optional:admin_notification_email,type:String,desc:'Deprecated: Use :abuse_notification_email instead. Abuse reports will be sent to this address if it is set. Abuse reports are always available in the admin area.'
optional:abuse_notification_email,type:String,desc:'Abuse reports will be sent to this address if it is set. Abuse reports are always available in the admin area.'
optional:asset_proxy_whitelist,type:Array[String],coerce_with:Validations::Types::CommaSeparatedToArray.coerce,desc:'Deprecated: Use :asset_proxy_allowlist instead. Assets that match these domain(s) will NOT be proxied. Wildcards allowed. Your GitLab installation URL is automatically whitelisted.'
optional:asset_proxy_allowlist,type:Array[String],coerce_with:Validations::Types::CommaSeparatedToArray.coerce,desc:'Assets that match these domain(s) will NOT be proxied. Wildcards allowed. Your GitLab installation URL is automatically allowed.'
optional:default_project_creation,type:Integer,values:::Gitlab::Access.project_creation_values,desc:'Determine if developers can create projects in the group'
optional:default_branch_protection,type:Integer,values:::Gitlab::Access.protection_values,desc:'Determine if developers can push to master'
optional:disabled_oauth_sign_in_sources,type:Array[String],coerce_with:Validations::Types::CommaSeparatedToArray.coerce,desc:'Disable certain OAuth sign-in sources'
optional:domain_denylist_enabled,type:Boolean,desc:'Enable domain denylist for sign ups'
optional:domain_denylist,type:Array[String],coerce_with:Validations::Types::CommaSeparatedToArray.coerce,desc:'Users with e-mail addresses that match these domain(s) will NOT be able to sign-up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com'
optional:domain_allowlist,type:Array[String],coerce_with:Validations::Types::CommaSeparatedToArray.coerce,desc:'ONLY users with e-mail addresses that match these domain(s) will be able to sign-up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com'
optional:email_author_in_body,type:Boolean,desc:'Some email servers do not support overriding the email sender name. Enable this option to include the name of the author of the issue, merge request or comment in the email body instead.'
optional:enabled_git_access_protocol,type:String,values:%w[ssh http nil],desc:'Allow only the selected protocols to be used for Git access.'
requires:housekeeping_bitmaps_enabled,type:Boolean,desc:"Creating pack file bitmaps makes housekeeping take a little longer but bitmaps should accelerate 'git clone' performance."
requires:housekeeping_full_repack_period,type:Integer,desc:"Number of Git pushes after which a full 'git repack' is run."
requires:housekeeping_gc_period,type:Integer,desc:"Number of Git pushes after which 'git gc' is run."
requires:housekeeping_incremental_repack_period,type:Integer,desc:"Number of Git pushes after which an incremental 'git repack' is run."
end
optional:html_emails_enabled,type:Boolean,desc:'By default GitLab sends emails in HTML and plain text formats so mail clients can choose what format to use. Disable this option if you only want to send emails in plain text format.'
optional:metrics_method_call_threshold,type:Integer,desc:'A method call is only tracked when it takes longer to complete than the given amount of milliseconds.'
optional:password_authentication_enabled,type:Boolean,desc:'Flag indicating if password authentication is enabled for the web interface'# support legacy names, can be removed in v5
optional:password_authentication_enabled_for_web,type:Boolean,desc:'Flag indicating if password authentication is enabled for the web interface'
optional:password_authentication_enabled_for_git,type:Boolean,desc:'Flag indicating if password authentication is enabled for Git over HTTP(S)'
optional:performance_bar_allowed_group_id,type:String,desc:'Deprecated: Use :performance_bar_allowed_group_path instead. Path of the group that is allowed to toggle the performance bar.'# support legacy names, can be removed in v6
optional:performance_bar_allowed_group_path,type:String,desc:'Path of the group that is allowed to toggle the performance bar.'
optional:performance_bar_enabled,type:String,desc:'Deprecated: Pass `performance_bar_allowed_group_path: nil` instead. Allow enabling the performance.'# support legacy names, can be removed in v6
optional:push_event_hooks_limit,type:Integer,desc:"Number of changes (branches or tags) in a single push to determine whether webhooks and services will be fired or not. Webhooks and services won't be submitted if it surpasses that value."
optional:push_event_activities_limit,type:Integer,desc:'Number of changes (branches or tags) in a single push to determine whether individual push events or bulk push event will be created. Bulk push event will be created if it surpasses that value.'
optional:repository_checks_enabled,type:Boolean,desc:"GitLab will periodically run 'git fsck' in all project and wiki repositories to look for silent disk corruption issues."
optional:repository_storages_weighted,type:Hash,coerce_with:Validations::Types::HashOfIntegerValues.coerce,desc:'Storage paths for new projects with a weighted value ranging from 0 to 100'
requires:two_factor_grace_period,type:Integer,desc:'Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication'
optional:restricted_visibility_levels,type:Array[String],coerce_with:Validations::Types::CommaSeparatedToArray.coerce,desc:'Selected levels cannot be used by non-admin users for groups, projects or snippets. If the public level is restricted, user profiles are only visible to logged in users.'
optional:sign_in_text,type:String,desc:'The sign in text of the GitLab application'
optional:signin_enabled,type:Boolean,desc:'Flag indicating if password authentication is enabled for the web interface'# support legacy names, can be removed in v5
optional:signup_enabled,type:Boolean,desc:'Flag indicating if sign up is enabled'
optional:allow_local_requests_from_hooks_and_services,type:Boolean,desc:'Deprecated: Use :allow_local_requests_from_web_hooks_and_services instead. Allow requests to the local network from hooks and services.'# support legacy names, can be removed in v5
optional:issues_create_limit,type:Integer,desc:"Maximum number of issue creation requests allowed per minute per user. Set to 0 for unlimited requests per minute."
optional:raw_blob_request_limit,type:Integer,desc:"Maximum number of requests per minute for each raw path. Set to 0 for unlimited requests per minute."
desc:"Restrictions on the complexity of uploaded #{type.upcase} keys. A value of #{ApplicationSetting::FORBIDDEN_KEY_VALUE} disables all #{type.upcase} keys."