diff options
| author | Kamil Trzcinski <ayufan@ayufan.eu> | 2017-01-24 17:52:50 +0100 |
|---|---|---|
| committer | Kamil Trzcinski <ayufan@ayufan.eu> | 2017-01-24 17:52:50 +0100 |
| commit | 3cd17c9430c7575b0c1f1041947f3cd0d991f00c (patch) | |
| tree | 12638383d600ae6d5c8cbf6c27da7bdb2199f5e7 /config | |
| parent | 8faabdf7d33b575de11b043cfe6698021d33a973 (diff) | |
| parent | 8c0e358a972ca9cb2176ff9289a5a89b0c909a93 (diff) | |
| download | gitlab-ce-3cd17c9430c7575b0c1f1041947f3cd0d991f00c.tar.gz | |
Merge remote-tracking branch 'origin/master' into 24147-delete-env-button
Diffstat (limited to 'config')
32 files changed, 411 insertions, 216 deletions
diff --git a/config/README.md b/config/README.md new file mode 100644 index 00000000000..0a5ea2424e0 --- /dev/null +++ b/config/README.md @@ -0,0 +1,22 @@ +# Configuration files Documentation + +Note that most configuration files (`config/*.*`) committed into +[gitlab-ce](https://gitlab.com/gitlab-org/gitlab-ce) **will not be used** for +[omnibus-gitlab](https://gitlab.com/gitlab-org/omnibus-gitlab). Configuration +files committed into gitlab-ce are only used for development. + +## gitlab.yml + +You can find most of GitLab configuration settings here. + +## mail_room.yml + +This file is actually an YML wrapped inside an ERB file to enable templated +values to be specified from `gitlab.yml`. mail_room loads this file first as +an ERB file and then loads the resulting YML as its configuration. + +## resque.yml + +This file is called `resque.yml` for historical reasons. We are **NOT** +using Resque at the moment. It is used to specify Redis configuration +values instead. diff --git a/config/application.rb b/config/application.rb index 946b632b0e8..f00e58a36ca 100644 --- a/config/application.rb +++ b/config/application.rb @@ -45,7 +45,7 @@ module Gitlab # # Parameters filtered: # - Password (:password, :password_confirmation) - # - Private tokens (:private_token) + # - Private tokens # - Two-factor tokens (:otp_attempt) # - Repo/Project Import URLs (:import_url) # - Build variables (:variables) @@ -55,15 +55,18 @@ module Gitlab # - Sentry DSN (:sentry_dsn) # - Deploy keys (:key) config.filter_parameters += %i( + authentication_token certificate encrypted_key hook import_url + incoming_email_token key otp_attempt password password_confirmation private_token + runners_token secret_token sentry_dsn variables @@ -80,25 +83,37 @@ module Gitlab # Enable the asset pipeline config.assets.enabled = true config.assets.paths << Gemojione.images_path + config.assets.paths << "vendor/assets/fonts" config.assets.precompile << "*.png" config.assets.precompile << "print.css" config.assets.precompile << "notify.css" config.assets.precompile << "mailers/*.css" + config.assets.precompile << "lib/vue_resource.js" + config.assets.precompile << "katex.css" + config.assets.precompile << "katex.js" + config.assets.precompile << "xterm/xterm.css" config.assets.precompile << "graphs/graphs_bundle.js" config.assets.precompile << "users/users_bundle.js" config.assets.precompile << "network/network_bundle.js" config.assets.precompile << "profile/profile_bundle.js" config.assets.precompile << "protected_branches/protected_branches_bundle.js" config.assets.precompile << "diff_notes/diff_notes_bundle.js" + config.assets.precompile << "merge_request_widget/ci_bundle.js" + config.assets.precompile << "issuable/issuable_bundle.js" config.assets.precompile << "boards/boards_bundle.js" config.assets.precompile << "cycle_analytics/cycle_analytics_bundle.js" config.assets.precompile << "merge_conflicts/merge_conflicts_bundle.js" config.assets.precompile << "boards/test_utils/simulate_drag.js" + config.assets.precompile << "environments/environments_bundle.js" config.assets.precompile << "blob_edit/blob_edit_bundle.js" config.assets.precompile << "snippet/snippet_bundle.js" + config.assets.precompile << "terminal/terminal_bundle.js" + config.assets.precompile << "filtered_search/filtered_search_bundle.js" config.assets.precompile << "lib/utils/*.js" config.assets.precompile << "lib/*.js" config.assets.precompile << "u2f.js" + config.assets.precompile << "vue_pipelines_index/index.js" + config.assets.precompile << "vendor/assets/fonts/*" # Version of your assets, change this if you want to expire all your assets config.assets.version = '1.0' diff --git a/config/database.yml.mysql b/config/database.yml.mysql index a99c50706c5..d9702870249 100644 --- a/config/database.yml.mysql +++ b/config/database.yml.mysql @@ -3,8 +3,8 @@ # production: adapter: mysql2 - encoding: utf8 - collation: utf8_general_ci + encoding: utf8mb4 + collation: utf8mb4_general_ci reconnect: false database: gitlabhq_production pool: 10 @@ -18,8 +18,8 @@ production: # development: adapter: mysql2 - encoding: utf8 - collation: utf8_general_ci + encoding: utf8mb4 + collation: utf8mb4_general_ci reconnect: false database: gitlabhq_development pool: 5 @@ -32,8 +32,8 @@ development: # Do not set this db to the same as development or production. test: &test adapter: mysql2 - encoding: utf8 - collation: utf8_general_ci + encoding: utf8mb4 + collation: utf8mb4_general_ci reconnect: false database: gitlabhq_test pool: 5 diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index 699ab6075b6..42e5f105d46 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -138,6 +138,8 @@ production: &base # The mailbox where incoming mail will end up. Usually "inbox". mailbox: "inbox" + # The IDLE command timeout. + idle_timeout: 60 ## Build Artifacts artifacts: @@ -151,6 +153,12 @@ production: &base # The location where LFS objects are stored (default: shared/lfs-objects). # storage_path: shared/lfs-objects + ## Mattermost + ## For enabling Add to Mattermost button + mattermost: + enabled: false + host: 'https://mattermost.example.com' + ## Gravatar ## For Libravatar see: http://doc.gitlab.com/ce/customization/libravatar.html gravatar: @@ -360,6 +368,16 @@ production: &base # login_url: '/cas/login', # service_validate_url: '/cas/p3/serviceValidate', # logout_url: '/cas/logout'} } + # - { name: 'authentiq', + # # for client credentials (client ID and secret), go to https://www.authentiq.com/ + # app_id: 'YOUR_CLIENT_ID', + # app_secret: 'YOUR_CLIENT_SECRET', + # args: { + # scope: 'aq:name email~rs address aq:push' + # # redirect_uri parameter is optional except when 'gitlab.host' in this file is set to 'localhost' + # # redirect_uri: 'YOUR_REDIRECT_URI' + # } + # } # - { name: 'github', # app_id: 'YOUR_APP_ID', # app_secret: 'YOUR_APP_SECRET', @@ -568,4 +586,4 @@ test: admin_group: '' staging: - <<: *base + <<: *base
\ No newline at end of file diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 9fec2ad6bf7..906ec11f012 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -213,8 +213,9 @@ Settings.gitlab.default_projects_features['builds'] = true if Settin Settings.gitlab.default_projects_features['container_registry'] = true if Settings.gitlab.default_projects_features['container_registry'].nil? Settings.gitlab.default_projects_features['visibility_level'] = Settings.send(:verify_constant, Gitlab::VisibilityLevel, Settings.gitlab.default_projects_features['visibility_level'], Gitlab::VisibilityLevel::PRIVATE) Settings.gitlab['domain_whitelist'] ||= [] -Settings.gitlab['import_sources'] ||= %w[github bitbucket gitlab google_code fogbugz git gitlab_project] +Settings.gitlab['import_sources'] ||= %w[github bitbucket gitlab google_code fogbugz git gitlab_project gitea] Settings.gitlab['trusted_proxies'] ||= [] +Settings.gitlab['no_todos_messages'] ||= YAML.load_file(Rails.root.join('config', 'no_todos_messages.yml')) # # CI @@ -261,6 +262,13 @@ Settings.lfs['enabled'] = true if Settings.lfs['enabled'].nil? Settings.lfs['storage_path'] = File.expand_path(Settings.lfs['storage_path'] || File.join(Settings.shared['path'], "lfs-objects"), Rails.root) # +# Mattermost +# +Settings['mattermost'] ||= Settingslogic.new({}) +Settings.mattermost['enabled'] = false if Settings.mattermost['enabled'].nil? +Settings.mattermost['host'] = nil unless Settings.mattermost.enabled + +# # Gravatar # Settings['gravatar'] ||= Settingslogic.new({}) @@ -301,7 +309,7 @@ Settings.cron_jobs['remove_expired_group_links_worker'] ||= Settingslogic.new({} Settings.cron_jobs['remove_expired_group_links_worker']['cron'] ||= '10 0 * * *' Settings.cron_jobs['remove_expired_group_links_worker']['job_class'] = 'RemoveExpiredGroupLinksWorker' Settings.cron_jobs['prune_old_events_worker'] ||= Settingslogic.new({}) -Settings.cron_jobs['prune_old_events_worker']['cron'] ||= '* */6 * * *' +Settings.cron_jobs['prune_old_events_worker']['cron'] ||= '0 */6 * * *' Settings.cron_jobs['prune_old_events_worker']['job_class'] = 'PruneOldEventsWorker' Settings.cron_jobs['trending_projects_worker'] ||= Settingslogic.new({}) @@ -396,6 +404,12 @@ Settings.rack_attack.git_basic_auth['findtime'] ||= 1.minute Settings.rack_attack.git_basic_auth['bantime'] ||= 1.hour # +# Gitaly +# +Settings['gitaly'] ||= Settingslogic.new({}) +Settings.gitaly['socket_path'] ||= ENV['GITALY_SOCKET_PATH'] + +# # Testing settings # if Rails.env.test? diff --git a/config/initializers/ar_monkey_patch.rb b/config/initializers/ar_monkey_patch.rb index 0da584626ee..6979f4641b0 100644 --- a/config/initializers/ar_monkey_patch.rb +++ b/config/initializers/ar_monkey_patch.rb @@ -52,6 +52,23 @@ module ActiveRecord raise end end + + # This is patched because we need it to query `lock_version IS NULL` + # rather than `lock_version = 0` whenever lock_version is NULL. + def relation_for_destroy + return super unless locking_enabled? + + column_name = self.class.locking_column + super.where(self.class.arel_table[column_name].eq(self[column_name])) + end + end + + # This is patched because we want `lock_version` default to `NULL` + # rather than `0` + class LockingType < SimpleDelegator + def type_cast_from_database(value) + super + end end end end diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index a0a8f88584c..a8afc36fc78 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -213,22 +213,9 @@ Devise.setup do |config| end if Gitlab::LDAP::Config.enabled? - Gitlab.config.ldap.servers.values.each do |server| - if server['allow_username_or_email_login'] - email_stripping_proc = ->(name) {name.gsub(/@.*\z/, '')} - else - email_stripping_proc = ->(name) {name} - end - - config.omniauth server['provider_name'], - host: server['host'], - base: server['base'], - uid: server['uid'], - port: server['port'], - method: server['method'], - bind_dn: server['bind_dn'], - password: server['password'], - name_proc: email_stripping_proc + Gitlab::LDAP::Config.providers.each do |provider| + ldap_config = Gitlab::LDAP::Config.new(provider) + config.omniauth(provider, ldap_config.omniauth_options) end end @@ -254,6 +241,10 @@ Devise.setup do |config| end end + if provider['name'] == 'shibboleth' + provider['args'][:fail_with_empty_uid] = true + end + # A Hash from the configuration will be passed as is. provider_arguments << provider['args'].symbolize_keys end diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index fc4b0a72add..88cd0f5f652 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -52,8 +52,8 @@ Doorkeeper.configure do # Define access token scopes for your provider # For more information go to # https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes - default_scopes :api - # optional_scopes :write, :update + default_scopes(*Gitlab::Auth::DEFAULT_SCOPES) + optional_scopes(*Gitlab::Auth::OPTIONAL_SCOPES) # Change the way client credentials are retrieved from the request object. # By default it retrieves first from the `HTTP_AUTHORIZATION` header, then diff --git a/config/initializers/email_template_interceptor.rb b/config/initializers/email_template_interceptor.rb new file mode 100644 index 00000000000..f195ca9bcd6 --- /dev/null +++ b/config/initializers/email_template_interceptor.rb @@ -0,0 +1,2 @@ +# Interceptor in lib/email_template_interceptor.rb +ActionMailer::Base.register_interceptor(EmailTemplateInterceptor) diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb index 3d1a41a4652..d4197da3fa9 100644 --- a/config/initializers/inflections.rb +++ b/config/initializers/inflections.rb @@ -10,5 +10,5 @@ # end # ActiveSupport::Inflector.inflections do |inflect| - inflect.uncountable %w(award_emoji) + inflect.uncountable %w(award_emoji project_statistics) end diff --git a/config/initializers/math_lexer.rb b/config/initializers/math_lexer.rb new file mode 100644 index 00000000000..8a3388a267e --- /dev/null +++ b/config/initializers/math_lexer.rb @@ -0,0 +1,2 @@ +# Touch the lexers so it is registered with Rouge +Rouge::Lexers::Math diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb index 26c30e523a7..ab5a0561b8c 100644 --- a/config/initializers/omniauth.rb +++ b/config/initializers/omniauth.rb @@ -26,3 +26,9 @@ if Gitlab.config.omniauth.enabled end end end + +module OmniAuth + module Strategies + autoload :Bitbucket, Rails.root.join('lib', 'omniauth', 'strategies', 'bitbucket') + end +end diff --git a/config/initializers/public_key.rb b/config/initializers/public_key.rb deleted file mode 100644 index e4f09a2d020..00000000000 --- a/config/initializers/public_key.rb +++ /dev/null @@ -1,2 +0,0 @@ -path = File.expand_path("~/.ssh/bitbucket_rsa.pub") -Gitlab::BitbucketImport.public_key = File.read(path) if File.exist?(path) diff --git a/config/initializers/rack_attack_logging.rb b/config/initializers/rack_attack_logging.rb new file mode 100644 index 00000000000..8bb9ea29c33 --- /dev/null +++ b/config/initializers/rack_attack_logging.rb @@ -0,0 +1,7 @@ +# Adds logging for all Rack Attack blocks and throttling events. + +ActiveSupport::Notifications.subscribe('rack.attack') do |name, start, finish, request_id, req| + if [:throttle, :blacklist].include? req.env['rack.attack.match_type'] + Rails.logger.info("Rack_Attack: #{req.env['rack.attack.match_type']} #{req.ip} #{req.request_method} #{req.fullpath}") + end +end diff --git a/config/initializers/sentry.rb b/config/initializers/sentry.rb index 4f30d1265c8..6b0cff75653 100644 --- a/config/initializers/sentry.rb +++ b/config/initializers/sentry.rb @@ -15,7 +15,7 @@ if Rails.env.production? Raven.configure do |config| config.dsn = current_application_settings.sentry_dsn config.release = Gitlab::REVISION - + # Sanitize fields based on those sanitized from Rails. config.sanitize_fields = Rails.application.config.filter_parameters.map(&:to_s) # Sanitize authentication headers diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb index 023af2af23c..5a7365bb0f6 100644 --- a/config/initializers/sidekiq.rb +++ b/config/initializers/sidekiq.rb @@ -29,10 +29,12 @@ Sidekiq.configure_server do |config| end Sidekiq::Cron::Job.load_from_hash! cron_jobs + Gitlab::SidekiqThrottler.execute! + # Database pool should be at least `sidekiq_concurrency` + 2 # For more info, see: https://github.com/mperham/sidekiq/blob/master/4.0-Upgrade.md config = ActiveRecord::Base.configurations[Rails.env] || - Rails.application.config.database_configuration[Rails.env] + Rails.application.config.database_configuration[Rails.env] config['pool'] = Sidekiq.options[:concurrency] + 2 ActiveRecord::Base.establish_connection(config) Rails.logger.debug("Connection Pool size for Sidekiq Server is now: #{ActiveRecord::Base.connection.pool.instance_variable_get('@size')}") @@ -59,5 +61,5 @@ begin end end end -rescue Redis::BaseError, SocketError +rescue Redis::BaseError, SocketError, Errno::ENOENT, Errno::EAFNOSUPPORT, Errno::ECONNRESET, Errno::ECONNREFUSED end diff --git a/config/initializers/workhorse_multipart.rb b/config/initializers/workhorse_multipart.rb new file mode 100644 index 00000000000..84d809741c4 --- /dev/null +++ b/config/initializers/workhorse_multipart.rb @@ -0,0 +1,25 @@ +Rails.application.configure do |config| + config.middleware.use(Gitlab::Middleware::Multipart) +end + +# The Gitlab::Middleware::Multipart middleware inserts instances of our +# own ::UploadedFile class in the Rack env of requests. These instances +# will be blocked by the 'strong parameters' feature of ActionController +# unless we somehow whitelist them. At the moment it seems the only way +# to do that is by monkey-patching. +# +module Gitlab + module StrongParameterScalars + GITLAB_PERMITTED_SCALAR_TYPES = [::UploadedFile] + + def permitted_scalar?(value) + super || GITLAB_PERMITTED_SCALAR_TYPES.any? { |type| value.is_a?(type) } + end + end +end + +module ActionController + class Parameters + prepend Gitlab::StrongParameterScalars + end +end diff --git a/config/locales/doorkeeper.en.yml b/config/locales/doorkeeper.en.yml index a4032a21420..1d728282d90 100644 --- a/config/locales/doorkeeper.en.yml +++ b/config/locales/doorkeeper.en.yml @@ -59,6 +59,7 @@ en: unknown: "The access token is invalid" scopes: api: Access your API + read_user: Read user information flash: applications: diff --git a/config/mail_room.yml b/config/mail_room.yml index b026d510f1b..774c5350a45 100644 --- a/config/mail_room.yml +++ b/config/mail_room.yml @@ -15,7 +15,7 @@ :start_tls: <%= config[:start_tls].to_json %> :email: <%= config[:user].to_json %> :password: <%= config[:password].to_json %> - :idle_timeout: 60 + :idle_timeout: <%= config[:idle_timeout].to_json %> :name: <%= config[:mailbox].to_json %> diff --git a/config/no_todos_messages.yml b/config/no_todos_messages.yml new file mode 100644 index 00000000000..264a975b614 --- /dev/null +++ b/config/no_todos_messages.yml @@ -0,0 +1,11 @@ +# When the todo list on the user's dashboard becomes empty, a random message +# from the list below will be shown. +# +# If you come up with a fun one, please feel free to contribute it to GitLab! +# https://about.gitlab.com/contributing/ +--- +- Good job! Looks like you don't have any todos left. +- Isn't an empty todo list beautiful? +- Give yourself a pat on the back! +- Nothing left to do, high five! +- Henceforth you shall be known as "Todo Destroyer". diff --git a/config/routes.rb b/config/routes.rb index 7bf6c03e69b..06d565df469 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1,6 +1,6 @@ require 'sidekiq/web' require 'sidekiq/cron/web' -require 'api/api' +require 'constraints/group_url_constrainer' Rails.application.routes.draw do concern :access_requestable do @@ -78,10 +78,21 @@ Rails.application.routes.draw do draw :user draw :project - # Get all keys of user - get ':username.keys' => 'profiles/keys#get_keys', constraints: { username: /.*/ } - root to: "root#index" - get '*unmatched_route', to: 'application#not_found' + # Since group show page is wildcard routing + # we want all other routing to be checked before matching this one + constraints(GroupUrlConstrainer.new) do + scope(path: '*id', + as: :group, + constraints: { id: Gitlab::Regex.namespace_route_regex, format: /(html|json|atom)/ }, + controller: :groups) do + get '/', action: :show + patch '/', action: :update + put '/', action: :update + delete '/', action: :destroy + end + end + + get '*unmatched_route', to: 'application#route_not_found' end diff --git a/config/routes/admin.rb b/config/routes/admin.rb index 5ae985da561..8e99239f350 100644 --- a/config/routes/admin.rb +++ b/config/routes/admin.rb @@ -6,7 +6,6 @@ namespace :admin do member do get :projects get :keys - get :groups put :block put :unblock put :unlock @@ -28,9 +27,19 @@ namespace :admin do resources :applications - resources :groups, constraints: { id: /[^\/]+/ } do - member do + resources :groups, only: [:index, :new, :create] + + scope(path: 'groups/*id', + controller: :groups, + constraints: { id: Gitlab::Regex.namespace_route_regex, format: /(html|json|atom)/ }) do + + scope(as: :group) do put :members_update + get :edit, action: :edit + get '/', action: :show + patch '/', action: :update + put '/', action: :update + delete '/', action: :destroy end end @@ -50,14 +59,13 @@ namespace :admin do resource :system_info, controller: 'system_info', only: [:show] resources :requests_profiles, only: [:index, :show], param: :name, constraints: { name: /.+\.html/ } - resources :namespaces, path: '/projects', constraints: { id: /[a-zA-Z.0-9_\-]+/ }, only: [] do - root to: 'projects#index', as: :projects + resources :projects, only: [:index] + scope(path: 'projects/*namespace_id', as: :namespace) do resources(:projects, path: '/', - constraints: { id: /[a-zA-Z.0-9_\-]+/ }, - only: [:index, :show]) do - root to: 'projects#show' + constraints: { id: Gitlab::Regex.project_route_regex }, + only: [:show]) do member do put :transfer diff --git a/config/routes/git_http.rb b/config/routes/git_http.rb index 03adc4815f3..42d874eeebc 100644 --- a/config/routes/git_http.rb +++ b/config/routes/git_http.rb @@ -1,37 +1,47 @@ -scope constraints: { id: /.+\.git/, format: nil } do - # Git HTTP clients ('git clone' etc.) - get '/info/refs', to: 'git_http#info_refs' - post '/git-upload-pack', to: 'git_http#git_upload_pack' - post '/git-receive-pack', to: 'git_http#git_receive_pack' +scope(path: '*namespace_id/:project_id', constraints: { format: nil }) do + scope(constraints: { project_id: Gitlab::Regex.project_git_route_regex }, module: :projects) do + # Git HTTP clients ('git clone' etc.) + scope(controller: :git_http) do + get '/info/refs', action: :info_refs + post '/git-upload-pack', action: :git_upload_pack + post '/git-receive-pack', action: :git_receive_pack + end - # Git LFS API (metadata) - post '/info/lfs/objects/batch', to: 'lfs_api#batch' - post '/info/lfs/objects', to: 'lfs_api#deprecated' - get '/info/lfs/objects/*oid', to: 'lfs_api#deprecated' + # Git LFS API (metadata) + scope(path: 'info/lfs/objects', controller: :lfs_api) do + post :batch + post '/', action: :deprecated + get '/*oid', action: :deprecated + end - # GitLab LFS object storage - scope constraints: { oid: /[a-f0-9]{64}/ } do - get '/gitlab-lfs/objects/*oid', to: 'lfs_storage#download' + # GitLab LFS object storage + scope(path: 'gitlab-lfs/objects/*oid', controller: :lfs_storage, constraints: { oid: /[a-f0-9]{64}/ }) do + get '/', action: :download - scope constraints: { size: /[0-9]+/ } do - put '/gitlab-lfs/objects/*oid/*size/authorize', to: 'lfs_storage#upload_authorize' - put '/gitlab-lfs/objects/*oid/*size', to: 'lfs_storage#upload_finalize' + scope constraints: { size: /[0-9]+/ } do + put '/*size/authorize', action: :upload_authorize + put '/*size', action: :upload_finalize + end end end -end -# Allow /info/refs, /info/refs?service=git-upload-pack, and -# /info/refs?service=git-receive-pack, but nothing else. -# -git_http_handshake = lambda do |request| - request.query_string.blank? || - request.query_string.match(/\Aservice=git-(upload|receive)-pack\z/) -end + # Redirect /group/project/info/refs to /group/project.git/info/refs + scope(constraints: { project_id: Gitlab::Regex.project_route_regex }) do + # Allow /info/refs, /info/refs?service=git-upload-pack, and + # /info/refs?service=git-receive-pack, but nothing else. + # + git_http_handshake = lambda do |request| + ProjectUrlConstrainer.new.matches?(request) && + (request.query_string.blank? || + request.query_string.match(/\Aservice=git-(upload|receive)-pack\z/)) + end -ref_redirect = redirect do |params, request| - path = "#{params[:namespace_id]}/#{params[:project_id]}.git/info/refs" - path << "?#{request.query_string}" unless request.query_string.blank? - path -end + ref_redirect = redirect do |params, request| + path = "#{params[:namespace_id]}/#{params[:project_id]}.git/info/refs" + path << "?#{request.query_string}" unless request.query_string.blank? + path + end -get '/info/refs', constraints: git_http_handshake, to: ref_redirect + get '/info/refs', constraints: git_http_handshake, to: ref_redirect + end +end diff --git a/config/routes/group.rb b/config/routes/group.rb index 3c392f77ef6..776c31c9dac 100644 --- a/config/routes/group.rb +++ b/config/routes/group.rb @@ -1,28 +1,9 @@ -require 'constraints/group_url_constrainer' - -constraints(GroupUrlConstrainer.new) do - scope(path: ':id', - as: :group, - constraints: { id: Gitlab::Regex.namespace_route_regex }, - controller: :groups) do - get '/', action: :show - patch '/', action: :update - put '/', action: :update - delete '/', action: :destroy - end -end - resources :groups, only: [:index, :new, :create] -scope(path: 'groups/:id', controller: :groups) do - get :edit, as: :edit_group - get :issues, as: :issues_group - get :merge_requests, as: :merge_requests_group - get :projects, as: :projects_group - get :activity, as: :activity_group -end - -scope(path: 'groups/:group_id', module: :groups, as: :group) do +scope(path: 'groups/*group_id', + module: :groups, + as: :group, + constraints: { group_id: Gitlab::Regex.namespace_route_regex }) do resources :group_members, only: [:index, :create, :update, :destroy], concerns: :access_requestable do post :resend_invite, on: :member delete :leave, on: :collection @@ -30,8 +11,21 @@ scope(path: 'groups/:group_id', module: :groups, as: :group) do resource :avatar, only: [:destroy] resources :milestones, constraints: { id: /[^\/]+/ }, only: [:index, :show, :update, :new, :create] - resources :labels, except: [:show], constraints: { id: /\d+/ } + + resources :labels, except: [:show] do + post :toggle_subscription, on: :member + end +end + +scope(path: 'groups/*id', + controller: :groups, + constraints: { id: Gitlab::Regex.namespace_route_regex }) do + get :edit, as: :edit_group + get :issues, as: :issues_group + get :merge_requests, as: :merge_requests_group + get :projects, as: :projects_group + get :activity, as: :activity_group end # Must be last route in this file -get 'groups/:id' => 'groups#show', as: :group_canonical +get 'groups/*id' => 'groups#show', as: :group_canonical, constraints: { id: Gitlab::Regex.namespace_route_regex } diff --git a/config/routes/import.rb b/config/routes/import.rb index 89f3b3f6378..c378253bf15 100644 --- a/config/routes/import.rb +++ b/config/routes/import.rb @@ -6,6 +6,12 @@ namespace :import do get :jobs end + resource :gitea, only: [:create, :new], controller: :gitea do + post :personal_access_token + get :status + get :jobs + end + resource :gitlab, only: [:create], controller: :gitlab do get :status get :callback diff --git a/config/routes/profile.rb b/config/routes/profile.rb index 52b9a565db8..6b91485da9e 100644 --- a/config/routes/profile.rb +++ b/config/routes/profile.rb @@ -23,6 +23,12 @@ resource :profile, only: [:show, :update] do resource :preferences, only: [:show, :update] resources :keys, only: [:index, :show, :new, :create, :destroy] resources :emails, only: [:index, :create, :destroy] + resources :chat_names, only: [:index, :new, :create, :destroy] do + collection do + delete :deny + end + end + resource :avatar, only: [:destroy] resources :personal_access_tokens, only: [:index, :create] do diff --git a/config/routes/project.rb b/config/routes/project.rb index 82defb0ba71..6620b765e02 100644 --- a/config/routes/project.rb +++ b/config/routes/project.rb @@ -1,28 +1,27 @@ -resources :projects, constraints: { id: /[^\/]+/ }, only: [:index, :new, :create] - -resources :namespaces, path: '/', constraints: { id: /[a-zA-Z.0-9_\-]+/ }, only: [] do - resources(:projects, constraints: { id: /[a-zA-Z.0-9_\-]+(?<!\.atom)/ }, except: - [:new, :create, :index], path: "/") do - member do - put :transfer - delete :remove_fork - post :archive - post :unarchive - post :housekeeping - post :toggle_star - post :preview_markdown - post :export - post :remove_export - post :generate_new_export - get :download_export - get :autocomplete_sources - get :activity - get :refs - put :new_issue_address - end +require 'constraints/project_url_constrainer' + +resources :projects, only: [:index, :new, :create] + +draw :git_http - scope module: :projects do - draw :git_http +constraints(ProjectUrlConstrainer.new) do + scope(path: '*namespace_id', as: :namespace) do + scope(path: ':project_id', + constraints: { project_id: Gitlab::Regex.project_route_regex }, + module: :projects, + as: :project) do + + resources :autocomplete_sources, only: [] do + collection do + get 'emojis' + get 'members' + get 'issues' + get 'merge_requests' + get 'labels' + get 'milestones' + get 'commands' + end + end # # Templates @@ -33,10 +32,7 @@ resources :namespaces, path: '/', constraints: { id: /[a-zA-Z.0-9_\-]+/ }, only: resources :commit, only: [:show], constraints: { id: /\h{7,40}/ } do member do get :branches - get :builds get :pipelines - post :cancel_builds - post :retry_builds post :revert post :cherry_pick get :diff_for_path @@ -77,6 +73,8 @@ resources :namespaces, path: '/', constraints: { id: /[a-zA-Z.0-9_\-]+/ }, only: end end + resource :mattermost, only: [:new, :create] + resources :deploy_keys, constraints: { id: /\d+/ }, only: [:index, :new, :create] do member do put :enable @@ -93,10 +91,10 @@ resources :namespaces, path: '/', constraints: { id: /[a-zA-Z.0-9_\-]+/ }, only: get :diffs get :conflicts get :conflict_for_path - get :builds get :pipelines get :merge_check post :merge + get :merge_widget_refresh post :cancel_merge_when_build_succeeds get :ci_status get :ci_environments_status @@ -125,6 +123,7 @@ resources :namespaces, path: '/', constraints: { id: /[a-zA-Z.0-9_\-]+/ }, only: end resources :branches, only: [:index, :new, :create, :destroy], constraints: { id: Gitlab::Regex.git_reference_regex } + delete :merged_branches, controller: 'branches', action: :destroy_all_merged resources :tags, only: [:index, :show, :new, :create, :destroy], constraints: { id: Gitlab::Regex.git_reference_regex } do resource :release, only: [:edit, :update] end @@ -139,19 +138,35 @@ resources :namespaces, path: '/', constraints: { id: /[a-zA-Z.0-9_\-]+/ }, only: end member do + get :stage post :cancel post :retry + get :builds end end resources :environments, except: [:destroy] do member do post :stop + get :terminal + get '/terminal.ws/authorize', to: 'environments#terminal_websocket_authorize', constraints: { format: nil } end end resource :cycle_analytics, only: [:show] + namespace :cycle_analytics do + scope :events, controller: 'events' do + get :issue + get :plan + get :code + get :test + get :review + get :staging + get :production + end + end + resources :builds, only: [:index, :show], constraints: { id: /\d+/ } do collection do post :cancel_all @@ -292,11 +307,37 @@ resources :namespaces, path: '/', constraints: { id: /[a-zA-Z.0-9_\-]+/ }, only: end end end + namespace :settings do + resource :members, only: [:show] + resource :integrations, only: [:show] + end # Since both wiki and repository routing contains wildcard characters # its preferable to keep it below all other project routes draw :wiki draw :repository end + + resources(:projects, + path: '/', + constraints: { id: Gitlab::Regex.project_route_regex }, + only: [:edit, :show, :update, :destroy]) do + member do + put :transfer + delete :remove_fork + post :archive + post :unarchive + post :housekeeping + post :toggle_star + post :preview_markdown + post :export + post :remove_export + post :generate_new_export + get :download_export + get :activity + get :refs + put :new_issue_address + end + end end end diff --git a/config/routes/repository.rb b/config/routes/repository.rb index 76dcf113aea..f8966c5ae75 100644 --- a/config/routes/repository.rb +++ b/config/routes/repository.rb @@ -29,82 +29,60 @@ get '/edit/*id', to: 'blob#edit', constraints: { id: /.+/ }, as: 'edit_blob' put '/update/*id', to: 'blob#update', constraints: { id: /.+/ }, as: 'update_blob' post '/preview/*id', to: 'blob#preview', constraints: { id: /.+/ }, as: 'preview_blob' -scope do - get( - '/blob/*id/diff', - to: 'blob#diff', - constraints: { id: /.+/, format: false }, - as: :blob_diff - ) - get( - '/blob/*id', - to: 'blob#show', - constraints: { id: /.+/, format: false }, - as: :blob - ) - delete( - '/blob/*id', - to: 'blob#destroy', - constraints: { id: /.+/, format: false } - ) - put( - '/blob/*id', - to: 'blob#update', - constraints: { id: /.+/, format: false } - ) - post( - '/blob/*id', - to: 'blob#create', - constraints: { id: /.+/, format: false } - ) +scope('/blob/*id', as: :blob, controller: :blob, constraints: { id: /.+/, format: false }) do + get :diff + get '/', action: :show + delete '/', action: :destroy + post '/', action: :create + put '/', action: :update +end - get( - '/raw/*id', - to: 'raw#show', - constraints: { id: /.+/, format: /(html|js)/ }, - as: :raw - ) +get( + '/raw/*id', + to: 'raw#show', + constraints: { id: /.+/, format: /(html|js)/ }, + as: :raw +) - get( - '/tree/*id', - to: 'tree#show', - constraints: { id: /.+/, format: /(html|js)/ }, - as: :tree - ) +get( + '/tree/*id', + to: 'tree#show', + constraints: { id: /.+/, format: /(html|js)/ }, + as: :tree +) - get( - '/find_file/*id', - to: 'find_file#show', - constraints: { id: /.+/, format: /html/ }, - as: :find_file - ) +get( + '/find_file/*id', + to: 'find_file#show', + constraints: { id: /.+/, format: /html/ }, + as: :find_file +) - get( - '/files/*id', - to: 'find_file#list', - constraints: { id: /(?:[^.]|\.(?!json$))+/, format: /json/ }, - as: :files - ) +get( + '/files/*id', + to: 'find_file#list', + constraints: { id: /(?:[^.]|\.(?!json$))+/, format: /json/ }, + as: :files +) - post( - '/create_dir/*id', - to: 'tree#create_dir', - constraints: { id: /.+/ }, - as: 'create_dir' - ) +post( + '/create_dir/*id', + to: 'tree#create_dir', + constraints: { id: /.+/ }, + as: 'create_dir' +) - get( - '/blame/*id', - to: 'blame#show', - constraints: { id: /.+/, format: /(html|js)/ }, - as: :blame - ) +get( + '/blame/*id', + to: 'blame#show', + constraints: { id: /.+/, format: /(html|js)/ }, + as: :blame +) - # File/dir history - get( - '/commits/*id', - to: 'commits#show', - constraints: { id: /.+/, format: false }, - as: :commits - ) -end +# File/dir history +get( + '/commits/*id', + to: 'commits#show', + constraints: { id: /.+/, format: false }, + as: :commits +) diff --git a/config/routes/user.rb b/config/routes/user.rb index dc1068af6f6..b064a15e802 100644 --- a/config/routes/user.rb +++ b/config/routes/user.rb @@ -12,6 +12,9 @@ devise_scope :user do end constraints(UserUrlConstrainer.new) do + # Get all keys of user + get ':username.keys' => 'profiles/keys#get_keys', constraints: { username: Gitlab::Regex.namespace_route_regex } + scope(path: ':username', as: :user, constraints: { username: Gitlab::Regex.namespace_route_regex }, diff --git a/config/routes/wiki.rb b/config/routes/wiki.rb index ecd4d395d66..dad746d59a1 100644 --- a/config/routes/wiki.rb +++ b/config/routes/wiki.rb @@ -1,16 +1,19 @@ WIKI_SLUG_ID = { id: /\S+/ } unless defined? WIKI_SLUG_ID -scope do - # Order matters to give priority to these matches - get '/wikis/git_access', to: 'wikis#git_access' - get '/wikis/pages', to: 'wikis#pages', as: 'wiki_pages' - post '/wikis', to: 'wikis#create' +scope(controller: :wikis) do + scope(path: 'wikis', as: :wikis) do + get :git_access + get :pages + get '/', to: redirect('/%{namespace_id}/%{project_id}/wikis/home') + post '/', to: 'wikis#create' + end - get '/wikis/*id/history', to: 'wikis#history', as: 'wiki_history', constraints: WIKI_SLUG_ID - get '/wikis/*id/edit', to: 'wikis#edit', as: 'wiki_edit', constraints: WIKI_SLUG_ID - - get '/wikis/*id', to: 'wikis#show', as: 'wiki', constraints: WIKI_SLUG_ID - delete '/wikis/*id', to: 'wikis#destroy', constraints: WIKI_SLUG_ID - put '/wikis/*id', to: 'wikis#update', constraints: WIKI_SLUG_ID - post '/wikis/*id/preview_markdown', to: 'wikis#preview_markdown', constraints: WIKI_SLUG_ID, as: 'wiki_preview_markdown' + scope(path: 'wikis/*id', as: :wiki, constraints: WIKI_SLUG_ID, format: false) do + get :edit + get :history + post :preview_markdown + get '/', action: :show + put '/', action: :update + delete '/', action: :destroy + end end diff --git a/config/sidekiq_queues.yml b/config/sidekiq_queues.yml index 0aec8aedf72..022b0e80917 100644 --- a/config/sidekiq_queues.yml +++ b/config/sidekiq_queues.yml @@ -29,11 +29,14 @@ - [email_receiver, 2] - [emails_on_push, 2] - [mailers, 2] + - [use_key, 1] - [repository_fork, 1] - [repository_import, 1] - [project_service, 1] - [clear_database_cache, 1] - [delete_user, 1] + - [delete_merged_branches, 1] + - [authorized_projects, 1] - [expire_build_instance_artifacts, 1] - [group_destroy, 1] - [irker, 1] @@ -44,5 +47,6 @@ - [repository_check, 1] - [system_hook, 1] - [git_garbage_collect, 1] + - [reactive_caching, 1] - [cronjob, 1] - [default, 1] diff --git a/config/unicorn.rb.example b/config/unicorn.rb.example index e5058cebce8..40a16a32359 100644 --- a/config/unicorn.rb.example +++ b/config/unicorn.rb.example @@ -44,7 +44,7 @@ listen "127.0.0.1:8080", :tcp_nopush => true # nuke workers after 30 seconds instead of 60 seconds (the default) # # NOTICE: git push over http depends on this value. -# If you want be able to push huge amount of data to git repository over http +# If you want to be able to push huge amount of data to git repository over http # you will have to increase this value too. # # Example of output if you try to push 1GB repo to GitLab over http. @@ -82,7 +82,7 @@ GC.respond_to?(:copy_on_write_friendly=) and check_client_connection false before_fork do |server, worker| - # the following is highly recomended for Rails + "preload_app true" + # the following is highly recommended for Rails + "preload_app true" # as there's no need for the master process to hold a connection defined?(ActiveRecord::Base) and ActiveRecord::Base.connection.disconnect! |