gitlab: 8.10.6 -> 8.11.2

2016-08-26 14:08:53 +02:00
parent 693be25cc3
commit d70f83e7e9
9 changed files with 206 additions and 174 deletions
--- a/nixos/modules/services/misc/gitlab.xml
+++ b/nixos/modules/services/misc/gitlab.xml
@@ -62,7 +62,11 @@ services.gitlab = {
    address = "localhost";
    port = 25;
  };
-  secrets.db_key_base = "ei3eeP1ohsh0uu3ad4YeeMeeheengah3AiZee2ohl4Ooj5mie4Ohl0vishoghaes";
+  secrets = {
+    db = "uPgq1gtwwHiatiuE0YHqbGa5lEIXH7fMsvuTNgdzJi8P0Dg12gibTzBQbq5LT7PNzcc3BP9P1snHVnduqtGF43PgrQtU7XL93ts6gqe9CBNhjtaqUwutQUDkygP5NrV6";
+    secret = "devzJ0Tz0POiDBlrpWmcsjjrLaltyiAdS8TtgT9YNBOoUcDsfppiY3IXZjMVtKgXrFImIennFGOpPN8IkP8ATXpRgDD5rxVnKuTTwYQaci2NtaV1XxOQGjdIE50VGsR3";
+    otp = "e1GATJVuS2sUh7jxiPzZPre4qtzGGaS22FR50Xs1TerRVdgI3CBVUi5XYtQ38W4xFeS4mDqi5cQjExE838iViSzCdcG19XSL6qNsfokQP9JugwiftmhmCadtsnHErBMI";
+  };
  extraConfig = {
    gitlab = {
      email_from = "gitlab-no-reply@example.com";
@@ -75,11 +79,12 @@ services.gitlab = {
 </programlisting>
 </para>

-<para>If you're setting up a new Gitlab instance, generate a new
-<literal>db_key_base</literal> secret to encrypt sensible data in the
-database. If you're restoring an existing Gitlab instance, you must
-specify the <literal>db_key_base</literal> secret from
-<literal>config/secrets.yml</literal> in your Gitlab state folder.</para>
+<para>If you're setting up a new Gitlab instance, generate new secrets. You
+for instance use <literal>tr -dc A-Za-z0-9 < /dev/urandom | head -c 128</literal>
+to generate a new secret. Gitlab encrypts sensitive data stored in the database.
+If you're restoring an existing Gitlab instance, you must specify the secrets
+secret from <literal>config/secrets.yml</literal> located in your Gitlab state
+folder.</para>

 <para>Refer to <xref linkend="ch-options" /> for all available configuration
 options for the <literal>services.gitlab</literal> module.</para>