ansible-inventories/paragon#2061 Prepare for GitLab 11.0

templates/gitlab.rb

@@ -583,64 +583,23 @@ nginx['enable'] = false
 # GitLab Mattermost #
 #####################
 # see https://github.com/gitlabhq/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template
-
 mattermost_external_url 'https://{{ mattermost_domain }}'
-
 mattermost['enable'] = true
 # mattermost['username'] = 'mattermost'
 # mattermost['group'] = 'mattermost'
+mattermost['uid'] = 995
+mattermost['gid'] = 995
 # mattermost['home'] = '/var/opt/gitlab/mattermost'
 # mattermost['database_name'] = 'mattermost_production'
-
 mattermost['service_use_ssl'] = false
 # mattermost['service_address'] = "127.0.0.1"
 # mattermost['service_port'] = "8065"
-
-# mattermost['service_maximum_login_attempts'] = 10
-# mattermost['service_segment_developer_key'] = nil
-# mattermost['service_google_developer_key'] = nil
-mattermost['service_enable_incoming_webhooks'] = true
-mattermost['service_enable_post_username_override'] = true
-mattermost['service_enable_post_icon_override'] = true
-mattermost['service_enable_testing'] = false
-mattermost['service_enable_security_fix_alert'] = true
-mattermost['service_enable_insecure_outgoing_connections'] = false
-# mattermost['service_allow_cors_from'] = ""
-mattermost['service_enable_outgoing_webhooks'] = true
-mattermost['service_enable_commands'] = true
-mattermost['service_enable_only_admin_integrations'] = true
-mattermost['service_enable_oauth_service_provider'] = false
-mattermost['service_enable_developer'] = false
-# mattermost['service_session_length_web_in_days'] = 30
-# mattermost['service_session_length_mobile_in_days'] = 30
-# mattermost['service_session_length_sso_in_days'] = 30
-# mattermost['service_session_cache_in_minutes'] = 10
-
+mattermost['service_site_url']
 # mattermost['team_site_name'] = "GitLab Mattermost"
-# mattermost['team_max_users_per_team'] = 150
-# mattermost['team_enable_team_creation'] = true
-# mattermost['team_enable_user_creation'] = true
-# mattermost['team_allow_public_link'] = true
-# mattermost['team_allow_valet_default'] = false
-# mattermost['team_default_color'] = '#2389D7'
-# mattermost['team_restrict_creation_to_domains'] = "gmail.com"
-# mattermost['team_restrict_team_names'] = true
-# mattermost['team_enable_team_listing'] = false
-
 # mattermost['sql_driver_name'] = 'mysql'
 # mattermost['sql_data_source'] = "mmuser:mostest@tcp(dockerhost:3306)/mattermost_test?charset=utf8mb4,utf8"
-# mattermost['sql_data_source_replicas'] = ["mmuser:mostest@tcp(dockerhost:3306)/mattermost_test?charset=utf8mb4,utf8"]
-# mattermost['sql_max_idle_conns'] = 10
-# mattermost['sql_max_open_conns'] = 10
-# mattermost['sql_trace'] = false
-
 # mattermost['log_file_directory'] = '/var/log/gitlab/mattermost'
-# mattermost['log_console_enable'] = true
-# mattermost['log_console_level'] = 'INFO'
-# mattermost['log_enable_file'] = false
-# mattermost['log_file_level'] = 'INFO'
-# mattermost['log_file_format'] = nil
-
+# mattermost['file_directory'] = "/var/opt/gitlab/mattermost/data"
 mattermost['gitlab_enable'] = true
 # mattermost['gitlab_secret'] = "123456789"
 # mattermost['gitlab_id'] = "12345656"
@@ -648,95 +607,34 @@ mattermost['gitlab_enable'] = true
 # mattermost['gitlab_auth_endpoint'] = "http://gitlab.example.com/oauth/authorize"
 # mattermost['gitlab_token_endpoint'] = "http://gitlab.example.com/oauth/token"
 # mattermost['gitlab_user_api_endpoint'] = "http://gitlab.example.com/api/v3/user"
-
-# mattermost['aws'] = {'S3AccessKeyId' => '123', 'S3SecretAccessKey' => '123', 'S3Bucket' => 'aa', 'S3Region' => 'bb'}
-
-mattermost['email_enable_sign_up_with_email'] = true
-mattermost['email_enable_sign_in_with_email'] = true
-mattermost['email_enable_sign_in_with_username'] = true
-mattermost['email_send_email_notifications'] = true
-mattermost['email_require_email_verification'] = false
-mattermost['email_smtp_username'] = "{{ gitlab_rails.smtp.user_name }}"
-mattermost['email_smtp_password'] = "{{ gitlab_rails.smtp.password }}"
-mattermost['email_smtp_server'] = "{{ gitlab_rails.smtp.address }}"
-mattermost['email_smtp_port'] = "{{ gitlab_rails.smtp.port }}"
-mattermost['email_connection_security'] = 'TLS'
-mattermost['email_feedback_name'] = "GitLab Mattermost"
-mattermost['email_feedback_email'] = "{{ gitlab_email_from }}"
-#mattermost['email_send_push_notifications'] = true
-#mattermost['email_push_notification_server'] = ""
-
-# mattermost['file_driver_name'] = "local"
-# mattermost['file_directory'] = "/var/opt/gitlab/mattermost/data"
-# mattermost['file_enable_public_link'] = true
-# mattermost['file_thumbnail_width'] = 120
-# mattermost['file_thumbnail_height'] = 100
-# mattermost['file_preview_width'] = 1024
-# mattermost['file_preview_height'] = 0
-# mattermost['file_profile_width'] = 128
-# mattermost['file_profile_height'] = 128
-# mattermost['file_initial_font'] = 'luximbi.ttf'
-# mattermost['file_amazon_s3_access_key_id'] = nil
-# mattermost['file_amazon_s3_bucket'] = nil
-# mattermost['file_amazon_s3_secret_access_key'] = nil
-# mattermost['file_amazon_s3_bucket'] = nil
-# mattermost["file_amazon_s3_endpoint"] = nil
-# mattermost["file_amazon_s3_bucket_endpoint"] = nil
-# mattermost["file_amazon_s3_location_constraint"] = false
-# mattermost["file_amazon_s3_lowercase_bucket"] = false
-
-# mattermost['ratelimit_enable_rate_limiter'] = true
-# mattermost['ratelimit_per_sec'] = 10
-# mattermost['ratelimit_memory_store_size'] = 10000
-# mattermost['ratelimit_vary_by_remote_addr'] = true
-# mattermost['ratelimit_vary_by_header'] = nil
-
-# mattermost['support_terms_of_service_link'] = "/static/help/terms.html"
-# mattermost['support_privacy_policy_link'] = "/static/help/privacy.html"
-# mattermost['support_about_link'] = "/static/help/about.html"
-# mattermost['support_report_a_problem_link'] =  "/static/help/report_problem.html"
-mattermost['support_email'] =  "{{ gitlab_email_from }}"
-
-mattermost['privacy_show_email_address'] = true
-mattermost['privacy_show_full_name'] = true
-
-####################
-# Mattermost NGINX #
-####################
-
-mattermost_nginx['enable'] = false
-# mattermost_nginx['client_max_body_size'] = '250m'
-# mattermost_nginx['redirect_http_to_https'] = false
-# mattermost_nginx['redirect_http_to_https_port'] = 80
-# mattermost_nginx['ssl_certificate'] = "/etc/gitlab/ssl/#{node['fqdn']}.crt"
-# mattermost_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/#{node['fqdn']}.key"
-# mattermost_nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
-# mattermost_nginx['ssl_prefer_server_ciphers'] = "on"
-# mattermost_nginx['ssl_protocols'] = "TLSv1 TLSv1.1 TLSv1.2" # recommended by https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & https://cipherli.st/
