From bed4200b02790cbe1c8d1fefc93ea1a076945115 Mon Sep 17 00:00:00 2001
From: Akanoa <dev@guern.eu>
Date: Sat, 3 Jul 2021 14:32:17 +0000
Subject: [PATCH 1/4] feat: allow to configure the packages registry from
 environment variables

---
 README.md                                 | 43 ++++++++++++-----
 assets/runtime/config/gitlabhq/gitlab.yml | 40 +++++++++-------
 assets/runtime/env-defaults               | 56 ++++++++++++++++++-----
 assets/runtime/functions                  | 45 ++++++++++++++++++
 4 files changed, 144 insertions(+), 40 deletions(-)

diff --git a/README.md b/README.md
index a95ff93ba..a17a19cd2 100644
--- a/README.md
+++ b/README.md
@@ -835,6 +835,10 @@ Below is the complete list of available options that can be used to customize yo
 | `GITLAB_ARTIFACTS_DIR` | Directory to store the artifacts. Defaults to `$GITLAB_SHARED_DIR/artifacts` |
 | `AWS_ACCESS_KEY_ID`| Default AWS access key to be used for object store. Defaults to `AWS_ACCESS_KEY_ID`|
 | `AWS_SECRET_ACCESS_KEY`| Default AWS access key to be used for object store. Defaults to `AWS_SECRET_ACCESS_KEY`|
+| `AWS_REGION`| AWS Region. Defaults to `us-east-1` |
+| `AWS_HOST`| Configure this for an compatible AWS host like minio. Defaults to `$AWS_HOST`. Defaults to `s3.amazon.com`|
+| `AWS_ENDPOINT`| AWS Endpoint like `http://127.0.0.1:9000`. Defaults to `nil`|
+| `AWS_PATH_STYLE`| Changes AWS Path Style to 'host/bucket_name/object' instead of 'bucket_name.host/object'. Defaults to `true` |
 | `GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`| Default Google project to use for Object Store.|
 | `GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`| Default Google service account email to use for Object Store.|
 | `GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION`| Default Google key file Defaults to `/gcs/key.json`|
@@ -847,10 +851,10 @@ Below is the complete list of available options that can be used to customize yo
 | `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_PROVIDER` | Connection Provider for the Object Store. (`AWS` or `Google`) Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_PROVIDER` (`AWS`) |
 | `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID` | AWS Access Key ID for the Bucket. Defaults to `$AWS_ACCESS_KEY_ID` |
 | `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY` | AWS Secret Access Key. Defaults to `$AWS_SECRET_ACCESS_KEY` |
-| `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_REGION` | AWS Region. Defaults to `us-east-1` |
-| `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_HOST` | Configure this for an compatible AWS host like minio. Defaults to `s3.amazonaws.com` |
-| `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT` | AWS Endpoint like `http://127.0.0.1:9000`. Defaults to `nil` |
-| `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE` | Changes AWS Path Style to 'host/bucket_name/object' instead of 'bucket_name.host/object'. Defaults to `true` |
+| `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_REGION` | AWS Region. Defaults to `$AWS_REGION` |
+| `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_HOST` | Configure this for an compatible AWS host like minio. Defaults to `$AWS_HOST` |
+| `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT` | AWS Endpoint like `http://127.0.0.1:9000`. Defaults to `$AWS_ENDPOINT` |
+| `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE` | Changes AWS Path Style to 'host/bucket_name/object' instead of 'bucket_name.host/object'. Defaults to `$AWS_PATH_STYLE` |
 | `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`| Google project. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`|
 | `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`| Google service account. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`|
 | `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION`| Default Google key file. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION` (`/gcs/key.json`)|
@@ -864,13 +868,28 @@ Below is the complete list of available options that can be used to customize yo
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_PROVIDER` | Connection Provider for the Object Store. (`AWS` or `Google`) Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_PROVIDER` (`AWS`) |
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID` | AWS Access Key ID for the Bucket. Defaults to `AWS_ACCESS_KEY_ID` |
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY` | AWS Secret Access Key. Defaults to `AWS_SECRET_ACCESS_KEY` |
-| `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_REGION` | AWS Region. Defaults to `us-east-1` |
-| `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_HOST` | Configure this for an compatible AWS host like minio. Defaults to `s3.amazonaws.com` |
-| `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT` | AWS Endpoint like `http://127.0.0.1:9000`. Defaults to `nil` |
-| `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE` | Changes AWS Path Style to 'host/bucket_name/object' instead of 'bucket_name.host/object'. Defaults to `true` |
+| `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_REGION` | AWS Region. Defaults to `$AWS_REGION` |
+| `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_HOST` | Configure this for an compatible AWS host like minio. Defaults to `$AWS_HOST` |
+| `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT` | AWS Endpoint like `http://127.0.0.1:9000`. Defaults to `$AWS_ENDPOINT` |
+| `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE` | Changes AWS Path Style to 'host/bucket_name/object' instead of 'bucket_name.host/object'. Defaults to `AWS_PATH_STYLE` |
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`| Google project. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`|
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`| Google service account. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`|
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION`| Default Google key file. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION` (`/gcs/key.json`)|
+| `GITLAB_PACKAGES_OBJECT_STORE_ENABLED` | Enables Object Store for Packages that will be remote stored. Defaults to `false` |
+| `GITLAB_PACKAGES_OBJECT_STORE_REMOTE_DIRECTORY` | Bucket name to store the packages. Defaults to `packages` |
+| `GITLAB_PACKAGES_OBJECT_STORE_DIRECT_UPLOAD` | Set to true to enable direct upload of Packages without the need of local shared storage.  Defaults to `false` |
+| `GITLAB_PACKAGES_OBJECT_STORE_BACKGROUND_UPLOAD` | Temporary option to limit automatic upload. Defaults to `false` |
+| `GITLAB_PACKAGES_OBJECT_STORE_PROXY_DOWNLOAD` | Passthrough all downloads via GitLab instead of using Redirects to Object Storage. Defaults to `false` |
+| `GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_PROVIDER` | Connection Provider for the Object Store. (`AWS` or `Google`) Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_PROVIDER` (`AWS`) |
+| `GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID` | AWS Access Key ID for the Bucket. Defaults to `$AWS_ACCESS_KEY_ID` |
+| `GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY` | AWS Secret Access Key. Defaults to `$AWS_SECRET_ACCESS_KEY` |
+| `GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_REGION` | AWS Region. Defaults to `$AWS_REGION` |
+| `GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_HOST` | Configure this for an compatible AWS host like minio. Defaults to `$AWS_HOST` |
+| `GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ENDPOINT` | AWS Endpoint like `http://127.0.0.1:9000`. Defaults to `$AWS_ENDPOINT` |
+| `GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE` | Changes AWS Path Style to 'host/bucket_name/object' instead of 'bucket_name.host/object'. Defaults to `AWS_PATH_STYLE` |
+| `GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`| Google project. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`|
+| `GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`| Google service account. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`|
+| `GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION`| Default Google key file. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION` (`/gcs/key.json`)|
 | `GITLAB_UPLOADS_STORAGE_PATH` | The location where uploads objects are stored. Defaults to `$GITLAB_SHARED_DIR/public`. |
 | `GITLAB_UPLOADS_BASE_DIR` | Mapping for the `GITLAB_UPLOADS_STORAGE_PATH`. Defaults to `uploads/-/system` |
 | `GITLAB_UPLOADS_OBJECT_STORE_ENABLED` | Enables Object Store for UPLOADS that will be remote stored. Defaults to `false` |
@@ -880,10 +899,10 @@ Below is the complete list of available options that can be used to customize yo
 | `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_PROVIDER` | Connection Provider for the Object Store. (`AWS` or `Google`) Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_PROVIDER` (`AWS`) |
 | `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID` | AWS Access Key ID for the Bucket. Defaults to `AWS_ACCESS_KEY_ID` |
 | `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY` | AWS Secret Access Key. Defaults to `AWS_SECRET_ACCESS_KEY` |
-| `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_REGION` | AWS Region. Defaults to `us-east-1` |
-| `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_HOST` | Configure this for an compatible AWS host like minio. Defaults to `s3.amazonaws.com` |
-| `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT` | AWS Endpoint like `http://127.0.0.1:9000`. Defaults to `nil` |
-| `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE` | Changes AWS Path Style to 'host/bucket_name/object' instead of 'bucket_name.host/object'. Defaults to `true` |
+| `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_REGION` | AWS Region. Defaults to `$AWS_REGION` |
+| `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_HOST` | Configure this for an compatible AWS host like minio. Defaults to `$AWS_HOST` |
+| `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT` | AWS Endpoint like `http://127.0.0.1:9000`. Defaults to `$AWS_ENDPOINT` |
+| `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE` | Changes AWS Path Style to 'host/bucket_name/object' instead of 'bucket_name.host/object'. Defaults to `AWS_PATH_STYLE` |
 | `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`| Google project. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`|
 | `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`| Google service account. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`|
 | `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION`| Default Google key file. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION` (`/gcs/key.json`)|
diff --git a/assets/runtime/config/gitlabhq/gitlab.yml b/assets/runtime/config/gitlabhq/gitlab.yml
index 18d3b980e..b8ddc6210 100644
--- a/assets/runtime/config/gitlabhq/gitlab.yml
+++ b/assets/runtime/config/gitlabhq/gitlab.yml
@@ -320,25 +320,33 @@ production: &base
 
