debian-mirror-gitlab/debian/gitlab.templates

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

67 lines
2.5 KiB
Text
Raw Normal View History

2016-01-16 15:43:30 +05:30
Template: gitlab/fqdn
Type: string
Default: localhost
_Description: Fully qualified domain name for this instance of Gitlab:
Please choose the domain name which should be used to access this
instance of Gitlab.
.
This should be the fully qualified name as seen from the Internet, with
the domain name that will be used to access the Gitlab instance, without any
protocol specifiers like https://.
2016-01-16 15:43:30 +05:30
.
If a reverse proxy is used, give the hostname that the proxy server
responds to.
.
Example: git.example.com
2015-10-24 13:00:34 +05:30
Template: gitlab/ssl
Type: boolean
Default: false
2015-10-24 13:00:34 +05:30
_Description: Enable https?
2016-12-31 13:21:12 +05:30
Enabling https means that an SSL/TLS certificate is required to access this
Gitlab instance (as Nginx will be configured to respond only to https
requests). A self-signed certificate is enough for local testing (and can be
generated using, for instance, the package easy-rsa), but it is not
recommended for a production instance.
2015-10-24 13:00:34 +05:30
.
Some certificate authorities like Let's Encrypt (letsencrypt.org), CAcert
2016-12-31 13:21:12 +05:30
(cacert.org) offer free SSL/TLS certificates.
2016-07-20 20:55:29 +05:30
Note: CAcert issued certificates are not trusted by all browsers, it requires
installing CAcert's root certificate in such cases.
2015-10-24 13:00:34 +05:30
.
2016-02-12 17:39:53 +05:30
Nginx must be reloaded after the certificate and key files are made available
at /etc/gitlab/ssl. letsencrypt package may be used to automate interaction
2016-07-17 23:50:43 +05:30
with Let's Encrypt to obtain a certificate.
2016-02-05 23:51:05 +05:30
Template: gitlab/letsencrypt
Type: boolean
Default: false
2016-02-05 23:51:05 +05:30
_Description: Use Let's Encrypt?
2016-02-07 14:40:33 +05:30
Symbolic links to certificate and key created using letsencrypt package
(/etc/letencrypt/live) will be added to /etc/gitlab/ssl if this option is
selected.
2016-02-05 23:51:05 +05:30
.
Otherwise, certificate and key files have to be placed manually to
2016-02-07 14:40:33 +05:30
/etc/gitlab/ssl directory as 'gitlab.crt' and 'gitlab.key'.
2016-02-05 23:51:05 +05:30
.
Nginx will be stopped, if this option is selected, to allow letsencrypt to use
ports 80 and 443 during domain ownership validation and certificate retrieval
step.
2016-02-11 01:38:57 +05:30
.
2016-02-13 20:12:37 +05:30
Note: letsencrypt does not have a usable nginx plugin currently, so
certificates must be renewed manually after 3 months, when current
2017-04-26 20:23:50 +05:30
letsencrypt certificate expire. If you choose yes here, you will also be
agreeing to letsencrypt terms of service.
Template: gitlab/letsencrypt_email
Type: string
_Description: Email address for letsencrypt updates:
Please provide a valid email address for letsencrypt updates.
2017-04-21 13:39:50 +05:30
Template: gitlab/purge_data
Type: boolean
2017-02-16 17:51:09 +05:30
Default: true
_Description: Remove all data?
This will permanently remove all data of this Gitlab instance such as database,
2017-02-16 17:51:09 +05:30
repositories, uploaded files, SSH public keys etc.