gitlab配置备忘
版本
gitlab 14.6.2
gitlab备份上传到阿里云oss
### Backup Settings
###! Docs: https://docs.gitlab.com/omnibus/settings/backups.html
# gitlab_rails['manage_backup_path'] = true
# gitlab_rails['backup_path'] = "/var/opt/gitlab/backups"
###! Docs: https://docs.gitlab.com/ee/raketasks/backup_restore.html#backup-archive-permissions
# gitlab_rails['backup_archive_permissions'] = 0644
# gitlab_rails['backup_pg_schema'] = 'public'
###! The duration in seconds to keep backups before they are allowed to be deleted
# gitlab_rails['backup_keep_time'] = 604800
gitlab_rails['backup_keep_time'] = 1209600
# gitlab_rails['backup_upload_connection'] = {
# 'provider' => 'AWS',
# 'region' => 'eu-west-1',
# 'aws_access_key_id' => 'AKIAKIAKI',
# 'aws_secret_access_key' => 'secret123'
# }
# gitlab_rails['backup_upload_remote_directory'] = 'my.s3.bucket'
# gitlab_rails['backup_multipart_chunk_size'] = 104857600
gitlab_rails['backup_upload_connection'] = {
'provider' => 'aliyun',
'aliyun_accesskey_id' => 'xxxxx',
'aliyun_accesskey_secret' => 'xxxxx',
'aliyun_oss_endpoint' => 'http://oss-cn-shenzhen-internal.aliyuncs.com',
'aliyun_oss_bucket' => 'xxxxbackup',
'aliyun_oss_location' => 'shenzhen'
}
gitlab_rails['backup_upload_remote_directory'] = 'gitlab'
###! **Turns on AWS Server-Side Encryption with Amazon S3-Managed Keys for
###! backups**
# gitlab_rails['backup_encryption'] = 'AES256'
###! The encryption key to use with AWS Server-Side Encryption.
###! Setting this value will enable Server-Side Encryption with customer provided keys;
###! otherwise S3-managed keys are used.
# gitlab_rails['backup_encryption_key'] = '<base64-encoded encryption key>'
###! **Specifies Amazon S3 storage class to use for backups. Valid values
###! include 'STANDARD', 'STANDARD_IA', and 'REDUCED_REDUNDANCY'**
# gitlab_rails['backup_storage_class'] = 'STANDARD'
###! Skip parts of the backup. Comma separated.
###! Docs: https://docs.gitlab.com/ee/raketasks/backup_restore.html#excluding-specific-directories-from-the-backup
#gitlab_rails['env'] = {
# "SKIP" => "db,uploads,repositories,builds,artifacts,lfs,registry,pages"
#}
gitlab自动备份
[root@gitlab backups]# crontab -l
0 2 * * * /usr/bin/gitlab-rake gitlab:backup:create
gitlab集成openladp
gitlab_rails['ldap_enabled'] = true
gitlab_rails['prevent_ldap_sign_in'] = false
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'mxLDAP' # 显示在登录页面上的名称
host: '172.16.123.223' # LDAP服务地址
port: 389 # LDAP服务端口,如果LDAP基于SSL在端口通常为636
uid: 'sAMAccountName' # LDAP中用户名对应的属性,通常为'sAMAccountName'
bind_dn: 'admin@xxx.com'
password: 'xxxxx' # 同步用户信息的账户密码
encryption: 'plain' # 'start_tls' or 'simple_tls' or 'plain'
verify_certificates: false # 如果使用SSL,则设为true
active_directory: false # 如果是 Active Directory LDAP server 则设为true
allow_username_or_email_login: true # 是否允许email登录
lowercase_usernames: false # 是否将用户名转为小写
block_auto_created_users: false # 是否自动创建用户
base: 'ou=people,dc=xxxxx,dc=com' # 搜索LDAP用户是的BaseDN
user_filter: ''
EOS
gitlab重新加载配置
gitlab-ctl reconfigure