In a GitLab configuration file (gitlab.rc
) an additional config file can be referenced:
from_file "/home/admin/external_gitlab.rb"
The documentation states the following:
Any configuration that is set in /etc/gitlab/gitlab.rb after from_file is included, takes precedence over the configuration from the included file.
Does this imply that a hash with equal names (e.g. gitlab_rails['env']) is overwritten? Or are only the keys overwritten?
I'd like to make an additional proxy_gitlab.rb
, which is referenced from the gitlab.rb
with some proxy settings:
gitlab_rails['env'] = {
"http_proxy" => "http://USERNAME:PASSWORD@example.com:8080",
"https_proxy" => "http://USERNAME:PASSWORD@example.com:8080"
# "no_proxy" => ".yourdomain.com" # Wildcard syntax if you need your internal domain to bypass proxy
}
However, if a gitlab_rails['env']
is defined in the main gitlab.rb
, these settings will not be in the final config if the hash from the main gitlab.rb
overwrites the hash from the proxy_gitlab.rb
. If however the two hashes are combined this solution would work.
The hashes are not merged: the latest loaded hash takes precedence.
I've tried the following:
gitlab.rb
:
gitlab_rails['ldap_servers'] = {
'main' => {
'label' => 'LDAP',
'host' => 'ldap.mydomain.com',
'port' => 636,
'uid' => 'sAMAccountName',
'encryption' => 'simple_tls',
'base' => 'dc=example,dc=com',
}
}
from_file '/etc/gitlab/gitlab-secret.rb'
gitlab-secret.rb
:
gitlab_rails['ldap_servers'] = {
'main' => {
'password' => 'secret',
}
}
When checking the config with gitlab-ctl show-config
, the following result was shown:
gitlab_rails['ldap_servers'] = {
'main' => {
'password' => 'secret',
}
}
Note: what I've attempted to do is to separate the config and the secret. This can be done for the LDAP as described in the documentation.