root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
18,287 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

59 Commits

Author SHA1 Message Date
Jacob Vosmaer d3305df7aa Experimental support for gitlab-git-http-server 
https://gitlab.com/gitlab-org/gitlab-git-http-server

This change introduces the GITLAB_GRACK_AUTH_ONLY environment
variable. When set, Grack requests to GitLab will only respond with
the user's GL_ID (if the request is OK) or an error. This allows
gitlab-git-http-server to use the main GitLab application as an
authentication and authorization backend.

If we like how this works we should drop the GITLAB_GRACK_AUTH_ONLY
variable at some point in the future.
 2015-07-28 14:33:19 +02:00
Dmitriy Zaporozhets bcb07929fe Merge branch 'nginx_defaulthost_documentation' into 'master' 
Close #178 Nginx conf default_host documentation

This closes #178
We're just making it clear that some nginx installs such as by default on recent Ubuntu's, the /etc/nginx/sites-enabled/default file will conflict the listen line of the gitlab nginx conf's due to the default_server directive.

changed installation.md to identify the issue to a user
added notes to both nginx configs for gitlab and gitlab-ssl
[ci-skip

See merge request !225
 2015-06-22 13:22:58 +00:00
Marin Jankovski 86d35ed3d4 Update SSL ciphers per logjam vulnerability recommendations. 2015-06-15 11:40:00 +02:00
Marin Jankovski df346e9507 Add a note that changing example configuration files requires changing omnibus-gitlab. 2015-06-11 15:11:37 +02:00
Douwe Maan d513ca584a Revert "Merge branch 'go-get-workaround-nginx' of https://github.com/mattes/gitlabhq into mattes-go-get-workaround-nginx" 
This reverts commit 51349ca3c8, reversing
changes made to b180476bd6.
 2015-03-03 11:21:48 +01:00
Marin Jankovski 51349ca3c8 Merge branch 'go-get-workaround-nginx' of https://github.com/mattes/gitlabhq into mattes-go-get-workaround-nginx 
Conflicts:
	lib/support/nginx/gitlab
	lib/support/nginx/gitlab-ssl
 2015-02-20 15:47:34 -08:00
Douwe Maan 26d57a648c Restore nginx config a little more. 2015-02-20 23:32:39 +01:00
Douwe Maan 08874d2b51 Make changes to nginx config less likely to break something. 2015-02-20 23:27:17 +01:00
Douwe Maan eb210f4a18 Modify nginx config to let /uploads go through to unicorn. 2015-02-20 12:22:53 +01:00
mattes 2c9b357324 remove optional html tags 2014-12-31 18:37:31 -08:00
mattes 56f211aa50 allow for private repositories 2014-12-31 18:37:31 -08:00
Luke Ashe-Browne e338e85d1b fixed typo 2014-12-03 13:35:27 +00:00
Luke Ashe-Browne 32c6fe5385 adding notes to gitlab nginx conf 
We want to make users aware that the nginx default config will conflict
with the gitlab default_server conf file.
 2014-12-03 10:43:27 +00:00
sbeh 434c4a2b5d Socket [::]:123 on Linux listens on IPv4 and IPv6 
This will ensure nginx starts up without the following errors messages:
nginx: [emerg] bind() to [::]:443 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:443 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:443 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:443 failed (98: Address already in use)
nginx: [emerg] bind() to [::]:443 failed (98: Address already in use)
nginx: [emerg] still could not bind()

Googling for them leads you to this site:
https://chrisjean.com/2014/02/10/fix-nginx-emerg-bind-to-80-failed-98-address-already-in-use/
 2014-11-26 00:31:50 +01:00
Marin Jankovski 70f30abd84 Merge pull request #8273 from bbodenmiller/nginx-updates 
Nginx updates
 2014-11-10 10:20:44 +01:00
Ben Bodenmiller 271a352079 minor updates & formatting changes 
minor updates @ formatting changes to match other versions of file.
Unify formatting of
https://github.com/gitlabhq/gitlabhq/blob/master/lib/support/nginx/gitlab,
https://github.com/gitlabhq/gitlabhq/blob/master/lib/support/nginx/gitlab-ssl,
&
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/nginx-gitlab-http.conf.erb
 2014-11-08 23:33:27 -08:00
Hugo Osvaldo Barrera e3098b69e7 Don't enable IPv4 *only* on nginx. 
The current configuration sample files only enable IPv4 by default, making the
server inaccesible for many remote hosts (and an increasing amount every day).