-# mattermost_nginx['ssl_session_cache'] = "builtin:1000  shared:SSL:10m" # recommended in http://nginx.org/en/docs/http/ngx_http_ssl_module.html
-# mattermost_nginx['ssl_session_timeout'] = "5m" # default according to http://nginx.org/en/docs/http/ngx_http_ssl_module.html
-# mattermost_nginx['ssl_dhparam'] = nil # Path to ci_dhparams.pem, eg. /etc/gitlab/ssl/ci_dhparams.pem
-# mattermost_nginx['listen_addresses'] = ['*']
-# mattermost_nginx['listen_port'] = nil # override only if you use a reverse proxy: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/nginx.md#setting-the-nginx-listen-port
-# mattermost_nginx['listen_https'] = nil # override only if your reverse proxy internally communicates over HTTP: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/nginx.md#supporting-proxied-ssl
-# mattermost_nginx['custom_gitlab_mattermost_server_config'] = "location ^~ /foo-namespace/bar-project/raw/ {\n deny all;\n}\n"
-# mattermost_nginx['custom_nginx_config'] = "include /etc/nginx/conf.d/example.conf;"
-
-## Advanced settings
-# mattermost_nginx['dir'] = "/var/opt/gitlab/nginx"
-# mattermost_nginx['log_directory'] = "/var/log/gitlab/nginx"
-# mattermost_nginx['worker_processes'] = 4
-# mattermost_nginx['worker_connections'] = 10240
-# mattermost_nginx['sendfile'] = 'on'
-# mattermost_nginx['tcp_nopush'] = 'on'
-# mattermost_nginx['tcp_nodelay'] = 'on'
-# mattermost_nginx['gzip'] = "on"
-# mattermost_nginx['gzip_http_version'] = "1.0"
-# mattermost_nginx['gzip_comp_level'] = "2"
-# mattermost_nginx['gzip_proxied'] = "any"
-# mattermost_nginx['gzip_types'] = [ "text/plain", "text/css", "application/x-javascript", "text/xml", "application/xml", "application/xml+rss", "text/javascript", "application/json" ]
-# mattermost_nginx['keepalive_timeout'] = 65
-# mattermost_nginx['cache_max_size'] = '5000m'
+mattermost['env'] = {
+  'MM_SERVICESETTINGS_ENABLEINCOMINGWEBHOOKS' => 'true',
+  'MM_SERVICESETTINGS_ENABLEPOSTUSERNAMEOVERRIDE' => 'true',
+  'MM_SERVICESETTINGS_ENABLEPOSTICONOVERRIDE' => 'true',
+  'MM_SERVICESETTINGS_ENABLETESTING' => 'false',
+  'MM_SERVICESETTINGS_ENABLESECURITYFIXALERT' => 'true',
+  'MM_SERVICESETTINGS_ENABLEINSECUREOUTGOINGCONNECTIONS' => 'false',
+  'MM_SERVICESETTINGS_ENABLEOUTGOINGWEBHOOKS' => 'true',
+  'MM_SERVICESETTINGS_ENABLECOMMANDS' => 'true',
+  'MM_SERVICESETTINGS_ENABLEONLYADMININTEGRATIONS' => 'true',
+  'MM_SERVICESETTINGS_ENABLEOAUTHSERVICEPROVIDER' => 'false',
+  'MM_SERVICESETTINGS_ENABLEDEVELOPER' => 'false',
+  'MM_EMAILSETTINGS_ENABLESIGNUPWITHEMAIL' => 'true',
+  'MM_EMAILSETTINGS_ENABLESIGNINWITHEMAIL' => 'true',
+  'MM_EMAILSETTINGS_ENABLESIGNINWITHUSERNAME' => 'true',
+  'MM_EMAILSETTINGS_SENDEMAILNOTIFICATIONS' => 'true',
+  'MM_EMAILSETTINGS_REQUIREEMAILVERIFICATION' => 'false',
+  'MM_EMAILSETTINGS_SMTPUSERNAME' => "{{ gitlab_rails.smtp.user_name }}",
+  'MM_EMAILSETTINGS_SMTPPASSWORD' => "{{ gitlab_rails.smtp.password }}",
+  'MM_EMAILSETTINGS_SMTPSERVER' => "{{ gitlab_rails.smtp.address }}",
+  'MM_EMAILSETTINGS_SMTPPORT' => "{{ gitlab_rails.smtp.port }}",
+  'MM_EMAILSETTINGS_CONNECTIONSECURITY' => 'TLS',
+  'MM_EMAILSETTINGS_FEEDBACKNAME' => "GitLab Mattermost",
+  'MM_EMAILSETTINGS_FEEDBACKEMAIL' => "{{ gitlab_email_from }}",
+  'MM_SUPPORTSETTINGS_SUPPORTEMAIL' => "{{ gitlab_email_from }}",
+  'MM_PRIVACYSETTINGS_SHOWEMAILADDRESS' => 'true',
+  'MM_PRIVACYSETTINGS_SHOWFULLNAME' => 'true'
+}
 
 ####################
 # Incoming email   #