_form.html.haml

= form_for @application_setting, url: admin_application_settings_path, html: { class: 'form-horizontal fieldset-form' } do |f|
  = form_errors(@application_setting)

  %fieldset
    %legend Visibility and Access Controls
    .form-group
      = f.label :default_branch_protection, class: 'control-label col-sm-2'
      .col-sm-10
        = f.select :default_branch_protection, options_for_select(Gitlab::Access.protection_options, @application_setting.default_branch_protection), {}, class: 'form-control'
    .form-group.project-visibility-level-holder
      = f.label :default_project_visibility, class: 'control-label col-sm-2'
      .col-sm-10
        = render('shared/visibility_radios', model_method: :default_project_visibility, form: f, selected_level: @application_setting.default_project_visibility, form_model: Project.new)
    .form-group.project-visibility-level-holder
      = f.label :default_snippet_visibility, class: 'control-label col-sm-2'
      .col-sm-10
        = render('shared/visibility_radios', model_method: :default_snippet_visibility, form: f, selected_level: @application_setting.default_snippet_visibility, form_model: ProjectSnippet.new)
    .form-group.project-visibility-level-holder
      = f.label :default_group_visibility, class: 'control-label col-sm-2'
      .col-sm-10
        = render('shared/visibility_radios', model_method: :default_group_visibility, form: f, selected_level: @application_setting.default_group_visibility, form_model: Group.new)
    .form-group
      = f.label :restricted_visibility_levels, class: 'control-label col-sm-2'
      .col-sm-10
        - data_attrs = { toggle: 'buttons' }
        .btn-group{ data: data_attrs }
          - restricted_level_checkboxes('restricted-visibility-help').each do |level|
            = level
        %span.help-block#restricted-visibility-help
          Selected levels cannot be used by non-admin users for projects or snippets.
          If the public level is restricted, user profiles are only visible to logged in users.
    .form-group
      = f.label :import_sources, class: 'control-label col-sm-2'
      .col-sm-10
        - data_attrs = { toggle: 'buttons' }
        .btn-group{ data: data_attrs }
          - import_sources_checkboxes('import-sources-help').each do |source|
            = source
        %span.help-block#import-sources-help
          Enabled sources for code import during project creation. OmniAuth must be configured for GitHub
          = link_to "(?)", help_page_path("integration/github")
          , Bitbucket
          = link_to "(?)", help_page_path("integration/bitbucket")
          and GitLab.com
          = link_to "(?)", help_page_path("integration/gitlab")
    .form-group
      %label.control-label.col-sm-2 Enabled Git access protocols
      .col-sm-10
        = select(:application_setting, :enabled_git_access_protocol, [['Both SSH and HTTP(S)', nil], ['Only SSH', 'ssh'], ['Only HTTP(S)', 'http']], {}, class: 'form-control')
        %span.help-block#clone-protocol-help
          Allow only the selected protocols to be used for Git access.
    .form-group
      .col-sm-offset-2.col-sm-10
        .checkbox
          = f.label :version_check_enabled do
            = f.check_box :version_check_enabled
            Version check enabled
    .form-group
      .col-sm-offset-2.col-sm-10
        .checkbox
          = f.label :email_author_in_body do
            = f.check_box :email_author_in_body
            Include author name in notification email body
          .help-block
            Some email servers do not support overriding the email sender name.
            Enable this option to include the name of the author of the issue,
            merge request or comment in the email body instead.
    .form-group
      = f.label :admin_notification_email, class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_field :admin_notification_email, class: 'form-control'
        .help-block
          Abuse reports will be sent to this address if it is set. Abuse reports are always available in the admin area.

  %fieldset
    %legend Account and Limit Settings
    .form-group
      .col-sm-offset-2.col-sm-10
        .checkbox
          = f.label :gravatar_enabled do
            = f.check_box :gravatar_enabled
            Gravatar enabled
    .form-group
      = f.label :default_projects_limit, class: 'control-label col-sm-2'
      .col-sm-10
        = f.number_field :default_projects_limit, class: 'form-control'
    .form-group
      = f.label :max_attachment_size, 'Maximum attachment size (MB)', class: 'control-label col-sm-2'
      .col-sm-10
        = f.number_field :max_attachment_size, class: 'form-control'
    .form-group
      = f.label :session_expire_delay, 'Session duration (minutes)', class: 'control-label col-sm-2'
      .col-sm-10
        = f.number_field :session_expire_delay, class: 'form-control'
        %span.help-block#session_expire_delay_help_block GitLab restart is required to apply changes
    .form-group
      = f.label :user_oauth_applications, 'User OAuth applications', class: 'control-label col-sm-2'
      .col-sm-10
        .checkbox
          = f.label :user_oauth_applications do
            = f.check_box :user_oauth_applications
            Allow users to register any application to use GitLab as an OAuth provider
    .form-group
      = f.label :user_default_external, 'New users set to external', class: 'control-label col-sm-2'
      .col-sm-10
        .checkbox
          = f.label :user_default_external do
            = f.check_box :user_default_external
            Newly registered users will by default be external

  %fieldset
    %legend Sign-up Restrictions
    .form-group
      .col-sm-offset-2.col-sm-10
        .checkbox
          = f.label :signup_enabled do
            = f.check_box :signup_enabled
            Sign-up enabled
    .form-group
      .col-sm-offset-2.col-sm-10
        .checkbox
          = f.label :send_user_confirmation_email do
            = f.check_box :send_user_confirmation_email
            Send confirmation email on sign-up
    .form-group
      = f.label :domain_whitelist, 'Whitelisted domains for sign-ups', class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_area :domain_whitelist_raw, placeholder: 'domain.com', class: 'form-control', rows: 8
        .help-block ONLY users with e-mail addresses that match these domain(s) will be able to sign-up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com
    .form-group
      = f.label :domain_blacklist_enabled, 'Domain Blacklist', class: 'control-label col-sm-2'
      .col-sm-10
        .checkbox
          = f.label :domain_blacklist_enabled do
            = f.check_box :domain_blacklist_enabled
            Enable domain blacklist for sign ups
    .form-group
      .col-sm-offset-2.col-sm-10
        .radio
          = label_tag :blacklist_type_file do
            = radio_button_tag :blacklist_type, :file
            .option-title
              Upload blacklist file
        .radio
          = label_tag :blacklist_type_raw do
            = radio_button_tag :blacklist_type, :raw, @application_setting.domain_blacklist.present? || @application_setting.domain_blacklist.blank?
            .option-title
              Enter blacklist manually
    .form-group.blacklist-file
      = f.label :domain_blacklist_file, 'Blacklist file', class: 'control-label col-sm-2'
      .col-sm-10
        = f.file_field :domain_blacklist_file, class: 'form-control', accept: '.txt,.conf'
        .help-block Users with e-mail addresses that match these domain(s) will NOT be able to sign-up. Wildcards allowed. Use separate lines or commas for multiple entries.
    .form-group.blacklist-raw
      = f.label :domain_blacklist, 'Blacklisted domains for sign-ups', class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_area :domain_blacklist_raw, placeholder: 'domain.com', class: 'form-control', rows: 8
        .help-block Users with e-mail addresses that match these domain(s) will NOT be able to sign-up. Wildcards allowed. Use separate lines for multiple entries. Ex: domain.com, *.domain.com

    .form-group
      = f.label :after_sign_up_text, class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_area :after_sign_up_text, class: 'form-control', rows: 4
        .help-block Markdown enabled

  %fieldset
    %legend Sign-in Restrictions
    .form-group
      .col-sm-offset-2.col-sm-10
        .checkbox
          = f.label :signin_enabled do
            = f.check_box :signin_enabled
            Sign-in enabled
    - if omniauth_enabled? && button_based_providers.any?
      .form-group
        = f.label :enabled_oauth_sign_in_sources, 'Enabled OAuth Sign-In sources', class: 'control-label col-sm-2'
        .col-sm-10
          .btn-group{ data: { toggle: 'buttons' } }
            - oauth_providers_checkboxes.each do |source|
              = source
    .form-group
      = f.label :two_factor_authentication, 'Two-factor authentication', class: 'control-label col-sm-2'
      .col-sm-10
        .checkbox
          = f.label :require_two_factor_authentication do
            = f.check_box :require_two_factor_authentication
            Require all users to setup Two-factor authentication
    .form-group
      = f.label :two_factor_authentication, 'Two-factor grace period (hours)', class: 'control-label col-sm-2'
      .col-sm-10
        = f.number_field :two_factor_grace_period, min: 0, class: 'form-control', placeholder: '0'
        .help-block Amount of time (in hours) that users are allowed to skip forced configuration of two-factor authentication
    .form-group
      = f.label :home_page_url, 'Home page URL', class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_field :home_page_url, class: 'form-control', placeholder: 'http://company.example.com', :'aria-describedby' => 'home_help_block'
        %span.help-block#home_help_block We will redirect non-logged in users to this page
    .form-group
      = f.label :after_sign_out_path, class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_field :after_sign_out_path, class: 'form-control', placeholder: 'http://company.example.com', :'aria-describedby' => 'after_sign_out_path_help_block'
        %span.help-block#after_sign_out_path_help_block We will redirect users to this page after they sign out
    .form-group
      = f.label :sign_in_text, class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_area :sign_in_text, class: 'form-control', rows: 4
        .help-block Markdown enabled
    .form-group
      = f.label :help_page_text, class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_area :help_page_text, class: 'form-control', rows: 4
        .help-block Markdown enabled

  %fieldset
    %legend Continuous Integration
    .form-group
      .col-sm-offset-2.col-sm-10
        .checkbox
          = f.label :shared_runners_enabled do
            = f.check_box :shared_runners_enabled
            Enable shared runners for new projects
    .form-group
      = f.label :shared_runners_text, class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_area :shared_runners_text, class: 'form-control', rows: 4
        .help-block Markdown enabled
    .form-group
      = f.label :max_artifacts_size, 'Maximum artifacts size (MB)', class: 'control-label col-sm-2'
      .col-sm-10
        = f.number_field :max_artifacts_size, class: 'form-control'

  - if Gitlab.config.registry.enabled
    %fieldset
      %legend Container Registry
      .form-group
        = f.label :container_registry_token_expire_delay, 'Authorization token duration (minutes)', class: 'control-label col-sm-2'
        .col-sm-10
          = f.number_field :container_registry_token_expire_delay, class: 'form-control'

  %fieldset
    %legend Metrics
    %p
      These settings require a restart to take effect.
    .form-group
      .col-sm-offset-2.col-sm-10
        .checkbox
          = f.label :metrics_enabled do
            = f.check_box :metrics_enabled
            Enable InfluxDB Metrics
    .form-group
      = f.label :metrics_host, 'InfluxDB host', class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_field :metrics_host, class: 'form-control', placeholder: 'influxdb.example.com'
    .form-group
      = f.label :metrics_port, 'InfluxDB port', class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_field :metrics_port, class: 'form-control', placeholder: '8089'
        .help-block
          The UDP port to use for connecting to InfluxDB. InfluxDB requires that
          your server configuration specifies a database to store data in when
          sending messages to this port, without it metrics data will not be
          saved.
    .form-group
      = f.label :metrics_pool_size, 'Connection pool size', class: 'control-label col-sm-2'
      .col-sm-10
        = f.number_field :metrics_pool_size, class: 'form-control'
        .help-block
          The amount of InfluxDB connections to open. Connections are opened
          lazily. Users using multi-threaded application servers should ensure
          enough connections are available (at minimum the amount of application
          server threads).
    .form-group
      = f.label :metrics_timeout, 'Connection timeout', class: 'control-label col-sm-2'
      .col-sm-10
        = f.number_field :metrics_timeout, class: 'form-control'
        .help-block
          The amount of seconds after which an InfluxDB connection will time
          out.
    .form-group
      = f.label :metrics_method_call_threshold, 'Method Call Threshold (ms)', class: 'control-label col-sm-2'
      .col-sm-10
        = f.number_field :metrics_method_call_threshold, class: 'form-control'
        .help-block
          A method call is only tracked when it takes longer to complete than
          the given amount of milliseconds.
    .form-group
      = f.label :metrics_sample_interval, 'Sampler Interval (sec)', class: 'control-label col-sm-2'
      .col-sm-10
        = f.number_field :metrics_sample_interval, class: 'form-control'
        .help-block
          The sampling interval in seconds. Sampled data includes memory usage,
          retained Ruby objects, file descriptors and so on.
    .form-group
      = f.label :metrics_packet_size, 'Metrics per packet', class: 'control-label col-sm-2'
      .col-sm-10
        = f.number_field :metrics_packet_size, class: 'form-control'
        .help-block
          The amount of points to store in a single UDP packet. More points
          results in fewer but larger UDP packets being sent.

  %fieldset
    %legend Spam and Anti-bot Protection
    .form-group
      .col-sm-offset-2.col-sm-10
        .checkbox
          = f.label :recaptcha_enabled do
            = f.check_box :recaptcha_enabled
            Enable reCAPTCHA
          %span.help-block#recaptcha_help_block Helps prevent bots from creating accounts

    .form-group
      = f.label :recaptcha_site_key, 'reCAPTCHA Site Key', class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_field :recaptcha_site_key, class: 'form-control'
        .help-block
          Generate site and private keys at
          %a{ href: 'http://www.google.com/recaptcha', target: 'blank'} http://www.google.com/recaptcha

    .form-group
      = f.label :recaptcha_private_key, 'reCAPTCHA Private Key', class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_field :recaptcha_private_key, class: 'form-control'

    .form-group
      .col-sm-offset-2.col-sm-10
        .checkbox
          = f.label :akismet_enabled do
            = f.check_box :akismet_enabled
            Enable Akismet
          %span.help-block#akismet_help_block Helps prevent bots from creating issues

    .form-group
      = f.label :akismet_api_key, 'Akismet API Key', class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_field :akismet_api_key, class: 'form-control'
        .help-block
          Generate API key at
          %a{ href: 'http://www.akismet.com', target: 'blank'} http://www.akismet.com

  %fieldset
    %legend Error Reporting and Logging
    %p
      These settings require a restart to take effect.
    .form-group
      .col-sm-offset-2.col-sm-10
        .checkbox
          = f.label :sentry_enabled do
            = f.check_box :sentry_enabled
            Enable Sentry
          .help-block
            Sentry is an error reporting and logging tool which is currently not shipped with GitLab, get it here:
            %a{ href: 'https://getsentry.com', target: '_blank' } https://getsentry.com

    .form-group
      = f.label :sentry_dsn, 'Sentry DSN', class: 'control-label col-sm-2'
      .col-sm-10
        = f.text_field :sentry_dsn, class: 'form-control'

  %fieldset
    %legend Repository Storage
    .form-group
      = f.label :repository_storage, 'Storage path for new projects', class: 'control-label col-sm-2'
      .col-sm-10
        = f.select :repository_storage, repository_storage_options_for_select, {}, class: 'form-control'
        .help-block
          You can manage the repository storage paths in your gitlab.yml configuration file

  %fieldset
    %legend Repository Checks
    .form-group
      .col-sm-offset-2.col-sm-10
        .checkbox
          = f.label :repository_checks_enabled do
            = f.check_box :repository_checks_enabled
            Enable Repository Checks
          .help-block
            GitLab will periodically run
            %a{ href: 'https://www.kernel.org/pub/software/scm/git/docs/git-fsck.html', target: 'blank' } 'git fsck'
            in all project and wiki repositories to look for silent disk corruption issues.
    .form-group
      .col-sm-offset-2.col-sm-10
        = link_to 'Clear all repository checks', clear_repository_check_states_admin_application_settings_path, data: { confirm: 'This will clear repository check states for ALL projects in the database. This cannot be undone. Are you sure?' }, method: :put, class: "btn btn-sm btn-remove"
        .help-block
          If you got a lot of false alarms from repository checks you can choose to clear all repository check information from the database.


  .form-actions
    = f.submit 'Save', class: 'btn btn-save'