   ## Packages (maven repository, npm registry, etc...)
   packages:
-    enabled: true
+    enabled: {{GITLAB_PACKAGES_ENABLED}}
     # The location where build packages are stored (default: shared/packages).
-    # storage_path: shared/packages
+    path: {{GITLAB_PACKAGES_DIR}}
     object_store:
-      enabled: false
-      remote_directory: packages # The bucket name
-      # direct_upload: false # Use Object Storage directly for uploads instead of background uploads if enabled (Default: false)
-      # background_upload: false # Temporary option to limit automatic upload (Default: true)
-      # proxy_download: false # Passthrough all downloads via GitLab instead of using Redirects to Object Storage
+      enabled: {{GITLAB_PACKAGES_OBJECT_STORE_ENABLED}}
+      remote_directory: {{GITLAB_PACKAGES_OBJECT_STORE_REMOTE_DIRECTORY}} # The bucket name
+      direct_upload: {{GITLAB_PACKAGES_OBJECT_STORE_DIRECT_UPLOAD}} # Set to true to enable direct upload of Artifacts without the need of local shared storage.
+      background_upload: {{GITLAB_PACKAGES_OBJECT_STORE_BACKGROUND_UPLOAD}} # Temporary option to limit automatic upload (Default: true)
+      proxy_download: {{GITLAB_PACKAGES_OBJECT_STORE_PROXY_DOWNLOAD}} # Passthrough all downloads via GitLab instead of using Redirects to Object Storage
       connection:
-        provider: AWS
-        aws_access_key_id: AWS_ACCESS_KEY_ID
-        aws_secret_access_key: AWS_SECRET_ACCESS_KEY
-        region: us-east-1
-        # host: 'localhost' # default: s3.amazonaws.com
-        # endpoint: 'http://127.0.0.1:9000' # default: nil
-        # aws_signature_version: 4 # For creation of signed URLs. Set to 2 if provider does not support v4.
-        # path_style: true # Use 'host/bucket_name/object' instead of 'bucket_name.host/object'
-
+        provider: {{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_PROVIDER}} # Only AWS supported at the moment
+        #start-packages-aws
+        aws_access_key_id: {{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID}}
+        aws_secret_access_key: {{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY}}
+        region: {{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_REGION}}
+        host: '{{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_HOST}}' # default: s3.amazonaws.com
+        aws_signature_version: 4 # For creation of signed URLs. Set to 2 if provider does not support v4.
+        endpoint: '{{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ENDPOINT}}' # default: nil - Useful for S3 compliant services such as DigitalOcean Spaces
+        path_style: {{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE}} # Use 'host/bucket_name/object' instead of 'bucket_name.host/object'
+        #end-packages-aws
+        #start-packages-gcs
+        google_project: {{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT}}
+        google_client_email: {{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL}}
+        google_json_key_location: {{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION}}
+        #end-packages-gcs
+
+  
   ## Dependency Proxy
   dependency_proxy:
     enabled: true
diff --git a/assets/runtime/env-defaults b/assets/runtime/env-defaults
index ad1ebc18f..32a4a4327 100644
--- a/assets/runtime/env-defaults
+++ b/assets/runtime/env-defaults
@@ -103,8 +103,16 @@ GITLAB_WORKHORSE_TIMEOUT=${GITLAB_WORKHORSE_TIMEOUT:-5m0s}
 
 # OBJECTSTORE
 GITLAB_OBJECT_STORE_CONNECTION_PROVIDER=${GITLAB_OBJECT_STORE_CONNECTION_PROVIDER:-AWS}
+
+#-- AWS
 AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID:-AWS_ACCESS_KEY_ID}
 AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY:-AWS_SECRET_ACCESS_KEY}
+AWS_HOST=${AWS_REGION:-us-east-1}
+AWS_HOST=${AWS_HOST:-s3.amazonaws.com}
+AWS_ENDPOINT=${AWS_ENDPOINT:nil}
+AWS_ENDPOINT=${AWS_PATH_STYLE:true}
+
+#-- Google
 GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT=${GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT}
 GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL=${GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL}
 GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION=${GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION:-"/gcs/key.json"}
@@ -124,16 +132,40 @@ GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_PROVIDER=${GITLAB_ARTIFACTS_OBJECT_STOR
 # ARTIFACTS:AWS
 GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID:-$AWS_ACCESS_KEY_ID}
 GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY:-$AWS_SECRET_ACCESS_KEY}
-GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_REGION=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_REGION:-us-east-1}
-GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_HOST=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_HOST:-s3.amazonaws.com}
-GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT:-nil}
-GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE:-true}
+GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_REGION=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_REGION:-$AWS_REGION}
+GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_HOST=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_HOST:-$AWS_HOST}
+GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT:-$AWS_ENDPOINT}
+GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE:-$AWS_PATH_STYLE}
 
 # ARTIFACTS:Google
 GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT:-$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT}
 GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL:-$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL}
 GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION:-$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION}
 
+## PACKAGES
+GITLAB_PACKAGES_ENABLED=${GITLAB_PACKAGES_ENABLED:-true}
+GITLAB_PACKAGES_DIR="${GITLAB_PACKAGES_DIR:-$GITLAB_SHARED_DIR/packages}"
+
+
+GITLAB_PACKAGES_OBJECT_STORE_ENABLED=${GITLAB_PACKAGES_OBJECT_STORE_ENABLED:-false}
+GITLAB_PACKAGES_OBJECT_STORE_REMOTE_DIRECTORY=${GITLAB_PACKAGES_OBJECT_STORE_REMOTE_DIRECTORY:-packages}
+GITLAB_PACKAGES_OBJECT_STORE_DIRECT_UPLOAD=${GITLAB_PACKAGES_OBJECT_STORE_DIRECT_UPLOAD:-false}
+GITLAB_PACKAGES_OBJECT_STORE_BACKGROUND_UPLOAD=${GITLAB_PACKAGES_OBJECT_STORE_BACKGROUND_UPLOAD:-false}
+GITLAB_PACKAGES_OBJECT_STORE_PROXY_DOWNLOAD=${GITLAB_PACKAGES_OBJECT_STORE_PROXY_DOWNLOAD:-false}
+GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_PROVIDER=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_PROVIDER:-$GITLAB_OBJECT_STORE_CONNECTION_PROVIDER}
+
+# PACKAGES:AWS
+GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID:-$AWS_ACCESS_KEY_ID}
+GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY:-$AWS_SECRET_ACCESS_KEY}
+GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_REGION=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_REGION:-$AWS_REGION}
+GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_HOST=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_HOST:-$AWS_HOST}
+GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ENDPOINT=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ENDPOINT:-$AWS_ENDPOINT}
+GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE:-$AWS_PATH_STYLE}
+
+# PACKAGES:Google
+GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT:-$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT}
+GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL:-$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL}
+GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION:-$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION}
 
 ## Cron Jobs
 GITLAB_PIPELINE_SCHEDULE_WORKER_CRON=${GITLAB_PIPELINE_SCHEDULE_WORKER_CRON:-"19 * * * *"}
@@ -152,10 +184,10 @@ GITLAB_LFS_OBJECT_STORE_CONNECTION_PROVIDER=${GITLAB_LFS_OBJECT_STORE_CONNECTION
 # LFS:AWS
 GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID:-$AWS_ACCESS_KEY_ID}
 GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY:-$AWS_SECRET_ACCESS_KEY}
-GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_REGION=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_REGION:-us-east-1}
-GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_HOST=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_HOST:-s3.amazonaws.com}
-GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT:-nil}
-GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE:-true}
+GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_REGION=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_REGION:-$AWS_REGION}
+GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_HOST=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_HOST:-$AWS_HOST}
+GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT:-$AWS_ENDPOINT}
+GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE:-$AWS_PATH_STYLE}
 
 # LFS:Google
 GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT=${GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT:-$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT}
@@ -176,10 +208,10 @@ GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_PROVIDER=${GITLAB_UPLOADS_OBJECT_STORE_CO
 # Uploads:AWS
 GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID:-$AWS_ACCESS_KEY_ID}
 GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY:-$AWS_SECRET_ACCESS_KEY}
-GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_REGION=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_REGION:-us-east-1}
-GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_HOST=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_HOST:-s3.amazonaws.com}
-GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT:-nil}
-GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE:-true}
+GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_REGION=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_REGION:-$AWS_REGION}
+GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_HOST=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_HOST:-$AWS_HOST}
+GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT:-$AWS_ENDPOINT}
+GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE:-$AWS_PATH_STYLE}
 
 # Uploads:Google
 GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT:-$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT}
diff --git a/assets/runtime/functions b/assets/runtime/functions
index cd5f501ff..dba058d2a 100644
--- a/assets/runtime/functions
+++ b/assets/runtime/functions
@@ -1010,6 +1010,50 @@ gitlab_configure_artifacts() {
     GITLAB_ARTIFACTS_DIR
 }
 
+
+gitlab_configure_packages() {
+  if [[ ${GITLAB_PACKAGES_OBJECT_STORE_ENABLED} == true ]]; then
+    echo "Configuring gitlab::packages:object_store"
+
+    if [[ "${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_PROVIDER}" == "Google" ]]; then
+        echo " -> Google PACKAGES provider selected removing aws config"
+        exec_as_git sed -i "/#start-packages-aws/,/#end-packages-aws/d" ${GITLAB_CONFIG}
+        exec_as_git sed -i "/#start-packages-gcs/d" ${GITLAB_CONFIG}
+        exec_as_git sed -i "/#end-packages-gcs/d" ${GITLAB_CONFIG}
+    fi
+    if [[ "${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_PROVIDER}" == "AWS" ]]; then
+      echo " -> AWS PACKAGES provider selected removing Google config"
+      exec_as_git sed -i "/#start-packages-gcs/,/#end-packages-gcs/d" ${GITLAB_CONFIG}
+      exec_as_git sed -i "/#start-packages-aws/d" ${GITLAB_CONFIG}
+      exec_as_git sed -i "/#end-packages-aws/d" ${GITLAB_CONFIG}
+    fi
+
+    update_template ${GITLAB_CONFIG} \
+      GITLAB_PACKAGES_OBJECT_STORE_ENABLED \
+      GITLAB_PACKAGES_OBJECT_STORE_REMOTE_DIRECTORY \
+      GITLAB_PACKAGES_OBJECT_STORE_DIRECT_UPLOAD \
+      GITLAB_PACKAGES_OBJECT_STORE_BACKGROUND_UPLOAD \
+      GITLAB_PACKAGES_OBJECT_STORE_PROXY_DOWNLOAD \
+      GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_PROVIDER \
+      GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID \
+      GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY \
+      GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_REGION \
+      GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_HOST \
+      GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ENDPOINT \
+      GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE \
+      GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT \
+      GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL \
+      GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION
+  else
+    exec_as_git sed -i -e "/path: {{GITLAB_PACKAGES_DIR}}/{n;N;N;N;N;N;N;N;N;N;N;N;N;N;N;N;N;N;N;N;N;d;}" ${GITLAB_CONFIG}
+  fi
+
+  echo "Configuring gitlab::packages..."
+  update_template ${GITLAB_CONFIG} \
+    GITLAB_PACKAGES_ENABLED \
+    GITLAB_PACKAGES_DIR
+}
+
 gitlab_configure_lfs() {
   if [[ ${GITLAB_LFS_OBJECT_STORE_ENABLED} == true ]]; then
     echo "Configuring gitlab::lfs:object_store"
@@ -1709,6 +1753,7 @@ configure_gitlab() {
   gitlab_configure_rack_attack
   gitlab_configure_ci
   gitlab_configure_artifacts
+  gitlab_configure_packages
   gitlab_configure_lfs
   gitlab_configure_uploads
   gitlab_configure_mattermost

From a59cf8c65ce61a940ea3bd8b1c7ed06835c11b1e Mon Sep 17 00:00:00 2001
From: Akanoa <dev@guern.eu>
Date: Sat, 3 Jul 2021 15:24:58 +0000
Subject: [PATCH 2/4] fix: add missing ENV about packages registry

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index a17a19cd2..99c5ceccb 100644
--- a/README.md
+++ b/README.md
@@ -875,6 +875,8 @@ Below is the complete list of available options that can be used to customize yo
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`| Google project. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`|
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`| Google service account. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`|
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION`| Default Google key file. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION` (`/gcs/key.json`)|
+| `GITLAB_PACKAGES_ENABLED` | Enable/Disable Pakages support. Defaults to `true`. |
+| `GITLAB_PACKAGES_DIR` | Directory to store the packages data. Defaults to `$GITLAB_SHARED_DIR/packages` |
 | `GITLAB_PACKAGES_OBJECT_STORE_ENABLED` | Enables Object Store for Packages that will be remote stored. Defaults to `false` |
 | `GITLAB_PACKAGES_OBJECT_STORE_REMOTE_DIRECTORY` | Bucket name to store the packages. Defaults to `packages` |
 | `GITLAB_PACKAGES_OBJECT_STORE_DIRECT_UPLOAD` | Set to true to enable direct upload of Packages without the need of local shared storage.  Defaults to `false` |

From cfa1fe2e28f98d936eeffe8d9416e5cdd439398a Mon Sep 17 00:00:00 2001
From: Akanoa <dev@guern.eu>
Date: Sat, 3 Jul 2021 17:45:56 +0000
Subject: [PATCH 3/4] fix: bad default value

---
 assets/runtime/config/gitlabhq/gitlab.yml | 2 +-
 assets/runtime/env-defaults               | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/assets/runtime/config/gitlabhq/gitlab.yml b/assets/runtime/config/gitlabhq/gitlab.yml
index b8ddc6210..236c27b7a 100644
--- a/assets/runtime/config/gitlabhq/gitlab.yml
+++ b/assets/runtime/config/gitlabhq/gitlab.yml
@@ -326,7 +326,7 @@ production: &base
     object_store:
       enabled: {{GITLAB_PACKAGES_OBJECT_STORE_ENABLED}}
       remote_directory: {{GITLAB_PACKAGES_OBJECT_STORE_REMOTE_DIRECTORY}} # The bucket name
-      direct_upload: {{GITLAB_PACKAGES_OBJECT_STORE_DIRECT_UPLOAD}} # Set to true to enable direct upload of Artifacts without the need of local shared storage.
+      direct_upload: {{GITLAB_PACKAGES_OBJECT_STORE_DIRECT_UPLOAD}} # Set to true to enable direct upload of Packages without the need of local shared storage.
       background_upload: {{GITLAB_PACKAGES_OBJECT_STORE_BACKGROUND_UPLOAD}} # Temporary option to limit automatic upload (Default: true)
       proxy_download: {{GITLAB_PACKAGES_OBJECT_STORE_PROXY_DOWNLOAD}} # Passthrough all downloads via GitLab instead of using Redirects to Object Storage
       connection:
diff --git a/assets/runtime/env-defaults b/assets/runtime/env-defaults
index 32a4a4327..3674ad175 100644
--- a/assets/runtime/env-defaults
+++ b/assets/runtime/env-defaults
@@ -107,10 +107,10 @@ GITLAB_OBJECT_STORE_CONNECTION_PROVIDER=${GITLAB_OBJECT_STORE_CONNECTION_PROVIDE
 #-- AWS
 AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID:-AWS_ACCESS_KEY_ID}
 AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY:-AWS_SECRET_ACCESS_KEY}
-AWS_HOST=${AWS_REGION:-us-east-1}
+AWS_REGION=${AWS_REGION:-us-east-1}
 AWS_HOST=${AWS_HOST:-s3.amazonaws.com}
-AWS_ENDPOINT=${AWS_ENDPOINT:nil}
-AWS_ENDPOINT=${AWS_PATH_STYLE:true}
+AWS_ENDPOINT=${AWS_ENDPOINT:-nil}
+AWS_PATH_STYLE=${AWS_PATH_STYLE:-true}
 
 #-- Google
 GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT=${GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT}

From e2354ed8aa8e60a4a35a16e4b9e5df10b571c0f8 Mon Sep 17 00:00:00 2001
From: Akanoa <dev@guern.eu>
Date: Fri, 30 Jul 2021 22:41:31 +0000
Subject: [PATCH 4/4] feat: Add "AWS_SIGNATURE_VERSION" related environment
 variables

---
 README.md                                 | 4 ++++
 assets/runtime/config/gitlabhq/gitlab.yml | 7 ++++---
 assets/runtime/env-defaults               | 5 +++++
 assets/runtime/functions                  | 4 ++++
 4 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 99c5ceccb..8bc7497fd 100644
--- a/README.md
+++ b/README.md
@@ -839,6 +839,7 @@ Below is the complete list of available options that can be used to customize yo
 | `AWS_HOST`| Configure this for an compatible AWS host like minio. Defaults to `$AWS_HOST`. Defaults to `s3.amazon.com`|
 | `AWS_ENDPOINT`| AWS Endpoint like `http://127.0.0.1:9000`. Defaults to `nil`|
 | `AWS_PATH_STYLE`| Changes AWS Path Style to 'host/bucket_name/object' instead of 'bucket_name.host/object'. Defaults to `true` |
+| `AWS_SIGNATURE_VERSION`| AWS signature version to use. 2 or 4 are valid options. Digital Ocean Spaces and other providers may need 2. Defaults to `4` |
 | `GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`| Default Google project to use for Object Store.|
 | `GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`| Default Google service account email to use for Object Store.|
 | `GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION`| Default Google key file Defaults to `/gcs/key.json`|
@@ -855,6 +856,7 @@ Below is the complete list of available options that can be used to customize yo
 | `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_HOST` | Configure this for an compatible AWS host like minio. Defaults to `$AWS_HOST` |
 | `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT` | AWS Endpoint like `http://127.0.0.1:9000`. Defaults to `$AWS_ENDPOINT` |
 | `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE` | Changes AWS Path Style to 'host/bucket_name/object' instead of 'bucket_name.host/object'. Defaults to `$AWS_PATH_STYLE` |
+| `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION` | AWS signature version to use. 2 or 4 are valid options. Digital Ocean Spaces and other providers may need 2. Defaults to `$AWS_SIGNATURE_VERSION` |
 | `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`| Google project. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`|
 | `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`| Google service account. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`|
 | `GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION`| Default Google key file. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION` (`/gcs/key.json`)|
@@ -872,6 +874,7 @@ Below is the complete list of available options that can be used to customize yo
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_HOST` | Configure this for an compatible AWS host like minio. Defaults to `$AWS_HOST` |
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT` | AWS Endpoint like `http://127.0.0.1:9000`. Defaults to `$AWS_ENDPOINT` |
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE` | Changes AWS Path Style to 'host/bucket_name/object' instead of 'bucket_name.host/object'. Defaults to `AWS_PATH_STYLE` |
+| `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION` | AWS signature version to use. 2 or 4 are valid options. Digital Ocean Spaces and other providers may need 2. Defaults to `$AWS_SIGNATURE_VERSION` |
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`| Google project. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`|
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`| Google service account. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`|
 | `GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION`| Default Google key file. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION` (`/gcs/key.json`)|
@@ -905,6 +908,7 @@ Below is the complete list of available options that can be used to customize yo
 | `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_HOST` | Configure this for an compatible AWS host like minio. Defaults to `$AWS_HOST` |
 | `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT` | AWS Endpoint like `http://127.0.0.1:9000`. Defaults to `$AWS_ENDPOINT` |
 | `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE` | Changes AWS Path Style to 'host/bucket_name/object' instead of 'bucket_name.host/object'. Defaults to `AWS_PATH_STYLE` |
+| `GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION` | AWS signature version to use. 2 or 4 are valid options. Digital Ocean Spaces and other providers may need 2. Defaults to `$AWS_SIGNATURE_VERSION` |
 | `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`| Google project. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT`|
 | `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`| Google service account. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL`|
 | `GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION`| Default Google key file. Defaults to `$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION` (`/gcs/key.json`)|
diff --git a/assets/runtime/config/gitlabhq/gitlab.yml b/assets/runtime/config/gitlabhq/gitlab.yml
index 236c27b7a..c5dd61269 100644
--- a/assets/runtime/config/gitlabhq/gitlab.yml
+++ b/assets/runtime/config/gitlabhq/gitlab.yml
@@ -229,7 +229,7 @@ production: &base
         aws_secret_access_key: {{GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY}}
         region: {{GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_REGION}}
         host: '{{GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_HOST}}' # default: s3.amazonaws.com
-        aws_signature_version: 4 # For creation of signed URLs. Set to 2 if provider does not support v4.
+        aws_signature_version: {{GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION}} # For creation of signed URLs. Set to 2 if provider does not support v4.
         endpoint: '{{GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT}}' # default: nil - Useful for S3 compliant services such as DigitalOcean Spaces
         path_style: {{GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE}} # Use 'host/bucket_name/object' instead of 'bucket_name.host/object'
         #end-artifacts-aws
@@ -273,6 +273,7 @@ production: &base
         #start-lfs-aws
         aws_access_key_id: {{GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID}}
         aws_secret_access_key: {{GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY}}
+        aws_signature_version: {{GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION}} # For creation of signed URLs. Set to 2 if provider does not support v4.
         region: {{GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_REGION}}
         host: '{{GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_HOST}}' # default: s3.amazonaws.com
         endpoint: '{{GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT}}' # default: nil
@@ -306,7 +307,7 @@ production: &base
         #start-uploads-aws
         aws_access_key_id: {{GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ACCESS_KEY_ID}}
         aws_secret_access_key: {{GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY}}
-        aws_signature_version: 4 # For creation of signed URLs. Set to 2 if provider does not support v4.
+        aws_signature_version: {{GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION}} # For creation of signed URLs. Set to 2 if provider does not support v4.
         region: {{GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_REGION}}
         host: '{{GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_HOST}}' # default: s3.amazonaws.com
         endpoint: '{{GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT}}' # default: nil
@@ -336,7 +337,7 @@ production: &base
         aws_secret_access_key: {{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_SECRET_ACCESS_KEY}}
         region: {{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_REGION}}
         host: '{{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_HOST}}' # default: s3.amazonaws.com
-        aws_signature_version: 4 # For creation of signed URLs. Set to 2 if provider does not support v4.
+        aws_signature_version: {{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION}} # For creation of signed URLs. Set to 2 if provider does not support v4.
         endpoint: '{{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ENDPOINT}}' # default: nil - Useful for S3 compliant services such as DigitalOcean Spaces
         path_style: {{GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE}} # Use 'host/bucket_name/object' instead of 'bucket_name.host/object'
         #end-packages-aws
diff --git a/assets/runtime/env-defaults b/assets/runtime/env-defaults
index 3674ad175..7dac47c09 100644
--- a/assets/runtime/env-defaults
+++ b/assets/runtime/env-defaults
@@ -111,6 +111,7 @@ AWS_REGION=${AWS_REGION:-us-east-1}
 AWS_HOST=${AWS_HOST:-s3.amazonaws.com}
 AWS_ENDPOINT=${AWS_ENDPOINT:-nil}
 AWS_PATH_STYLE=${AWS_PATH_STYLE:-true}
+AWS_SIGNATURE_VERSION=${AWS_SIGNATURE_VERSION:-4}
 
 #-- Google
 GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT=${GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT}
@@ -136,6 +137,7 @@ GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_REGION=${GITLAB_ARTIFACTS_OBJECT_ST
 GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_HOST=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_HOST:-$AWS_HOST}
 GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT:-$AWS_ENDPOINT}
 GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE:-$AWS_PATH_STYLE}
+GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION:-$AWS_SIGNATURE_VERSION}
 
 # ARTIFACTS:Google
 GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT=${GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT:-$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT}
@@ -161,6 +163,7 @@ GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_REGION=${GITLAB_PACKAGES_OBJECT_STOR
 GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_HOST=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_HOST:-$AWS_HOST}
 GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ENDPOINT=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ENDPOINT:-$AWS_ENDPOINT}
 GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE:-$AWS_PATH_STYLE}
+GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION:-$AWS_SIGNATURE_VERSION}
 
 # PACKAGES:Google
 GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT=${GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT:-$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT}
@@ -188,6 +191,7 @@ GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_REGION=${GITLAB_LFS_OBJECT_STORE_CONNECTI
 GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_HOST=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_HOST:-$AWS_HOST}
 GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT:-$AWS_ENDPOINT}
 GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE:-$AWS_PATH_STYLE}
+GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION=${GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION:-$AWS_SIGNATURE_VERSION}
 
 # LFS:Google
 GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT=${GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT:-$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT}
@@ -212,6 +216,7 @@ GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_REGION=${GITLAB_UPLOADS_OBJECT_STORE_
 GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_HOST=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_HOST:-$AWS_HOST}
 GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT:-$AWS_ENDPOINT}
 GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE:-$AWS_PATH_STYLE}
+GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION:-$AWS_SIGNATURE_VERSION}
 
 # Uploads:Google
 GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT=${GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT:-$GITLAB_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT}
diff --git a/assets/runtime/functions b/assets/runtime/functions
index dba058d2a..4655af157 100644
--- a/assets/runtime/functions
+++ b/assets/runtime/functions
@@ -997,6 +997,7 @@ gitlab_configure_artifacts() {
       GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_HOST \
       GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT \
       GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE \
+      GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION \
       GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT \
       GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL \
       GITLAB_ARTIFACTS_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION
@@ -1041,6 +1042,7 @@ gitlab_configure_packages() {
       GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_HOST \
       GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_ENDPOINT \
       GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE \
+      GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION \
       GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT \
       GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL \
       GITLAB_PACKAGES_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION
@@ -1084,6 +1086,7 @@ gitlab_configure_lfs() {
       GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_HOST \
       GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT \
       GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE \
+      GITLAB_LFS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION \
       GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT \
       GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL \
       GITLAB_LFS_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION
@@ -1127,6 +1130,7 @@ gitlab_configure_uploads() {
       GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_HOST \
       GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_ENDPOINT \
       GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_PATH_STYLE \
+      GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_AWS_SIGNATURE_VERSION \
       GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_PROJECT \
       GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_CLIENT_EMAIL \
       GITLAB_UPLOADS_OBJECT_STORE_CONNECTION_GOOGLE_JSON_KEY_LOCATION