allkeys-random -> remove a random key, any key
+# volatile-ttl -> remove the key with the nearest expire time (minor TTL)
+# noeviction -> don't expire at all, just return an error on write operations
+#
+# Note: with any of the above policies, Redis will return an error on write
+# operations, when there are no suitable keys for eviction.
+#
+# At the date of writing these commands are: set setnx setex append
+# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd
+# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby
+# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby
+# getset mset msetnx exec sort
+#
+# The default is:
+#
+# maxmemory-policy noeviction
+maxmemory-policy noeviction
+
+# LRU and minimal TTL algorithms are not precise algorithms but approximated
+# algorithms (in order to save memory), so you can tune it for speed or
+# accuracy. For default Redis will check five keys and pick the one that was
+# used less recently, you can change the sample size using the following
+# configuration directive.
+#
+# The default of 5 produces good enough results. 10 Approximates very closely
+# true LRU but costs a bit more CPU. 3 is very fast but not very accurate.
+#
+# maxmemory-samples 5
+maxmemory-samples 5
+
+############################## APPEND ONLY MODE ###############################
+
+# By default Redis asynchronously dumps the dataset on disk. This mode is
+# good enough in many applications, but an issue with the Redis process or
+# a power outage may result into a few minutes of writes lost (depending on
+# the configured save points).
+#
+# The Append Only File is an alternative persistence mode that provides
+# much better durability. For instance using the default data fsync policy
+# (see later in the config file) Redis can lose just one second of writes in a
+# dramatic event like a server power outage, or a single write if something
+# wrong with the Redis process itself happens, but the operating system is
+# still running correctly.
+#
+# AOF and RDB persistence can be enabled at the same time without problems.
+# If the AOF is enabled on startup Redis will load the AOF, that is the file
+# with the better durability guarantees.
+#
+# Please check http://redis.io/topics/persistence for more information.
+
+appendonly no
+
+# The name of the append only file (default: "appendonly.aof")
+
+# appendfilename "appendonly.aof"
+
+# The fsync() call tells the Operating System to actually write data on disk
+# instead of waiting for more data in the output buffer. Some OS will really flush
+# data on disk, some other OS will just try to do it ASAP.
+#
+# Redis supports three different modes:
+#
+# no: don't fsync, just let the OS flush the data when it wants. Faster.
+# always: fsync after every write to the append only log. Slow, Safest.
+# everysec: fsync only one time every second. Compromise.
+#
+# The default is "everysec", as that's usually the right compromise between
+# speed and data safety. It's up to you to understand if you can relax this to
+# "no" that will let the operating system flush the output buffer when
+# it wants, for better performances (but if you can live with the idea of
+# some data loss consider the default persistence mode that's snapshotting),
+# or on the contrary, use "always" that's very slow but a bit safer than
+# everysec.
+#
+# More details please check the following article:
+# http://antirez.com/post/redis-persistence-demystified.html
+#
+# If unsure, use "everysec".
+
+# appendfsync always
+appendfsync everysec
+# appendfsync no
+
+# When the AOF fsync policy is set to always or everysec, and a background
+# saving process (a background save or AOF log background rewriting) is
+# performing a lot of I/O against the disk, in some Linux configurations
+# Redis may block too long on the fsync() call. Note that there is no fix for
+# this currently, as even performing fsync in a different thread will block
+# our synchronous write(2) call.
+#
+# In order to mitigate this problem it's possible to use the following option
+# that will prevent fsync() from being called in the main process while a
+# BGSAVE or BGREWRITEAOF is in progress.
+#
+# This means that while another child is saving, the durability of Redis is
+# the same as "appendfsync none". In practical terms, this means that it is
+# possible to lose up to 30 seconds of log in the worst scenario (with the
+# default Linux settings).
+#
+# If you have latency problems turn this to "yes". Otherwise leave it as
+# "no" that is the safest pick from the point of view of durability.
+
+no-appendfsync-on-rewrite no
+
+# Automatic rewrite of the append only file.
+# Redis is able to automatically rewrite the log file implicitly calling
+# BGREWRITEAOF when the AOF log size grows by the specified percentage.
+#
+# This is how it works: Redis remembers the size of the AOF file after the
+# latest rewrite (if no rewrite has happened since the restart, the size of
+# the AOF at startup is used).
+#
+# This base size is compared to the current size. If the current size is
+# bigger than the specified percentage, the rewrite is triggered. Also
+# you need to specify a minimal size for the AOF file to be rewritten, this
+# is useful to avoid rewriting the AOF file even if the percentage increase
+# is reached but it is still pretty small.
+#
+# Specify a percentage of zero in order to disable the automatic AOF
+# rewrite feature.
+
+auto-aof-rewrite-percentage 100
+auto-aof-rewrite-min-size 64mb
+
+# An AOF file may be found to be truncated at the end during the Redis
+# startup process, when the AOF data gets loaded back into memory.
+# This may happen when the system where Redis is running
+# crashes, especially when an ext4 filesystem is mounted without the
+# data=ordered option (however this can't happen when Redis itself
+# crashes or aborts but the operating system still works correctly).
+#
+# Redis can either exit with an error when this happens, or load as much
+# data as possible (the default now) and start if the AOF file is found
+# to be truncated at the end. The following option controls this behavior.
+#
+# If aof-load-truncated is set to yes, a truncated AOF file is loaded and
+# the Redis server starts emitting a log to inform the user of the event.
+# Otherwise if the option is set to no, the server aborts with an error
+# and refuses to start. When the option is set to no, the user requires
+# to fix the AOF file using the "redis-check-aof" utility before to restart
+# the server.
+#
+# Note that if the AOF file will be found to be corrupted in the middle
+# the server will still exit with an error. This option only applies when
+# Redis will try to read more data from the AOF file but not enough bytes
+# will be found.
+# aof-load-truncated yes
+
+################################ LUA SCRIPTING ###############################
+
+# Max execution time of a Lua script in milliseconds.
+#
+# If the maximum execution time is reached Redis will log that a script is
+# still in execution after the maximum allowed time and will start to
+# reply to queries with an error.
+#
+# When a long running script exceeds the maximum execution time only the
+# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be
+# used to stop a script that did not yet called write commands. The second
+# is the only way to shut down the server in the case a write command was
+# already issued by the script but the user doesn't want to wait for the natural
+# termination of the script.
+#
+# Set it to 0 or a negative value for unlimited execution without warnings.
+lua-time-limit 5000
+
+################################ REDIS CLUSTER ###############################
+#
+# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+# WARNING EXPERIMENTAL: Redis Cluster is considered to be stable code, however
+# in order to mark it as "mature" we need to wait for a non trivial percentage
+# of users to deploy it in production.
+# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+#
+# Normal Redis instances can't be part of a Redis Cluster; only nodes that are
+# started as cluster nodes can. In order to start a Redis instance as a
+# cluster node enable the cluster support uncommenting the following:
+#
+# cluster-enabled yes
+
+# Every cluster node has a cluster configuration file. This file is not
+# intended to be edited by hand. It is created and updated by Redis nodes.
+# Every Redis Cluster node requires a different cluster configuration file.
+# Make sure that instances running in the same system do not have
+# overlapping cluster configuration file names.
+#
+# cluster-config-file nodes-6379.conf
+
+# Cluster node timeout is the amount of milliseconds a node must be unreachable
+# for it to be considered in failure state.
+# Most other internal time limits are multiple of the node timeout.
+#
+# cluster-node-timeout 15000
+
+# A slave of a failing master will avoid to start a failover if its data
+# looks too old.
+#
+# There is no simple way for a slave to actually have a exact measure of
+# its "data age", so the following two checks are performed:
+#
+# 1) If there are multiple slaves able to failover, they exchange messages
+# in order to try to give an advantage to the slave with the best
+# replication offset (more data from the master processed).
+# Slaves will try to get their rank by offset, and apply to the start
+# of the failover a delay proportional to their rank.
+#
+# 2) Every single slave computes the time of the last interaction with
+# its master. This can be the last ping or command received (if the master
+# is still in the "connected" state), or the time that elapsed since the
+# disconnection with the master (if the replication link is currently down).
+# If the last interaction is too old, the slave will not try to failover
+# at all.
+#
+# The point "2" can be tuned by user. Specifically a slave will not perform
+# the failover if, since the last interaction with the master, the time
+# elapsed is greater than:
+#
+# (node-timeout * slave-validity-factor) + repl-ping-slave-period
+#
+# So for example if node-timeout is 30 seconds, and the slave-validity-factor
+# is 10, and assuming a default repl-ping-slave-period of 10 seconds, the
+# slave will not try to failover if it was not able to talk with the master
+# for longer than 310 seconds.
+#
+# A large slave-validity-factor may allow slaves with too old data to failover
+# a master, while a too small value may prevent the cluster from being able to
+# elect a slave at all.
+#
+# For maximum availability, it is possible to set the slave-validity-factor
+# to a value of 0, which means, that slaves will always try to failover the
+# master regardless of the last time they interacted with the master.
+# (However they'll always try to apply a delay proportional to their
+# offset rank).
+#
+# Zero is the only value able to guarantee that when all the partitions heal
+# the cluster will always be able to continue.
+#
+# cluster-slave-validity-factor 10
+
+# Cluster slaves are able to migrate to orphaned masters, that are masters
+# that are left without working slaves. This improves the cluster ability
+# to resist to failures as otherwise an orphaned master can't be failed over
+# in case of failure if it has no working slaves.
+#
+# Slaves migrate to orphaned masters only if there are still at least a
+# given number of other working slaves for their old master. This number
+# is the "migration barrier". A migration barrier of 1 means that a slave
+# will migrate only if there is at least 1 other working slave for its master
+# and so forth. It usually reflects the number of slaves you want for every
+# master in your cluster.
+#
+# Default is 1 (slaves migrate only if their masters remain with at least
+# one slave). To disable migration just set it to a very large value.
+# A value of 0 can be set but is useful only for debugging and dangerous
+# in production.
+#
+# cluster-migration-barrier 1
+
+# By default Redis Cluster nodes stop accepting queries if they detect there
+# is at least an hash slot uncovered (no available node is serving it).
+# This way if the cluster is partially down (for example a range of hash slots
+# are no longer covered) all the cluster becomes, eventually, unavailable.
+# It automatically returns available as soon as all the slots are covered again.
+#
+# However sometimes you want the subset of the cluster which is working,
+# to continue to accept queries for the part of the key space that is still
+# covered. In order to do so, just set the cluster-require-full-coverage
+# option to no.
+#
+# cluster-require-full-coverage yes
+
+# In order to setup your cluster make sure to read the documentation
+# available at http://redis.io web site.
+
+################################## SLOW LOG ###################################
+
+# The Redis Slow Log is a system to log queries that exceeded a specified
+# execution time. The execution time does not include the I/O operations
+# like talking with the client, sending the reply and so forth,
+# but just the time needed to actually execute the command (this is the only
+# stage of command execution where the thread is blocked and can not serve
+# other requests in the meantime).
+#
+# You can configure the slow log with two parameters: one tells Redis
+# what is the execution time, in microseconds, to exceed in order for the
+# command to get logged, and the other parameter is the length of the
+# slow log. When a new command is logged the oldest one is removed from the
+# queue of logged commands.
+
+# The following time is expressed in microseconds, so 1000000 is equivalent
+# to one second. Note that a negative number disables the slow log, while
+# a value of zero forces the logging of every command.
+slowlog-log-slower-than 10000
+
+# There is no limit to this length. Just be aware that it will consume memory.
+# You can reclaim memory used by the slow log with SLOWLOG RESET.
+slowlog-max-len 128
+
+################################ LATENCY MONITOR ##############################
+
+# The Redis latency monitoring subsystem samples different operations
+# at runtime in order to collect data related to possible sources of
+# latency of a Redis instance.
+#
+# Via the LATENCY command this information is available to the user that can
+# print graphs and obtain reports.
+#
+# The system only logs operations that were performed in a time equal or
+# greater than the amount of milliseconds specified via the
+# latency-monitor-threshold configuration directive. When its value is set
+# to zero, the latency monitor is turned off.
+#
+# By default latency monitoring is disabled since it is mostly not needed
+# if you don't have latency issues, and collecting data has a performance
+# impact, that while very small, can be measured under big load. Latency
+# monitoring can easily be enabled at runtime using the command
+# "CONFIG SET latency-monitor-threshold <milliseconds>" if needed.
+# latency-monitor-threshold 0
+
+############################# EVENT NOTIFICATION ##############################
+
+# Redis can notify Pub/Sub clients about events happening in the key space.
+# This feature is documented at http://redis.io/topics/notifications
+#
+# For instance if keyspace events notification is enabled, and a client
+# performs a DEL operation on key "foo" stored in the Database 0, two
+# messages will be published via Pub/Sub:
+#
+# PUBLISH __keyspace@0__:foo del
+# PUBLISH __keyevent@0__:del foo
+#
+# It is possible to select the events that Redis will notify among a set
+# of classes. Every class is identified by a single character:
+#
+# K Keyspace events, published with __keyspace@<db>__ prefix.
+# E Keyevent events, published with __keyevent@<db>__ prefix.
+# g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ...
+# $ String commands
+# l List commands
+# s Set commands
+# h Hash commands
+# z Sorted set commands
+# x Expired events (events generated every time a key expires)
+# e Evicted events (events generated when a key is evicted for maxmemory)
+# A Alias for g$lshzxe, so that the "AKE" string means all the events.
+#
+# The "notify-keyspace-events" takes as argument a string that is composed
+# of zero or multiple characters. The empty string means that notifications
+# are disabled.
+#
+# Example: to enable list and generic events, from the point of view of the
+# event name, use:
+#
+# notify-keyspace-events Elg
+#
+# Example 2: to get the stream of the expired keys subscribing to channel
+# name __keyevent@0__:expired use:
+#
+# notify-keyspace-events Ex
+#
+# By default all notifications are disabled because most users don't need
+# this feature and the feature has some overhead. Note that if you don't
+# specify at least one of K or E, no events will be delivered.
+notify-keyspace-events ""
+
+############################### ADVANCED CONFIG ###############################
+
+# Hashes are encoded using a memory efficient data structure when they have a
+# small number of entries, and the biggest entry does not exceed a given
+# threshold. These thresholds can be configured using the following directives.
+hash-max-ziplist-entries 512
+hash-max-ziplist-value 64
+
+# Lists are also encoded in a special way to save a lot of space.
+# The number of entries allowed per internal list node can be specified
+# as a fixed maximum size or a maximum number of elements.
+# For a fixed maximum size, use -5 through -1, meaning:
+# -5: max size: 64 Kb <-- not recommended for normal workloads
+# -4: max size: 32 Kb <-- not recommended
+# -3: max size: 16 Kb <-- probably not recommended
+# -2: max size: 8 Kb <-- good
+# -1: max size: 4 Kb <-- good
+# Positive numbers mean store up to _exactly_ that number of elements
+# per list node.
+# The highest performing option is usually -2 (8 Kb size) or -1 (4 Kb size),
+# but if your use case is unique, adjust the settings as necessary.
+# list-max-ziplist-size -2
+
+# Lists may also be compressed.
+# Compress depth is the number of quicklist ziplist nodes from *each* side of
+# the list to *exclude* from compression. The head and tail of the list
+# are always uncompressed for fast push/pop operations. Settings are:
+# 0: disable all list compression
+# 1: depth 1 means "don't start compressing until after 1 node into the list,
+# going from either the head or tail"
+# So: [head]->node->node->...->node->[tail]
+# [head], [tail] will always be uncompressed; inner nodes will compress.
+# 2: [head]->[next]->node->node->...->node->[prev]->[tail]
+# 2 here means: don't compress head or head->next or tail->prev or tail,
+# but compress all nodes between them.
+# 3: [head]->[next]->[next]->node->node->...->node->[prev]->[prev]->[tail]
+# etc.
+# list-compress-depth 0
+
+# Sets have a special encoding in just one case: when a set is composed
+# of just strings that happen to be integers in radix 10 in the range
+# of 64 bit signed integers.
+# The following configuration setting sets the limit in the size of the
+# set in order to use this special memory saving encoding.
+set-max-intset-entries 512
+
+# Similarly to hashes and lists, sorted sets are also specially encoded in
+# order to save a lot of space. This encoding is only used when the length and
+# elements of a sorted set are below the following limits:
+zset-max-ziplist-entries 128
+zset-max-ziplist-value 64
+
+# HyperLogLog sparse representation bytes limit. The limit includes the
+# 16 bytes header. When an HyperLogLog using the sparse representation crosses
+# this limit, it is converted into the dense representation.
+#
+# A value greater than 16000 is totally useless, since at that point the
+# dense representation is more memory efficient.
+#
+# The suggested value is ~ 3000 in order to have the benefits of
+# the space efficient encoding without slowing down too much PFADD,
+# which is O(N) with the sparse encoding. The value can be raised to
+# ~ 10000 when CPU is not a concern, but space is, and the data set is
+# composed of many HyperLogLogs with cardinality in the 0 - 15000 range.
