Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kazuhiko Shiozaki
gitlab-ce
Commits
8bda4337
Commit
8bda4337
authored
Jul 29, 2015
by
Valery Sizov
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq
parents
81c71d25
d64ae536
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
70 additions
and
2 deletions
+70
-2
lib/gitlab/backend/grack_auth.rb
lib/gitlab/backend/grack_auth.rb
+10
-1
lib/gitlab/backend/shell_env.rb
lib/gitlab/backend/shell_env.rb
+10
-1
lib/support/nginx/gitlab
lib/support/nginx/gitlab
+25
-0
lib/support/nginx/gitlab-ssl
lib/support/nginx/gitlab-ssl
+25
-0
No files found.
lib/gitlab/backend/grack_auth.rb
View file @
8bda4337
...
@@ -26,7 +26,12 @@ module Grack
...
@@ -26,7 +26,12 @@ module Grack
auth!
auth!
if
project
&&
authorized_request?
if
project
&&
authorized_request?
@app
.
call
(
env
)
if
ENV
[
'GITLAB_GRACK_AUTH_ONLY'
]
==
'1'
# Tell gitlab-git-http-server the request is OK, and what the GL_ID is
render_grack_auth_ok
else
@app
.
call
(
env
)
end
elsif
@user
.
nil?
&&
!
@gitlab_ci
elsif
@user
.
nil?
&&
!
@gitlab_ci
unauthorized
unauthorized
else
else
...
@@ -174,6 +179,10 @@ module Grack
...
@@ -174,6 +179,10 @@ module Grack
end
end
end
end
def
render_grack_auth_ok
[
200
,
{
"Content-Type"
=>
"application/json"
},
[
JSON
.
dump
({
'GL_ID'
=>
Gitlab
::
ShellEnv
.
gl_id
(
@user
)
})]]
end
def
render_not_found
def
render_not_found
[
404
,
{
"Content-Type"
=>
"text/plain"
},
[
"Not Found"
]]
[
404
,
{
"Content-Type"
=>
"text/plain"
},
[
"Not Found"
]]
end
end
...
...
lib/gitlab/backend/shell_env.rb
View file @
8bda4337
...
@@ -7,7 +7,7 @@ module Gitlab
...
@@ -7,7 +7,7 @@ module Gitlab
def
set_env
(
user
)
def
set_env
(
user
)
# Set GL_ID env variable
# Set GL_ID env variable
if
user
if
user
ENV
[
'GL_ID'
]
=
"user-
#{
user
.
id
}
"
ENV
[
'GL_ID'
]
=
gl_id
(
user
)
end
end
end
end
...
@@ -15,5 +15,14 @@ module Gitlab
...
@@ -15,5 +15,14 @@ module Gitlab
# Reset GL_ID env variable
# Reset GL_ID env variable
ENV
[
'GL_ID'
]
=
nil
ENV
[
'GL_ID'
]
=
nil
end
end
def
gl_id
(
user
)
if
user
.
present?
"user-
#{
user
.
id
}
"
else
# This empty string is used in the render_grack_auth_ok method
""
end
end
end
end
end
end
lib/support/nginx/gitlab
View file @
8bda4337
...
@@ -38,6 +38,11 @@ upstream gitlab {
...
@@ -38,6 +38,11 @@ upstream gitlab {
server unix:/home/git/gitlab/tmp/sockets/gitlab.socket fail_timeout=0;
server unix:/home/git/gitlab/tmp/sockets/gitlab.socket fail_timeout=0;
}
}
## Experimental: gitlab-git-http-server
# upstream gitlab-git-http-server {
# server localhost:8181;
# }
## Normal HTTP host
## Normal HTTP host
server {
server {
## Either remove "default_server" from the listen line below,
## Either remove "default_server" from the listen line below,
...
@@ -109,6 +114,26 @@ server {
...
@@ -109,6 +114,26 @@ server {
proxy_pass http://gitlab;
proxy_pass http://gitlab;
}
}
## Experimental: send Git HTTP traffic to gitlab-git-http-server instead of Unicorn
# location ~ [-\/\w\.]+\.git\/ {
# ## If you use HTTPS make sure you disable gzip compression
# ## to be safe against BREACH attack.
# # gzip off;
# ## https://github.com/gitlabhq/gitlabhq/issues/694
# ## Some requests take more than 30 seconds.
# proxy_read_timeout 300;
# proxy_connect_timeout 300;
# proxy_redirect off;
# proxy_set_header Host $http_host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_pass http://gitlab-git-http-server;
# }
## Enable gzip compression as per rails guide:
## Enable gzip compression as per rails guide:
## http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression
## http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression
## WARNING: If you are using relative urls remove the block below
## WARNING: If you are using relative urls remove the block below
...
...
lib/support/nginx/gitlab-ssl
View file @
8bda4337
...
@@ -42,6 +42,11 @@ upstream gitlab {
...
@@ -42,6 +42,11 @@ upstream gitlab {
server unix:/home/git/gitlab/tmp/sockets/gitlab.socket fail_timeout=0;
server unix:/home/git/gitlab/tmp/sockets/gitlab.socket fail_timeout=0;
}
}
## Experimental: gitlab-git-http-server
# upstream gitlab-git-http-server {
# server localhost:8181;
# }
## Redirects all HTTP traffic to the HTTPS host
## Redirects all HTTP traffic to the HTTPS host
server {
server {
## Either remove "default_server" from the listen line below,
## Either remove "default_server" from the listen line below,
...
@@ -156,6 +161,26 @@ server {
...
@@ -156,6 +161,26 @@ server {
proxy_pass http://gitlab;
proxy_pass http://gitlab;
}
}
## Experimental: send Git HTTP traffic to gitlab-git-http-server instead of Unicorn
# location ~ [-\/\w\.]+\.git\/ {
# ## If you use HTTPS make sure you disable gzip compression
# ## to be safe against BREACH attack.
# gzip off;
# ## https://github.com/gitlabhq/gitlabhq/issues/694
# ## Some requests take more than 30 seconds.
# proxy_read_timeout 300;
# proxy_connect_timeout 300;
# proxy_redirect off;
# proxy_set_header Host $http_host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-Ssl on;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_pass http://gitlab-git-http-server;
# }
## Enable gzip compression as per rails guide:
## Enable gzip compression as per rails guide:
## http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression
## http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression
## WARNING: If you are using relative urls remove the block below
## WARNING: If you are using relative urls remove the block below
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment