Puppet Class: gitlab::host_config

Defined in:
manifests/host_config.pp

Summary

This class is for setting host configurations required for gitlab installation.

Overview

Parameters:

  • config_dir (Any) (defaults to: '/etc/gitlab')

    The service executable path. Provide this variable value only if the service executable path would be a subject of change in future GitLab versions for any reason.

  • skip_auto_migrations (Any) (defaults to: $gitlab::skip_auto_migrations)

    Deprecated if using Gitlab > 10.6.4 and < 11.0.0, unsupported by gitlab omnibus using gitlab 11+. Use skip_auto_reconfigure

  • skip_auto_reconfigure (Any) (defaults to: $gitlab::skip_auto_reconfigure)

    Utilized for Zero Downtime Updates, See: docs.gitlab.com/omnibus/update/README.html#zero-downtime-updates

  • store_git_keys_in_db (Any) (defaults to: $gitlab::store_git_keys_in_db)

    Enable or disable Fast Lookup of authorized SSH keys in the database. See: docs.gitlab.com/ee/administration/operations/fast_ssh_key_lookup.html

  • pgpass_file_ensure (Any) (defaults to: $gitlab::pgpass_file_ensure)

    Create .pgpass file for pgbouncer authentication. When set to present requires valid value for pgbouncer_password.

  • pgpass_file_location (Any) (defaults to: $gitlab::pgpass_file_location)

    Path to location of .pgpass file used by consul to authenticate with pgbouncer database

  • pgbouncer_password (Any) (defaults to: $gitlab::pgbouncer_password)

    Password for the gitlab-consul database user in the pgbouncer database



10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
 
# File 'manifests/host_config.pp', line 10

class gitlab::host_config (
  $config_dir = '/etc/gitlab',
  $skip_auto_migrations = $gitlab::skip_auto_migrations,
  $skip_auto_reconfigure = $gitlab::skip_auto_reconfigure,
  $store_git_keys_in_db = $gitlab::store_git_keys_in_db,
  $pgpass_file_ensure = $gitlab::pgpass_file_ensure,
  $pgpass_file_location = $gitlab::pgpass_file_location,
  $pgbouncer_password = $gitlab::pgbouncer_password,
) {
  file { $config_dir:
    ensure => 'directory',
    owner  => 'root',
    group  => 'root',
    mode   => '0775',
  }

  # Deprecation notice:
  # skip_auto_migrations is deprecated and will be removed at some point after
  # GitLab 11.0 is released
  $skip_auto_migrations_deprecation_msg = "DEPRECTATION: 'skip_auto_migrations' is deprecated if using GitLab 10.6 or greater. Set skip_auto_reconfigure instead"
  $skip_auto_reconfigure_attributes = {
    owner => 'root',
    group => 'root',
    mode  => '0644',
  }

  if $skip_auto_migrations != undef {
    notify { $skip_auto_migrations_deprecation_msg: }

    $_skip_auto_migrations_ensure = $skip_auto_migrations ? {
      true    => 'present',
      default => 'absent',
    }

    file { '/etc/gitlab/skip-auto-migrations':
      ensure => $_skip_auto_migrations_ensure,
      *      => $skip_auto_reconfigure_attributes,
    }
  }

  file { '/etc/gitlab/skip-auto-reconfigure':
    ensure => $skip_auto_reconfigure,
    *      => $skip_auto_reconfigure_attributes,
  }

  if $store_git_keys_in_db != undef {
    $_store_git_keys_in_db = $store_git_keys_in_db ? {
      true    => 'file',
      default => 'absent',
    }

    $opt_gitlab_shell_dir = $store_git_keys_in_db ? {
      true    => 'directory',
      default => 'absent'
    }

    file { '/opt/gitlab-shell':
      ensure => $opt_gitlab_shell_dir,
      owner  => 'root',
      group  => 'git',
    }

    file { '/opt/gitlab-shell/authorized_keys':
      ensure => $_store_git_keys_in_db,
      owner  => 'root',
      group  => 'git',
      mode   => '0650',
      source => 'puppet:///modules/gitlab/gitlab_shell_authorized_keys',
    }
  }

  if ($pgpass_file_ensure == 'present' and $pgbouncer_password == undef) {
    fail('A password must be provided to pgbouncer_password if pgpass_file_attrs[ensure] is \'present\'')
  } elsif ($pgpass_file_ensure == 'absent') {
    file { $pgpass_file_location:
      ensure => 'absent',
    }
  } else {
    # owner,group params for pgpass_file should NOT be changed, as they are hardcoded into gitlab HA db schema for pgbouncer database template
    file { $pgpass_file_location:
      ensure  => $pgpass_file_ensure,
      owner   => 'gitlab-consul',
      group   => 'gitlab-consul',
      content => epp('gitlab/.pgpass.epp', {
          'pgbouncer_password' => $pgbouncer_password,
      }),
    }
  }

  include gitlab::backup
}