Enable IPv4 and IPv6 by default. Older servers with no external IPv6
connectivity will not fail since they'll have a local-link IPv6 address to bind
to anyway.
 2014-11-03 11:25:31 -03:00
Dmitriy Zaporozhets 80e944ac71 Merge pull request #8054 from bbodenmiller/patch-4 
match latest config from https://cipherli.st/
 2014-10-22 16:52:42 +03:00
Ben Bodenmiller 077fc683fa simplify DHE parameter generation 2014-10-16 14:34:03 -07:00
Ben Bodenmiller 5d7e1b6ae2 match latest config from https://cipherli.st/ 2014-10-15 23:51:53 -07:00
Marin Jankovski be14c7a83f Add a comment on why we are using backward compatible ciphers. 2014-10-10 09:44:08 +02:00
Marin Jankovski 8ddb2be69a Revert "update ssl_ciphers" 
This reverts commit c41e5f5018.
 2014-10-10 09:38:39 +02:00
Sytse Sijbrandij 0cc30145f4 Merge pull request #7664 from bbodenmiller/patch-2 
add HSTS Policy warning
 2014-10-03 12:12:23 +02:00
Ben Bodenmiller 25ee53c3ae fail_timeout=0 as recommended by Unicorn 
Set's fail_timeout=0 as recommended by
http://unicorn.bogomips.org/Unicorn/Configurator.html#method-i-timeout
when Unicorn is running behind nginx.
 2014-09-12 02:19:38 -07:00
Sytse Sijbrandij 69c4026ec1 Merge pull request #7654 from bbodenmiller/patch-13 
update ssl_ciphers
 2014-09-08 15:07:59 +02:00
Sytse Sijbrandij bef923055b Merge pull request #7583 from bbodenmiller/https 
[Documentation] simplify HTTPS setup details
 2014-09-08 11:05:19 +02:00
Ben Bodenmiller a2b36858f5 add optional nginx configs to make more secure 2014-09-07 23:17:37 -07:00
Ben Bodenmiller 5d5d4ef91a simplify HTTPS setup details 
also adds comment about updating nginx files during upgrades
 2014-09-07 15:31:13 -07:00
Ben Bodenmiller c41e5f5018 update ssl_ciphers 
taken from
https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html /
https://cipherli.st/

backwards compatible ciphers not needed since gitlab does not support
ie8
 2014-09-07 14:55:11 -07:00
Ben Bodenmiller 765eabeacc add HSTS Policy warning 
Add warning about HSTS header as it means user will need to provide secure connection access to site for next 24 months from page view. See https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security for more details.
 2014-09-01 15:47:15 -07:00
Dmitriy Zaporozhets 3069826d1a Merge pull request #7378 from jojosch/nginx-ssl-redirect 
Use a ? after the $request_uri to perform a valid Redirect while cloning...
 2014-08-28 16:54:36 +03:00
Dmitriy Zaporozhets eddfdc9edd Merge pull request #7558 from bbodenmiller/patch-4 
change X-Frame-Options to SAMEORIGIN for nginx SSL config
 2014-08-23 23:50:09 +03:00
Ben Bodenmiller 3663354cb9 unify nginx config files 2014-08-23 01:08:12 -07:00
Ben Bodenmiller a3953a46f4 change X-Frame-Options to SAMEORIGIN 
needed to allow sidekiq to load on background jobs tab
 2014-08-23 01:05:31 -07:00
johannes b5481afd73 Use a ? after the $request_uri to perform a valid Redirect while cloning. 
fixes #6203

before:

❯ curl -I http://gitlab/namespace/repo.git/info/refs?service=git-upload-pack
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Jul 2014 18:20:27 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://gitlab/namespace/repo.git/info/refs?service=git-upload-pack?service=git-upload-pack

after:

❯ curl -I http://gitlab/namespace/repo.git/info/refs\?service=git-upload-pack
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Jul 2014 18:23:54 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://gitlab/namespace/repo.git/info/refs?service=git-upload-pack

[ci skip]
 2014-08-23 08:36:25 +02:00
Sytse Sijbrandij 06fade7545 Simplify the description of single hash lines based on comments of Ben Bodenmiller. 2014-08-22 19:10:07 +02:00
Sytse Sijbrandij 8aff39a6d0 Simplify the ssl setup file. 2014-08-04 15:57:59 +02:00
Achilleas Pipinellis 7be6b8ca73 Move gitlab-ssl nginx config from gitlab-recipes 2014-06-05 16:54:50 +03:00
GitLab fdcc5ddec1 Ensure sidekiq is displayed by setting X-Frame-Options. 2014-06-03 17:06:27 +02:00
Marin Jankovski 636ec6d3a0 Update warnings about relative url support. 2014-05-13 17:59:08 +02:00
Dmitriy Zaporozhets 5307dd5f74 Comment gzip: off be default 2014-04-07 15:47:20 +00:00
Dmitriy Zaporozhets 563fec7349
Disable compression to prevent BREACH attack 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2014-04-03 13:03:16 +03:00
Marin Jankovski 8af94ed755 Add gzip compression for assets to nginx example. 2014-03-24 14:59:09 +01:00
dosire 6bf5215b23 Some people are getting the error 'The remote end hung up unexpectedly' due to large chuncks. 2014-03-10 09:11:19 +01:00
Jacob Vosmaer 5de16dee76 Add a custom 502 page 2014-01-28 10:19:22 +01:00
Dmitriy Zaporozhets c3ae30b60e Merge branch 'upload-limits' into 'master' 
Upload Limits

Better documentation for the upload limit. Please have a hard time when they need to change the upload limits, see https://gitlab.com/gitlab-org/gitlab-ce/issues/5
 2014-01-27 12:44:14 +00:00
Jacob Vosmaer abae128915 Use either/or to present options 2014-01-27 11:59:15 +01:00
Jacob Vosmaer 7b32be6eb1 Explain what we know about Nginx chunked requests 2014-01-27 11:19:45 +01:00
dosire 42220f2a18 Remove version since we don't keep it up to date. 2014-01-23 15:14:07 +01:00
dosire 7ad70a56d3 Git over ssh and http are different things. 2014-01-22 17:51:00 +01:00