diff options
author | Crom (Thibaut CHARLES) <crom29@hotmail.fr> | 2013-12-09 13:22:22 +0000 |
---|---|---|
committer | Crom (Thibaut CHARLES) <crom29@hotmail.fr> | 2013-12-09 13:22:22 +0000 |
commit | 906c65b6243e1f55f96d58cc1d4d60dd64c5cc65 (patch) | |
tree | 5cb5fd0246da052d619502dcb595e5138edf4706 /config | |
parent | 87fc35073a1f5ae84798263fc7c789a32f85d637 (diff) | |
parent | dbf8ae7301b50d1652ce1ccbf974e8b8ac88ffd3 (diff) | |
download | gitlab-ce-906c65b6243e1f55f96d58cc1d4d60dd64c5cc65.tar.gz |
Merge branch 'master' of https://github.com/gitlabhq/gitlabhq
Conflicts:
config/application.rb
config/gitlab.yml.example
config/unicorn.rb.example
Diffstat (limited to 'config')
-rw-r--r-- | config/application.rb | 13 | ||||
-rw-r--r-- | config/database.yml.mysql | 2 | ||||
-rw-r--r-- | config/gitlab.yml.example | 16 | ||||
-rw-r--r-- | config/initializers/1_settings.rb | 26 | ||||
-rw-r--r-- | config/initializers/devise.rb | 6 | ||||
-rw-r--r-- | config/initializers/rack_attack.rb.example | 17 | ||||
-rw-r--r-- | config/routes.rb | 12 | ||||
-rw-r--r-- | config/unicorn.rb.example | 2 |
8 files changed, 70 insertions, 24 deletions
diff --git a/config/application.rb b/config/application.rb index d06d47c773a..ca80e9718ce 100644 --- a/config/application.rb +++ b/config/application.rb @@ -70,7 +70,7 @@ module Gitlab config.assets.version = '1.0' # Uncomment and customize the last line to run in a non-root path - # WARNING: This feature is known to work, but unsupported + # WARNING: We recommend creating a FQDN to host GitLab in a root path instead of this. # Note that four settings need to be changed for this to work. # 1) In your application.rb file: config.relative_url_root = "/gitlab" # 2) In your gitlab.yml file: relative_url_root: /gitlab @@ -80,7 +80,14 @@ module Gitlab # # config.relative_url_root = "/gitlab" - # Uncomment to enable rack attack middleware - # config.middleware.use Rack::Attack + config.middleware.use Rack::Attack + + # Allow access to GitLab API from other domains + config.middleware.use Rack::Cors do + allow do + origins '*' + resource '/api/*', headers: :any, methods: [:get, :post, :options, :put] + end + end end end diff --git a/config/database.yml.mysql b/config/database.yml.mysql index e7a9227e41e..55ac088bc1d 100644 --- a/config/database.yml.mysql +++ b/config/database.yml.mysql @@ -7,7 +7,7 @@ production: reconnect: false database: gitlabhq_production pool: 10 - username: gitlab + username: git password: "secure password" # host: localhost # socket: /tmp/mysql.sock diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index bea0b71fc1b..ba779d384c1 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -20,7 +20,7 @@ production: &base https: false # Uncomment and customize the last line to run in a non-root path - # WARNING: This feature is known to work, but unsupported + # WARNING: We recommend creating a FQDN to host GitLab in a root path instead of this. # Note that four settings need to be changed for this to work. # 1) In your application.rb file: config.relative_url_root = "/gitlab" # 2) In your gitlab.yml file: relative_url_root: /gitlab @@ -57,11 +57,15 @@ production: &base # default: false - Account passwords are not sent via the email if signup is enabled. # signup_enabled: true + # Restrict setting visibility levels for non-admin users. + # The default is to allow all levels. + #restricted_visibility_levels: [ "public" ] + ## Automatic issue closing # If a commit message matches this regular expression, all issues referenced from the matched text will be closed. - # This happends when the commit is pushed or merged into the default branch of a project. + # This happens when the commit is pushed or merged into the default branch of a project. # When not specified the default issue_closing_pattern as specified below will be used. - # issue_closing_pattern: ([Cc]loses|[Ff]ixes) +#\d+ + # issue_closing_pattern: ([Cc]lose[sd]|[Ff]ixe[sd]) +#\d+ ## Default project features settings default_projects_features: @@ -70,7 +74,7 @@ production: &base wiki: true wall: false snippets: false - public: false + visibility_level: "private" # can be "private" | "internal" | "public" ## External issues trackers issues_tracker: @@ -112,6 +116,8 @@ production: &base # ========================== ## LDAP settings + # You can inspect the first 100 LDAP users with login access by running: + # bundle exec rake gitlab:ldap:check[100] RAILS_ENV=production ldap: enabled: false host: '_your_ldap_server' @@ -138,7 +144,7 @@ production: &base ## Auth providers # Uncomment the following lines and fill in the data of the auth provider you want to use # If your favorite auth provider is not listed you can use others: - # see https://github.com/gitlabhq/gitlabhq/wiki/Using-Custom-Omniauth-Providers + # see https://github.com/gitlabhq/gitlab-public-wiki/wiki/Working-custom-omniauth-provider-configurations # The 'app_id' and 'app_secret' parameters are always passed as the first two # arguments, followed by optional 'args' which can be either a hash or an array. providers: diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 942b77ffd2e..2b13bb51e02 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -30,6 +30,29 @@ class Settings < Settingslogic gitlab.relative_url_root ].join('') end + + # check that values in `current` (string or integer) is a contant in `modul`. + def verify_constant_array(modul, current, default) + values = default || [] + if !current.nil? + values = [] + current.each do |constant| + values.push(verify_constant(modul, constant, nil)) + end + values.delete_if { |value| value.nil? } + end + values + end + + # check that `current` (string or integer) is a contant in `modul`. + def verify_constant(modul, current, default) + constant = modul.constants.find{ |name| modul.const_get(name) == current } + value = constant.nil? ? default : modul.const_get(constant) + if current.is_a? String + value = modul.const_get(current.upcase) rescue default + end + value + end end end @@ -68,6 +91,7 @@ rescue ArgumentError # no user configured '/home/' + Settings.gitlab['user'] end Settings.gitlab['signup_enabled'] ||= false +Settings.gitlab['restricted_visibility_levels'] = Settings.send(:verify_constant_array, Gitlab::VisibilityLevel, Settings.gitlab['restricted_visibility_levels'], []) Settings.gitlab['username_changing_enabled'] = true if Settings.gitlab['username_changing_enabled'].nil? Settings.gitlab['issue_closing_pattern'] = '([Cc]loses|[Ff]ixes) #(\d+)' if Settings.gitlab['issue_closing_pattern'].nil? Settings.gitlab['default_projects_features'] ||= {} @@ -76,7 +100,7 @@ Settings.gitlab.default_projects_features['merge_requests'] = true if Settings.g Settings.gitlab.default_projects_features['wiki'] = true if Settings.gitlab.default_projects_features['wiki'].nil? Settings.gitlab.default_projects_features['wall'] = false if Settings.gitlab.default_projects_features['wall'].nil? Settings.gitlab.default_projects_features['snippets'] = false if Settings.gitlab.default_projects_features['snippets'].nil? -Settings.gitlab.default_projects_features['public'] = false if Settings.gitlab.default_projects_features['public'].nil? +Settings.gitlab.default_projects_features['visibility_level'] = Settings.send(:verify_constant, Gitlab::VisibilityLevel, Settings.gitlab.default_projects_features['visibility_level'], Gitlab::VisibilityLevel::PRIVATE) # # Gravatar diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index b7cb808d2e5..5da8932a651 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -74,8 +74,8 @@ Devise.setup do |config| # config.pepper = "2ef62d549c4ff98a5d3e0ba211e72cff592060247e3bbbb9f499af1222f876f53d39b39b823132affb32858168c79c1d7741d26499901b63c6030a42129924ef" # ==> Configuration for :confirmable - # The time you want to give your user to confirm his account. During this time - # he will be able to access your application without confirming. Default is 0.days + # The time you want to give a user to confirm their account. During this time + # they will be able to access your application without confirming. Default is 0.days # When confirm_within is zero, the user won't be able to sign in without confirming. # You can use this to let your user access some features of your application # without confirming the account, but blocking it after a certain period @@ -101,7 +101,7 @@ Devise.setup do |config| # ==> Configuration for :validatable # Range for password length. Default is 6..128. - config.password_length = 6..128 + config.password_length = 8..128 # Email regex used to validate email formats. It simply asserts that # an one (and only one) @ exists in the given string. This is mainly diff --git a/config/initializers/rack_attack.rb.example b/config/initializers/rack_attack.rb.example index 76fa7ad282e..1d10a53d505 100644 --- a/config/initializers/rack_attack.rb.example +++ b/config/initializers/rack_attack.rb.example @@ -1,16 +1,17 @@ -# To enable rack-attack for your GitLab instance do the following: -# 1. In config/application.rb find and uncomment the following line: -# config.middleware.use Rack::Attack -# 2. Rename this file to rack_attack.rb -# 3. Review the paths_to_be_protected and add any other path you need protecting -# 4. Restart GitLab instance +# 1. Rename this file to rack_attack.rb +# 2. Review the paths_to_be_protected and add any other path you need protecting # paths_to_be_protected = [ "#{Rails.application.config.relative_url_root}/users/password", "#{Rails.application.config.relative_url_root}/users/sign_in", + "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session.json", + "#{Rails.application.config.relative_url_root}/api/#{API::API.version}/session", "#{Rails.application.config.relative_url_root}/users" ] -Rack::Attack.throttle('protected paths', limit: 6, period: 60.seconds) do |req| - req.ip if paths_to_be_protected.include?(req.path) && req.post? + +unless Rails.env.test? + Rack::Attack.throttle('protected paths', limit: 10, period: 60.seconds) do |req| + req.ip if paths_to_be_protected.include?(req.path) && req.post? + end end diff --git a/config/routes.rb b/config/routes.rb index 58bbd2b650e..35143a4268c 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -86,9 +86,16 @@ Gitlab::Application.routes.draw do get :test end + resources :broadcast_messages, only: [:index, :create, :destroy] resource :logs, only: [:show] resource :background_jobs, controller: 'background_jobs', only: [:show] - resources :projects, constraints: { id: /[a-zA-Z.\/0-9_\-]+/ }, only: [:index, :show] + + resources :projects, constraints: { id: /[a-zA-Z.\/0-9_\-]+/ }, only: [:index, :show] do + member do + put :transfer + end + end + root to: "dashboard#index" end @@ -120,6 +127,7 @@ Gitlab::Application.routes.draw do delete :leave end end + resource :avatar, only: [:destroy] end end @@ -166,7 +174,7 @@ Gitlab::Application.routes.draw do end scope module: :projects do - resources :blob, only: [:show], constraints: {id: /.+/} + resources :blob, only: [:show, :destroy], constraints: {id: /.+/} resources :raw, only: [:show], constraints: {id: /.+/} resources :tree, only: [:show], constraints: {id: /.+/, format: /(html|js)/ } resources :edit_tree, only: [:show, :update], constraints: {id: /.+/}, path: 'edit' diff --git a/config/unicorn.rb.example b/config/unicorn.rb.example index 911c93b53f4..ba5e5cdde0b 100644 --- a/config/unicorn.rb.example +++ b/config/unicorn.rb.example @@ -9,7 +9,7 @@ # documentation. # Uncomment and customize the last line to run in a non-root path -# WARNING: This feature is known to work, but unsupported +# WARNING: We recommend creating a FQDN to host GitLab in a root path instead of this. # Note that four settings need to be changed for this to work. # 1) In your application.rb file: config.relative_url_root = "/gitlab" # 2) In your gitlab.yml file: relative_url_root: /gitlab |