Download as
Browse Code »

Commit 64f7c96c1102b1368ecb59bf4f5e95476587889c

Authored by Antonio Terceiro
1 parent 7e4030ec
Exists in master and in 90 other branches 3.x, add_sisp_to_chef, add_super_archives_plugin, api_for_colab, automates_core_packing, backup, backup_not_prod, cdtc_configuration, changes_in_buttons_on_content_panel, colab_automated_login, colab_spb_plugin_recipe, colab_widgets_settings, design_validation, dev-lappis, dev_env_minimal, disable_email_dev, docs, fix_breadcrumbs_position, fix_categories_software_link, fix_edit_institution, fix_edit_software_with_another_license, fix_get_license_info, fix_gitlab_assets_permission, fix_list_style_inside_article, fix_list_style_on_folder_elements, fix_members_pagination, fix_merge_request_url, fix_models_translations, fix_no_license, fix_software_api, fix_software_block_migration, fix_software_communities_translations, fix_software_communities_unit_test, fix_style_create_institution_admin_panel, fix_superarchives_imports, fix_sym_links_noosfero, focus_search_field_theme, gov-user-refactoring, gov-user-refactoring-rails4, header_fix, institution_modal_on_rating, kalibro-conf-refactoring, kalibro-processor-package, lxc_settings, margin_fix, mezuro_cookbook, performance, prezento, r3, refactor_download_block, refactor_software_communities, refactor_software_for_sisp, register_page, release-process, release-process-v2, remove-unused-images, remove_backup_emails, remove_broken_theme, remove_secondary_email_from_user, remove_sisp_buttons, removing_super_archives_email, review_message, scope2method, signals_user_noosfero, sisp_catalog_header, sisp_colab_config, sisp_dev, sisp_dev_master, sisp_simple_version, software_as_organization, software_catalog_style_fix, software_communities_html_refactor, software_infos_api, spb_minimal_env, spb_to_rails4, spec_refactor, stable-4.1, stable-4.2, stable-4.x, stable-devel, support_docs, syslog, temp_soft_comm_refactoring, theme_header, theme_javascript_refactory, thread_dropdown, thread_page, update_search_by_categories, update_software_api, update_softwares_boxes

gitlab: serve static content with nginx 

redirect colab to the port where nginx will be listening
Showing 6 changed files with 170 additions and 126 deletions   Show diff stats
cookbooks/colab/templates/01-apps.yaml.erb
  Diff comments   View file @64f7c96
1 1 ### Colab proxied apps
2 2 PROXIED_APPS:
3 3 gitlab:
4   - upstream: 'http://<%= node['peers']['integration'] %>:8080/gitlab/'
  4 + upstream: 'http://<%= node['peers']['integration'] %>:8081/gitlab/'
... ...
cookbooks/gitlab/files/unicorn.rb 0 → 100644
  Diff comments   View file @64f7c96
... ... @@ -0,0 +1,123 @@
  1 +# Sample verbose configuration file for Unicorn (not Rack)
  2 +#
  3 +# This configuration file documents many features of Unicorn
  4 +# that may not be needed for some applications. See
  5 +# http://unicorn.bogomips.org/examples/unicorn.conf.minimal.rb
  6 +# for a much simpler configuration file.
  7 +#
  8 +# See http://unicorn.bogomips.org/Unicorn/Configurator.html for complete
  9 +# documentation.
  10 +
  11 +# WARNING: See config/application.rb under "Relative url support" for the list of
  12 +# other files that need to be changed for relative url support
  13 +#
  14 +ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab"
  15 +
  16 +# Read about unicorn workers here:
  17 +# http://doc.gitlab.com/ee/install/requirements.html#unicorn-workers
  18 +#
  19 +worker_processes 2
  20 +
  21 +# Since Unicorn is never exposed to outside clients, it does not need to
  22 +# run on the standard HTTP port (80), there is no reason to start Unicorn
  23 +# as root unless it's from system init scripts.
  24 +# If running the master process as root and the workers as an unprivileged
  25 +# user, do this to switch euid/egid in the workers (also chowns logs):
  26 +# user "unprivileged_user", "unprivileged_group"
  27 +
  28 +# Help ensure your application will always spawn in the symlinked
  29 +# "current" directory that Capistrano sets up.
  30 +working_directory "/usr/lib/gitlab" # available in 0.94.0+
  31 +
  32 +# Listen on both a Unix domain socket and a TCP port.
