Add sync_time option

48a0b519 · Marin Jankovski · 97700170 · 48a0b519 · 48a0b519 · 48a0b519
Commit 48a0b519 authored 10 years ago by Marin Jankovski
--- a/attributes/default.rb
+++ b/attributes/default.rb
@@ -107,6 +107,7 @@ default['gitlab']['ldap']['group_base'] = ''
 default['gitlab']['ldap']['admin_group'] = ''
 # Synch ssh key example: default['gitlab']['ldap']['sync_ssh_keys'] = 'sshpublickey'
 default['gitlab']['ldap']['sync_ssh_keys'] = false
+default['gitlab']['ldap']['sync_time'] = 3600
  
 default['gitlab']['gravatar'] = true
 default['gitlab']['gravatar_plain_url'] = "http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon"

--- a/spec/install_spec.rb
+++ b/spec/install_spec.rb
@@ -64,7 +64,8 @@ describe "gitlab::install" do
              "user_filter"=>"",
              "group_base"=>"",
              "admin_group"=>"",
-              "sync_ssh_keys"=>false
+              "sync_ssh_keys"=>false,
+              "sync_time"=>3600
            },
            backup: {
              "cron"=>{
@@ -499,7 +500,8 @@ describe "gitlab::install" do
              "user_filter"=>"",
              "group_base"=>"",
              "admin_group"=>"",
-              "sync_ssh_keys"=>false
+              "sync_ssh_keys"=>false,
+              "sync_time"=>3600
            },
            backup: {
              "cron"=>{

--- a/templates/default/gitlab.yml.erb
+++ b/templates/default/gitlab.yml.erb
@@ -134,6 +134,15 @@ production: &base
    method: '<%= @ldap_config["method"] %>' # "ssl" or "plain"
    bind_dn: '<%= @ldap_config["bind_dn"] %>'
    password: '<%= @ldap_config["password"] %>'
+
+    # This setting controls the amount of time between LDAP permission checks for each user.
+    # After this time has expired for a given user, their next interaction with GitLab (a click in the web UI, a git pull etc.) will be slower because the LDAP permission check is being performed.
+    # How much slower depends on your LDAP setup, but it is not uncommon for this check to add seconds of waiting time.
+    # The default value is to have a 'slow click' once every 3600 seconds, i.e. once per hour.
+    #
+    # Warning: if you set this value too low, every click in GitLab will be a 'slow click' for all of your LDAP users.
+    sync_time: <%= @ldap_config["sync_time"] %>
+
    # If allow_username_or_email_login is enabled, GitLab will ignore everything
    # after the first '@' in the LDAP username submitted by the user on login.
    #