release_manager 0.5.3 → 0.6.0

data/lib/release_manager/version.rb

@@ -1,3 +1,3 @@
 module ReleaseManager
-  VERSION = "0.5.3"
+  VERSION = "0.6.0"
 end

data/setup_repos.rb

@@ -28,19 +28,39 @@ def create_puppet_file(proj)
   end
 end
 
+def create_branch(proj_id, branch, ref)
+  begin
+    client.create_branch(proj_id, branch, ref)
+  rescue Gitlab::Error::BadRequest => e
+    if e.response_status == 400
+      puts "Branch already created"
+    else
+      raise e
+    end
+  end
+end
+
 def create_control_repo
   begin
     proj = client.create_project('control-repo', namespace_id: devops_group.id)
-    client.create_branch(proj.id, 'dev')
-    client.create_branch(proj.id, 'qa')
-    client.create_branch(proj.id, 'integration')
-    client.create_branch(proj.id, 'acceptance')
-    client.create_branch(proj.id, 'production')
     create_puppet_file(proj)
+    create_branch(proj.id, 'dev', 'master')
+    create_branch(proj.id, 'qa', 'master')
+    create_branch(proj.id, 'integration', 'master')
+    create_branch(proj.id, 'acceptance', 'master')
+    create_branch(proj.id, 'production', 'master')
+    client.unprotect_branch(proj.id, 'master')
   rescue Gitlab::Error::BadRequest => e
     if e.response_status == 400
       # already created
-      proj = client.project("devops%2Fcontrol-repo")
+      proj = client.project("devops/control-repo")
+      create_branch(proj.id, 'dev', 'master')
+      create_branch(proj.id, 'qa', 'master')
+      create_branch(proj.id, 'integration', 'master')
+      create_branch(proj.id, 'acceptance', 'master')
+      create_branch(proj.id, 'production', 'master')
+      client.unprotect_branch(proj.id, 'master')
+     # client.delete_branch(proj.id, 'master')
       create_puppet_file(proj)
     end
   end
@@ -81,7 +101,7 @@ def mod(name, *args)
     proj = client.create_project(name, import_url: url, namespace_id: devops_group.id)
   rescue Gitlab::Error::BadRequest => e
     if e.response_status == 400
-      proj = client.project("devops%2F#{name}")
+      proj = client.project("devops/#{name}")
     end
   end
   args.first[:git] = proj.ssh_url_to_repo
@@ -89,8 +109,8 @@ def mod(name, *args)
   puppetfile_content << "mod '#{name}',\n  #{data}\n\n"
 end
 
-# eval(modules)
-# create_control_repo
+create_control_repo
+eval(modules)
 #
 # client.create_user('joe@foo.org', 'password', 'joe', { name: 'Joe Smith' })
 

data/srv/gitlab-runner/config/config.toml

@@ -0,0 +1,17 @@
+concurrent = 1
+check_interval = 0
+
+[[runners]]
+  name = "test-runner"
+  url = "http://web/ci"
+  token = "defcd0d23f3fbfa2069a895cc4ff50"
+  executor = "docker"
+  [runners.docker]
+    tls_verify = false
+    image = "ruby:2.1"
+    privileged = false
+    disable_cache = false
+    volumes = ["/cache"]
+    shm_size = 0
+    network_mode = "releasemanager_default"
+  [runners.cache]

data/srv/gitlab/config/gitlab-secrets.json

@@ -0,0 +1,24 @@
+{
+  "gitlab_workhorse": {
+    "secret_token": "B0I5QyPLNOzDR6LAzOvzsAqmFqAfz/u4cYdyh2ClhjE="
+  },
+  "gitlab_shell": {
+    "secret_token": "af8e7a40adcda1b95b83032e37ec563897243836d0fcf1156cdda9b22093efe707b42db50083356787f5accbca3d2d861e3b54b562d31cb013a9dfec6fd363d3"
+  },
+  "gitlab_rails": {
+    "secret_key_base": "2b9aa72b37a6680f7795c2532faa460f021a2c7727a489321f2f2d318869f09864305aad9e2556b6945c1404a2b383d99f2ccce09f23fd46a3ade40a33262ed1",
+    "db_key_base": "d7d621b72bb30cf09a7ed2c47f9ce648e292169f3294d14d59fd1adabd538b1003de51beca728084b67755f20ff12e15381916a9b495b63ed74f63e891e18b9d",
+    "otp_key_base": "5fc0b0ba5d959acf5e9c788b5241a043485c03c6c903fe84d8982de6eb20ced39ed9604885a55d5a82dd8cc0fd04d4415eeb3e534a5e6a9e0bf062a1b0d4cbb0",
+    "jws_private_key": "-----BEGIN RSA PRIVATE KEY-----\nMIIJKgIBAAKCAgEAsbUf6FFrhUnHKFlHMY7YrYH868+KZhMHCDJJK4SFm90CdAvE\n/fXBk9A3WJ+p4NBRy1Zyy8loytY0JqkQJ1RjXMRsCfMHe7cglbtiDBcTXW5iO+sz\niGe4+WpnGYaiH7Oez9I8OZvkU9goyLtWiQwT8i4pqunOPz8bL0/KpyRb+LBj5dFP\nw5eijWCm864a9Yolm7SKgrl6ObRVWdf3/G0KuQhQnN0x6r4AFWyB2K1AiSV3txfx\nF3+C4JyCK9dASolwaaRAQ0Yy56Jjs8wwuEwTld3tKhezMPdwS3g+beaOQw1aGZ24\nI9lILveQWgULhkDGaVQg084GKcrCI8BS4fL+riEwTcI/SFrFksHD68GZ+xGorEVz\nhRhJy+bxDK66f9V3MMQcq/zZfP6beH21gdG6ub7e+ZBUxizeX/k19lrPdW2sTf2u\n58GeC/BZUW+mDLaCGhHqR78oxjnEz/TTin/D0PEkPWtNzorcC9Y5fyOL8rT4qYmL\nJ+YZcAKYkIN1puNNqsCVWv0m6hxxUAzCDISYfNe3Tvlf9FxVauF9fcECenDctvvn\n4DugftMWEbQ4ShtPbpYadAJGsuIL880adgCZ7+ZWY+27VIhr6QFzbCWN3ljLYHuf\n0KeCg6PzpKeRyjflFTLjum7WgJkjTsijX5EMg6yVTuwyisqoM9+pIJWNjzECAwEA\nAQKCAgBxg5hRJwk+iAUusfC3KF8iXiE4ZEcsssTQKIbyxGEwUbnKdOYtrzkq+VsR\nQlQaZheJgrwrjolg3/lKJL5L0SzzSgkVReem0DCBVMPpoyfci7E2QySU4mSW9a/L\n72NKSsuMRufviLQOFsrehkRdoJhxH6nAIj97yQzNaPOzVpdlQQ9e8xg3gXn1QyMC\nD1nrNIaXcnjzzhTUHWxTyo/+74xk63nK6cSEBUA6byh2Rx0tPgC9tQ5tCyeH4JGJ\n/aJ0ulxTLvdZwdKsgd+cLzeD0hzEo5FmTONKyRQzMSj3vMls7W97Y3MHezkPv1W3\nGvfklyXmjDW39iebtIfUnHqVGEoz0Z58ruVMa2UgR3JTpGQfTEem+pezCUawr8ga\nwShFMW6+uWMD8y+4ZnrDM7Si75gIaglMZ8hlrN+1LTLUFG04mElk2qvCv70nXhBI\n8HQlnjeUJWpUm3nMTXCimXcaGrCE1lhJ+5LJ+ZrsdkYxQnlATzrjBC6CGF3v2bvW\ndzwoUTRameXF1K/owzjj0h67SUTuuMdbQXYTsg2Vh0/DG/+aTG35EbrFqJFDzHbc\ntltSdPNGM2qx/GPdMqn9ZlOKFF69QJB97jhwtQ2LA8Im1eWsMc5wj7LRPcC/mLf8\n5T9RgyPcOKwxORoq4X5Vo//n/jCRADki9i6ABuCA1WDFX4TywQKCAQEA5HpcA7tR\nidSjR8RP+sZTLztvCWpFlYRUY8rKkdh5fVDWUGY1V67+gkPaxF2Nd+Y/xsOUYcua\nAbJmUmv1KqibTel/dgAzj8lyDqrGAzaVWguE07oIJ0vBFjJlUy4EUlsL9DyI4ErH\n06sKusSFGLqqxsdktWW0nBgi1gquoAvGAEp2348uXRSgpygVlskvG2YQEAJofYZx\nTXBAwWVLekEP2lSZqQ/t2UmhPAB339R9PO0k4WiCi3FG3MIJH7fsuMReYYRGGzjS\nkekfOxDZpRA09lUmllUdcP8CCNSJg73prN4Fbul4sK2a6/01e2b7vxG5eiLMaf6Y\neux3nUDrABizqQKCAQEAxx0kb86aqYaDzyFgQmEh7DrLH6hTHcMsg0XlGvmNypiM\nHmUwykmE2bOoX7CYpvxHttKzipCAeI6ec0GiYgA8CYz5UtygWQqon7tOl2AvGIdG\ndHUz/m/fGd4V6ToFlRnDoZSEtGtMjHDXIBN18a5T8Z8zNd6vCQNAOV4RB6RqbvRU\n6vWBiCTxDmThhxKrIcIO9nNdGeUDfp+/Xfp5WTmjmxX6SRD7E+5OUCNYxNOUtIVh\nzTMDk6x+27qR/KA3t4E3xtFB4RLrD8VsyRyE6ea9Au0wT/TnhMzkeTDd611lmcAs\nEcjfB5nKKo02VzZoyQFYGemPIN7tA25RpFHY/GQ0SQKCAQEAu4dOxOVXrJhyGDKi\nLsPffPH8Vi76xBjkJzBIieKy/M9/yGfLupdwYD0Pb4MV3WaHzD21KXuygVgLMfVY\nOlY/enh/XLwXlhoS2sUCV5rShSDVOe8ESDSeW/irP9WSSIJgUmvpMKdQUoSd/uPU\nFpMIHrWEDHtY/ZG17hbAc66WKqDz5tSfilim7+wvpB6m4ocoAevoFbdmgdfz3oik\npciHGX28zY28fE853oTH31iKHprKXZSpKYilUAaW9IjC7HiIuuOVozxFYOuF7bYL\n3bZqshD75gIgcyFraxH/eLlE9dUZgopwvBsSAEZJQmspkA8dPIkZXJpSTvqNxu2E\ntQSRWQKCAQEAo4Jg+5fUFkaqUxv7akdNjioxx8t4hcZS9XIeU+p+79IZrpQ2XsfE\n2unX6Myibu5ZDd81JSLI/TdREyDg8k1y//zOeadH3hcMpi8wuMp5olDkIJpmmhjQ\nQvPHVoEZOHmx1yyZVXePovy/DE4u2srnkFHFwgUeA+6xfOqsXXQ9GuR2H4SAXIbJ\nlaJuOXexJMWxd90ApVUVa5RPmCMqJ4VXvvFrWTkilhlqIhEEwo1lXmDyEYpE864B\ndvtdCvGfD4iDfzc0PFpGwerEDNrooxOiP5b7x4072ihPrt3cP32xA3N2PRyRWjKG\nfC7+YtwBbJ838/+CU+H9DIY5cRDteUXoUQKCAQEAo80KJjbBeo440crmECPNS0+H\nP2gCZeVk+S3My/ztWdqX2rnh8IiIjteUQF96/+O0HfMKWphH7xNnVr8VOtDfCGCR\n/XNzbDkIBlhvKYUGGeUXKsoyxrvG4ApvpsWtIRGjC+vgtYheLJMGqvzRCj2BG1MY\nPcRQmvFRoXialjv/uub8Q2MI3h6YOLHFderPEoFq6obf/JRyvXwFO8/WYl7I/Sl7\nQkeIiJZVjqMUE3PGh3Pvtb4ugbgn6x3z3p5tjZCjkfR5heU89tT2cWiaLDeV28AC\nM2MFau3LHafnV/rSfI3DQQT8KmJHe79EYCcpcwVGQ/sXSJFPFrxS8C4DVrXB/g==\n-----END RSA PRIVATE KEY-----\n"
+  },
+  "registry": {
+    "http_secret": "7a50a3e7a4436e6887c33ddac7c078fcd2935be978c890164f2ce7b175b9161247fec3d7a5cae08b7a2fa0d0ff855ffcbc3dc7921485379b31bd22978fbdb607",
+    "internal_certificate": "-----BEGIN CERTIFICATE-----\nMIIFBTCCAu2gAwIBAgIBADANBgkqhkiG9w0BAQsFADBGMQwwCgYDVQQGEwNVU0Ex\nDzANBgNVBAoMBkdpdExhYjESMBAGA1UECwwJQ29udGFpbmVyMREwDwYDVQQDDAhS\nZWdpc3RyeTAeFw0xNzA5MjYwMDQwNDNaFw0yNzA5MjQwMDQwNDNaMEYxDDAKBgNV\nBAYTA1VTQTEPMA0GA1UECgwGR2l0TGFiMRIwEAYDVQQLDAlDb250YWluZXIxETAP\nBgNVBAMMCFJlZ2lzdHJ5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA\ntJk2uhtaeY0rF770nQ4Ga0wFc1YkTgf9TQG45Nt0UDkdTKITp7Xs7RB93zZGzl3n\nJbNKTExgkTlnbyFm3rILnWgDBk9NZI5RiBpVX6AnApJuBaLpAQydlr19T3sYrxrY\nh01qAnTlAS5w+EspBZUqXAQ/zVS18oFRLXfqM8b4r7PfJwb6L3UUwKYxZoxwekzg\nxEI84uVHypVrzmj0CNENzcfOOocCbW60WrxecA6tME6RleaErLPmcOikNyg+siDw\nkdcTLZHDgbe5i5gJ1YzUBBLYvXQj0dSRSVBEOJv5r+0iBX9G7/O+5FfYU1LMxwCJ\nrwNzG+sEj1AyIUukczwgrSWHcIioBjBEG0OZ0A8GggSYUCHNRoxLJSVz2gDyjbUM\nPJxLNT81wUL+Kpd11LAOIkcsrafa6VIHh+zTIDWXwrhckcVXsbA0Z/dH1qjNez9C\nPeCteGXm26HzpssLUNC+SM/lHmfJfCIXOIB/37xTiipqeE0v1iPa2duzOqRue04p\nY4xr2WVUN3reWJ285lSwirkt4Orn4olQeit5/HU1mKLbdbTQ2mlIehH0rlJDQbRU\nrn4udqXurPnz+J8Qkbt3FQjoqyMBHsyu6uVaR2pqLNk2FikUwgpAfX7yMBwJM4PQ\nE3X0NNQPc0JUJdz4lE/2gUDjKOvINEyBu1HNLTHe66kCAwEAATANBgkqhkiG9w0B\nAQsFAAOCAgEArpVTrSfF/aDj85gJ5VVyWha5US8XCzzEyBRrf3zQF2lk5hG2WIRE\n3+hrmh23d792SaN28ZQtj2T4GbAgMzrrpJvEQvlh5ODC643H1iziN4W3IWoZgkvB\n8REsApQJ0IUcv4KYGK0s4GwjBcBfv6d90QTHpjzRpNK4zUoSYP5uoA/Z4EAB66sE\nPeKqwfEP8HYocTQBFT3wExkT+DYQRdwhbcLpooJCXwUtoZuh6c5JupN22Remv8WG\nusqOGmcTiL+V6ks2rAtPIM1hRVzIo7fMiL3qeA9G4ml8fNBiD5ZiJKXLKt80Ydkt\n0s4befAy73cI8lyzyVBPQRoQZJLWyE3Q+QyHTKNX0+XEufDfrjRLyP8gyaWuISGt\n8nwDhXCSQ68MrliJMTKpzyhXefmtoGoGNu1R0ux2A1yNdT+RM+lEzzSLPgM2wyAP\nX3TNMtChpnKswf2IUDrA0A7Vk0Y+7stWBKVgw2OcYtvxp3yK0w8MCU9yscjvr30p\nGFprujsRt4egPWh1Zn5DE6qjpVBBdV99QwdE8HuB76jENHHX/E3Sx8wL2m7GH8YI\nf7Rc8VjrqhV26YLTUrS5Dk1E4PtSjpEuh1CKH6pP7Njm2/F4MG9Q4Zwr7PrEv6E4\nrcHKFW+0Zruezy80+Af/CWTc9t1CVXGl+AifTfATGt+AMzz/lL79ixg=\n-----END CERTIFICATE-----\n",
+    "internal_key": "-----BEGIN RSA PRIVATE KEY-----\nMIIJKgIBAAKCAgEAtJk2uhtaeY0rF770nQ4Ga0wFc1YkTgf9TQG45Nt0UDkdTKIT\np7Xs7RB93zZGzl3nJbNKTExgkTlnbyFm3rILnWgDBk9NZI5RiBpVX6AnApJuBaLp\nAQydlr19T3sYrxrYh01qAnTlAS5w+EspBZUqXAQ/zVS18oFRLXfqM8b4r7PfJwb6\nL3UUwKYxZoxwekzgxEI84uVHypVrzmj0CNENzcfOOocCbW60WrxecA6tME6RleaE\nrLPmcOikNyg+siDwkdcTLZHDgbe5i5gJ1YzUBBLYvXQj0dSRSVBEOJv5r+0iBX9G\n7/O+5FfYU1LMxwCJrwNzG+sEj1AyIUukczwgrSWHcIioBjBEG0OZ0A8GggSYUCHN\nRoxLJSVz2gDyjbUMPJxLNT81wUL+Kpd11LAOIkcsrafa6VIHh+zTIDWXwrhckcVX\nsbA0Z/dH1qjNez9CPeCteGXm26HzpssLUNC+SM/lHmfJfCIXOIB/37xTiipqeE0v\n1iPa2duzOqRue04pY4xr2WVUN3reWJ285lSwirkt4Orn4olQeit5/HU1mKLbdbTQ\n2mlIehH0rlJDQbRUrn4udqXurPnz+J8Qkbt3FQjoqyMBHsyu6uVaR2pqLNk2FikU\nwgpAfX7yMBwJM4PQE3X0NNQPc0JUJdz4lE/2gUDjKOvINEyBu1HNLTHe66kCAwEA\nAQKCAgBbvp3Tq4OpzjI/DO3dPzu5lFQMhI1K6roePaq88FNFUc51mLydbUkgIUmg\ndEVCHugG+e7blc1U2TGXfgNxTEekPiuTMAQj+jynBKGsQ4Ktxs+Ho3v04YDJDBg1\noVYn1l57VbNt7g5MLFiNejkrsdxkBHCZEdigils/2vQqO4EoWRsbC2tbYoIZYBQm\ngV++cYGZkgC2Tz3KR2AN6rlWJUV67W7xwpZUG3IZyim7iWkn6jIBUarCxV1irHyH\n3LUE7sDnhbgjZTJJmpjytlkAmFs4eo6KqA5uUStBcDpH+8y7N58Z5c+WpF+sRogJ\nxD1tNvO66ei3HQwi9d2RlojDVZ9PG6BLC7JR9yty3yuWXo07GK4jlcuLptRf9Rjv\nBFoHuce6Vd0aw73BISuNqkhcK04rxtN75Sv0+8FOc9E0n4IvVUPCwAaNOFMHxh/e\nPZsJLFxnHswTM+qB26qzIT+Q3f0sjGbpAVcaHLguqW2WsB8+y7UYJLDRzvpErgtr\n4wj83O02AQbJNt73IaqfmSOBpVhvJ1OKi5j5iiwa7J419hxSJWA8Hks0lCUCINsz\ncOEyeqgd9izVdOielVQ+44IN1zrMYu1SvML9/hKigcCVvot9Kwgn+P5p6XX/TEiT\n9v36392bVHdVKUvlJQV8cjAvtpnB+cd3+iWPyJBWw5STR0sRxQKCAQEA5Umtp3F+\n5pVZbMJEXXr5F+BD1dk3aisuJuiysZuA8D3pvj3g1cYPWunguNLipz8k1Oi7sZo2\n/tTAvC/2jSA65rJLmgiGUPm77OKeNVLE7GYVUz42xW7D+AqtRCysXQdnnzbrU+Lw\nzjJe99VNWa8DEoD5A62DGd18NpWzxM8FB3HnxbTAh33Nl5riMjaHyAePZ4hmn+pT\nSIxHb2bQq9fkeQkTahgYQT7mi00JiV/dIg7QRbxR+SJUMLwPeDy2YZNqSM7SEOdm\nLeO8j/9L9NEGKpBq9j4qBxxjAcpI4iWJKfNHpBZ7vYUveGEFmC4PwNGxIs4iiTsl\nljdao+D4iYY5JwKCAQEAyaNql1q7eKs2S/JQ0MJO+JjbsW+PsBmXjwi8AOS1lsJI\nB1MqtsV2Yl1cfJr50Yz0Ina8M3IBw/HDb8jYOQzlgITpYk0DuB2ZF8z0QEI+YArv\nuhuimro44VKUyC9bKy5MUCgt9Gl7X6/j/JKsLW7nM89LECO0IigXF9yu+ECxL0V/\nbzxR9leMOyOG4IBfksHQd+FFTgv70TCMI+zzZAjCD23fjeSak6zrBgx4o8pG3mR3\ne0CK2jneloYtsi5nRW5M55CQ0EwoPtOK4QAJe9Etdc4pHBsPYcoUNladJJsSXYy1\n55s6kDsH48vaafTRQvhNhqNLWHlP1upSAkGgk/eWrwKCAQEA0eJy4p7C8iHuXN8r\no4KI9/EjR2LyFe527cj+ohPdoIycJbgQ0r7dmXQTcDwim8PyXC66eWXYR8bKsrkY\n8LB7GmhFSjfZc9BW1Q3QkrE0b802Yh/GFU5CdxCW8JwQH4xCr3yfSAeqNKXpRuXr\nS1gn8M08pMA1DP0w0eqRR2vVh64d4l2GC8D97HQr8Jj4DAPXooc6odHm8LbwQSqV\ng2g5zQ2gxvJNaZRBh2w6eZTWIHH89ojfZLWm6YGMi5zPulwt433mzvBzGTipiArD\nJdQc1+Og9c2LvTyf6KiZtOF1QIBgqPSnyqFbBc+SRm6Lnw6UHm8hMAuDaZE8GF08\nRO8n6wKCAQEAnY4kdtm9zR8zUQqpnUWHQXbni3DZvMdyhqBTjvsm7QMoFxkkMiZ/\nR4MeBntuIxBZnyhaDHTT7lDV3l34njN2jQLN/jKhalcuTcunOyLH7HH/OdPoLbC/\nS0kk2nsuaMJHfQa4Sde2QGGG6s+M2/9hhzk9tQHA+kOLL+kPiwm5qW9LkRZ4EN39\nxCQRexC0HU92XoXWipKQlLezeUroL80sHbRDz3LGWgfuqQ5LoegnkhS8y8D1/mjj\nhYiY4jaiGT2DuBldHnWzqMvRI9jMkEQ1mmyZ8M0wKsAlJQRuy7CkHBcb+Dpx+0s0\n8glSxCI49XRh14d3E03PVeZIaFzxZU08HwKCAQEAonxC8o+sVNw5vzKt7/LE2pkR\nHMDVrSKWJ3RoGh1qGY2z+nnYKHhtsoazb+Kdt4MeTv3QnJZ/abMC+2Rb3ZdXHkJK\ny6nzjK6qawGYnVfg0SjgqyTWse52EjOKMi+i8T2r0b50WDfQrJX4TUvhk/WGqbqY\nNchWEIr0MLetnJu9JKqMCKgwjKbfVyapZh0TUzey5qdtxw4nsPU8BwdXj2KEHz2u\nW6hcPfQVEymTONYUpb5wKx2e5EdmTLnVCK4ZJPUYuUAIHqC0r5r0gD6rC14yo1kP\n2NCJPTtm/aEJ8fStY4+qmtakBC0rytmKhi7RjU9zdJFjMBulFaXS7gzTK/VTpQ==\n-----END RSA PRIVATE KEY-----\n"
+  },
+  "mattermost": {
+    "email_invite_salt": "6fb3016ddce5827e8f5e9fb9d70f8566",
+    "file_public_link_salt": "a8064c9f949330baf43c62d03f2b94ac",
+    "sql_at_rest_encrypt_key": "f527b3c4910c6ea13e804cf96ce51d91"
+  }
+}

data/srv/gitlab/config/gitlab.rb

@@ -0,0 +1,1659 @@
+## GitLab configuration settings
+##! This file is generated during initial installation and **is not** modified
+##! during upgrades.
+##! Check out the latest version of this file to know about the different
+##! settings that can be configured by this file, which may be found at:
+##! https://gitlab.com/gitlab-org/omnibus-gitlab/raw/master/files/gitlab-config-template/gitlab.rb.template
+
+
+## GitLab URL
+##! URL on which GitLab will be reachable.