  33 +# If you are load-balancing multiple Unicorn masters, lower the backlog
  34 +# setting to e.g. 64 for faster failover.
  35 +listen "/usr/lib/gitlab/tmp/sockets/gitlab.socket", :backlog => 1024
  36 +listen "127.0.0.1:8080", :tcp_nopush => true
  37 +
  38 +# nuke workers after 30 seconds instead of 60 seconds (the default)
  39 +#
  40 +# NOTICE: git push over http depends on this value.
  41 +# If you want be able to push huge amount of data to git repository over http
  42 +# you will have to increase this value too.
  43 +#
  44 +# Example of output if you try to push 1GB repo to GitLab over http.
  45 +# -> git push http://gitlab.... master
  46 +#
  47 +# error: RPC failed; result=18, HTTP code = 200
  48 +# fatal: The remote end hung up unexpectedly
  49 +# fatal: The remote end hung up unexpectedly
  50 +#
  51 +# For more information see http://stackoverflow.com/a/21682112/752049
  52 +#
  53 +timeout 60
  54 +
  55 +# feel free to point this anywhere accessible on the filesystem
  56 +pid "/usr/lib/gitlab/tmp/pids/unicorn.pid"
  57 +
  58 +# By default, the Unicorn logger will write to stderr.
  59 +# Additionally, some applications/frameworks log to stderr or stdout,
  60 +# so prevent them from going to /dev/null when daemonized here:
  61 +stderr_path "/usr/lib/gitlab/log/unicorn.stderr.log"
  62 +stdout_path "/usr/lib/gitlab/log/unicorn.stdout.log"
  63 +
  64 +# combine Ruby 2.0.0dev or REE with "preload_app true" for memory savings
  65 +# http://rubyenterpriseedition.com/faq.html#adapt_apps_for_cow
  66 +preload_app true
  67 +GC.respond_to?(:copy_on_write_friendly=) and
  68 + GC.copy_on_write_friendly = true
  69 +
  70 +# Enable this flag to have unicorn test client connections by writing the
  71 +# beginning of the HTTP headers before calling the application. This
  72 +# prevents calling the application for connections that have disconnected
  73 +# while queued. This is only guaranteed to detect clients on the same
  74 +# host unicorn runs on, and unlikely to detect disconnects even on a
  75 +# fast LAN.
  76 +check_client_connection false
  77 +
  78 +before_fork do |server, worker|
  79 + # the following is highly recomended for Rails + "preload_app true"
  80 + # as there's no need for the master process to hold a connection
  81 + defined?(ActiveRecord::Base) and
  82 + ActiveRecord::Base.connection.disconnect!
  83 +
  84 + # The following is only recommended for memory/DB-constrained
  85 + # installations. It is not needed if your system can house
  86 + # twice as many worker_processes as you have configured.
  87 + #
  88 + # This allows a new master process to incrementally
  89 + # phase out the old master process with SIGTTOU to avoid a
  90 + # thundering herd (especially in the "preload_app false" case)
  91 + # when doing a transparent upgrade. The last worker spawned
  92 + # will then kill off the old master process with a SIGQUIT.
  93 + old_pid = "#{server.config[:pid]}.oldbin"
  94 + if old_pid != server.pid
  95 + begin
  96 + sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU
  97 + Process.kill(sig, File.read(old_pid).to_i)
  98 + rescue Errno::ENOENT, Errno::ESRCH
  99 + end
  100 + end
  101 + #
  102 + # Throttle the master from forking too quickly by sleeping. Due
  103 + # to the implementation of standard Unix signal handlers, this
  104 + # helps (but does not completely) prevent identical, repeated signals
  105 + # from being lost when the receiving process is busy.
  106 + # sleep 1
  107 +end
  108 +
  109 +after_fork do |server, worker|
  110 + # per-process listener ports for debugging/admin/migrations
  111 + # addr = "127.0.0.1:#{9293 + worker.nr}"
  112 + # server.listen(addr, :tries => -1, :delay => 5, :tcp_nopush => true)
  113 +
  114 + # the following is *required* for Rails + "preload_app true",
  115 + defined?(ActiveRecord::Base) and
  116 + ActiveRecord::Base.establish_connection
  117 +
  118 + # if preload_app is true, then you may also want to check and
  119 + # restart any other shared sockets/descriptors such as Memcached,
  120 + # and Redis. TokyoCabinet file handles are safe to reuse
  121 + # between any number of forked children (assuming your kernel
  122 + # correctly implements pread()/pwrite() system calls)
  123 +end
... ...
cookbooks/gitlab/recipes/default.rb
  Diff comments   View file @64f7c96
... ... @@ -56,7 +56,7 @@ cookbook_file &#39;/usr/lib/gitlab/config/initializers/gitlab_path.rb&#39; do
56 56 mode 0644
57 57 notifies :restart, 'service[gitlab]'
58 58 end
59   -template '/etc/gitlab/unicorn.rb' do
  59 +cookbook_file '/etc/gitlab/unicorn.rb' do
60 60 owner 'root'
61 61 group 'root'
62 62 mode 0644
... ... @@ -67,6 +67,13 @@ end
67 67 # Run under /gitlab (END)
68 68 ####################################################
69 69  
  70 +# serve static files with nginx
  71 +template '/etc/nginx/conf.d/gitlab.conf' do
  72 + source 'nginx.conf.erb'
  73 + mode 0644
  74 + notifies :reload, 'service[nginx]'
  75 +end
  76 +
70 77 # TODO: Remote-User authentication
71 78  
72 79 service 'gitlab' do
... ...
cookbooks/gitlab/templates/nginx.conf.erb 0 → 100644
  Diff comments   View file @64f7c96
... ... @@ -0,0 +1,33 @@
  1 +upstream gitlab {
  2 + server 127.0.0.1:8080 fail_timeout=10s;
  3 +}
  4 +
  5 +server {
  6 + listen *:8081;
  7 +
  8 + server_name <%= node['config']['external_hostname'] %>;
  9 +
  10 + access_log /var/log/nginx/gitlab.access.log;
  11 + error_log /var/log/nginx/gitlab.error.log;
  12 +
  13 + location /gitlab/assets/ {
  14 + alias /usr/lib/gitlab/public/assets/;
  15 + }
  16 +
  17 + location /gitlab/uploads/ {
  18 + alias /usr/lib/gitlab/public/uploads/;
  19 + }
  20 +
  21 + location / {
  22 +
  23 + proxy_pass http://gitlab;
  24 + proxy_read_timeout 90;
  25 + proxy_connect_timeout 90;
  26 + proxy_redirect off;
  27 + proxy_set_header Host $host;
  28 + proxy_set_header X-Real-IP $remote_addr;
  29 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  30 + }
  31 +}
  32 +
  33 +# vim: ft=nginx
... ...
cookbooks/gitlab/templates/unicorn.rb.erb
View file @7e4030e
... ... @@ -1,124 +0,0 @@
1   -# Sample verbose configuration file for Unicorn (not Rack)
2   -#
3   -# This configuration file documents many features of Unicorn
4   -# that may not be needed for some applications. See
5   -# http://unicorn.bogomips.org/examples/unicorn.conf.minimal.rb
6   -# for a much simpler configuration file.
7   -#
8   -# See http://unicorn.bogomips.org/Unicorn/Configurator.html for complete
9   -# documentation.
10   -
11   -# WARNING: See config/application.rb under "Relative url support" for the list of
12   -# other files that need to be changed for relative url support
13   -#
14   -ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab"
15   -
16   -# Read about unicorn workers here:
17   -# http://doc.gitlab.com/ee/install/requirements.html#unicorn-workers
18   -#
19   -worker_processes 2
20   -
21   -# Since Unicorn is never exposed to outside clients, it does not need to
22   -# run on the standard HTTP port (80), there is no reason to start Unicorn
23   -# as root unless it's from system init scripts.
24   -# If running the master process as root and the workers as an unprivileged
25   -# user, do this to switch euid/egid in the workers (also chowns logs):
26   -# user "unprivileged_user", "unprivileged_group"
27   -
28   -# Help ensure your application will always spawn in the symlinked
29   -# "current" directory that Capistrano sets up.
30   -working_directory "/usr/lib/gitlab" # available in 0.94.0+
31   -
32   -# Listen on both a Unix domain socket and a TCP port.
33   -# If you are load-balancing multiple Unicorn masters, lower the backlog
34   -# setting to e.g. 64 for faster failover.
35   -listen "/usr/lib/gitlab/tmp/sockets/gitlab.socket", :backlog => 1024
36   -listen "127.0.0.1:8080", :tcp_nopush => true
37   -listen "<%= node['peers']['integration'] %>:8080", :tcp_nopush => true
38   -
39   -# nuke workers after 30 seconds instead of 60 seconds (the default)
40   -#
41   -# NOTICE: git push over http depends on this value.
42   -# If you want be able to push huge amount of data to git repository over http
43   -# you will have to increase this value too.