+# hll-sparse-max-bytes 3000
+
+# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
+# order to help rehashing the main Redis hash table (the one mapping top-level
+# keys to values). The hash table implementation Redis uses (see dict.c)
+# performs a lazy rehashing: the more operation you run into a hash table
+# that is rehashing, the more rehashing "steps" are performed, so if the
+# server is idle the rehashing is never complete and some more memory is used
+# by the hash table.
+#
+# The default is to use this millisecond 10 times every second in order to
+# actively rehash the main dictionaries, freeing memory when possible.
+#
+# If unsure:
+# use "activerehashing no" if you have hard latency requirements and it is
+# not a good thing in your environment that Redis can reply from time to time
+# to queries with 2 milliseconds delay.
+#
+# use "activerehashing yes" if you don't have such hard requirements but
+# want to free memory asap when possible.
+activerehashing yes
+
+# The client output buffer limits can be used to force disconnection of clients
+# that are not reading data from the server fast enough for some reason (a
+# common reason is that a Pub/Sub client can't consume messages as fast as the
+# publisher can produce them).
+#
+# The limit can be set differently for the three different classes of clients:
+#
+# normal -> normal clients including MONITOR clients
+# slave -> slave clients
+# pubsub -> clients subscribed to at least one pubsub channel or pattern
+#
+# The syntax of every client-output-buffer-limit directive is the following:
+#
+# client-output-buffer-limit <class> <hard limit> <soft limit> <soft seconds>
+#
+# A client is immediately disconnected once the hard limit is reached, or if
+# the soft limit is reached and remains reached for the specified number of
+# seconds (continuously).
+# So for instance if the hard limit is 32 megabytes and the soft limit is
+# 16 megabytes / 10 seconds, the client will get disconnected immediately
+# if the size of the output buffers reach 32 megabytes, but will also get
+# disconnected if the client reaches 16 megabytes and continuously overcomes
+# the limit for 10 seconds.
+#
+# By default normal clients are not limited because they don't receive data
+# without asking (in a push way), but just after a request, so only
+# asynchronous clients may create a scenario where data is requested faster
+# than it can read.
+#
+# Instead there is a default limit for pubsub and slave clients, since
+# subscribers and slaves receive data in a push fashion.
+#
+# Both the hard or the soft limit can be disabled by setting them to zero.
+client-output-buffer-limit normal 0 0 0
+client-output-buffer-limit slave 256mb 64mb 60
+client-output-buffer-limit pubsub 32mb 8mb 60
+
+# Redis calls an internal function to perform many background tasks, like
+# closing connections of clients in timeout, purging expired keys that are
+# never requested, and so forth.
+#
+# Not all tasks are performed with the same frequency, but Redis checks for
+# tasks to perform according to the specified "hz" value.
+#
+# By default "hz" is set to 10. Raising the value will use more CPU when
+# Redis is idle, but at the same time will make Redis more responsive when
+# there are many keys expiring at the same time, and timeouts may be
+# handled with more precision.
+#
+# The range is between 1 and 500, however a value over 100 is usually not
+# a good idea. Most users should use the default of 10 and raise this up to
+# 100 only in environments where very low latency is required.
+hz 10
+
+# When a child rewrites the AOF file, if the following option is enabled
+# the file will be fsync-ed every 32 MB of data generated. This is useful
+# in order to commit the file to the disk more incrementally and avoid
+# big latency spikes.