+##! For more details on configuring external_url see:
+##! https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-the-external-url-for-gitlab
+external_url 'http://web'
+
+## Legend
+##! The following notations at the beginning of each line may be used to
+##! differentiate between components of this file and to easily select them using
+##! a regex.
+##! ## Titles, subtitles etc
+##! ##! More information - Description, Docs, Links, Issues etc.
+##! Configuration settings have a single # followed by a single space at the
+##! beginning; Remove them to enable the setting.
+
+##! **Configuration settings below are optional.**
+##! **The values currently assigned are only examples and ARE NOT the default
+##!   values.**
+
+
+################################################################################
+################################################################################
+##                Configuration Settings for GitLab CE and EE                 ##
+################################################################################
+################################################################################
+
+################################################################################
+## gitlab.yml configuration
+##! Docs: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/gitlab.yml.md
+################################################################################
+# gitlab_rails['gitlab_ssh_host'] = 'ssh.host_example.com'
+# gitlab_rails['time_zone'] = 'UTC'
+
+### Email Settings
+# gitlab_rails['gitlab_email_enabled'] = true
+# gitlab_rails['gitlab_email_from'] = 'example@example.com'
+# gitlab_rails['gitlab_email_display_name'] = 'Example'
+# gitlab_rails['gitlab_email_reply_to'] = 'noreply@example.com'
+# gitlab_rails['gitlab_email_subject_suffix'] = ''
+
+### GitLab user privileges
+# gitlab_rails['gitlab_default_can_create_group'] = true
+# gitlab_rails['gitlab_username_changing_enabled'] = true
+
+### Default Theme
+# gitlab_rails['gitlab_default_theme'] = 2
+
+### Default project feature settings
+# gitlab_rails['gitlab_default_projects_features_issues'] = true
+# gitlab_rails['gitlab_default_projects_features_merge_requests'] = true
+# gitlab_rails['gitlab_default_projects_features_wiki'] = true
+# gitlab_rails['gitlab_default_projects_features_snippets'] = true
+# gitlab_rails['gitlab_default_projects_features_builds'] = true
+# gitlab_rails['gitlab_default_projects_features_container_registry'] = true
+
+### Automatic issue closing
+###! See https://docs.gitlab.com/ce/customization/issue_closing.html for more
+###! information about this pattern.
+# gitlab_rails['gitlab_issue_closing_pattern'] = "((?:[Cc]los(?:e[sd]?|ing)|[Ff]ix(?:e[sd]|ing)?|[Rr]esolv(?:e[sd]?|ing))(:?) +(?:(?:issues? +)?%{issue_ref}(?:(?:, *| +and +)?)|([A-Z][A-Z0-9_]+-\d+))+)"
+
+### Download location
+###! When a user clicks e.g. 'Download zip' on a project, a temporary zip file
+###! is created in the following directory.
+# gitlab_rails['gitlab_repository_downloads_path'] = 'tmp/repositories'
+
+### Gravatar Settings
+# gitlab_rails['gravatar_plain_url'] = 'http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon'
+# gitlab_rails['gravatar_ssl_url'] = 'https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon'
+
+### Auxiliary jobs
+###! Periodically executed jobs, to self-heal Gitlab, do external
+###! synchronizations, etc.
+###! Docs: https://github.com/ondrejbartas/sidekiq-cron#adding-cron-job
+###!       https://docs.gitlab.com/ce/ci/yaml/README.html#artifacts:expire_in
+# gitlab_rails['stuck_ci_jobs_worker_cron'] = "0 0 * * *"
+# gitlab_rails['expire_build_artifacts_worker_cron'] = "50 * * * *"
+# gitlab_rails['pipeline_schedule_worker_cron'] = "41 * * * *"
+# gitlab_rails['repository_check_worker_cron'] = "20 * * * *"
+# gitlab_rails['admin_email_worker_cron'] = "0 0 * * 0"
+# gitlab_rails['repository_archive_cache_worker_cron'] = "0 * * * *"
+
+### Webhook Settings
+###! Number of seconds to wait for HTTP response after sending webhook HTTP POST
+###! request (default: 10)
+# gitlab_rails['webhook_timeout'] = 10
+
+### Trusted proxies
+###! Customize if you have GitLab behind a reverse proxy which is running on a
+###! different machine.
+###! **Add the IP address for your reverse proxy to the list, otherwise users
+###!   will appear signed in from that address.**
+# gitlab_rails['trusted_proxies'] = []
+
+### Monitoring settings
+###! IP whitelist controlling access to monitoring endpoints
+# gitlab_rails['monitoring_whitelist'] = ['127.0.0.0/8']
+###! Time between sampling of unicorn socket metrics, in seconds
+# gitlab_rails['monitoring_unicorn_sampler_interval'] = 10
+
+### Reply by email
+###! Allow users to comment on issues and merge requests by replying to
+###! notification emails.
+###! Docs: https://docs.gitlab.com/ce/administration/reply_by_email.html
+# gitlab_rails['incoming_email_enabled'] = true
+
+#### Incoming Email Address
+####! The email address including the `%{key}` placeholder that will be replaced
+####! to reference the item being replied to.
+####! **The placeholder can be omitted but if present, it must appear in the
+####!   "user" part of the address (before the `@`).**
+# gitlab_rails['incoming_email_address'] = "gitlab-incoming+%{key}@gmail.com"
+
+#### Email account username
+####! **With third party providers, this is usually the full email address.**
+####! **With self-hosted email servers, this is usually the user part of the
+####!   email address.**
+# gitlab_rails['incoming_email_email'] = "gitlab-incoming@gmail.com"
+
+#### Email account password
+# gitlab_rails['incoming_email_password'] = "[REDACTED]"
+
+#### IMAP Settings
+# gitlab_rails['incoming_email_host'] = "imap.gmail.com"
+# gitlab_rails['incoming_email_port'] = 993
+# gitlab_rails['incoming_email_ssl'] = true
+# gitlab_rails['incoming_email_start_tls'] = false
+
+#### Incoming Mailbox Settings
+####! The mailbox where incoming mail will end up. Usually "inbox".
+# gitlab_rails['incoming_email_mailbox_name'] = "inbox"
+####! The IDLE command timeout.
+# gitlab_rails['incoming_email_idle_timeout'] = 60
+
+### Job Artifacts
+# gitlab_rails['artifacts_enabled'] = true
+# gitlab_rails['artifacts_path'] = "/mnt/storage/artifacts"
+# gitlab_rails['artifacts_object_store_enabled'] = false
+# gitlab_rails['artifacts_object_store_remote_directory'] = "artifacts"
+# gitlab_rails['artifacts_object_store_connection'] = {
+#   'provider' => 'AWS',
+#   'region' => 'eu-west-1',
+#   'aws_access_key_id' => 'AWS_ACCESS_KEY_ID',
+#   'aws_secret_access_key' => 'AWS_SECRET_ACCESS_KEY'
+# }
+
+### Git LFS
+# gitlab_rails['lfs_enabled'] = true
+# gitlab_rails['lfs_storage_path'] = "/mnt/storage/lfs-objects"
+
+### Usage Statistics
+# gitlab_rails['usage_ping_enabled'] = true
+
+### GitLab Mattermost
+###! These settings are void if Mattermost is installed on the same omnibus
+###! install
+# gitlab_rails['mattermost_host'] = "https://mattermost.example.com"
+
+### LDAP Settings
+###! Docs: https://docs.gitlab.com/omnibus/settings/ldap.html
+###! **Be careful not to break the indentation in the ldap_servers block. It is
+###!   in yaml format and the spaces must be retained. Using tabs will not work.**
+
+# gitlab_rails['ldap_enabled'] = false
+
+###! **remember to close this block with 'EOS' below**
+# gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
+#   main: # 'main' is the GitLab 'provider ID' of this LDAP server
+#     label: 'LDAP'
+#     host: '_your_ldap_server'
+#     port: 389
+#     uid: 'sAMAccountName'
+#     bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
+#     password: '_the_password_of_the_bind_user'
+#     encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
+#     verify_certificates: true
+#     ca_file: ''
+#     ssl_version: ''
+#     active_directory: true
+#     allow_username_or_email_login: false
+#     block_auto_created_users: false
+#     base: ''
+#     user_filter: ''
+#     attributes:
+#       username: ['uid', 'userid', 'sAMAccountName']
+#       email:    ['mail', 'email', 'userPrincipalName']
+#       name:       'cn'
+#       first_name: 'givenName'
+#       last_name:  'sn'
+#     ## EE only
+#     group_base: ''
+#     admin_group: ''
+#     sync_ssh_keys: false
+#
+#   secondary: # 'secondary' is the GitLab 'provider ID' of second LDAP server
+#     label: 'LDAP'
+#     host: '_your_ldap_server'
+#     port: 389
+#     uid: 'sAMAccountName'
+#     bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
+#     password: '_the_password_of_the_bind_user'
+#     encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
+#     verify_certificates: true
+#     ca_file: ''
+#     ssl_version: ''
+#     active_directory: true
+#     allow_username_or_email_login: false
+#     block_auto_created_users: false
+#     base: ''
+#     user_filter: ''
+#     attributes:
+#       username: ['uid', 'userid', 'sAMAccountName']
+#       email:    ['mail', 'email', 'userPrincipalName']
+#       name:       'cn'
+#       first_name: 'givenName'
+#       last_name:  'sn'
+#     ## EE only
+#     group_base: ''
+#     admin_group: ''
+#     sync_ssh_keys: false
+# EOS
+
+### OmniAuth Settings
+###! Docs: https://docs.gitlab.com/ce/integration/omniauth.html
+# gitlab_rails['omniauth_enabled'] = false
+# gitlab_rails['omniauth_allow_single_sign_on'] = ['saml']
+# gitlab_rails['omniauth_sync_email_from_provider'] = 'saml'
+# gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'
+# gitlab_rails['omniauth_block_auto_created_users'] = true
+# gitlab_rails['omniauth_auto_link_ldap_user'] = false
+# gitlab_rails['omniauth_auto_link_saml_user'] = false
+# gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2']
+# gitlab_rails['omniauth_providers'] = [
+#   {
+#     "name" => "google_oauth2",
+#     "app_id" => "YOUR APP ID",
+#     "app_secret" => "YOUR APP SECRET",
+#     "args" => { "access_type" => "offline", "approval_prompt" => "" }
+#   }
+# ]
+
+### Backup Settings
+###! Docs: https://docs.gitlab.com/omnibus/settings/backups.html
+
+# gitlab_rails['manage_backup_path'] = true
+# gitlab_rails['backup_path'] = "/var/opt/gitlab/backups"
+
+###! Docs: https://docs.gitlab.com/ce/raketasks/backup_restore.html#backup-archive-permissions
+# gitlab_rails['backup_archive_permissions'] = 0644
+
+# gitlab_rails['backup_pg_schema'] = 'public'
+
+###! The duration in seconds to keep backups before they are allowed to be deleted
+# gitlab_rails['backup_keep_time'] = 604800
+
+# gitlab_rails['backup_upload_connection'] = {
+#   'provider' => 'AWS',
+#   'region' => 'eu-west-1',
+#   'aws_access_key_id' => 'AKIAKIAKI',
+#   'aws_secret_access_key' => 'secret123'
+# }
+# gitlab_rails['backup_upload_remote_directory'] = 'my.s3.bucket'
+# gitlab_rails['backup_multipart_chunk_size'] = 104857600
+
+###! **Turns on AWS Server-Side Encryption with Amazon S3-Managed Keys for
+###!   backups**
+# gitlab_rails['backup_encryption'] = 'AES256'
+
+###! **Specifies Amazon S3 storage class to use for backups. Valid values
+###!   include 'STANDARD', 'STANDARD_IA', 'GLACIER', and
+###!   'REDUCED_REDUNDANCY'**
+# gitlab_rails['backup_storage_class'] = 'STANDARD'
+
+### For setting up different data storing directory
+###! Docs: https://docs.gitlab.com/omnibus/settings/configuration.html#storing-git-data-in-an-alternative-directory
+###! **If you want to use a single non-default directory to store git data use a
+###!   path that doesn't contain symlinks.**
+# git_data_dirs({
+#   "default" => {
+#     "path" => "/mnt/nfs-01/git-data",
+#     "failure_count_threshold" => 10,
+#     "failure_wait_time" => 30,
+#     "failure_reset_time" => 1800,
+#     "storage_timeout" => 30
+#    }
+# })
+
+### Gitaly settings
+# gitlab_rails['gitaly_token'] = 'secret token'
+
+### For storing GitLab application uploads, eg. LFS objects, build artifacts
+###! Docs: https://docs.gitlab.com/ce/development/shared_files.html
+# gitlab_rails['shared_path'] = '/var/opt/gitlab/gitlab-rails/shared'
+
+### GitLab Shell settings for GitLab
+# gitlab_rails['gitlab_shell_ssh_port'] = 22
+# gitlab_rails['git_max_size'] = 20971520
+# gitlab_rails['git_timeout'] = 10
+# gitlab_rails['gitlab_shell_git_timeout'] = 800
+
+### Extra customization
+# gitlab_rails['extra_google_analytics_id'] = '_your_tracking_id'
+# gitlab_rails['extra_piwik_url'] = '_your_piwik_url'
+# gitlab_rails['extra_piwik_site_id'] = '_your_piwik_site_id'
+
+##! Docs: https://docs.gitlab.com/omnibus/settings/environment-variables.html
+# gitlab_rails['env'] = {
+#   'BUNDLE_GEMFILE' => "/opt/gitlab/embedded/service/gitlab-rails/Gemfile",
+#   'PATH' => "/opt/gitlab/bin:/opt/gitlab/embedded/bin:/bin:/usr/bin"
+# }
+
+# gitlab_rails['rack_attack_git_basic_auth'] = {
+#   'enabled' => true,
+#   'ip_whitelist' => ["127.0.0.1"],
+#   'maxretry' => 10,
+#   'findtime' => 60,
+#   'bantime' => 3600
+# }
+
+# gitlab_rails['rack_attack_protected_paths'] = [
+#   '/users/password',
+#   '/users/sign_in',
+#   '/api/#{API::API.version}/session.json',
+#   '/api/#{API::API.version}/session',
+#   '/users',
+#   '/users/confirmation',
+#   '/unsubscribes/',
+#   '/import/github/personal_access_token'
+# ]
+
+###! **We do not recommend changing these directories.**
+# gitlab_rails['dir'] = "/var/opt/gitlab/gitlab-rails"
+# gitlab_rails['log_directory'] = "/var/log/gitlab/gitlab-rails"
+
+### GitLab application settings
+# gitlab_rails['uploads_directory'] = "/var/opt/gitlab/gitlab-rails/uploads"
+# gitlab_rails['rate_limit_requests_per_period'] = 10
+# gitlab_rails['rate_limit_period'] = 60
+
+#### Change the initial default admin password and shared runner registraion tokens.