44   -#
45   -# Example of output if you try to push 1GB repo to GitLab over http.
46   -# -> git push http://gitlab.... master
47   -#
48   -# error: RPC failed; result=18, HTTP code = 200
49   -# fatal: The remote end hung up unexpectedly
50   -# fatal: The remote end hung up unexpectedly
51   -#
52   -# For more information see http://stackoverflow.com/a/21682112/752049
53   -#
54   -timeout 60
55   -
56   -# feel free to point this anywhere accessible on the filesystem
57   -pid "/usr/lib/gitlab/tmp/pids/unicorn.pid"
58   -
59   -# By default, the Unicorn logger will write to stderr.
60   -# Additionally, some applications/frameworks log to stderr or stdout,
61   -# so prevent them from going to /dev/null when daemonized here:
62   -stderr_path "/usr/lib/gitlab/log/unicorn.stderr.log"
63   -stdout_path "/usr/lib/gitlab/log/unicorn.stdout.log"
64   -
65   -# combine Ruby 2.0.0dev or REE with "preload_app true" for memory savings
66   -# http://rubyenterpriseedition.com/faq.html#adapt_apps_for_cow
67   -preload_app true
68   -GC.respond_to?(:copy_on_write_friendly=) and
69   - GC.copy_on_write_friendly = true
70   -
71   -# Enable this flag to have unicorn test client connections by writing the
72   -# beginning of the HTTP headers before calling the application. This
73   -# prevents calling the application for connections that have disconnected
74   -# while queued. This is only guaranteed to detect clients on the same
75   -# host unicorn runs on, and unlikely to detect disconnects even on a
76   -# fast LAN.
77   -check_client_connection false
78   -
79   -before_fork do |server, worker|
80   - # the following is highly recomended for Rails + "preload_app true"
81   - # as there's no need for the master process to hold a connection
82   - defined?(ActiveRecord::Base) and
83   - ActiveRecord::Base.connection.disconnect!
84   -
85   - # The following is only recommended for memory/DB-constrained
86   - # installations. It is not needed if your system can house
87   - # twice as many worker_processes as you have configured.
88   - #
89   - # This allows a new master process to incrementally
90   - # phase out the old master process with SIGTTOU to avoid a
91   - # thundering herd (especially in the "preload_app false" case)
92   - # when doing a transparent upgrade. The last worker spawned
93   - # will then kill off the old master process with a SIGQUIT.
94   - old_pid = "#{server.config[:pid]}.oldbin"
95   - if old_pid != server.pid
96   - begin
97   - sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU
98   - Process.kill(sig, File.read(old_pid).to_i)
99   - rescue Errno::ENOENT, Errno::ESRCH
100   - end
101   - end
102   - #
103   - # Throttle the master from forking too quickly by sleeping. Due
104   - # to the implementation of standard Unix signal handlers, this
105   - # helps (but does not completely) prevent identical, repeated signals
106   - # from being lost when the receiving process is busy.
107   - # sleep 1
108   -end
109   -
110   -after_fork do |server, worker|
111   - # per-process listener ports for debugging/admin/migrations
112   - # addr = "127.0.0.1:#{9293 + worker.nr}"
113   - # server.listen(addr, :tries => -1, :delay => 5, :tcp_nopush => true)
114   -
115   - # the following is *required* for Rails + "preload_app true",
116   - defined?(ActiveRecord::Base) and
117   - ActiveRecord::Base.establish_connection
118   -
119   - # if preload_app is true, then you may also want to check and
120   - # restart any other shared sockets/descriptors such as Memcached,
121   - # and Redis. TokyoCabinet file handles are safe to reuse
122   - # between any number of forked children (assuming your kernel
123   - # correctly implements pread()/pwrite() system calls)
124   -end
test/gitlab_test.sh
  Diff comments   View file @64f7c96
... ... @@ -12,4 +12,9 @@ test_gitlab_responds() {
12 12 assertTrue 'gitlab responds on HTTP' 'run_on integration curl http://localhost:8080/gitlab/public/projects'
13 13 }
14 14  
  15 +test_static_content_served_correctly() {
  16 + file=$(run_on integration ls -1 '/usr/lib/gitlab/public/assets/*.css' | head -1 | xargs basename)
  17 + assertTrue 'gitlab static content served by nginx' "run_on integration curl --head http://localhost:8081/gitlab/assets/$file | grep 'Content-Type: text/css'"
  18 +}
  19 +
15 20 . shunit2
... ...