summaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
authorLin Jen-Shin <godfat@godfat.org>2017-11-22 17:07:01 +0800
committerLin Jen-Shin <godfat@godfat.org>2017-11-22 17:07:01 +0800
commit663593e87e81d199a5b9a4926d4644ed15416ab0 (patch)
tree4e4c331e27bdfe744360e3c620460c04d86f7c7f /config
parent166a2d7a67787d3cf8cebb1e75fc557e2409e669 (diff)
parent6369db0196ec7b6e288b16382c95243424a59b62 (diff)
downloadgitlab-ce-663593e87e81d199a5b9a4926d4644ed15416ab0.tar.gz
Merge remote-tracking branch 'upstream/master' into no-ivar-in-modules
* upstream/master: (126 commits) Update VERSION to 10.3.0-pre Update CHANGELOG.md for 10.2.0 default fill color for SVGs ignore hashed repos (for now) when using `rake gitlab:cleanup:repos` Use Redis cache for branch existence checks Update CONTRIBUTING.md: Link definition of done to criteria Use `make install` for Gitaly setups in non-test environments FileUploader should check for hashed_storage?(:attachments) to use disk_path Set the default gitlab-shell timeout to 3 hours Update composite pipelines index to include "id" Use arrays in Pipeline#latest_builds_with_artifacts Fix blank states using old css Skip confirmation user api Custom issue tracker Revert "check for `read_only?` first before seeing if request is disallowed" add `#with_metadata` scope to remove a N+1 from the notes' API Fix promoting milestone updating all issuables without milestone Batchload blobs for diff generation check for `read_only?` first before seeing if request is disallowed use `Gitlab::Routing.url_helpers` instead of `Rails.application.routes.url_helpers` ...
Diffstat (limited to 'config')
-rw-r--r--config/application.rb2
-rw-r--r--config/gitlab.yml.example4
-rw-r--r--config/initializers/1_settings.rb2
-rw-r--r--config/initializers/ar5_batching.rb1
-rw-r--r--config/initializers/batch_loader.rb1
-rw-r--r--config/initializers/devise.rb1
-rw-r--r--config/initializers/gollum.rb28
-rw-r--r--config/initializers/omniauth.rb1
-rw-r--r--config/initializers/postgresql_cte.rb2
-rw-r--r--config/initializers/rack_attack_global.rb61
10 files changed, 99 insertions, 4 deletions
diff --git a/config/application.rb b/config/application.rb
index 5100ec5d2b7..6436f887d14 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -113,7 +113,7 @@ module Gitlab
config.action_view.sanitized_allowed_protocols = %w(smb)
- config.middleware.insert_before Warden::Manager, Rack::Attack
+ config.middleware.insert_after Warden::Manager, Rack::Attack
# Allow access to GitLab API from other domains
config.middleware.insert_before Warden::Manager, Rack::Cors do
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 7547ba4a8fa..7f6e68ceed6 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -559,8 +559,8 @@ production: &base
upload_pack: true
receive_pack: true
- # Git import/fetch timeout
- # git_timeout: 800
+ # Git import/fetch timeout, in seconds. Defaults to 3 hours.
+ # git_timeout: 10800
# If you use non-standard ssh port you need to specify it
# ssh_port: 22
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index d1156b0c8a8..f7c83f7b0f7 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -429,7 +429,7 @@ Settings.gitlab_shell['ssh_port'] ||= 22
Settings.gitlab_shell['ssh_user'] ||= Settings.gitlab.user
Settings.gitlab_shell['owner_group'] ||= Settings.gitlab.user
Settings.gitlab_shell['ssh_path_prefix'] ||= Settings.__send__(:build_gitlab_shell_ssh_path_prefix)
-Settings.gitlab_shell['git_timeout'] ||= 800
+Settings.gitlab_shell['git_timeout'] ||= 10800
#
# Workhorse
diff --git a/config/initializers/ar5_batching.rb b/config/initializers/ar5_batching.rb
index 35e8b3808e2..6ebaf8834d2 100644
--- a/config/initializers/ar5_batching.rb
+++ b/config/initializers/ar5_batching.rb
@@ -34,6 +34,7 @@ module ActiveRecord
yield yielded_relation
break if ids.length < of
+
batch_relation = relation.where(arel_table[primary_key].gt(primary_key_offset))
end
end
diff --git a/config/initializers/batch_loader.rb b/config/initializers/batch_loader.rb
new file mode 100644
index 00000000000..2e2256b0eb9
--- /dev/null
+++ b/config/initializers/batch_loader.rb
@@ -0,0 +1 @@
+Rails.application.config.middleware.use(BatchLoader::Middleware)
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 958859be6cf..051ef93b205 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -236,6 +236,7 @@ Devise.setup do |config|
provider['args'][:on_single_sign_out] = lambda do |request|
ticket = request.params[:session_index]
raise "Service Ticket not found." unless Gitlab::OAuth::Session.valid?(:cas3, ticket)
+
Gitlab::OAuth::Session.destroy(:cas3, ticket)
true
end
diff --git a/config/initializers/gollum.rb b/config/initializers/gollum.rb
index 1ebe3c7a742..2fd47a3f4d3 100644
--- a/config/initializers/gollum.rb
+++ b/config/initializers/gollum.rb
@@ -10,4 +10,32 @@ module Gollum
index.send(name, *args)
end
end
+
+ class Wiki
+ def pages(treeish = nil, limit: nil)
+ tree_list((treeish || @ref), limit: limit)
+ end
+
+ def tree_list(ref, limit: nil)
+ if (sha = @access.ref_to_sha(ref))
+ commit = @access.commit(sha)
+ tree_map_for(sha).inject([]) do |list, entry|
+ next list unless @page_class.valid_page_name?(entry.name)
+
+ list << entry.page(self, commit)
+ break list if limit && list.size >= limit
+
+ list
+ end
+ else
+ []
+ end
+ end
+ end
+end
+
+Rails.application.configure do
+ config.after_initialize do
+ Gollum::Page.per_page = Kaminari.config.default_per_page
+ end
end
diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb
index fddb018e948..e9e1f1c4e9b 100644
--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@@ -3,6 +3,7 @@ if Gitlab::LDAP::Config.enabled?
Gitlab::LDAP::Config.available_servers.each do |server|
# do not redeclare LDAP
next if server['provider_name'] == 'ldap'
+
const_set(server['provider_class'], Class.new(LDAP))
end
end
diff --git a/config/initializers/postgresql_cte.rb b/config/initializers/postgresql_cte.rb
index 7f0df8949db..38a9cd68d57 100644
--- a/config/initializers/postgresql_cte.rb
+++ b/config/initializers/postgresql_cte.rb
@@ -61,11 +61,13 @@ module ActiveRecord
def with_values=(values)
raise ImmutableRelation if @loaded
+
@values[:with] = values
end
def recursive_value=(value)
raise ImmutableRelation if @loaded
+
@values[:recursive] = value
end
diff --git a/config/initializers/rack_attack_global.rb b/config/initializers/rack_attack_global.rb
new file mode 100644
index 00000000000..9453df2ec5a
--- /dev/null
+++ b/config/initializers/rack_attack_global.rb
@@ -0,0 +1,61 @@
+module Gitlab::Throttle
+ def self.settings
+ Gitlab::CurrentSettings.current_application_settings
+ end
+
+ def self.unauthenticated_options
+ limit_proc = proc { |req| settings.throttle_unauthenticated_requests_per_period }
+ period_proc = proc { |req| settings.throttle_unauthenticated_period_in_seconds.seconds }
+ { limit: limit_proc, period: period_proc }
+ end
+
+ def self.authenticated_api_options
+ limit_proc = proc { |req| settings.throttle_authenticated_api_requests_per_period }
+ period_proc = proc { |req| settings.throttle_authenticated_api_period_in_seconds.seconds }
+ { limit: limit_proc, period: period_proc }
+ end
+
+ def self.authenticated_web_options
+ limit_proc = proc { |req| settings.throttle_authenticated_web_requests_per_period }
+ period_proc = proc { |req| settings.throttle_authenticated_web_period_in_seconds.seconds }
+ { limit: limit_proc, period: period_proc }
+ end
+end
+
+class Rack::Attack
+ throttle('throttle_unauthenticated', Gitlab::Throttle.unauthenticated_options) do |req|
+ Gitlab::Throttle.settings.throttle_unauthenticated_enabled &&
+ req.unauthenticated? &&
+ req.ip
+ end
+
+ throttle('throttle_authenticated_api', Gitlab::Throttle.authenticated_api_options) do |req|
+ Gitlab::Throttle.settings.throttle_authenticated_api_enabled &&
+ req.api_request? &&
+ req.authenticated_user_id
+ end
+
+ throttle('throttle_authenticated_web', Gitlab::Throttle.authenticated_web_options) do |req|
+ Gitlab::Throttle.settings.throttle_authenticated_web_enabled &&
+ req.web_request? &&
+ req.authenticated_user_id
+ end
+
+ class Request
+ def unauthenticated?
+ !authenticated_user_id
+ end
+
+ def authenticated_user_id
+ Gitlab::Auth::RequestAuthenticator.new(self).user&.id
+ end
+
+ def api_request?
+ path.start_with?('/api')
+ end
+
+ def web_request?
+ !api_request?
+ end
+ end
+end