Add example GitLab patches

0001-Use-grack-for-authn-authz-only.patch

+From c5e9a50802e2b95f657dfaa2eaba98378b0a845d Mon Sep 17 00:00:00 2001
+From: GitLab <example@example.com>
+Date: Sun, 26 Jul 2015 01:12:12 +0200
+Subject: [PATCH 1/2] Use grack for authn/authz only
+
+Actual Git content will be served by gitlab-git-http-server.
+---
+ lib/gitlab/backend/grack_auth.rb |    3 ++-
+ lib/gitlab/backend/shell_env.rb  |    6 +++++-
+ 2 files changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/lib/gitlab/backend/grack_auth.rb b/lib/gitlab/backend/grack_auth.rb
+index 03cef30..92e967d 100644
+--- a/lib/gitlab/backend/grack_auth.rb
++++ b/lib/gitlab/backend/grack_auth.rb
+@@ -26,7 +26,8 @@ module Grack
+       auth!
+ 
+       if project && authorized_request?
+-        @app.call(env)
++        # Tell gitlab-git-http-server the request is OK, and what the GL_ID is
++        return [200, { "Content-Type" => "text/plain" }, [Gitlab::ShellEnv.gl_id(@user)]]
+       elsif @user.nil? && !@gitlab_ci
+         unauthorized
+       else
+diff --git a/lib/gitlab/backend/shell_env.rb b/lib/gitlab/backend/shell_env.rb
+index 17ec029..009a3ec 100644
+--- a/lib/gitlab/backend/shell_env.rb
++++ b/lib/gitlab/backend/shell_env.rb
+@@ -7,7 +7,7 @@ module Gitlab
+     def set_env(user)
+       # Set GL_ID env variable
+       if user
+-        ENV['GL_ID'] = "user-#{user.id}"
++        ENV['GL_ID'] = gl_id(user)
+       end
+     end
+ 
+@@ -15,5 +15,9 @@ module Gitlab
+       # Reset GL_ID env variable
+       ENV['GL_ID'] = nil
+     end
++
++    def gl_id(user)
++      "user-#{user.id}"
++    end
+   end
+ end
+-- 
+1.7.9.5
+

0002-NGINX-config-for-gitlab-git-http-server.patch

+From d1526f7adf0664eed0ccb97da620869b74f5290b Mon Sep 17 00:00:00 2001
+From: GitLab <example@example.com>
+Date: Sun, 26 Jul 2015 01:46:32 +0200
+Subject: [PATCH 2/2] NGINX config for gitlab-git-http-server
+
+---
+ lib/support/nginx/gitlab-ssl |   23 +++++++++++++++++++++++
+ 1 file changed, 23 insertions(+)
+
+diff --git a/lib/support/nginx/gitlab-ssl b/lib/support/nginx/gitlab-ssl
+index 766559b..ff68f03 100644
+--- a/lib/support/nginx/gitlab-ssl
++++ b/lib/support/nginx/gitlab-ssl
+@@ -42,6 +42,10 @@ upstream gitlab {
+   server unix:/home/git/gitlab/tmp/sockets/gitlab.socket fail_timeout=0;
+ }
+ 
++upstream gitlab-git-http-server {
++  server localhost:8181;
++}
++
+ ## Redirects all HTTP traffic to the HTTPS host
+ server {
+   ## Either remove "default_server" from the listen line below, 
+@@ -156,6 +160,25 @@ server {
+     proxy_pass http://gitlab;
+   }
+ 
++  location ~ [-\/\w\.]+\.git\/ {
++    ## If you use HTTPS make sure you disable gzip compression
++    ## to be safe against BREACH attack.
++    gzip off;
++
++    ## https://github.com/gitlabhq/gitlabhq/issues/694
++    ## Some requests take more than 30 seconds.
++    proxy_read_timeout      300;
++    proxy_connect_timeout   300;
++    proxy_redirect          off;
++
++    proxy_set_header    Host                $http_host;
++    proxy_set_header    X-Real-IP           $remote_addr;
++    proxy_set_header    X-Forwarded-Ssl     on;
++    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
++    proxy_set_header    X-Forwarded-Proto   $scheme;
++    proxy_pass http://gitlab-git-http-server;
++  }
++
+   ## Enable gzip compression as per rails guide:
+   ## http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression
+   ## WARNING: If you are using relative urls remove the block below
+-- 
+1.7.9.5
+