+####! **Only applicable on initial setup, changing these settings after database
+####!   is created and seeded won't yield any change.**
+# gitlab_rails['initial_root_password'] = "password"
+# gitlab_rails['initial_shared_runners_registration_token'] = "token"
+
+#### Enable or disable automatic database migrations
+# gitlab_rails['auto_migrate'] = true
+
+#### This is advanced feature used by large gitlab deployments where loading
+#### whole RAILS env takes a lot of time.
+# gitlab_rails['rake_cache_clear'] = true
+
+### GitLab database settings
+###! Docs: https://docs.gitlab.com/omnibus/settings/database.html
+###! **Only needed if you use an external database.**
+# gitlab_rails['db_adapter'] = "postgresql"
+# gitlab_rails['db_encoding'] = "unicode"
+# gitlab_rails['db_collation'] = nil
+# gitlab_rails['db_database'] = "gitlabhq_production"
+# gitlab_rails['db_pool'] = 10
+# gitlab_rails['db_username'] = "gitlab"
+# gitlab_rails['db_password'] = nil
+# gitlab_rails['db_host'] = nil
+# gitlab_rails['db_port'] = 5432
+# gitlab_rails['db_socket'] = nil
+# gitlab_rails['db_sslmode'] = nil
+# gitlab_rails['db_sslrootcert'] = nil
+# gitlab_rails['db_prepared_statements'] = true
+# gitlab_rails['db_statements_limit'] = 1000
+
+
+### GitLab Redis settings
+###! Connect to your own Redis instance
+###! Docs: https://docs.gitlab.com/omnibus/settings/redis.html
+
+#### Redis TCP connection
+# gitlab_rails['redis_host'] = "127.0.0.1"
+# gitlab_rails['redis_port'] = 6379
+# gitlab_rails['redis_password'] = nil
+# gitlab_rails['redis_database'] = 0
+
+#### Redis local UNIX socket (will be disabled if TCP method is used)
+# gitlab_rails['redis_socket'] = "/var/opt/gitlab/redis/redis.socket"
+
+#### Sentinel support
+####! To have Sentinel working, you must enable Redis TCP connection support
+####! above and define a few Sentinel hosts below (to get a reliable setup
+####! at least 3 hosts).
+####! **You don't need to list every sentinel host, but the ones not listed will
+####!   not be used in a fail-over situation to query for the new master.**
+# gitlab_rails['redis_sentinels'] = [
+#   {'host' => '127.0.0.1', 'port' => 26379},
+# ]
+
+### GitLab email server settings
+###! Docs: https://docs.gitlab.com/omnibus/settings/smtp.html
+###! **Use smtp instead of sendmail/postfix.**
+
+# gitlab_rails['smtp_enable'] = true
+# gitlab_rails['smtp_address'] = "smtp.server"
+# gitlab_rails['smtp_port'] = 465
+# gitlab_rails['smtp_user_name'] = "smtp user"
+# gitlab_rails['smtp_password'] = "smtp password"
+# gitlab_rails['smtp_domain'] = "example.com"
+# gitlab_rails['smtp_authentication'] = "login"
+# gitlab_rails['smtp_enable_starttls_auto'] = true
+# gitlab_rails['smtp_tls'] = false
+
+###! **Can be: 'none', 'peer', 'client_once', 'fail_if_no_peer_cert'**
+###! Docs: http://api.rubyonrails.org/classes/ActionMailer/Base.html
+# gitlab_rails['smtp_openssl_verify_mode'] = 'none'
+
+# gitlab_rails['smtp_ca_path'] = "/etc/ssl/certs"
+# gitlab_rails['smtp_ca_file'] = "/etc/ssl/certs/ca-certificates.crt"
+
+################################################################################
+## Container Registry settings
+##! Docs: https://docs.gitlab.com/ce/administration/container_registry.html
+################################################################################
+
+# registry_external_url 'https://registry.gitlab.example.com'
+
+### Settings used by GitLab application
+# gitlab_rails['registry_enabled'] = true
+# gitlab_rails['registry_host'] = "registry.gitlab.example.com"
+# gitlab_rails['registry_port'] = "5005"
+# gitlab_rails['registry_path'] = "/var/opt/gitlab/gitlab-rails/shared/registry"
+
+###! **Do not change the following 3 settings unless you know what you are
+###!   doing**
+# gitlab_rails['registry_api_url'] = "http://localhost:5000"
+# gitlab_rails['registry_key_path'] = "/var/opt/gitlab/gitlab-rails/certificate.key"
+# gitlab_rails['registry_issuer'] = "omnibus-gitlab-issuer"
+
+### Settings used by Registry application
+# registry['enable'] = true
+# registry['username'] = "registry"
+# registry['group'] = "registry"
+# registry['uid'] = nil
+# registry['gid'] = nil
+# registry['dir'] = "/var/opt/gitlab/registry"
+# registry['registry_http_addr'] = "localhost:5000"
+# registry['debug_addr'] = "localhost:5001"
+# registry['log_directory'] = "/var/log/gitlab/registry"
+# registry['log_level'] = "info"
+# registry['rootcertbundle'] = "/var/opt/gitlab/registry/certificate.crt"
+# registry['storage_delete_enabled'] = true
+
+### Registry backend storage
+###! Docs: https://docs.gitlab.com/ce/administration/container_registry.html#container-registry-storage-driver
+# registry['storage'] = {
+#   's3' => {
+#     'accesskey' => 'AKIAKIAKI',
+#     'secretkey' => 'secret123',
+#     'bucket' => 'gitlab-registry-bucket-AKIAKIAKI'
+#   }
+# }
+
+### Registry notifications endpoints
+# registry['notifications'] = [
+#   {
+#     'name' => 'test_endpoint',
+#     'url' => 'https://gitlab.example.com/notify2',
+#     'timeout' => '500ms',
+#     'threshold' => 5,
+#     'backoff' => '1s',
+#     'headers' => {
+#       "Authorization" => ["AUTHORIZATION_EXAMPLE_TOKEN"]
+#     }
+#   }
+# ]
+### Default registry notifications
+# registry['default_notifications_timeout'] = "500ms"
+# registry['default_notifications_threshold'] = 5
+# registry['default_notifications_backoff'] = "1s"
+# registry['default_notifications_headers'] = {}
+
+
+
+################################################################################
+## GitLab Workhorse
+##! Docs: https://gitlab.com/gitlab-org/gitlab-workhorse/blob/master/README.md
+################################################################################
+
+# gitlab_workhorse['enable'] = true
+# gitlab_workhorse['ha'] = false
+# gitlab_workhorse['listen_network'] = "unix"
+# gitlab_workhorse['listen_umask'] = 000
+# gitlab_workhorse['listen_addr'] = "/var/opt/gitlab/gitlab-workhorse/socket"
+# gitlab_workhorse['auth_backend'] = "http://localhost:8080"
+
+##! the empty string is the default in gitlab-workhorse option parser
+# gitlab_workhorse['auth_socket'] = "''"
+
+##! put an empty string on the command line
+# gitlab_workhorse['pprof_listen_addr'] = "''"
+
+##! put an empty string on the command line
+# gitlab_workhorse['prometheus_listen_addr'] = "''"
+
+# gitlab_workhorse['dir'] = "/var/opt/gitlab/gitlab-workhorse"
+# gitlab_workhorse['log_directory'] = "/var/log/gitlab/gitlab-workhorse"
+# gitlab_workhorse['proxy_headers_timeout'] = "1m0s"
+
+##! limit number of concurrent API requests, defaults to 0 which is unlimited
+# gitlab_workhorse['api_limit'] = 0
+
+##! limit number of API requests allowed to be queued, defaults to 0 which
+##! disables queuing
+# gitlab_workhorse['api_queue_limit'] = 0
+
+##! duration after which we timeout requests if they sit too long in the queue
+# gitlab_workhorse['api_queue_duration'] = "30s"
+
+##! Long polling duration for job requesting for runners
+# gitlab_workhorse['api_ci_long_polling_duration'] = "60s"
+
+# gitlab_workhorse['env'] = {
+#   'PATH' => "/opt/gitlab/bin:/opt/gitlab/embedded/bin:/bin:/usr/bin"
+# }
+
+################################################################################
+## GitLab User Settings
+##! Modify default git user.
+##! Docs: https://docs.gitlab.com/omnibus/settings/configuration.html#changing-the-name-of-the-git-user-group
+################################################################################
+
+# user['username'] = "git"
+# user['group'] = "git"
+# user['uid'] = nil
+# user['gid'] = nil
+
+##! The shell for the git user
+# user['shell'] = "/bin/sh"
+
+##! The home directory for the git user
+# user['home'] = "/var/opt/gitlab"
+
+# user['git_user_name'] = "GitLab"
+# user['git_user_email'] = "gitlab@#{node['fqdn']}"
+
+################################################################################
+## GitLab Unicorn
+##! Tweak unicorn settings.
+##! Docs: https://docs.gitlab.com/omnibus/settings/unicorn.html
+################################################################################
+
+# unicorn['worker_timeout'] = 60
+###! Minimum worker_processes is 2 at this moment
+###! See https://gitlab.com/gitlab-org/gitlab-ce/issues/18771
+# unicorn['worker_processes'] = 2
+
+### Advanced settings
+# unicorn['listen'] = '127.0.0.1'
+# unicorn['port'] = 8080
+# unicorn['socket'] = '/var/opt/gitlab/gitlab-rails/sockets/gitlab.socket'
+# unicorn['pidfile'] = '/opt/gitlab/var/unicorn/unicorn.pid'
+# unicorn['tcp_nopush'] = true
+# unicorn['backlog_socket'] = 1024
+
+###! **Make sure somaxconn is equal or higher then backlog_socket**
+# unicorn['somaxconn'] = 1024
+
+###! **We do not recommend changing this setting**
+# unicorn['log_directory'] = "/var/log/gitlab/unicorn"
+
+### **Only change these settings if you understand well what they mean**
+###! Docs: https://about.gitlab.com/2015/06/05/how-gitlab-uses-unicorn-and-unicorn-worker-killer/
+###!       https://github.com/kzk/unicorn-worker-killer
+# unicorn['worker_memory_limit_min'] = "400 * 1 << 20"
+# unicorn['worker_memory_limit_max'] = "650 * 1 << 20"
+
+################################################################################
+## GitLab Sidekiq
+################################################################################
+
+# sidekiq['log_directory'] = "/var/log/gitlab/sidekiq"
+# sidekiq['shutdown_timeout'] = 4
+# sidekiq['concurrency'] = 25
+
+################################################################################
+## gitlab-shell
+################################################################################
+
+# gitlab_shell['audit_usernames'] = false
+# gitlab_shell['log_level'] = 'INFO'
+# gitlab_shell['http_settings'] = { user: 'username', password: 'password', ca_file: '/etc/ssl/cert.pem', ca_path: '/etc/pki/tls/certs', self_signed_cert: false}
+# gitlab_shell['log_directory'] = "/var/log/gitlab/gitlab-shell/"
+# gitlab_shell['custom_hooks_dir'] = "/opt/gitlab/embedded/service/gitlab-shell/hooks"
+
+# gitlab_shell['auth_file'] = "/var/opt/gitlab/.ssh/authorized_keys"
+
+### Git trace log file.
+###! If set, git commands receive GIT_TRACE* environment variables
+###! Docs: https://git-scm.com/book/es/v2/Git-Internals-Environment-Variables#Debugging
+###! An absolute path starting with / – the trace output will be appended to
+###! that file. It needs to exist so we can check permissions and avoid
+###! throwing warnings to the users.
+# gitlab_shell['git_trace_log_file'] = "/var/log/gitlab/gitlab-shell/gitlab-shell-git-trace.log"
+
+##! **We do not recommend changing this directory.**
+# gitlab_shell['dir'] = "/var/opt/gitlab/gitlab-shell"
+
+################################################################
+## GitLab PostgreSQL
+################################################################
+
+###! Changing any of these settings requires a restart of postgresql.
+###! By default, reconfigure reloads postgresql if it is running. If you
+###! change any of these settings, be sure to run `gitlab-ctl restart postgresql`
+###! after reconfigure in order for the changes to take effect.
+# postgresql['enable'] = true
+# postgresql['listen_address'] = nil
+# postgresql['port'] = 5432
+# postgresql['data_dir'] = "/var/opt/gitlab/postgresql/data"
+
+##! **recommend value is 1/4 of total RAM, up to 14GB.**
+# postgresql['shared_buffers'] = "256MB"
+
+### Advanced settings
+# postgresql['ha'] = false
+# postgresql['dir'] = "/var/opt/gitlab/postgresql"
+# postgresql['log_directory'] = "/var/log/gitlab/postgresql"
+# postgresql['username'] = "gitlab-psql"
+# postgresql['uid'] = nil
+# postgresql['gid'] = nil
+# postgresql['shell'] = "/bin/sh"
+# postgresql['home'] = "/var/opt/gitlab/postgresql"
+# postgresql['user_path'] = "/opt/gitlab/embedded/bin:/opt/gitlab/bin:$PATH"
+# postgresql['sql_user'] = "gitlab"
+# postgresql['max_connections'] = 200
+# postgresql['md5_auth_cidr_addresses'] = []
+# postgresql['trust_auth_cidr_addresses'] = []
+# postgresql['wal_buffers'] = "-1"
+# postgresql['autovacuum_max_workers'] = "3"
+# postgresql['autovacuum_freeze_max_age'] = "200000000"
+# postgresql['track_activity_query_size'] = "1024"
+# postgresql['shared_preload_libraries'] = nil
+# postgresql['dynamic_shared_memory_type'] = nil
+# postgresql['hot_standby'] = "off"
+
+### Replication settings
+###! Note, some replication settings do not require a full restart. They are documented below.
+# postgresql['wal_level'] = "hot_standby"
+# postgresql['max_wal_senders'] = 5
+# postgresql['max_replication_slots'] = 0
+# postgresql['max_locks_per_transaction'] = 128
+
+# Backup/Archive settings
+# default['gitlab']['postgresql']['archive_mode'] = "off"
+
+###! Changing any of these settings only requires a reload of postgresql. You do not need to
+###! restart postgresql if you change any of these and run reconfigure.
+# postgresql['work_mem'] = "16MB"
+# postgresql['maintenance_work_mem'] = "16MB"
+# postgresql['checkpoint_segments'] = 10
+# postgresql['checkpoint_timeout'] = "5min"
+# postgresql['checkpoint_completion_target'] = 0.9
+# postgresql['checkpoint_warning'] = "30s"
+# postgresql['effective_cache_size'] = "1MB"
+# postgresql['shmmax'] =  17179869184 # or 4294967295
+# postgresql['shmall'] =  4194304 # or 1048575
+# postgresql['autovacuum'] = "on"
+# postgresql['log_autovacuum_min_duration'] = "-1"
+# postgresql['autovacuum_naptime'] = "1min"
+# postgresql['autovacuum_vacuum_threshold'] = "50"
+# postgresql['autovacuum_analyze_threshold'] = "50"
+# postgresql['autovacuum_vacuum_scale_factor'] = "0.02"
+# postgresql['autovacuum_analyze_scale_factor'] = "0.01"
+# postgresql['autovacuum_vacuum_cost_delay'] = "20ms"
+# postgresql['autovacuum_vacuum_cost_limit'] = "-1"
+# postgresql['statement_timeout'] = "60000"
+# postgresql['idle_in_transaction_session_timeout'] = "60000"
+# postgresql['log_line_prefix'] = "%a"
+
+### Available in PostgreSQL 9.6 and later
+# postgresql['min_wal_size'] = 80MB
+# postgresql['max_wal_size'] = 1GB
+
+# Backup/Archive settings
+# default['gitlab']['postgresql']['archive_command'] = nil
+# default['gitlab']['postgresql']['archive_timeout'] = "60"
+
+### Replication settings
+# postgresql['sql_replication_user'] = "gitlab_replicator"
+# postgresql['wal_keep_segments'] = 10
+# postgresql['max_standby_archive_delay'] = "30s"
+# postgresql['max_standby_streaming_delay'] = "30s"
+# postgresql['synchronous_commit'] = on
+# postgresql['synchronous_standby_names'] = ''
+# postgresql['hot_standby_feedback'] = 'off'
+# postgresql['random_page_cost'] = 2.0
+# postgresql['log_temp_files'] = -1
+# postgresql['log_checkpoints'] = 'off'
+# To add custom entries to pg_hba.conf use the following
+# postgresql['custom_pg_hba_entries'] = {
+#   APPLICATION: { # APPLICATION should identify what the settings are used for
+#     type: example,
+#     database: example,
+#     user: example,
+#     cidr: example,
+#     method: example,
+#     option: exmple
+#   }
+# }
+# See https://www.postgresql.org/docs/9.6/static/auth-pg-hba-conf.html for an explanation
+# of the values
+
+
+################################################################################
+## GitLab Redis
+##! **Can be disabled if you are using your own Redis instance.**
+##! Docs: https://docs.gitlab.com/omnibus/settings/redis.html
+################################################################################
+
+# redis['enable'] = true
+# redis['username'] = "gitlab-redis"
+# redis['maxclients'] = "10000"
+# redis['tcp_timeout'] = "60"
+# redis['tcp_keepalive'] = "300"
+# redis['uid'] = nil
+# redis['gid'] = nil
+
+###! **To enable only Redis service in this machine, uncomment
+###!   one of the lines below (choose master or slave instance types).**
+###! Docs: https://docs.gitlab.com/omnibus/settings/redis.html
+###!       https://docs.gitlab.com/ce/administration/high_availability/redis.html
+# redis_master_role['enable'] = true
+# redis_slave_role['enable'] = true
+
+### Redis TCP support (will disable UNIX socket transport)
+# redis['bind'] = '0.0.0.0' # or specify an IP to bind to a single one
+# redis['port'] = 6379
+# redis['password'] = 'redis-password-goes-here'
+
+### Redis Sentinel support
+###! **You need a master slave Redis replication to be able to do failover**
+###! **Please read the documentation before enabling it to understand the
+###!   caveats:**
+###! Docs: https://docs.gitlab.com/ce/administration/high_availability/redis.html
+
+### Replication support
+#### Slave Redis instance
+# redis['master'] = false # by default this is true
+
+#### Slave and Sentinel shared configuration
+####! **Both need to point to the master Redis instance to get replication and
+####!   heartbeat monitoring**
+# redis['master_name'] = 'gitlab-redis'
+# redis['master_ip'] = nil
+# redis['master_port'] = 6379
+
+####! **Master password should have the same value defined in
+####!   redis['password'] to enable the instance to transition to/from
+####!   master/slave in a failover event.**
+# redis['master_password'] = 'redis-password-goes-here'
+
+####! Increase these values when your slaves can't catch up with master
+# redis['client_output_buffer_limit_normal'] = '0 0 0'
+# redis['client_output_buffer_limit_slave'] = '256mb 64mb 60'
+# redis['client_output_buffer_limit_pubsub'] = '32mb 8mb 60'
+
+################################################################################
+## GitLab Web server
+##! Docs: https://docs.gitlab.com/omnibus/settings/nginx.html#using-a-non-bundled-web-server
+################################################################################
+
+##! When bundled nginx is disabled we need to add the external webserver user to
+##! the GitLab webserver group.
+# web_server['external_users'] = []
+# web_server['username'] = 'gitlab-www'
+# web_server['group'] = 'gitlab-www'
+# web_server['uid'] = nil
+# web_server['gid'] = nil
+# web_server['shell'] = '/bin/false'
+# web_server['home'] = '/var/opt/gitlab/nginx'
+
+################################################################################
+## GitLab NGINX
+##! Docs: https://docs.gitlab.com/omnibus/settings/nginx.html
+################################################################################
+
+# nginx['enable'] = true
+# nginx['client_max_body_size'] = '250m'
+# nginx['redirect_http_to_https'] = false
+# nginx['redirect_http_to_https_port'] = 80
+
+##! Most root CA's are included by default
+# nginx['ssl_client_certificate'] = "/etc/gitlab/ssl/ca.crt"
+
+##! enable/disable 2-way SSL client authentication
+# nginx['ssl_verify_client'] = "off"
+
+##! if ssl_verify_client on, verification depth in the client certificates chain
+# nginx['ssl_verify_depth'] = "1"
+
+# nginx['ssl_certificate'] = "/etc/gitlab/ssl/#{node['fqdn']}.crt"
+# nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/#{node['fqdn']}.key"
+# nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
+# nginx['ssl_prefer_server_ciphers'] = "on"
+
+##! **Recommended by: https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
+##!                   https://cipherli.st/**
+# nginx['ssl_protocols'] = "TLSv1 TLSv1.1 TLSv1.2"
+
+##! **Recommended in: https://nginx.org/en/docs/http/ngx_http_ssl_module.html**
+# nginx['ssl_session_cache'] = "builtin:1000  shared:SSL:10m"
+
+##! **Default according to https://nginx.org/en/docs/http/ngx_http_ssl_module.html**
+# nginx['ssl_session_timeout'] = "5m"
+
+# nginx['ssl_dhparam'] = nil # Path to dhparams.pem, eg. /etc/gitlab/ssl/dhparams.pem
+# nginx['listen_addresses'] = ['*', '[::]']
+
+##! **Defaults to forcing web browsers to always communicate using only HTTPS**
+##! Docs: https://docs.gitlab.com/omnibus/settings/nginx.html#setting-http-strict-transport-security
+# nginx['hsts_max_age'] = 31536000
+# nginx['hsts_include_subdomains'] = false
+
+##! **Override only if you use a reverse proxy**
+##! Docs: https://docs.gitlab.com/omnibus/settings/nginx.html#setting-the-nginx-listen-port
+# nginx['listen_port'] = nil
+
+##! **Override only if your reverse proxy internally communicates over HTTP**
+##! Docs: https://docs.gitlab.com/omnibus/settings/nginx.html#supporting-proxied-ssl
+# nginx['listen_https'] = nil
+
+# nginx['custom_gitlab_server_config'] = "location ^~ /foo-namespace/bar-project/raw/ {\n deny all;\n}\n"
+# nginx['custom_nginx_config'] = "include /etc/nginx/conf.d/example.conf;"
+# nginx['proxy_read_timeout'] = 3600
+# nginx['proxy_connect_timeout'] = 300
+# nginx['proxy_set_headers'] = {
+#  "Host" => "$http_host_with_default",
+#  "X-Real-IP" => "$remote_addr",
+#  "X-Forwarded-For" => "$proxy_add_x_forwarded_for",
+#  "X-Forwarded-Proto" => "https",
+#  "X-Forwarded-Ssl" => "on",
+#  "Upgrade" => "$http_upgrade",
+#  "Connection" => "$connection_upgrade"
+# }
+# nginx['proxy_cache_path'] = 'proxy_cache keys_zone=gitlab:10m max_size=1g levels=1:2'
+# nginx['proxy_cache'] = 'gitlab'
+# nginx['http2_enabled'] = true
+# nginx['real_ip_trusted_addresses'] = []
+# nginx['real_ip_header'] = nil
+# nginx['real_ip_recursive'] = nil
+# nginx['custom_error_pages'] = {
+#   '404' => {
+#     'title' => 'Example title',
+#     'header' => 'Example header',
+#     'message' => 'Example message'
+#   }
+# }
+
+### Advanced settings
+# nginx['dir'] = "/var/opt/gitlab/nginx"
+# nginx['log_directory'] = "/var/log/gitlab/nginx"
+# nginx['worker_processes'] = 4
+# nginx['worker_connections'] = 10240
+# nginx['log_format'] = '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"'
+# nginx['sendfile'] = 'on'
+# nginx['tcp_nopush'] = 'on'
+# nginx['tcp_nodelay'] = 'on'
+# nginx['gzip'] = "on"
+# nginx['gzip_http_version'] = "1.0"
+# nginx['gzip_comp_level'] = "2"
+# nginx['gzip_proxied'] = "any"
+# nginx['gzip_types'] = [ "text/plain", "text/css", "application/x-javascript", "text/xml", "application/xml", "application/xml+rss", "text/javascript", "application/json" ]
+# nginx['keepalive_timeout'] = 65
+# nginx['cache_max_size'] = '5000m'
+# nginx['server_names_hash_bucket_size'] = 64
+
+### Nginx status
+# nginx['status'] = {
+#  "enable" => true,
+#  "listen_addresses" => ["127.0.0.1"],
+#  "fqdn" => "dev.example.com",
+#  "port" => 9999,
+#  "options" => {
+#    "stub_status" => "on", # Turn on stats
+#    "server_tokens" => "off", # Don't show the version of NGINX
+#    "access_log" => "off", # Disable logs for stats
+#    "allow" => "127.0.0.1", # Only allow access from localhost
+#    "deny" => "all" # Deny access to anyone else
+#  }
+# }
+
+################################################################################
+## GitLab Logging
+##! Docs: https://docs.gitlab.com/omnibus/settings/logs.html
+################################################################################
+
+# logging['svlogd_size'] = 200 * 1024 * 1024 # rotate after 200 MB of log data
+# logging['svlogd_num'] = 30 # keep 30 rotated log files
+# logging['svlogd_timeout'] = 24 * 60 * 60 # rotate after 24 hours
+# logging['svlogd_filter'] = "gzip" # compress logs with gzip
+# logging['svlogd_udp'] = nil # transmit log messages via UDP
+# logging['svlogd_prefix'] = nil # custom prefix for log messages
+# logging['logrotate_frequency'] = "daily" # rotate logs daily
+# logging['logrotate_size'] = nil # do not rotate by size by default
+# logging['logrotate_rotate'] = 30 # keep 30 rotated logs
+# logging['logrotate_compress'] = "compress" # see 'man logrotate'
+# logging['logrotate_method'] = "copytruncate" # see 'man logrotate'
+# logging['logrotate_postrotate'] = nil # no postrotate command by default
+# logging['logrotate_dateformat'] = nil # use date extensions for rotated files rather than numbers e.g. a value of "-%Y-%m-%d" would give rotated files like production.log-2016-03-09.gz
+
+### UDP log forwarding
+##! Docs: http://docs.gitlab.com/omnibus/settings/logs.html#udp-log-forwarding
+
+##! remote host to ship log messages to via UDP
+# logging['udp_log_shipping_host'] = nil
+
+##! remote port to ship log messages to via UDP
+# logging['udp_log_shipping_port'] = 514
+
+################################################################################
+## Logrotate
+##! Docs: https://docs.gitlab.com/omnibus/settings/logs.html#logrotate
+##! You can disable built in logrotate feature.
+################################################################################
+# logrotate['enable'] = true
+
+################################################################################
+## Users and groups accounts
+##! Disable management of users and groups accounts.
+##! **Set only if creating accounts manually**
+##! Docs: https://docs.gitlab.com/omnibus/settings/configuration.html#disable-user-and-group-account-management
+################################################################################
+
+# manage_accounts['enable'] = false
+
+################################################################################
+## Storage directories
+##! Disable managing storage directories
+##! Docs: https://docs.gitlab.com/omnibus/settings/configuration.html#disable-storage-directories-management
+################################################################################
+
+##! **Set only if the select directories are created manually**
+# manage_storage_directories['enable'] = false
+# manage_storage_directories['manage_etc'] = false
+
+################################################################################
+## Runtime directory
+##! Docs: https://docs.gitlab.com//omnibus/settings/configuration.html#configuring-runtime-directory
+################################################################################
+
+# runtime_dir '/run'
+
+################################################################################
+## Git
+##! Advanced setting for configuring git system settings for omnibus-gitlab
+##! internal git
+################################################################################
+
+##! For multiple options under one header use array of comma separated values,
+##! eg.:
+##! { "receive" => ["fsckObjects = true"], "alias" => ["st = status", "co = checkout"] }
+
+# omnibus_gitconfig['system'] = {
+#  "pack" => ["threads = 1"],
+#  "receive" => ["fsckObjects = true"],
+#  "repack" => ["writeBitmaps = true"],
+#  "transfer" => ["hideRefs=^refs/tmp/", "hideRefs=^refs/keep-around/"],
+# }
+
+################################################################################
+## GitLab Pages
+##! Docs: https://docs.gitlab.com/ce/pages/administration.html
+################################################################################
+
+##! Define to enable GitLab Pages
+# pages_external_url "http://pages.example.com/"
+# gitlab_pages['enable'] = false
+
+##! Configure to expose GitLab Pages on external IP address, serving the HTTP
+# gitlab_pages['external_http'] = []
+
+##! Configure to expose GitLab Pages on external IP address, serving the HTTPS
+# gitlab_pages['external_https'] = []
+
+# gitlab_pages['listen_proxy'] = "localhost:8090"
+# gitlab_pages['redirect_http'] = true
+# gitlab_pages['use_http2'] = true
+# gitlab_pages['dir'] = "/var/opt/gitlab/gitlab-pages"
+# gitlab_pages['log_directory'] = "/var/log/gitlab/gitlab-pages"
+
+##! Prometheus metrics for Pages docs: https://gitlab.com/gitlab-org/gitlab-pages/#enable-prometheus-metrics
+# gitlab_pages['metrics_address'] = ":9235"
+
+################################################################################
+## GitLab Pages NGINX
+################################################################################
+
+# All the settings defined in the "GitLab Nginx" section are also available in this "GitLab Pages NGINX" section
+# You just have to change the key "nginx['some_settings']" with "pages_nginx['some_settings']"
+
+# Below you can find settings that are exclusive to "GitLab Pages NGINX"
+# pages_nginx['enable'] = false
+
+# gitlab_rails['pages_path'] = "/mnt/storage/pages"
+
+################################################################################
+## GitLab CI
+##! Docs: https://docs.gitlab.com/ce/ci/quick_start/README.html
+################################################################################
+
+# gitlab_ci['gitlab_ci_all_broken_builds'] = true
+# gitlab_ci['gitlab_ci_add_pusher'] = true
+# gitlab_ci['builds_directory'] = '/var/opt/gitlab/gitlab-ci/builds'
+
+################################################################################
+## GitLab Mattermost
+##! Docs: https://docs.gitlab.com/omnibus/gitlab-mattermost
+################################################################################
+
+# mattermost_external_url 'http://mattermost.example.com'
+
+# mattermost['enable'] = false
+# mattermost['username'] = 'mattermost'
+# mattermost['group'] = 'mattermost'
+# mattermost['uid'] = nil
+# mattermost['gid'] = nil
+# mattermost['home'] = '/var/opt/gitlab/mattermost'
+# mattermost['database_name'] = 'mattermost_production'
+
+# mattermost['service_use_ssl'] = false
+# mattermost['service_address'] = "127.0.0.1"
+# mattermost['service_port'] = "8065"
+# mattermost['service_site_url'] = nil
+# mattermost['service_maximum_login_attempts'] = 10
+# mattermost['service_google_developer_key'] = nil
+# mattermost['service_enable_incoming_webhooks'] = true
+# mattermost['service_enable_post_username_override'] = true
+# mattermost['service_enable_post_icon_override'] = true
+# mattermost['service_enable_testing'] = false
+# mattermost['service_enable_security_fix_alert'] = true
+# mattermost['service_enable_insecure_outgoing_connections'] = false
+# mattermost['service_allow_cors_from'] = ""
+# mattermost['service_enable_outgoing_webhooks'] = true
+# mattermost['service_enable_commands'] = true
+# mattermost['service_enable_custom_emoji'] = false
+# mattermost['service_enable_only_admin_integrations'] = true
+# mattermost['service_enable_oauth_service_provider'] = false
+# mattermost['service_enable_developer'] = false
+# mattermost['service_session_length_web_in_days'] = 30
+# mattermost['service_session_length_mobile_in_days'] = 30
+# mattermost['service_session_length_sso_in_days'] = 30
+# mattermost['service_session_cache_in_minutes'] = 10
+# mattermost['service_connection_security'] = nil
+# mattermost['service_tls_cert_file'] = nil
+# mattermost['service_tls_key_file'] = nil
+# mattermost['service_use_lets_encrypt'] = false
+# mattermost['service_lets_encrypt_cert_cache_file'] = "./config/letsencrypt.cache"
+# mattermost['service_forward_80_to_443'] = false
+# mattermost['service_read_timeout'] = 300
+# mattermost['service_write_timeout'] = 300
+# mattermost['service_time_between_user_typing_updates_milliseconds'] = 5000
+# mattermost['service_enable_link_previews'] = false
+# mattermost['service_enable_user_typing_messages'] = true
+# mattermost['service_enable_post_search'] = true
+# mattermost['service_enable_user_statuses'] = true
+# mattermost['service_enable_emoji_picker'] = true
+# mattermost['service_enable_channel_viewed_messages'] = true
+# mattermost['service_enable_apiv3'] = true
+# mattermost['service_goroutine_health_threshold'] = -1
+# mattermost['service_user_access_tokens'] = false
+
+# mattermost['team_site_name'] = "GitLab Mattermost"
+# mattermost['team_max_users_per_team'] = 150
+# mattermost['team_enable_team_creation'] = true
+# mattermost['team_enable_user_creation'] = true
+# mattermost['team_enable_open_server'] = false
+# mattermost['team_allow_public_link'] = true
+# mattermost['team_allow_valet_default'] = false
+# mattermost['team_restrict_creation_to_domains'] = "gmail.com"
+# mattermost['team_restrict_team_names'] = true
+# mattermost['team_restrict_direct_message'] = "any"
+# mattermost['team_max_channels_per_team'] = 2000
+# mattermost['team_user_status_away_timeout'] = 300
+# mattermost['team_teammate_name_display'] = "full_name"
+
+# mattermost['sql_driver_name'] = 'mysql'
+# mattermost['sql_data_source'] = "mmuser:mostest@tcp(dockerhost:3306)/mattermost_test?charset=utf8mb4,utf8"
+# mattermost['sql_data_source_replicas'] = ["mmuser:mostest@tcp(dockerhost:3306)/mattermost_test?charset=utf8mb4,utf8"]
+# mattermost['sql_max_idle_conns'] = 10
+# mattermost['sql_max_open_conns'] = 10
+# mattermost['sql_trace'] = false
+# mattermost['sql_data_source_search_replicas'] = []
+# mattermost['sql_query_timeout'] = 30
+
+
+# mattermost['log_file_directory'] = '/var/log/gitlab/mattermost/'
+# mattermost['log_console_enable'] = true
+# mattermost['log_console_level'] = 'INFO'
+# mattermost['log_enable_file'] = false
+# mattermost['log_file_level'] = 'INFO'
+# mattermost['log_file_format'] = nil
+# mattermost['log_enable_diagnostics'] = true
+
+# mattermost['gitlab_enable'] = false
+# mattermost['gitlab_id'] = "12345656"
+# mattermost['gitlab_secret'] = "123456789"
+# mattermost['gitlab_scope'] = ""
+# mattermost['gitlab_auth_endpoint'] = "http://gitlab.example.com/oauth/authorize"
+# mattermost['gitlab_token_endpoint'] = "http://gitlab.example.com/oauth/token"
+# mattermost['gitlab_user_api_endpoint'] = "http://gitlab.example.com/api/v4/user"
+
+# mattermost['aws'] = {'S3AccessKeyId' => '123', 'S3SecretAccessKey' => '123', 'S3Bucket' => 'aa', 'S3Region' => 'bb'}
+
+# mattermost['email_enable_sign_up_with_email'] = true
+# mattermost['email_enable_sign_in_with_email'] = true
+# mattermost['email_enable_sign_in_with_username'] = false
+# mattermost['email_send_email_notifications'] = false
+# mattermost['email_require_email_verification'] = false
+# mattermost['email_smtp_username'] = nil
+# mattermost['email_smtp_password'] = nil
+# mattermost['email_smtp_server'] = nil
+# mattermost['email_smtp_port'] = nil
+# mattermost['email_connection_security'] = nil
+# mattermost['email_feedback_name'] = nil
+# mattermost['email_feedback_email'] = nil
+# mattermost['email_feedback_organization'] = nil
+# mattermost['email_send_push_notifications'] = true
+# mattermost['email_push_notification_server'] = ""
+# mattermost['email_push_notification_contents'] = "generic"
+# mattermost['email_enable_batching'] = false
+# mattermost['email_batching_buffer_size'] = 256
+# mattermost['email_batching_interval'] = 30
+# mattermost['email_skip_server_certificate_verification'] = false
+# mattermost['email_smtp_auth'] = false
+# mattermost['email_notification_content_type'] = "full"
+
+# mattermost['file_max_file_size'] = 52428800
+# mattermost['file_driver_name'] = "local"
+# mattermost['file_directory'] = "/var/opt/gitlab/mattermost/data"
+# mattermost['file_enable_public_link'] = true
+# mattermost['file_initial_font'] = 'luximbi.ttf'
+# mattermost['file_amazon_s3_access_key_id'] = nil
+# mattermost['file_amazon_s3_bucket'] = nil
+# mattermost['file_amazon_s3_secret_access_key'] = nil
+# mattermost['file_amazon_s3_region'] = nil
+# mattermost["file_amazon_s3_endpoint"] = nil
+# mattermost["file_amazon_s3_bucket_endpoint"] = nil
+# mattermost["file_amazon_s3_location_constraint"] = false
+# mattermost["file_amazon_s3_lowercase_bucket"] = false
+# mattermost["file_amazon_s3_ssl"] = true
+# mattermost["file_amazon_s3_sign_v2"] = false
+# mattermost['file_enable_file_attachments'] = true
+
+# mattermost['ratelimit_enable_rate_limiter'] = false
+# mattermost['ratelimit_per_sec'] = 10
+# mattermost['ratelimit_memory_store_size'] = 10000
+# mattermost['ratelimit_vary_by_remote_addr'] = true
+# mattermost['ratelimit_vary_by_header'] = nil
+# mattermost['ratelimit_max_burst'] = 100
+
+# mattermost['support_terms_of_service_link'] = "/static/help/terms.html"
+# mattermost['support_privacy_policy_link'] = "/static/help/privacy.html"
+# mattermost['support_about_link'] = "/static/help/about.html"
+# mattermost['support_report_a_problem_link'] =  "/static/help/report_problem.html"
+# mattermost['support_email'] =  "support@example.com"
+
+# mattermost['privacy_show_email_address'] = true
+# mattermost['privacy_show_full_name'] = true
+
+# mattermost['localization_server_locale'] = "en"
+# mattermost['localization_client_locale'] = "en"
+# mattermost['localization_available_locales'] = "en,es,fr,ja,pt-BR"
+
+# mattermost['webrtc_enable'] = false
+# mattermost['webrtc_gateway_websocket_url'] = nil
+# mattermost['webrtc_gateway_admin_url'] = nil
+# mattermost['webrtc_gateway_admin_secret'] = nil
+# mattermost['webrtc_gateway_stun_uri'] = nil
+# mattermost['webrtc_gateway_turn_uri'] = nil
+# mattermost['webrtc_gateway_turn_username'] = nil
+# mattermost['webrtc_gateway_turn_shared_key'] = nil
+
+################################################################################
+## Mattermost NGINX
+################################################################################
+
+# All the settings defined in the "GitLab NGINX" section are also available in this "Mattermost NGINX" section
+# You just have to change the key "nginx['some_settings']" with "mattermost_nginx['some_settings']"
+
+# Below you can find settings that are exclusive to "Mattermost NGINX"
+# mattermost_nginx['enable'] = false
+
+# mattermost_nginx['custom_gitlab_mattermost_server_config'] = "location ^~ /foo-namespace/bar-project/raw/ {\n deny all;\n}\n"
+# mattermost_nginx['proxy_set_headers'] = {
+#   "Host" => "$http_host",
+#   "X-Real-IP" => "$remote_addr",
+#   "X-Forwarded-For" => "$proxy_add_x_forwarded_for",
+#   "X-Frame-Options" => "SAMEORIGIN",
+#   "X-Forwarded-Proto" => "https",
+#   "X-Forwarded-Ssl" => "on",
+#   "Upgrade" => "$http_upgrade",
+#   "Connection" => "$connection_upgrade"
+# }
+
+
+################################################################################
+## Registry NGINX
+################################################################################
+
+# All the settings defined in the "GitLab NGINX" section are also available in this "Registry NGINX" section
+# You just have to change the key "nginx['some_settings']" with "registry_nginx['some_settings']"
+
+# Below you can find settings that are exclusive to "Registry NGINX"
+# registry_nginx['enable'] = false
+
+# registry_nginx['proxy_set_headers'] = {
+#  "Host" => "$http_host",
+#  "X-Real-IP" => "$remote_addr",
+#  "X-Forwarded-For" => "$proxy_add_x_forwarded_for",
+#  "X-Forwarded-Proto" => "https",
+#  "X-Forwarded-Ssl" => "on"
+# }
+
+################################################################################
+## Prometheus
+##! Docs: https://docs.gitlab.com/ce/administration/monitoring/prometheus/
+################################################################################
+
+# prometheus['enable'] = true
+# prometheus['monitor_kubernetes'] = true
+# prometheus['username'] = 'gitlab-prometheus'
+# prometheus['uid'] = nil
+# prometheus['gid'] = nil
+# prometheus['shell'] = '/bin/sh'
+# prometheus['home'] = '/var/opt/gitlab/prometheus'
+# prometheus['log_directory'] = '/var/log/gitlab/prometheus'
+# prometheus['scrape_interval'] = 15
+# prometheus['scrape_timeout'] = 15
+# prometheus['chunk_encoding_version'] = 2
+#
+### Custom scrape configs
+#
+# Prometheus can scrape additional jobs via scrape_configs.  The default automatically
+# includes all of the exporters supported by the omnibus config.
+#
+# See: https://prometheus.io/docs/operating/configuration/#<scrape_config>
+#
+# Example:
+#
+# prometheus['scrape_configs'] = [
+#   {
+#     'job_name': 'example',
+#     'static_configs' => [
+#       'targets' => ['hostname:port'],
+#     ],
+#   },
+# ]
+#
+### Prometheus Memory Management
+#
+# Prometheus needs to be configured for how much memory is used.
+# * This sets the target heap size.
+# * This value accounts for approximately 2/3 of the memory used by the server.
+# * The recommended memory is 4kb per unique metrics time-series.
+# See: https://prometheus.io/docs/operating/storage/#memory-usage
+#
+# prometheus['target_heap_size'] = (
+#   # Use 25mb + 2% of total memory for Prometheus memory.
+#   26_214_400 + (node['memory']['total'].to_i * 1024 * 0.02 )
+# ).to_i
+#
+# prometheus['flags'] = {
+#   'storage.local.path' => "#{node['gitlab']['prometheus']['home']}/data",
+#   'storage.local.chunk-encoding-version' => user_config['chunk-encoding-version'],
+#   'storage.local.target-heap-size' => node['gitlab']['prometheus']['target-heap-size'],
+#   'config.file' => "#{node['gitlab']['prometheus']['home']}/prometheus.yml"
+# }
+
+##! Advanced settings. Should be changed only if absolutely needed.
+# prometheus['listen_address'] = 'localhost:9090'
+
+################################################################################
+## Prometheus Node Exporter
+##! Docs: https://docs.gitlab.com/ce/administration/monitoring/prometheus/node_exporter.html
+################################################################################
+
+# node_exporter['enable'] = true
+# node_exporter['home'] = '/var/opt/gitlab/node-exporter'
+# node_exporter['log_directory'] = '/var/log/gitlab/node-exporter'
+# node_exporter['flags'] = {
+#   'collector.textfile.directory' => "#{node['gitlab']['node-exporter']['home']}/textfile_collector"
+# }
+
+##! Advanced settings. Should be changed only if absolutely needed.
+# node_exporter['listen_address'] = 'localhost:9100'
+
+################################################################################
+## Prometheus Redis exporter
+##! Docs: https://docs.gitlab.com/ce/administration/monitoring/prometheus/redis_exporter.html
+################################################################################
+
+# redis_exporter['enable'] = true
+# redis_exporter['log_directory'] = '/var/log/gitlab/redis-exporter'
+# redis_exporter['flags'] = {
+#   'redis.addr' => "unix://#{node['gitlab']['gitlab-rails']['redis_socket']}",
+# }
+
+##! Advanced settings. Should be changed only if absolutely needed.
+# redis_exporter['listen_address'] = 'localhost:9121'
+
+################################################################################
+## Prometheus Postgres exporter
+##! Docs: https://docs.gitlab.com/ce/administration/monitoring/prometheus/postgres_exporter.html
+################################################################################
+
+# postgres_exporter['enable'] = true
+# postgres_exporter['home'] = '/var/opt/gitlab/postgres-exporter'
+# postgres_exporter['log_directory'] = '/var/log/gitlab/postgres-exporter'
+# postgres_exporter['flags'] = {}
+# postgres_exporter['listen_address'] = 'localhost:9187'
+
+################################################################################
+## Prometheus Gitlab monitor
+##! Docs: https://docs.gitlab.com/ce/administration/monitoring/prometheus/gitlab_monitor_exporter.html
+################################################################################
+
+
+# gitlab_monitor['enable'] = true
+# gitlab_monitor['log_directory'] = "/var/log/gitlab/gitlab-monitor"
+# gitlab_monitor['home'] = "/var/opt/gitlab/gitlab-monitor"
+
+##! Advanced settings. Should be changed only if absolutely needed.
+# gitlab_monitor['listen_address'] = 'localhost'
+# gitlab_monitor['listen_port'] = '9168'
+
+# To completely disable prometheus, and all of it's exporters, set to false
+# prometheus_monitoring['enable'] = true
+
+################################################################################
+## Gitaly
+##! Docs:
+################################################################################
+
+
+# gitaly['enable'] = false
+# gitaly['dir'] = "/var/opt/gitlab/gitaly"
+# gitaly['log_directory'] = "/var/log/gitlab/gitaly"
+# gitaly['bin_path'] = "/opt/gitlab/embedded/bin/gitaly"
+# gitaly['env_directory'] = "/opt/gitlab/etc/gitaly"
+# gitaly['env'] = {
+#  'PATH' => "/opt/gitlab/bin:/opt/gitlab/embedded/bin:/bin:/usr/bin",
+#  'HOME' => '/var/opt/gitlab'
+# }
+# gitaly['socket_path'] = "/var/opt/gitlab/gitaly/gitaly.socket"
+# gitaly['listen_addr'] = "localhost:8075"
+# gitaly['prometheus_listen_addr'] = "localhost:9175"
+# gitaly['logging_format'] = "json"
+# gitaly['logging_sentry_dsn'] = "https://<key>:<secret>@sentry.io/<project>"
+# gitaly['prometheus_grpc_latency_buckets'] = "[0.001, 0.005, 0.025, 0.1, 0.5, 1.0, 10.0, 30.0, 60.0, 300.0, 1500.0]"
+# gitaly['auth_token'] = '<secret>'
+# gitaly['auth_transitioning'] = false # When true, auth is logged to Prometheus but NOT enforced
+
+
+################################################################################
+################################################################################
+##                  Configuration Settings for GitLab EE only                 ##
+################################################################################
+################################################################################
+
+
+################################################################################
+## Auxiliary cron jobs applicable to GitLab EE only
+################################################################################
+#
+# gitlab_rails['geo_bulk_notify_worker_cron'] = "*/10 * * * * *"
+# gitlab_rails['geo_file_download_dispatch_worker_cron'] = "*/10 * * * *"
+# gitlab_rails['geo_repository_sync_worker_cron'] = "*/5 * * * *"
+# gitlab_rails['ldap_sync_worker_cron'] = "30 1 * * *"
+# gitlab_rails['ldap_group_sync_worker_cron'] = "0 * * * *"
+# gitlab_rails['historical_data_worker_cron'] = "0 12 * * *"
+
+################################################################################
+## Kerberos (EE Only)
+##! Docs: https://docs.gitlab.com/ee/integration/kerberos.html#http-git-access
+################################################################################
+
+# gitlab_rails['kerberos_enabled'] = true
+# gitlab_rails['kerberos_keytab'] = /etc/http.keytab
+# gitlab_rails['kerberos_service_principal_name'] = HTTP/gitlab.example.com@EXAMPLE.COM
+# gitlab_rails['kerberos_use_dedicated_port'] = true
+# gitlab_rails['kerberos_port'] = 8443
+# gitlab_rails['kerberos_https'] = true
+
+################################################################################
+## GitLab Sentinel (EE Only)
+##! Docs: http://docs.gitlab.com/ce/administration/high_availability/redis.html#high-availability-with-sentinel
+################################################################################
+
+##! **Make sure you configured all redis['master_*'] keys above before
+##!   continuing.**
+
+##! To enable Sentinel and disable all other services in this machine,
+##! uncomment the line below (if you've enabled Redis role, it will keep it).
+##! Docs: https://docs.gitlab.com/ce/administration/high_availability/redis.html
+# redis_sentinel_role['enable'] = true
+
+# sentinel['enable'] = true
+
+##! Bind to all interfaces, uncomment to specify an IP and bind to a single one
+# sentinel['bind'] = '0.0.0.0'
+
+##! Uncomment to change default port
+# sentinel['port'] = 26379
+
+##! Quorum must reflect the amount of voting sentinels it take to start a
+##! failover.
+##! **Value must NOT be greater then the amount of sentinels.**
+##! The quorum can be used to tune Sentinel in two ways:
+##! 1. If a the quorum is set to a value smaller than the majority of Sentinels
+##!    we deploy, we are basically making Sentinel more sensible to master
+##!    failures, triggering a failover as soon as even just a minority of
+##!    Sentinels is no longer able to talk with the master.
+##! 2. If a quorum is set to a value greater than the majority of Sentinels, we
+##!    are making Sentinel able to failover only when there are a very large
+##!    number (larger than majority) of well connected Sentinels which agree
+##!    about the master being down.
+# sentinel['quorum'] = 1
+
+### Consider unresponsive server down after x amount of ms.
+# sentinel['down_after_milliseconds'] = 10000
+
+### Specifies the failover timeout in milliseconds.
+##! It is used in many ways:
+##!
+##! - The time needed to re-start a failover after a previous failover was
+##!   already tried against the same master by a given Sentinel, is two
+##!   times the failover timeout.
+##!
+##! - The time needed for a slave replicating to a wrong master according
+##!   to a Sentinel current configuration, to be forced to replicate
+##!   with the right master, is exactly the failover timeout (counting since
+##!   the moment a Sentinel detected the misconfiguration).
+##!
+##! - The time needed to cancel a failover that is already in progress but
+##!   did not produced any configuration change (SLAVEOF NO ONE yet not
+##!   acknowledged by the promoted slave).
+##!
+##! - The maximum time a failover in progress waits for all the slaves to be
+##!   reconfigured as slaves of the new master. However even after this time
+##!   the slaves will be reconfigured by the Sentinels anyway, but not with
+##!   the exact parallel-syncs progression as specified.
+# sentinel['failover_timeout'] = 60000
+
+################################################################################
+## GitLab Sidekiq Cluster (EE only)
+################################################################################
+
+##! GitLab Enterprise Edition allows one to start an extra set of Sidekiq processes
+##! besides the default one. These processes can be used to consume a dedicated set
+##! of queues. This can be used to ensure certain queues always have dedicated
+##! workers, no matter the amount of jobs that need to be processed.
+
+# sidekiq_cluster['enable'] = false
+# sidekiq_cluster['ha'] = false
+# sidekiq_cluster['log_directory'] = "/var/log/gitlab/sidekiq-cluster"
+# sidekiq_cluster['interval'] = 5 # The number of seconds to wait between worker checks
+
+##! Each entry in the queue_groups array denotes a group of queues that have to be processed by a
+##! Sidekiq process. Multiple queues can be processed by the same process by
+##! separating them with a comma within the group entry
+
+# sidekiq_cluster['queue_groups'] = [
+#   "process_commit,post_receive",
+#   "gitlab_shell"
+# ]
+#
+
+##! If negate is enabled then sidekiq-cluster will process all the queues that
+##! don't match those in queue_groups.
+
+# sidekiq_cluster['negate'] = false
+
+################################################################################
+## Additional Database Settings (EE only)
+##! Docs: https://docs.gitlab.com/ee/administration/database_load_balancing.html
+################################################################################
+# gitlab_rails['db_load_balancing'] = { 'hosts' => ['secondary1.example.com'] }
+
+################################################################################
+## GitLab Geo
+##! Docs: https://docs.gitlab.com/ee/gitlab-geo
+################################################################################
+# geo_primary_role['enable'] = false
+# geo_secondary_role['enable'] = false
+
+################################################################################
+## GitLab Geo Secondary (EE only)
+################################################################################
+# geo_secondary['auto_migrate'] = true
+# geo_secondary['db_adapter'] = "postgresql"
+# geo_secondary['db_encoding'] = "unicode"
+# geo_secondary['db_collation'] = nil
+# geo_secondary['db_database'] = "gitlabhq_geo_production"
+# geo_secondary['db_pool'] = 10
+# geo_secondary['db_username'] = "gitlab_geo"
+# geo_secondary['db_password'] = nil
+# geo_secondary['db_host'] = "/var/opt/gitlab/geo-postgresql"
+# geo_secondary['db_port'] = 5431
+# geo_secondary['db_socket'] = nil
+# geo_secondary['db_sslmode'] = nil
+# geo_secondary['db_sslrootcert'] = nil
+# geo_secondary['db_sslca'] = nil
+
+################################################################################
+## GitLab Geo Secondary Tracking Database (EE only)
+################################################################################
+
+# geo_postgresql['enable'] = false
+# geo_postgresql['ha'] = false
+# geo_postgresql['dir'] = '/var/opt/gitlab/geo-postgresql'
+# geo_postgresql['data_dir'] = '/var/opt/gitlab/geo-postgresql/data'
+
+################################################################################
+# Pgbouncer (EE only)
+# See [GitLab PgBouncer documentation](http://docs.gitlab.com/omnibus/settings/database.html#enabling-pgbouncer-ee-only)
+# See the [PgBouncer page](https://pgbouncer.github.io/config.html) for details
+################################################################################
+# pgbouncer['enable'] = false
+# pgbouncer['log_directory'] = '/var/log/gitlab/pgbouncer'
+# pgbouncer['data_directory'] = '/var/opt/gitlab/pgbouncer'
+# pgbouncer['listen_addr'] = '0.0.0.0'
+# pgbouncer['listen_port'] = '6432'
+# pgbouncer['pool_mode'] = 'session'
+# pgbouncer['server_reset_query'] = 'DISCARD ALL'
+# pgbouncer['max_client_conn'] = '100'
+# pgbouncer['default_pool_size'] = '20'
+# pgbouncer['min_pool_size'] = '0'
+# pgbouncer['reserve_pool_size'] = '0'
+# pgbouncer['reserve_pool_timeout'] = '5.0'
+# pgbouncer['server_round_robin'] = '0'
+# pgbouncer['log_connections'] = '0'
+# pgbouncer['server_idle_timeout'] = '600.0'
+# pgbouncer['dns_max_ttl'] = '15.0'
+# pgbouncer['dns_zone_check_period'] = '0'
+# pgbouncer['dns_nxdomain_ttl'] = '15.0'
+# pgbouncer['admin_users'] = %w(gitlab-psql postgres pgbouncer)
+# pgbouncer['stats_users'] = %w(gitlab-psql postgres pgbouncer)
+# pgbouncer['ignore_startup_parameters'] = 'extra_float_digits'
+# pgbouncer['databases'] = {
+#   DATABASE_NAME: {
+#     host: HOSTNAME,
+#     port: PORT
+#     user: USERNAME,
+#     password: PASSWORD
+###! generate this with `echo -n '$password + $username' | md5sum`
+#   }
+#   ...
+# }
+# pgbouncer['logfile'] = nil
+# pgbouncer['auth_type'] = 'md5'
+# pgbouncer['auth_hba_file'] = nil
+# pgbouncer['auth_query'] = 'SELECT username, password FROM public.pg_shadow_lookup($1)'
+# pgbouncer['users'] = [
+#   {
+#     name: USERNAME,
+#     password: MD5_PASSWORD_HASH
+#   }
+# ]
+# postgresql['pgbouncer_user'] = nil
+# postgresql['pgbouncer_user_password'] = nil
+#
+
+################################################################################
+# Repmgr (EE only)
+################################################################################
+# repmgr['enable'] = false
+# repmgr['cluster'] = 'gitlab_cluster'
+# repmgr['database'] = 'gitlab_repmgr'
+# repmgr['host'] = nil
+# repmgr['node_number'] = nil
+# repmgr['port'] = 5432
+# repmgr['trust_auth_cidr_addresses'] = []
+# repmgr['user'] = 'gitlab_repmgr'
+# repmgr['failover'] = 'automatic'
+# repmgr['log_directory'] = '/var/log/gitlab/repmgrd'
+# repmgr['node_name'] = nil
+# repmgr['pg_bindir'] = '/opt/gitlab/embedded/bin'
+# repmgr['service_start_command'] = '/opt/gitlab/bin/gitlab-ctl start postgresql'
+# repmgr['service_stop_command'] = '/opt/gitlab/bin/gitlab-ctl stop postgresql'
+# repmgr['service_reload_command'] = '/opt/gitlab/bin/gitlab-ctl hup postgresql'
+# repmgr['service_restart_command'] = '/opt/gitlab/bin/gitlab-ctl restart postgresql'
+# repmgr['service_promote_command'] = nil
+# repmgr['promote_command'] = '/opt/gitlab/embedded/bin/repmgr standby promote -f /var/opt/gitlab/postgresql/repmgr.conf'
+# repmgr['follow_command'] = '/opt/gitlab/embedded/bin/repmgr standby follow -f /var/opt/gitlab/postgresql/repmgr.conf'
+
+# repmgr['upstream_node'] = nil
+# repmgr['use_replication_slots'] = false
+# repmgr['loglevel'] = 'INFO'
+# repmgr['logfacility'] = 'STDERR'
+# repmgr['logfile'] = nil
+
+# repmgr['event_notification_command'] = nil
+# repmgr['event_notifications'] = nil
+
+# repmgr['rsync_options'] = nil
+# repmgr['ssh_options'] = nil
+# repmgr['priority'] = nil
+
+# repmgr['retry_promote_interval_secs'] = 300
+# repmgr['witness_repl_nodes_sync_interval_secs'] = 15
+# repmgr['reconnect_attempts'] = 6
+# repmgr['reconnect_interval'] = 10
+# repmgr['monitor_interval_secs'] = 2
+# repmgr['master_response_timeout'] = 60
+# repmgr['daemon'] = true
+# repmgrd['enable'] = true
+
+################################################################################
+# Consul (EEP only)
+################################################################################
+# consul['enable'] = false
+# consul['dir'] = '/var/opt/gitlab/consul'
+# consul['user'] = 'gitlab-consul'
+# consul['config_file'] = '/var/opt/gitlab/consul/config.json'
+# consul['config_dir'] = '/var/opt/gitlab/consul/config.d'
+# consul['data_dir'] = '/var/opt/gitlab/consul/data'
+# consul['log_directory'] = '/var/log/gitlab/consul'
+# consul['script_directory'] = '/var/opt/gitlab/consul/scripts'
+# consul['configuration'] = {
+#   'client_addr' => nil,
+#   'datacenter' => 'gitlab_consul',
+#   'enable_script_checks' => true,
+#   'server' => false
+# }
+# consul['services'] = []
+# consul['service_config'] = {
+#   'postgresql' => {
+#     'service' => {
+#       'name' => "postgresql",
+#       'address' => '',
+#       'port' => 5432,
+#       'checks' => [
+#         {
+#           'script' => "/var/opt/gitlab/consul/scripts/check_postgresql",
+#           'interval' => "10s"
+#         }
+#       ]
+#     }
+#   }
+# }
+# consul['watchers'] = {
+#   'postgresql' => {
+#     enable: false,
+#     handler: 'failover_pgbouncer'
+#   }
+# }