Unverified Commit d2f07200 authored by Ash McKenzie's avatar Ash McKenzie
Browse files

Support gitlab-shell ssl_cert_dir config setting

parent f778df3a
---
title: Support gitlab-shell ssl_cert_dir config setting
merge_request: 4379
author:
type: added
......@@ -595,6 +595,7 @@ default['gitlab']['gitlab-shell']['auth_file'] = nil
default['gitlab']['gitlab-shell']['git_trace_log_file'] = nil
default['gitlab']['gitlab-shell']['custom_hooks_dir'] = nil
default['gitlab']['gitlab-shell']['migration'] = { enabled: true, features: [] }
default['gitlab']['gitlab-shell']['ssl_cert_dir'] = "#{node['package']['install-dir']}/embedded/ssl/certs/"
# DEPRECATED! Not used by gitlab-shell
default['gitlab']['gitlab-shell']['git_data_directories'] = {
"default" => { "path" => "/var/opt/gitlab/git-data" }
......
......@@ -71,6 +71,7 @@ templatesymlink "Create a config.yml and create a symlink to Rails root" do
git_trace_log_file: node['gitlab']['gitlab-shell']['git_trace_log_file'],
custom_hooks_dir: node['gitlab']['gitlab-shell']['custom_hooks_dir'],
migration: node['gitlab']['gitlab-shell']['migration'],
ssl_cert_dir: node['gitlab']['gitlab-shell']['ssl_cert_dir']
})
notifies :run, 'bash[Set proper security context on ssh files for selinux]', :delayed if SELinuxHelper.enabled?
end
......
......@@ -23,6 +23,10 @@ http_settings:
# File used as authorized_keys for gitlab user
auth_file: "<%= @authorized_keys %>"
 
# SSL certificate dir where custom certificates can be placed
# https://golang.org/pkg/crypto/x509/
ssl_cert_dir: "<%= @ssl_cert_dir %>"
# Log file.
# Default is gitlab-shell.log in the root directory.
log_file: "<%= @log_file %>"
......
......@@ -50,7 +50,8 @@ RSpec.describe 'gitlab::gitlab-shell' do
custom_hooks_dir: nil,
migration: { enabled: true, features: [] },
gitlab_url: 'http+unix://%2Fvar%2Fopt%2Fgitlab%2Fgitlab-workhorse%2Fsockets%2Fsocket',
gitlab_relative_path: ''
gitlab_relative_path: '',
ssl_cert_dir: '/opt/gitlab/embedded/ssl/certs/'
)
)
end
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment