diff options
| author | Jacob Vosmaer <contact@jacobvosmaer.nl> | 2015-08-31 15:30:15 +0200 |
|---|---|---|
| committer | Jacob Vosmaer <contact@jacobvosmaer.nl> | 2015-08-31 15:30:15 +0200 |
| commit | 4027a26e7b5a1a2a54dd57e480507095c91af26b (patch) | |
| tree | 7cc1f7b50cf156f43918b7fbb57ca34af14b72ae /lib/support | |
| parent | 1081a322f1b846fcddb3cb77f068e2e818f9d73f (diff) | |
| download | gitlab-ce-4027a26e7b5a1a2a54dd57e480507095c91af26b.tar.gz | |
Replace grack with gitlab-git-http-server
Diffstat (limited to 'lib/support')
| -rwxr-xr-x | lib/support/init.d/gitlab | 74 | ||||
| -rwxr-xr-x | lib/support/init.d/gitlab.default.example | 10 | ||||
| -rw-r--r-- | lib/support/nginx/gitlab | 44 | ||||
| -rw-r--r-- | lib/support/nginx/gitlab-ssl | 44 |
4 files changed, 107 insertions, 65 deletions
diff --git a/lib/support/init.d/gitlab b/lib/support/init.d/gitlab index 457bd31e23b..f2923314d48 100755 --- a/lib/support/init.d/gitlab +++ b/lib/support/init.d/gitlab @@ -37,6 +37,10 @@ web_server_pid_path="$pid_path/unicorn.pid" sidekiq_pid_path="$pid_path/sidekiq.pid" mail_room_enabled=false mail_room_pid_path="$pid_path/mail_room.pid" +gitlab_git_http_server_pid_path="$pid_path/gitlab-git-http-server.pid" +gitlab_git_http_server_options="-listenUmask 0 -listenNetwork unix -listenAddr $socket_path/gitlab-git-http-server.socket -authBackend http://127.0.0.1:8080" +gitlab_git_http_server_repo_root='/home/git/repositories' +gitlab_git_http_server_log="$app_root/log/gitlab-git-http-server.log" shell_path="/bin/bash" # Read configuration variable file if it is present @@ -72,6 +76,11 @@ check_pids(){ else spid=0 fi + if [ -f "$gitlab_git_http_server_pid_path" ]; then + hpid=$(cat "$gitlab_git_http_server_pid_path") + else + hpid=0 + fi if [ "$mail_room_enabled" = true ]; then if [ -f "$mail_room_pid_path" ]; then mpid=$(cat "$mail_room_pid_path") @@ -85,7 +94,7 @@ check_pids(){ wait_for_pids(){ # We are sleeping a bit here mostly because sidekiq is slow at writing it's pid i=0; - while [ ! -f $web_server_pid_path ] || [ ! -f $sidekiq_pid_path ] || { [ "$mail_room_enabled" = true ] && [ ! -f $mail_room_pid_path ]; }; do + while [ ! -f $web_server_pid_path ] || [ ! -f $sidekiq_pid_path ] || [ ! -f $gitlab_git_http_server_pid_path ] || { [ "$mail_room_enabled" = true ] && [ ! -f $mail_room_pid_path ]; }; do sleep 0.1; i=$((i+1)) if [ $((i%10)) = 0 ]; then @@ -120,6 +129,12 @@ check_status(){ else sidekiq_status="-1" fi + if [ $hpid -ne 0 ]; then + kill -0 "$hpid" 2>/dev/null + gitlab_git_http_server_status="$?" + else + gitlab_git_http_server_status="-1" + fi if [ "$mail_room_enabled" = true ]; then if [ $mpid -ne 0 ]; then kill -0 "$mpid" 2>/dev/null @@ -128,7 +143,7 @@ check_status(){ mail_room_status="-1" fi fi - if [ $web_status = 0 ] && [ $sidekiq_status = 0 ] && { [ "$mail_room_enabled" != true ] || [ $mail_room_status = 0 ]; }; then + if [ $web_status = 0 ] && [ $sidekiq_status = 0 ] && [ $gitlab_git_http_server_status = 0 ] && { [ "$mail_room_enabled" != true ] || [ $mail_room_status = 0 ]; }; then gitlab_status=0 else # http://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html @@ -156,6 +171,13 @@ check_stale_pids(){ exit 1 fi fi + if [ "$hpid" != "0" ] && [ "$gitlab_git_http_server_status" != "0" ]; then + echo "Removing stale gitlab-git-http-server pid. This is most likely caused by gitlab-git-http-server crashing the last time it ran." + if ! rm "$gitlab_git_http_server_pid_path"; then + echo "Unable to remove stale pid, exiting" + exit 1 + fi + fi if [ "$mail_room_enabled" = true ] && [ "$mpid" != "0" ] && [ "$mail_room_status" != "0" ]; then echo "Removing stale MailRoom job dispatcher pid. This is most likely caused by MailRoom crashing the last time it ran." if ! rm "$mail_room_pid_path"; then @@ -168,7 +190,7 @@ check_stale_pids(){ ## If no parts of the service is running, bail out. exit_if_not_running(){ check_stale_pids - if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; }; then + if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_git_http_server_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; }; then echo "GitLab is not running." exit fi @@ -184,6 +206,9 @@ start_gitlab() { if [ "$sidekiq_status" != "0" ]; then echo "Starting GitLab Sidekiq" fi + if [ "$gitlab_git_http_server_status" != "0" ]; then + echo "Starting gitlab-git-http-server" + fi if [ "$mail_room_enabled" = true ] && [ "$mail_room_status" != "0" ]; then echo "Starting GitLab MailRoom" fi @@ -205,6 +230,17 @@ start_gitlab() { RAILS_ENV=$RAILS_ENV bin/background_jobs start & fi + if [ "$gitlab_git_http_server_status" = "0" ]; then + echo "The gitlab-git-http-server is already running with pid $spid, not restarting" + else + # No need to remove a socket, gitlab-git-http-server does this itself + $app_root/bin/daemon_with_pidfile $gitlab_git_http_server_pid_path \ + $app_root/../gitlab-git-http-server/gitlab-git-http-server \ + $gitlab_git_http_server_options \ + $gitlab_git_http_server_repo_root \ + >> $gitlab_git_http_server_log 2>&1 & + fi + if [ "$mail_room_enabled" = true ]; then # If MailRoom is already running, don't start it again. if [ "$mail_room_status" = "0" ]; then @@ -226,33 +262,27 @@ stop_gitlab() { if [ "$web_status" = "0" ]; then echo "Shutting down GitLab Unicorn" + RAILS_ENV=$RAILS_ENV bin/web stop fi if [ "$sidekiq_status" = "0" ]; then echo "Shutting down GitLab Sidekiq" - fi - if [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; then - echo "Shutting down GitLab MailRoom" - fi - - # If the Unicorn web server is running, tell it to stop; - if [ "$web_status" = "0" ]; then - RAILS_ENV=$RAILS_ENV bin/web stop - fi - # And do the same thing for the Sidekiq. - if [ "$sidekiq_status" = "0" ]; then RAILS_ENV=$RAILS_ENV bin/background_jobs stop fi - # And do the same thing for the MailRoom. + if [ "$gitlab_git_http_server_status" = "0" ]; then + echo "Shutting down gitlab-git-http-server" + kill $(cat $gitlab_git_http_server_pid_path) + fi if [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; then + echo "Shutting down GitLab MailRoom" RAILS_ENV=$RAILS_ENV bin/mail_room stop fi # If something needs to be stopped, lets wait for it to stop. Never use SIGKILL in a script. - while [ "$web_status" = "0" ] || [ "$sidekiq_status" = "0" ] || { [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; }; do + while [ "$web_status" = "0" ] || [ "$sidekiq_status" = "0" ] || [ "$gitlab_git_http_server_status" = "0" ] || { [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; }; do sleep 1 check_status printf "." - if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; }; then + if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_git_http_server_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; }; then printf "\n" break fi @@ -262,6 +292,7 @@ stop_gitlab() { # Cleaning up unused pids rm "$web_server_pid_path" 2>/dev/null # rm "$sidekiq_pid_path" 2>/dev/null # Sidekiq seems to be cleaning up it's own pid. + rm -f "$gitlab_git_http_server_pid_path" if [ "$mail_room_enabled" = true ]; then rm "$mail_room_pid_path" 2>/dev/null fi @@ -272,7 +303,7 @@ stop_gitlab() { ## Prints the status of GitLab and it's components. print_status() { check_status - if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; }; then + if [ "$web_status" != "0" ] && [ "$sidekiq_status" != "0" ] && [ "$gitlab_git_http_server_status" != "0" ] && { [ "$mail_room_enabled" != true ] || [ "$mail_room_status" != "0" ]; }; then echo "GitLab is not running." return fi @@ -286,6 +317,11 @@ print_status() { else printf "The GitLab Sidekiq job dispatcher is \033[31mnot running\033[0m.\n" fi + if [ "$gitlab_git_http_server_status" = "0" ]; then + echo "The gitlab-git-http-server with pid $hpid is running." + else + printf "The gitlab-git-http-server is \033[31mnot running\033[0m.\n" + fi if [ "$mail_room_enabled" = true ]; then if [ "$mail_room_status" = "0" ]; then echo "The GitLab MailRoom email processor with pid $mpid is running." @@ -324,7 +360,7 @@ reload_gitlab(){ ## Restarts Sidekiq and Unicorn. restart_gitlab(){ check_status - if [ "$web_status" = "0" ] || [ "$sidekiq_status" = "0" ] || { [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; }; then + if [ "$web_status" = "0" ] || [ "$sidekiq_status" = "0" ] || [ "$gitlab_git_http_server" = "0" ] || { [ "$mail_room_enabled" = true ] && [ "$mail_room_status" = "0" ]; }; then stop_gitlab fi start_gitlab diff --git a/lib/support/init.d/gitlab.default.example b/lib/support/init.d/gitlab.default.example index fd70cb7cc74..aab5acaa72c 100755 --- a/lib/support/init.d/gitlab.default.example +++ b/lib/support/init.d/gitlab.default.example @@ -30,6 +30,16 @@ web_server_pid_path="$pid_path/unicorn.pid" # The default is "$pid_path/sidekiq.pid" sidekiq_pid_path="$pid_path/sidekiq.pid" +gitlab_git_http_server_pid_path="$pid_path/gitlab-git-http-server.pid" +# The -listenXxx settings determine where gitlab-git-http-server +# listens for connections from NGINX. To listen on localhost:8181, write +# '-listenNetwork tcp -listenAddr localhost:8181'. +# The -authBackend setting tells gitlab-git-http-server where it can reach +# Unicorn. +gitlab_git_http_server_options="-listenUmask 0 -listenNetwork unix -listenAddr $socket_path/gitlab-git-http-server.socket -authBackend http://127.0.0.1:8080" +gitlab_git_http_server_repo_root="/home/git/repositories" +gitlab_git_http_server_log="$app_root/log/gitlab-git-http-server.log" + # mail_room_enabled specifies whether mail_room, which is used to process incoming email, is enabled. # This is required for the Reply by email feature. # The default is "false" diff --git a/lib/support/nginx/gitlab b/lib/support/nginx/gitlab index efa0898900f..17f89c8beb6 100644 --- a/lib/support/nginx/gitlab +++ b/lib/support/nginx/gitlab @@ -38,10 +38,9 @@ upstream gitlab { server unix:/home/git/gitlab/tmp/sockets/gitlab.socket fail_timeout=0; } -## Experimental: gitlab-git-http-server -# upstream gitlab-git-http-server { -# server localhost:8181; -# } +upstream gitlab-git-http-server { + server unix:/home/git/gitlab/tmp/sockets/gitlab-git-http-server.socket fail_timeout=0; +} ## Normal HTTP host server { @@ -114,25 +113,24 @@ server { proxy_pass http://gitlab; } - ## Experimental: send Git HTTP traffic to gitlab-git-http-server instead of Unicorn - # location ~ [-\/\w\.]+\.git\/ { - # ## If you use HTTPS make sure you disable gzip compression - # ## to be safe against BREACH attack. - # # gzip off; - - # ## https://github.com/gitlabhq/gitlabhq/issues/694 - # ## Some requests take more than 30 seconds. - # proxy_read_timeout 300; - # proxy_connect_timeout 300; - # proxy_redirect off; - - # proxy_set_header Host $http_host; - # proxy_set_header X-Real-IP $remote_addr; - # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # proxy_set_header X-Forwarded-Proto $scheme; - - # proxy_pass http://gitlab-git-http-server; - # } + location ~ [-\/\w\.]+\.git\/ { + ## If you use HTTPS make sure you disable gzip compression + ## to be safe against BREACH attack. + # gzip off; + + ## https://github.com/gitlabhq/gitlabhq/issues/694 + ## Some requests take more than 30 seconds. + proxy_read_timeout 300; + proxy_connect_timeout 300; + proxy_redirect off; + + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + proxy_pass http://gitlab-git-http-server; + } ## Enable gzip compression as per rails guide: ## http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression diff --git a/lib/support/nginx/gitlab-ssl b/lib/support/nginx/gitlab-ssl index 314525518f1..5ba39fc41a4 100644 --- a/lib/support/nginx/gitlab-ssl +++ b/lib/support/nginx/gitlab-ssl @@ -42,10 +42,9 @@ upstream gitlab { server unix:/home/git/gitlab/tmp/sockets/gitlab.socket fail_timeout=0; } -## Experimental: gitlab-git-http-server -# upstream gitlab-git-http-server { -# server localhost:8181; -# } +upstream gitlab-git-http-server { + server unix:/home/git/gitlab/tmp/sockets/gitlab-git-http-server.socket fail_timeout=0; +} ## Redirects all HTTP traffic to the HTTPS host server { @@ -161,25 +160,24 @@ server { proxy_pass http://gitlab; } - ## Experimental: send Git HTTP traffic to gitlab-git-http-server instead of Unicorn - # location ~ [-\/\w\.]+\.git\/ { - # ## If you use HTTPS make sure you disable gzip compression - # ## to be safe against BREACH attack. - # gzip off; - - # ## https://github.com/gitlabhq/gitlabhq/issues/694 - # ## Some requests take more than 30 seconds. - # proxy_read_timeout 300; - # proxy_connect_timeout 300; - # proxy_redirect off; - - # proxy_set_header Host $http_host; - # proxy_set_header X-Real-IP $remote_addr; - # proxy_set_header X-Forwarded-Ssl on; - # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # proxy_set_header X-Forwarded-Proto $scheme; - # proxy_pass http://gitlab-git-http-server; - # } + location ~ [-\/\w\.]+\.git\/ { + ## If you use HTTPS make sure you disable gzip compression + ## to be safe against BREACH attack. + gzip off; + + ## https://github.com/gitlabhq/gitlabhq/issues/694 + ## Some requests take more than 30 seconds. + proxy_read_timeout 300; + proxy_connect_timeout 300; + proxy_redirect off; + + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Ssl on; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://gitlab-git-http-server; + } ## Enable gzip compression as per rails guide: ## http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression |