80e944ac71
Merge pull request #8054 from bbodenmiller/patch-4
...
match latest config from https://cipherli.st/
2014-10-22 16:52:42 +03:00
077fc683fa
simplify DHE parameter generation
2014-10-16 14:34:03 -07:00
5d7e1b6ae2
match latest config from https://cipherli.st/
2014-10-15 23:51:53 -07:00
be14c7a83f
Add a comment on why we are using backward compatible ciphers.
2014-10-10 09:44:08 +02:00
8ddb2be69a
Revert "update ssl_ciphers"
...
This reverts commit c41e5f5018
2014-10-10 09:38:39 +02:00
0cc30145f4
Merge pull request #7664 from bbodenmiller/patch-2
...
add HSTS Policy warning
2014-10-03 12:12:23 +02:00
25ee53c3ae
fail_timeout=0 as recommended by Unicorn
...
Set's fail_timeout=0 as recommended by
http://unicorn.bogomips.org/Unicorn/Configurator.html#method-i-timeout
when Unicorn is running behind nginx.
2014-09-12 02:19:38 -07:00
69c4026ec1
Merge pull request #7654 from bbodenmiller/patch-13
...
update ssl_ciphers
2014-09-08 15:07:59 +02:00
bef923055b
Merge pull request #7583 from bbodenmiller/https
...
[Documentation] simplify HTTPS setup details
2014-09-08 11:05:19 +02:00
a2b36858f5
add optional nginx configs to make more secure
2014-09-07 23:17:37 -07:00
5d5d4ef91a
simplify HTTPS setup details
...
also adds comment about updating nginx files during upgrades
2014-09-07 15:31:13 -07:00
c41e5f5018
update ssl_ciphers
...
taken from
https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html /
https://cipherli.st/
backwards compatible ciphers not needed since gitlab does not support
ie8
2014-09-07 14:55:11 -07:00
765eabeacc
add HSTS Policy warning
...
Add warning about HSTS header as it means user will need to provide secure connection access to site for next 24 months from page view. See https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security for more details.
2014-09-01 15:47:15 -07:00
3069826d1a
Merge pull request #7378 from jojosch/nginx-ssl-redirect
...
Use a ? after the $request_uri to perform a valid Redirect while cloning...
2014-08-28 16:54:36 +03:00
eddfdc9edd
Merge pull request #7558 from bbodenmiller/patch-4
...
change X-Frame-Options to SAMEORIGIN for nginx SSL config
2014-08-23 23:50:09 +03:00
3663354cb9
unify nginx config files
2014-08-23 01:08:12 -07:00
a3953a46f4
change X-Frame-Options to SAMEORIGIN
...
needed to allow sidekiq to load on background jobs tab
2014-08-23 01:05:31 -07:00
b5481afd73
Use a ? after the $request_uri to perform a valid Redirect while cloning.
...
fixes #6203
before:
❯ curl -I http://gitlab/namespace/repo.git/info/refs?service=git-upload-pack
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Jul 2014 18:20:27 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://gitlab/namespace/repo.git/info/refs?service=git-upload-pack?service=git-upload-pack
after:
❯ curl -I http://gitlab/namespace/repo.git/info/refs\?service=git-upload-pack
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Jul 2014 18:23:54 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://gitlab/namespace/repo.git/info/refs?service=git-upload-pack
[ci skip]
2014-08-23 08:36:25 +02:00
06fade7545
Simplify the description of single hash lines based on comments of Ben Bodenmiller.
2014-08-22 19:10:07 +02:00
8aff39a6d0
Simplify the ssl setup file.
2014-08-04 15:57:59 +02:00
7be6b8ca73
Move gitlab-ssl nginx config from gitlab-recipes
2014-06-05 16:54:50 +03:00
fdcc5ddec1
Ensure sidekiq is displayed by setting X-Frame-Options.
2014-06-03 17:06:27 +02:00
7a75b3f300
Merge pull request #6986 from agjmills/master
...
added SYSV chkconfig property so gitlab starts after MySQLd / nginx
2014-05-30 16:58:37 +03:00
2341cefd6f
Move from script to bin directory.
2014-05-27 17:14:41 +02:00
821ab16846
added SYSV chkconfig property so gitlab starts after MySQLd / nginx
2014-05-16 10:29:12 +01:00
636ec6d3a0
Update warnings about relative url support.
2014-05-13 17:59:08 +02:00
5307dd5f74
Comment gzip: off be default
2014-04-07 15:47:20 +00:00
563fec7349
Disable compression to prevent BREACH attack
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-04-03 13:03:16 +03:00
cf7aab9b44
Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ce
2014-03-27 08:56:13 +02:00
ad7cd8fb35
Merge pull request #6222 from nickryand/background_init
...
Removed the backgrounding of the unicorn_rails startup scripts
2014-03-26 12:25:40 +01:00
24e9c5e83e
Merge branch 'bugfix/fix_unicorn-sidekiq_confusion_in_gitlab_init_script' into 'master'
...
Fix Unicorn-Sidekiq Confusion In GitLab Init Script
This merge request fixes issue #126 by updating a few sections of the included GitLab init file where Unicorn was referred to as Sidekiq and vice-versa.
2014-03-26 11:19:26 +00:00
9422b451eb
Init script - change start() stop() restart() reload() to xxxx_gitlab()
2014-03-26 10:50:42 +01:00
73a987ea6b
Removed the backgrounding of the unicorn_rails webapp start call.
2014-03-25 10:40:44 -07:00
306d4ee728
Merge pull request #5935 from nmoura/patch-1
...
Changed sudo by su -c in init script
2014-03-25 15:06:54 +01:00
8af94ed755
Add gzip compression for assets to nginx example.
2014-03-24 14:59:09 +01:00
c22646d2a4
Logrotate daily, keeping 90 days of old logs
...
Also remove the 'delaycompress' option which is not needed because we
use 'copytruncate'.
2014-03-12 15:26:39 +01:00
6bf5215b23
Some people are getting the error 'The remote end hung up unexpectedly' due to large chuncks.
2014-03-10 09:11:19 +01:00
058aae5940
Fixed Unicorn-Sidekiq confusion in GitLab init script.
...
There were a few places in the included init script where
Unicorn was referred to as Sidekiq and vice-versa.
This fixes #126 .
2014-03-08 09:07:59 -05:00
affc37ad02
change deploy.sh without mysql, now that we are moving to postgres
2014-03-04 00:10:49 +00:00
5de16dee76
Add a custom 502 page
2014-01-28 10:19:22 +01:00
c3ae30b60e
Merge branch 'upload-limits' into 'master'
...
Upload Limits
Better documentation for the upload limit. Please have a hard time when they need to change the upload limits, see https://gitlab.com/gitlab-org/gitlab-ce/issues/5
2014-01-27 12:44:14 +00:00
abae128915
Use either/or to present options
2014-01-27 11:59:15 +01:00
7b32be6eb1
Explain what we know about Nginx chunked requests
2014-01-27 11:19:45 +01:00
42220f2a18
Remove version since we don't keep it up to date.
2014-01-23 15:14:07 +01:00
7ad70a56d3
Git over ssh and http are different things.
2014-01-22 17:51:00 +01:00
119c782e0b
More explanation for upload limits.
2014-01-22 17:01:47 +01:00
4650855685
Update the init.d file to the correct locationof the example defaults file
...
Update the example defaults, include the rest of he variables
2014-01-08 22:54:03 +00:00
60e451fde4
Change canonical urls to GitLab Cloud.
2013-12-30 14:27:18 +01:00
6daa97f472
Changed sudo by su -c
...
The sudo command needs a tty to run. If you put this file on a CentOS 6, for example, it will not run in the host startup process. Instead, the 'su -c' runs the command apart if it has or not a tty.
I tested this change in a fresh install of gitlab on a CentOS 6.5 with successful.
2013-12-26 17:13:25 -02:00
f24e151414
Merge pull request #5617 from zeeZ/nginx-proxy
...
Add X-Forwarded-For to nginx config
2013-12-16 03:54:04 -08:00
Dmitriy Zaporozhets
Ben Bodenmiller
Marin Jankovski
Sytse Sijbrandij
johannes
Achilleas Pipinellis
GitLab
Marin Jankovski
Alexander Mills
Jacob Vosmaer
Pawel Krzaczkowski
Nick Downs
Kyle Fazzari
Arif Ali
Nilton Moura