Expose Additional Config Options

.gitignore

@@ -9,3 +9,4 @@ spec/fixtures/
 .bundle/
 coverage/
 *.sw*
+log/

manifests/init.pp

@@ -206,6 +206,10 @@
 #   Default project features settings for visibility level. ("private" | "internal" | "public")
 #   default: private
 #
+# [*gitlab_default_can_create_group*]
+#   Default bool for group creation permission.
+#   default: true
+#
 # [*gitlab_email_enabled*]
 #   Set to false if you need to disable email sending from GitLab
 #   default: true
@@ -300,6 +304,36 @@
 #   File that contains the secret key for verifying access for gitlab-shell.
 #   default: '.gitlab_shell_secret' relative to Rails.root (i.e. root of the GitLab app).
 #
+# [*gitlab_default_theme*]
+#   Numeric selector for default theme setting.
+#   default: 2
+#   Choices
+#     BASIC  = 1
+#     MARS   = 2
+#     MODERN = 3
+#     GRAY   = 4
+#     COLOR  = 5
+#
+# [*gitlab_signup_enabled*]
+#   Account passwords are not sent via the email if signup is enabled.
+#   default: false
+#
+# [*gitlab_signin_enabled*]
+#   If set to false, standard login form won't be shown on the sign-in page
+#   default: true
+#
+# [*gitlab_upload_pack*]
+#   Setting for Git over HTTP
+#   default: true
+#
+# [*gitlab_receive_pack*]
+#   Setting for Git over HTTP
+#   default: true
+#
+# [*gitlab_ssh_host*]
+#   Configuration option if ssh host is different from HTTP/HTTPS one
+#   default: undef
+#
 # [*gitlab_auth_file*]
 #   File used as authorized_keys for gitlab user
 #   default: ${git_home}/.ssh/authorized_keys
@@ -386,6 +420,11 @@
 #   LDAP group of users who should be admins in GitLab.
 #   default: nil
 #
+# [*ldap_allow_username_or_email_login*]
+#   If allow_username_or_email_login is enabled, GitLab will ignore everything
+#   after the first '@' in the LDAP username submitted by the user on login.
+#   default: true
+#
 # [*issues_tracker*]
 #   External issues trackers. Provide a hash with all issues_tracker configuration as would
 #   appear in gitlab.yaml. E.g. { redmine => { title => "Redmine", project_url => ... } }
@@ -511,6 +550,7 @@
     $gitlab_default_projects_features_wall = $gitlab::params::gitlab_default_projects_features_wall,
     $gitlab_default_projects_features_snippets = $gitlab::params::gitlab_default_projects_features_snippets,
     $gitlab_default_projects_features_visibility_level = $gitlab::params::gitlab_default_projects_features_visibility_level,
+    $gitlab_default_can_create_group = $gitlab::params::gitlab_default_can_create_group,
     $gitlab_time_zone         = $gitlab::params::gitlab_time_zone,
     $gitlab_email_enabled     = $gitlab::params::gitlab_email_enabled,
     $gitlab_email_reply_to    = "noreply@${gitlab_domain}",
@@ -534,6 +574,12 @@
     $gitlab_manage_rbenv      = $gitlab::params::gitlab_manage_rbenv,
     $gitlab_ruby_version      = $gitlab::params::gitlab_ruby_version,
     $gitlab_secret_file       = $gitlab::params::gitlab_secret_file,
+    $gitlab_default_theme     = $gitlab::params::gitlab_default_theme,
+    $gitlab_signup_enabled    = $gitlab::params::gitlab_signup_enabled,
+    $gitlab_signin_enabled    = $gitlab::params::gitlab_signin_enabled,
+    $gitlab_upload_pack       = $gitlab::params::gitlab_upload_pack,
+    $gitlab_receive_pack      = $gitlab::params::gitlab_receive_pack,
+    $gitlab_ssh_host          = $gitlab::params::gitlab_ssh_host,
     $gitlab_auth_file         = "${git_home}/.ssh/authorized_keys",
     $exec_path                = $gitlab::params::exec_path,
     $ldap_enabled             = $gitlab::params::ldap_enabled,
@@ -551,6 +597,7 @@
     $ldap_group_base          = $gitlab::params::ldap_group_base,
     $ldap_sync_ssh_keys       = $gitlab::params::ldap_sync_ssh_keys,
     $ldap_admin_group         = $gitlab::params::ldap_admin_group,
+    $ldap_allow_username_or_email_login = $gitlab::params::ldap_allow_username_or_email_login,
     $issues_tracker           = $gitlab::params::issues_tracker,
     $omniauth                 = $gitlab::params::omniauth,
     $ssh_port                 = $gitlab::params::ssh_port,
@@ -582,6 +629,9 @@
   validate_absolute_path($gitlab_ssl_cert)
   validate_absolute_path($gitlab_ssl_key)
 
+
+  validate_numeric($gitlab_default_theme)
+
   validate_bool($gitlab_ssl)
   validate_bool($gitlab_ssl_self_signed)
   validate_bool($gitlab_username_change)
@@ -591,6 +641,12 @@
   validate_bool($gitlab_default_projects_features_wiki)
   validate_bool($gitlab_default_projects_features_wall)
   validate_bool($gitlab_default_projects_features_snippets)
+  validate_bool($gitlab_default_can_create_group)
+  validate_bool($gitlab_signup_enabled)
+  validate_bool($gitlab_signin_enabled)
+  validate_bool($gitlab_upload_pack)
+  validate_bool($gitlab_receive_pack)
+  validate_bool($ldap_allow_username_or_email_login)
 
   validate_re($gitlab_dbtype, '(mysql|pgsql)', 'gitlab_dbtype is not supported')
   validate_re("${gitlab_dbport}", '^\d+$', 'gitlab_dbport is not a valid port')
@@ -641,6 +697,9 @@
   validate_string($company_logo_url)
   validate_string($company_link)
   validate_string($company_name)
+  if $gitlab_ssh_host {
+    validate_string($gitlab_ssh_host)
+  }
 
   anchor { 'gitlab::begin': } ->
   class { '::gitlab::setup': } ->

manifests/params.pp

@@ -53,6 +53,7 @@
   $gitlab_default_projects_features_wall = false
   $gitlab_default_projects_features_snippets = false
   $gitlab_default_projects_features_visibility_level = 'private'
+  $gitlab_default_can_create_group = true
   $gitlab_time_zone         = false
   $gitlab_email_enabled     = true
   $gitlab_email_reply_to    = "noreply@${gitlab_domain}"
@@ -77,6 +78,12 @@
   $gitlab_ruby_version      = '2.1.6'
   $gitlab_auth_file         = "${git_home}/.ssh/authorized_keys"
   $gitlab_secret_file       = undef
+  $gitlab_default_theme     = '2'
+  $gitlab_signup_enabled    = false
+  $gitlab_signin_enabled    = true
+  $gitlab_upload_pack       = true
+  $gitlab_receive_pack      = true
+  $gitlab_ssh_host          = undef
   $exec_path                = "${git_home}/.rbenv/shims:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
   $ldap_enabled             = false
   $ldap_host                = 'ldap.domain.com'
@@ -93,6 +100,7 @@
   $ldap_group_base          = ''
   $ldap_sync_ssh_keys       = ''
   $ldap_admin_group         = ''
+  $ldap_allow_username_or_email_login = true
   $issues_tracker           = undef
   $omniauth                 = undef
   $ssh_port                 = '22'

templates/gitlab.yml.erb

@@ -26,7 +26,9 @@ production: &base
     # (you'd obviously need to replace ssh.host_example.com with your own host).
     # Otherwise, ssh host will be set to the `host:` value above
     # ssh_host: ssh.host_example.com
-
+    <%- if @gitlab_ssh_host %>
+    ssh_host: <%= @gitlab_ssh_host %>
+    <%- end %>
     # WARNING: See config/application.rb under "Relative url support" for the list of
     # other files that need to be changed for relative url support
     # relative_url_root: /gitlab
@@ -35,7 +37,7 @@ production: &base
     <%- end %>
 
     # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
-    # user: git
+    user: <%= @git_user %>
 
     # Uncomment and customize if you want to change the default time zone of GitLab application.
     # To see all available zones, run `bundle exec rake time:zones:all RAILS_ENV=production`
@@ -59,6 +61,7 @@ production: &base
     ## User settings
     default_projects_limit: <%= @gitlab_projects %>
     # default_can_create_group: false  # default: true
+    default_can_create_group: <%= @gitlab_default_can_create_group %>
     # default: true - User can change her username/namespace
     username_changing_enabled: <%= @gitlab_username_change ? 'true' : 'false' %>
     ## Default theme
@@ -67,20 +70,22 @@ production: &base
     ##   MODERN = 3
     ##   GRAY   = 4
     ##   COLOR  = 5
-    # default_theme: 2 # default: 2
+    default_theme: <%= @gitlab_default_theme %> # default: 2
 
 
     ## Users management
     # default: false - Account passwords are not sent via the email if signup is enabled.
-    # signup_enabled: true
+    # signup_enabled: false
+    signup_enabled: <%= @gitlab_signup_enabled ? 'true' : 'false' %>
     #
     # default: true - If set to false, standard login form won't be shown on the sign-in page
-    # signin_enabled: false
+    # signin_enabled: true
+    signin_enabled: <%= @gitlab_signin_enabled ? 'true' : 'false' %>
 
     # Restrict setting visibility levels for non-admin users.
     # The default is to allow all levels.
 <% if @restricted_visibility_levels %>
-    restricted_visibility_levels: 
+    restricted_visibility_levels:
 <%   @restricted_visibility_levels.each do |level| %>
       - <%= level %>
 <%   end %>
@@ -95,7 +100,7 @@ production: &base
     # issue_closing_pattern: '([Cc]lose[sd]|[Ff]ixe[sd]) #(\d+)'
 <% if @gitlab_issue_closing_pattern -%>
     issue_closing_pattern: '<%= @gitlab_issue_closing_pattern.gsub("'","''") %>'
-<% end -%>     
+<% end -%>
 
     ## Default project features settings
     default_projects_features:
@@ -106,7 +111,7 @@ production: &base
       snippets: <%= @gitlab_default_projects_features_snippets %>
       # can be "private" | "internal" | "public"
       visibility_level: <%= @gitlab_default_projects_features_visibility_level %>
-      
+
     ## Webhook settings
     # Number of seconds to wait for HTTP response after sending webhook HTTP POST request (default: 10)
     webhook_timeout: <%= @gitlab_webhook_timeout %>
@@ -194,11 +199,11 @@ production: &base
     #
     # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
     # disable this setting, because the userPrincipalName contains an '@'.
-    allow_username_or_email_login: true
+    allow_username_or_email_login: <%= @ldap_allow_username_or_email_login ? 'true' : 'false' %>
 
 
     # To maintain tight control over the number of active users on your GitLab installation,
-    # enable this setting to keep new users blocked until they have been cleared by the admin 
+    # enable this setting to keep new users blocked until they have been cleared by the admin
     # (default: false).
     block_auto_created_users: <%= @ldap_block_auto_created_users %>
 
@@ -214,7 +219,7 @@ production: &base
     #   Ex. (employeeType=developer)
     #
     user_filter: '<%= @ldap_user_filter -%>'
-    
+
     # EE settings
 <% if @ldap_sync_time!= '' -%>
     sync_time: <%=@ldap_sync_time%>
@@ -307,11 +312,11 @@ production: &base
     secret_file: <%= @gitlab_secret_file %>
 <% else -%>
     # secret_file: /home/git/gitlab/.gitlab_shell_secret
-<% end -%>     
-  
+<% end -%>
+
     # Git over HTTP
-    upload_pack: true
-    receive_pack: true
+    upload_pack: <%= @gitlab_upload_pack ? 'true' : 'false' %>
+    receive_pack: <%= @gitlab_receive_pack ? 'true' : 'false' %>
 
     # If you use non-standard ssh port you need to specify it
     ssh_port: <%= @ssh_port %>