+aof-rewrite-incremental-fsync yes
- change mode from '' to '0644'
- change owner from '' to 'gitlab-redis'
Recipe: <Dynamically Defined Resource>
* service[redis] action nothing (skipped due to action :nothing)
Recipe: redis::enable
* runit_service[redis] action enable
* ruby_block[restart_service] action nothing (skipped due to action :nothing)
* ruby_block[restart_log_service] action nothing (skipped due to action :nothing)
* ruby_block[reload_log_service] action nothing (skipped due to action :nothing)
* directory[/opt/gitlab/sv/redis] action create
- create new directory /opt/gitlab/sv/redis
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* template[/opt/gitlab/sv/redis/run] action create
- create new file /opt/gitlab/sv/redis/run
- update content in file /opt/gitlab/sv/redis/run from none to da365d
--- /opt/gitlab/sv/redis/run 2019-03-22 15:24:04.417949908 +0000
+++ /opt/gitlab/sv/redis/.chef-run20190322-11-1f5x05s 2019-03-22 15:24:04.417949908 +0000
@@ -1 +1,6 @@
+#!/bin/sh
+exec 2>&1
+
+umask 077
+exec chpst -P -U gitlab-redis:gitlab-redis -u gitlab-redis:gitlab-redis /opt/gitlab/embedded/bin/redis-server /var/opt/gitlab/redis/redis.conf
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* directory[/opt/gitlab/sv/redis/log] action create
- create new directory /opt/gitlab/sv/redis/log
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* directory[/opt/gitlab/sv/redis/log/main] action create
- create new directory /opt/gitlab/sv/redis/log/main
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* template[/opt/gitlab/sv/redis/log/run] action create
- create new file /opt/gitlab/sv/redis/log/run
- update content in file /opt/gitlab/sv/redis/log/run from none to af1017
--- /opt/gitlab/sv/redis/log/run 2019-03-22 15:24:04.437927035 +0000
+++ /opt/gitlab/sv/redis/log/.chef-run20190322-11-8ygwr6 2019-03-22 15:24:04.437927035 +0000
@@ -1 +1,3 @@
+#!/bin/sh
+exec svlogd -tt /var/log/gitlab/redis
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* template[/var/log/gitlab/redis/config] action create
- create new file /var/log/gitlab/redis/config
- update content in file /var/log/gitlab/redis/config from none to 623c00
--- /var/log/gitlab/redis/config 2019-03-22 15:24:04.447915598 +0000
+++ /var/log/gitlab/redis/.chef-config20190322-11-1vefguu 2019-03-22 15:24:04.447915598 +0000
@@ -1 +1,7 @@
+s209715200
+n30
+t86400
+!gzip
+
+
- change mode from '' to '0644'
- change owner from '' to 'root'
- change group from '' to 'root'
* directory[/opt/gitlab/sv/redis/env] action create
- create new directory /opt/gitlab/sv/redis/env
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* ruby_block[Delete unmanaged env files for redis service] action run (skipped due to only_if)
* template[/opt/gitlab/sv/redis/check] action create (skipped due to only_if)
* template[/opt/gitlab/sv/redis/finish] action create (skipped due to only_if)
* directory[/opt/gitlab/sv/redis/control] action create
- create new directory /opt/gitlab/sv/redis/control
- change mode from '' to '0755'
- change owner from '' to 'root'
- change group from '' to 'root'
* link[/opt/gitlab/init/redis] action create
- create symlink at /opt/gitlab/init/redis to /opt/gitlab/embedded/bin/sv
* file[/opt/gitlab/sv/redis/down] action delete (up to date)
* ruby_block[restart_service] action run (skipped due to only_if)
* ruby_block[restart_log_service] action create
* ruby_block[restart_service] action nothing (skipped due to action :nothing)
* ruby_block[restart_log_service] action nothing (skipped due to action :nothing)
* ruby_block[reload_log_service] action nothing (skipped due to action :nothing)
* directory[/opt/gitlab/sv/redis] action create (up to date)
* template[/opt/gitlab/sv/redis/run] action create (up to date)
* directory[/opt/gitlab/sv/redis/log] action create (up to date)
* directory[/opt/gitlab/sv/redis/log/main] action create (up to date)
* template[/opt/gitlab/sv/redis/log/run] action create (up to date)
* template[/var/log/gitlab/redis/config] action create (up to date)
* directory[/opt/gitlab/sv/redis/env] action create (up to date)
* ruby_block[Delete unmanaged env files for redis service] action run (skipped due to only_if)
* template[/opt/gitlab/sv/redis/check] action create (skipped due to only_if)
* template[/opt/gitlab/sv/redis/finish] action create (skipped due to only_if)
* directory[/opt/gitlab/sv/redis/control] action create (up to date)
* link[/opt/gitlab/init/redis] action create (up to date)
* file[/opt/gitlab/sv/redis/down] action delete (up to date)
* directory[/opt/gitlab/service] action create (up to date)
* link[/opt/gitlab/service/redis] action create
- create symlink at /opt/gitlab/service/redis to /opt/gitlab/sv/redis
* ruby_block[wait for redis service socket] action run
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment