diff options
Diffstat (limited to 'config')
| -rw-r--r-- | config/application.rb | 8 | ||||
| -rw-r--r-- | config/dependency_decisions.yml | 31 | ||||
| -rw-r--r-- | config/gitlab.yml.example | 4 | ||||
| -rw-r--r-- | config/initializers/1_settings.rb | 33 | ||||
| -rw-r--r-- | config/initializers/5_backend.rb | 3 | ||||
| -rw-r--r-- | config/initializers/6_validations.rb | 21 | ||||
| -rw-r--r-- | config/initializers/ar_monkey_patch.rb | 57 | ||||
| -rw-r--r-- | config/initializers/devise.rb | 3 | ||||
| -rw-r--r-- | config/initializers/doorkeeper.rb | 3 | ||||
| -rw-r--r-- | config/initializers/metrics.rb | 14 | ||||
| -rw-r--r-- | config/initializers/mime_types.rb | 7 | ||||
| -rw-r--r-- | config/initializers/request_profiler.rb | 5 | ||||
| -rw-r--r-- | config/initializers/secret_token.rb | 103 | ||||
| -rw-r--r-- | config/initializers/session_store.rb | 4 | ||||
| -rw-r--r-- | config/initializers/sidekiq.rb | 15 | ||||
| -rw-r--r-- | config/initializers/trusted_proxies.rb | 12 | ||||
| -rw-r--r-- | config/mail_room.yml | 53 | ||||
| -rw-r--r-- | config/resque.yml.example | 34 | ||||
| -rw-r--r-- | config/routes.rb | 121 |
19 files changed, 386 insertions, 145 deletions
diff --git a/config/application.rb b/config/application.rb index 06ebb14a5fe..4792f6670a8 100644 --- a/config/application.rb +++ b/config/application.rb @@ -85,6 +85,11 @@ module Gitlab config.assets.precompile << "users/users_bundle.js" config.assets.precompile << "network/network_bundle.js" config.assets.precompile << "profile/profile_bundle.js" + config.assets.precompile << "diff_notes/diff_notes_bundle.js" + config.assets.precompile << "boards/boards_bundle.js" + config.assets.precompile << "boards/test_utils/simulate_drag.js" + config.assets.precompile << "blob_edit/blob_edit_bundle.js" + config.assets.precompile << "snippet/snippet_bundle.js" config.assets.precompile << "lib/utils/*.js" config.assets.precompile << "lib/*.js" config.assets.precompile << "u2f.js" @@ -107,7 +112,8 @@ module Gitlab end end - redis_config_hash = Gitlab::Redis.redis_store_options + # Use Redis caching across all environments + redis_config_hash = Gitlab::Redis.params redis_config_hash[:namespace] = Gitlab::Redis::CACHE_NAMESPACE redis_config_hash[:expires_in] = 2.weeks # Cache should not grow forever config.cache_store = :redis_store, redis_config_hash diff --git a/config/dependency_decisions.yml b/config/dependency_decisions.yml index 293f2b71d65..74325872b09 100644 --- a/config/dependency_decisions.yml +++ b/config/dependency_decisions.yml @@ -68,6 +68,25 @@ :why: https://opensource.org/licenses/BSD-2-Clause :versions: [] :when: 2016-05-02 05:55:09.796363000 Z +- - :whitelist + - LGPLv2+ + - :who: Stan Hu + :why: Equivalent to LGPLv2 + :versions: [] + :when: 2016-06-07 17:14:10.907682000 Z +- - :whitelist + - Artistic 2.0 + - :who: Josh Frye + :why: Disk/mount information display on Admin pages + :versions: [] + :when: 2016-06-29 16:32:45.432113000 Z +- - :whitelist + - Simplified BSD + - :who: Douwe Maan + :why: https://opensource.org/licenses/BSD-2-Clause + :versions: [] + :when: 2016-07-26 21:24:07.248480000 Z + # LICENSE BLACKLIST - - :blacklist @@ -175,15 +194,3 @@ :why: https://github.com/jmcnevin/rubypants/blob/master/LICENSE.rdoc :versions: [] :when: 2016-05-02 05:56:50.696858000 Z -- - :whitelist - - LGPLv2+ - - :who: Stan Hu - :why: Equivalent to LGPLv2 - :versions: [] - :when: 2016-06-07 17:14:10.907682000 Z -- - :whitelist - - Artistic 2.0 - - :who: Josh Frye - :why: Disk/mount information display on Admin pages - :versions: [] - :when: 2016-06-29 16:32:45.432113000 Z diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index 325eca72862..1470a6e2550 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -106,8 +106,8 @@ production: &base ## Repository downloads directory # When a user clicks e.g. 'Download zip' on a project, a temporary zip file is created in the following directory. - # The default is 'tmp/repositories' relative to the root of the Rails app. - # repository_downloads_path: tmp/repositories + # The default is 'shared/cache/archive/' relative to the root of the Rails app. + # repository_downloads_path: shared/cache/archive/ ## Reply by email # Allow users to comment on issues and merge requests by replying to notification emails. diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb index 693507e0bec..4a01b9e40fb 100644 --- a/config/initializers/1_settings.rb +++ b/config/initializers/1_settings.rb @@ -211,9 +211,8 @@ Settings.gitlab.default_projects_features['snippets'] = false if Setti Settings.gitlab.default_projects_features['builds'] = true if Settings.gitlab.default_projects_features['builds'].nil? Settings.gitlab.default_projects_features['container_registry'] = true if Settings.gitlab.default_projects_features['container_registry'].nil? Settings.gitlab.default_projects_features['visibility_level'] = Settings.send(:verify_constant, Gitlab::VisibilityLevel, Settings.gitlab.default_projects_features['visibility_level'], Gitlab::VisibilityLevel::PRIVATE) -Settings.gitlab['repository_downloads_path'] = File.join(Settings.shared['path'], 'cache/archive') if Settings.gitlab['repository_downloads_path'].nil? Settings.gitlab['domain_whitelist'] ||= [] -Settings.gitlab['import_sources'] ||= %w[github bitbucket gitlab gitorious google_code fogbugz git gitlab_project] +Settings.gitlab['import_sources'] ||= %w[github bitbucket gitlab google_code fogbugz git gitlab_project] Settings.gitlab['trusted_proxies'] ||= [] # @@ -288,9 +287,18 @@ Settings.cron_jobs['admin_email_worker']['job_class'] = 'AdminEmailWorker' Settings.cron_jobs['repository_archive_cache_worker'] ||= Settingslogic.new({}) Settings.cron_jobs['repository_archive_cache_worker']['cron'] ||= '0 * * * *' Settings.cron_jobs['repository_archive_cache_worker']['job_class'] = 'RepositoryArchiveCacheWorker' -Settings.cron_jobs['gitlab_remove_project_export_worker'] ||= Settingslogic.new({}) -Settings.cron_jobs['gitlab_remove_project_export_worker']['cron'] ||= '0 * * * *' -Settings.cron_jobs['gitlab_remove_project_export_worker']['job_class'] = 'GitlabRemoveProjectExportWorker' +Settings.cron_jobs['import_export_project_cleanup_worker'] ||= Settingslogic.new({}) +Settings.cron_jobs['import_export_project_cleanup_worker']['cron'] ||= '0 * * * *' +Settings.cron_jobs['import_export_project_cleanup_worker']['job_class'] = 'ImportExportProjectCleanupWorker' +Settings.cron_jobs['requests_profiles_worker'] ||= Settingslogic.new({}) +Settings.cron_jobs['requests_profiles_worker']['cron'] ||= '0 0 * * *' +Settings.cron_jobs['requests_profiles_worker']['job_class'] = 'RequestsProfilesWorker' +Settings.cron_jobs['remove_expired_members_worker'] ||= Settingslogic.new({}) +Settings.cron_jobs['remove_expired_members_worker']['cron'] ||= '10 0 * * *' +Settings.cron_jobs['remove_expired_members_worker']['job_class'] = 'RemoveExpiredMembersWorker' +Settings.cron_jobs['remove_expired_group_links_worker'] ||= Settingslogic.new({}) +Settings.cron_jobs['remove_expired_group_links_worker']['cron'] ||= '10 0 * * *' +Settings.cron_jobs['remove_expired_group_links_worker']['job_class'] = 'RemoveExpiredGroupLinksWorker' # # GitLab Shell @@ -316,6 +324,21 @@ Settings.repositories['storages'] ||= {} Settings.repositories.storages['default'] ||= Settings.gitlab_shell['repos_path'] || Settings.gitlab['user_home'] + '/repositories/' # +# The repository_downloads_path is used to remove outdated repository +# archives, if someone has it configured incorrectly, and it points +# to the path where repositories are stored this can cause some +# data-integrity issue. In this case, we sets it to the default +# repository_downloads_path value. +# +repositories_storages_path = Settings.repositories.storages.values +repository_downloads_path = Settings.gitlab['repository_downloads_path'].to_s.gsub(/\/$/, '') +repository_downloads_full_path = File.expand_path(repository_downloads_path, Settings.gitlab['user_home']) + +if repository_downloads_path.blank? || repositories_storages_path.any? { |path| [repository_downloads_path, repository_downloads_full_path].include?(path.gsub(/\/$/, '')) } + Settings.gitlab['repository_downloads_path'] = File.join(Settings.shared['path'], 'cache/archive') +end + +# # Backup # Settings['backup'] ||= Settingslogic.new({}) diff --git a/config/initializers/5_backend.rb b/config/initializers/5_backend.rb index e026151a032..ed88c8ee1b8 100644 --- a/config/initializers/5_backend.rb +++ b/config/initializers/5_backend.rb @@ -1,6 +1,3 @@ -# GIT over HTTP -require_dependency Rails.root.join('lib/gitlab/backend/grack_auth') - # GIT over SSH require_dependency Rails.root.join('lib/gitlab/backend/shell') diff --git a/config/initializers/6_validations.rb b/config/initializers/6_validations.rb index 3ba9e36c567..d92f64e1647 100644 --- a/config/initializers/6_validations.rb +++ b/config/initializers/6_validations.rb @@ -3,22 +3,27 @@ def storage_name_valid?(name) end def find_parent_path(name, path) + parent = Pathname.new(path).realpath.parent Gitlab.config.repositories.storages.detect do |n, p| - name != n && path.chomp('/').start_with?(p.chomp('/')) + name != n && Pathname.new(p).realpath == parent end end -def error(message) +def storage_validation_error(message) raise "#{message}. Please fix this in your gitlab.yml before starting GitLab." end -error('No repository storage path defined') if Gitlab.config.repositories.storages.empty? +def validate_storages + storage_validation_error('No repository storage path defined') if Gitlab.config.repositories.storages.empty? -Gitlab.config.repositories.storages.each do |name, path| - error("\"#{name}\" is not a valid storage name") unless storage_name_valid?(name) + Gitlab.config.repositories.storages.each do |name, path| + storage_validation_error("\"#{name}\" is not a valid storage name") unless storage_name_valid?(name) - parent_name, _parent_path = find_parent_path(name, path) - if parent_name - error("#{name} is a nested path of #{parent_name}. Nested paths are not supported for repository storages") + parent_name, _parent_path = find_parent_path(name, path) + if parent_name + storage_validation_error("#{name} is a nested path of #{parent_name}. Nested paths are not supported for repository storages") + end end end + +validate_storages unless Rails.env.test? || ENV['SKIP_STORAGE_VALIDATION'] == 'true' diff --git a/config/initializers/ar_monkey_patch.rb b/config/initializers/ar_monkey_patch.rb new file mode 100644 index 00000000000..0da584626ee --- /dev/null +++ b/config/initializers/ar_monkey_patch.rb @@ -0,0 +1,57 @@ +# rubocop:disable Lint/RescueException + +# This patch fixes https://github.com/rails/rails/issues/26024 +# TODO: Remove it when it's no longer necessary + +module ActiveRecord + module Locking + module Optimistic + # We overwrite this method because we don't want to have default value + # for newly created records + def _create_record(attribute_names = self.attribute_names, *) # :nodoc: + super + end + + def _update_record(attribute_names = self.attribute_names) #:nodoc: + return super unless locking_enabled? + return 0 if attribute_names.empty? + + lock_col = self.class.locking_column + + previous_lock_value = send(lock_col).to_i + + # This line is added as a patch + previous_lock_value = nil if previous_lock_value == '0' || previous_lock_value == 0 + + increment_lock + + attribute_names += [lock_col] + attribute_names.uniq! + + begin + relation = self.class.unscoped + + affected_rows = relation.where( + self.class.primary_key => id, + lock_col => previous_lock_value, + ).update_all( + attributes_for_update(attribute_names).map do |name| + [name, _read_attribute(name)] + end.to_h + ) + + unless affected_rows == 1 + raise ActiveRecord::StaleObjectError.new(self, "update") + end + + affected_rows + + # If something went wrong, revert the version. + rescue Exception + send(lock_col + '=', previous_lock_value) + raise + end + end + end + end +end diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 73977341b73..a0a8f88584c 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -100,6 +100,9 @@ Devise.setup do |config| # secure: true in order to force SSL only cookies. # config.cookie_options = {} + # Send a notification email when the user's password is changed + config.send_password_change_notification = true + # ==> Configuration for :validatable # Range for password length. Default is 6..128. config.password_length = 8..128 diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index 618dba74151..fc4b0a72add 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -12,7 +12,8 @@ Doorkeeper.configure do end resource_owner_from_credentials do |routes| - Gitlab::Auth.find_with_user_password(params[:username], params[:password]) + user = Gitlab::Auth.find_with_user_password(params[:username], params[:password]) + user unless user.try(:two_factor_enabled?) end # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below. diff --git a/config/initializers/metrics.rb b/config/initializers/metrics.rb index c4266ab8ba5..52522e099e7 100644 --- a/config/initializers/metrics.rb +++ b/config/initializers/metrics.rb @@ -136,7 +136,21 @@ if Gitlab::Metrics.enabled? config.instrument_instance_methods(Rouge::Plugins::Redcarpet) config.instrument_instance_methods(Rouge::Formatters::HTMLGitlab) + [:XML, :HTML].each do |namespace| + namespace_mod = Nokogiri.const_get(namespace) + + config.instrument_methods(namespace_mod) + config.instrument_methods(namespace_mod::Document) + end + config.instrument_methods(Rinku) + config.instrument_instance_methods(Repository) + + config.instrument_methods(Gitlab::Highlight) + config.instrument_instance_methods(Gitlab::Highlight) + + # This is a Rails scope so we have to instrument it manually. + config.instrument_method(Project, :visible_to_user) end GC::Profiler.enable diff --git a/config/initializers/mime_types.rb b/config/initializers/mime_types.rb index 3e553120205..f498732feca 100644 --- a/config/initializers/mime_types.rb +++ b/config/initializers/mime_types.rb @@ -12,3 +12,10 @@ Mime::Type.register_alias "text/html", :md Mime::Type.register "video/mp4", :mp4, [], [:m4v, :mov] Mime::Type.register "video/webm", :webm Mime::Type.register "video/ogg", :ogv + +middlewares = Gitlab::Application.config.middleware +middlewares.swap(ActionDispatch::ParamsParser, ActionDispatch::ParamsParser, { + Mime::Type.lookup('application/vnd.git-lfs+json') => lambda do |body| + ActiveSupport::JSON.decode(body) + end +}) diff --git a/config/initializers/request_profiler.rb b/config/initializers/request_profiler.rb new file mode 100644 index 00000000000..a9aa802681a --- /dev/null +++ b/config/initializers/request_profiler.rb @@ -0,0 +1,5 @@ +require 'gitlab/request_profiler/middleware' + +Rails.application.configure do |config| + config.middleware.use(Gitlab::RequestProfiler::Middleware) +end diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb index dae3a4a9a93..291fa6c0abc 100644 --- a/config/initializers/secret_token.rb +++ b/config/initializers/secret_token.rb @@ -2,49 +2,86 @@ require 'securerandom' -# Your secret key for verifying the integrity of signed cookies. -# If you change this key, all old signed cookies will become invalid! -# Make sure the secret is at least 30 characters and all random, -# no regular words or you'll be exposed to dictionary attacks. - -def find_secure_token - token_file = Rails.root.join('.secret') - if ENV.key?('SECRET_KEY_BASE') - ENV['SECRET_KEY_BASE'] - elsif File.exist? token_file - # Use the existing token. - File.read(token_file).chomp - else - # Generate a new token of 64 random hexadecimal characters and store it in token_file. - token = SecureRandom.hex(64) - File.write(token_file, token) - token +# Transition material in .secret to the secret_key_base key in config/secrets.yml. +# Historically, ENV['SECRET_KEY_BASE'] takes precedence over .secret, so we maintain that +# behavior. +# +# It also used to be the case that the key material in ENV['SECRET_KEY_BASE'] or .secret +# was used to encrypt OTP (two-factor authentication) data so if present, we copy that key +# material into config/secrets.yml under otp_key_base. +# +# Finally, if we have successfully migrated all secrets to config/secrets.yml, delete the +# .secret file to avoid confusion. +# +def create_tokens + secret_file = Rails.root.join('.secret') + file_secret_key = File.read(secret_file).chomp if File.exist?(secret_file) + env_secret_key = ENV['SECRET_KEY_BASE'] + + # Ensure environment variable always overrides secrets.yml. + Rails.application.secrets.secret_key_base = env_secret_key if env_secret_key.present? + + defaults = { + secret_key_base: file_secret_key || generate_new_secure_token, + otp_key_base: env_secret_key || file_secret_key || generate_new_secure_token, + db_key_base: generate_new_secure_token + } + + missing_secrets = set_missing_keys(defaults) + write_secrets_yml(missing_secrets) unless missing_secrets.empty? + + begin + File.delete(secret_file) if file_secret_key + rescue => e + warn "Error deleting useless .secret file: #{e}" end end -Rails.application.config.secret_token = find_secure_token -Rails.application.config.secret_key_base = find_secure_token - -# CI def generate_new_secure_token SecureRandom.hex(64) end -if Rails.application.secrets.db_key_base.blank? - warn "Missing `db_key_base` for '#{Rails.env}' environment. The secrets will be generated and stored in `config/secrets.yml`" +def warn_missing_secret(secret) + warn "Missing Rails.application.secrets.#{secret} for #{Rails.env} environment. The secret will be generated and stored in config/secrets.yml." +end - all_secrets = YAML.load_file('config/secrets.yml') if File.exist?('config/secrets.yml') - all_secrets ||= {} +def set_missing_keys(defaults) + defaults.stringify_keys.each_with_object({}) do |(key, default), missing| + if Rails.application.secrets[key].blank? + warn_missing_secret(key) - # generate secrets - env_secrets = all_secrets[Rails.env.to_s] || {} - env_secrets['db_key_base'] ||= generate_new_secure_token - all_secrets[Rails.env.to_s] = env_secrets + missing[key] = Rails.application.secrets[key] = default + end + end +end + +def write_secrets_yml(missing_secrets) + secrets_yml = Rails.root.join('config/secrets.yml') + rails_env = Rails.env.to_s + secrets = YAML.load_file(secrets_yml) if File.exist?(secrets_yml) + secrets ||= {} + secrets[rails_env] ||= {} + + secrets[rails_env].merge!(missing_secrets) do |key, old, new| + # Previously, it was possible this was set to the literal contents of an Erb + # expression that evaluated to an empty value. We don't want to support that + # specifically, just ensure we don't break things further. + # + if old.present? + warn <<EOM +Rails.application.secrets.#{key} was blank, but the literal value in config/secrets.yml was: + #{old} - # save secrets - File.open('config/secrets.yml', 'w', 0600) do |file| - file.write(YAML.dump(all_secrets)) +This probably isn't the expected value for this secret. To keep using a literal Erb string in config/secrets.yml, replace `<%` with `<%%`. +EOM + + exit 1 # rubocop:disable Rails/Exit + end + + new end - Rails.application.secrets.db_key_base = env_secrets['db_key_base'] + File.write(secrets_yml, YAML.dump(secrets), mode: 'w', perm: 0600) end + +create_tokens diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index 0d9d87bac00..70be2617cab 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -13,9 +13,9 @@ end if Rails.env.test? Gitlab::Application.config.session_store :cookie_store, key: "_gitlab_session" else - redis_config = Gitlab::Redis.redis_store_options + redis_config = Gitlab::Redis.params redis_config[:namespace] = Gitlab::Redis::SESSION_NAMESPACE - + Gitlab::Application.config.session_store( :redis_store, # Using the cookie_store would enable session replay attacks. servers: redis_config, diff --git a/config/initializers/sidekiq.rb b/config/initializers/sidekiq.rb index 5e839327e7a..f7e714cd6bc 100644 --- a/config/initializers/sidekiq.rb +++ b/config/initializers/sidekiq.rb @@ -1,12 +1,14 @@ +# Custom Redis configuration +redis_config_hash = Gitlab::Redis.params +redis_config_hash[:namespace] = Gitlab::Redis::SIDEKIQ_NAMESPACE + Sidekiq.configure_server do |config| - config.redis = { - url: Gitlab::Redis.url, - namespace: Gitlab::Redis::SIDEKIQ_NAMESPACE - } + config.redis = redis_config_hash config.server_middleware do |chain| chain.add Gitlab::SidekiqMiddleware::ArgumentsLogger if ENV['SIDEKIQ_LOG_ARGUMENTS'] chain.add Gitlab::SidekiqMiddleware::MemoryKiller if ENV['SIDEKIQ_MEMORY_KILLER_MAX_RSS'] + chain.add Gitlab::SidekiqMiddleware::RequestStoreMiddleware unless ENV['SIDEKIQ_REQUEST_STORE'] == '0' end # Sidekiq-cron: load recurring jobs from gitlab.yml @@ -38,8 +40,5 @@ Sidekiq.configure_server do |config| end Sidekiq.configure_client do |config| - config.redis = { - url: Gitlab::Redis.url, - namespace: Gitlab::Redis::SIDEKIQ_NAMESPACE - } + config.redis = redis_config_hash end diff --git a/config/initializers/trusted_proxies.rb b/config/initializers/trusted_proxies.rb index df4a933e22f..cd869657c53 100644 --- a/config/initializers/trusted_proxies.rb +++ b/config/initializers/trusted_proxies.rb @@ -7,10 +7,18 @@ module Rack class Request def trusted_proxy?(ip) Rails.application.config.action_dispatch.trusted_proxies.any? { |proxy| proxy === ip } + rescue IPAddr::InvalidAddressError + false end end end +gitlab_trusted_proxies = Array(Gitlab.config.gitlab.trusted_proxies).map do |proxy| + begin + IPAddr.new(proxy) + rescue IPAddr::InvalidAddressError + end +end.compact + Rails.application.config.action_dispatch.trusted_proxies = ( - [ '127.0.0.1', '::1' ] + Array(Gitlab.config.gitlab.trusted_proxies) -).map { |proxy| IPAddr.new(proxy) } + [ '127.0.0.1', '::1' ] + gitlab_trusted_proxies) diff --git a/config/mail_room.yml b/config/mail_room.yml index 7cab24b295e..c639f8260aa 100644 --- a/config/mail_room.yml +++ b/config/mail_room.yml @@ -1,47 +1,36 @@ +# If you change this file in a Merge Request, please also create +# a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests +# :mailboxes: -<% -require "yaml" -require "json" -require_relative "lib/gitlab/redis" unless defined?(Gitlab::Redis) + <% + require_relative "lib/gitlab/mail_room" unless defined?(Gitlab::MailRoom) + config = Gitlab::MailRoom.config -rails_env = ENV["RAILS_ENV"] || ENV["RACK_ENV"] || "development" - -config_file = ENV["MAIL_ROOM_GITLAB_CONFIG_FILE"] || "config/gitlab.yml" -if File.exists?(config_file) - all_config = YAML.load_file(config_file)[rails_env] - - config = all_config["incoming_email"] || {} - config['enabled'] = false if config['enabled'].nil? - config['port'] = 143 if config['port'].nil? - config['ssl'] = false if config['ssl'].nil? - config['start_tls'] = false if config['start_tls'].nil? - config['mailbox'] = "inbox" if config['mailbox'].nil? - - if config['enabled'] && config['address'] - redis_url = Gitlab::Redis.new(rails_env).url - %> + if Gitlab::MailRoom.enabled? + %> - - :host: <%= config['host'].to_json %> - :port: <%= config['port'].to_json %> - :ssl: <%= config['ssl'].to_json %> - :start_tls: <%= config['start_tls'].to_json %> - :email: <%= config['user'].to_json %> - :password: <%= config['password'].to_json %> + :host: <%= config[:host].to_json %> + :port: <%= config[:port].to_json %> + :ssl: <%= config[:ssl].to_json %> + :start_tls: <%= config[:start_tls].to_json %> + :email: <%= config[:user].to_json %> + :password: <%= config[:password].to_json %> + :idle_timeout: 60 - :name: <%= config['mailbox'].to_json %> + :name: <%= config[:mailbox].to_json %> :delete_after_delivery: true :delivery_method: sidekiq :delivery_options: - :redis_url: <%= redis_url.to_json %> - :namespace: resque:gitlab + :redis_url: <%= config[:redis_url].to_json %> + :namespace: <%= Gitlab::Redis::SIDEKIQ_NAMESPACE %> :queue: incoming_email :worker: EmailReceiverWorker :arbitration_method: redis :arbitration_options: - :redis_url: <%= redis_url.to_json %> - :namespace: mail_room:gitlab + :redis_url: <%= config[:redis_url].to_json %> + :namespace: <%= Gitlab::Redis::MAILROOM_NAMESPACE %> + <% end %> -<% end %> diff --git a/config/resque.yml.example b/config/resque.yml.example index d98f43f71b2..0c19d8bc1d3 100644 --- a/config/resque.yml.example +++ b/config/resque.yml.example @@ -1,6 +1,34 @@ # If you change this file in a Merge Request, please also create # a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests # -development: redis://localhost:6379 -test: redis://localhost:6379 -production: unix:/var/run/redis/redis.sock +development: + url: redis://localhost:6379 + # sentinels: + # - + # host: localhost + # port: 26380 # point to sentinel, not to redis port + # - + # host: slave2 + # port: 26381 # point to sentinel, not to redis port +test: + url: redis://localhost:6379 +production: + # Redis (single instance) + url: unix:/var/run/redis/redis.sock + ## + # Redis + Sentinel (for HA) + # + # Please read instructions carefully before using it as you may lose data: + # http://redis.io/topics/sentinel + # + # You must specify a list of a few sentinels that will handle client connection + # please read here for more information: https://docs.gitlab.com/ce/administration/high_availability/redis.html + ## + # url: redis://master:6379 + # sentinels: + # - + # host: slave1 + # port: 26379 # point to sentinel, not to redis port + # - + # host: slave2 + # port: 26379 # point to sentinel, not to redis port diff --git a/config/routes.rb b/config/routes.rb index 21f3585bacd..24f9b44a53a 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -42,10 +42,9 @@ Rails.application.routes.draw do resource :lint, only: [:show, :create] - resources :projects do + resources :projects, only: [:index, :show] do member do get :status, to: 'projects#badge' - get :integration end end @@ -85,9 +84,6 @@ Rails.application.routes.draw do # Health check get 'health_check(/:checks)' => 'health_check#index', as: :health_check - # Enable Grack support (for LFS only) - mount Grack::AuthSpawner, at: '/', constraints: lambda { |request| /[-\/\w\.]+\.git\/(info\/lfs|gitlab-lfs)/.match(request.path_info) }, via: [:get, :post, :put] - # Help get 'help' => 'help#index' get 'help/shortcuts' => 'help#shortcuts' @@ -95,6 +91,11 @@ Rails.application.routes.draw do get 'help/*path' => 'help#show', as: :help_page # + # Koding route + # + get 'koding' => 'koding#index' + + # # Global snippets # resources :snippets do @@ -144,19 +145,13 @@ Rails.application.routes.draw do get :jobs end - resource :gitlab, only: [:create, :new], controller: :gitlab do - get :status - get :callback - get :jobs - end - - resource :bitbucket, only: [:create, :new], controller: :bitbucket do + resource :gitlab, only: [:create], controller: :gitlab do get :status get :callback get :jobs end - resource :gitorious, only: [:create, :new], controller: :gitorious do + resource :bitbucket, only: [:create], controller: :bitbucket do get :status get :callback get :jobs @@ -243,7 +238,6 @@ Rails.application.routes.draw do get :projects get :keys get :groups - put :team_update put :block put :unblock put :unlock @@ -257,7 +251,11 @@ Rails.application.routes.draw do resource :impersonation, only: :destroy resources :abuse_reports, only: [:index, :destroy] - resources :spam_logs, only: [:index, :destroy] + resources :spam_logs, only: [:index, :destroy] do + member do + post :mark_as_ham + end + end resources :applications @@ -281,6 +279,7 @@ Rails.application.routes.draw do resource :health_check, controller: 'health_check', only: [:show] resource :background_jobs, controller: 'background_jobs', only: [:show] resource :system_info, controller: 'system_info', only: [:show] + resources :requests_profiles, only: [:index, :show], param: :name, constraints: { name: /.+\.html/ } resources :namespaces, path: '/projects', constraints: { id: /[a-zA-Z.0-9_\-]+/ }, only: [] do root to: 'projects#index', as: :projects @@ -300,7 +299,7 @@ Rails.application.routes.draw do end end - resource :appearances, path: 'appearance' do + resource :appearances, only: [:show, :create, :update], path: 'appearance' do member do get :preview delete :logo @@ -309,7 +308,7 @@ Rails.application.routes.draw do end resource :application_settings, only: [:show, :update] do - resources :services + resources :services, only: [:index, :edit, :update] put :reset_runners_token put :reset_health_check_token put :clear_repository_check_states @@ -346,7 +345,7 @@ Rails.application.routes.draw do end scope module: :profiles do - resource :account, only: [:show, :update] do + resource :account, only: [:show] do member do delete :unlink end @@ -358,7 +357,7 @@ Rails.application.routes.draw do end end resource :preferences, only: [:show, :update] - resources :keys + resources :keys, only: [:index, :show, :new, :create, :destroy] resources :emails, only: [:index, :create, :destroy] resource :avatar, only: [:destroy] @@ -375,6 +374,8 @@ Rails.application.routes.draw do patch :skip end end + + resources :u2f_registrations, only: [:destroy] end end @@ -472,7 +473,7 @@ Rails.application.routes.draw do post :unarchive post :housekeeping post :toggle_star - post :markdown_preview + post :preview_markdown post :export post :remove_export post :generate_new_export @@ -483,11 +484,26 @@ Rails.application.routes.draw do end scope module: :projects do - # Git HTTP clients ('git clone' etc.) scope constraints: { id: /.+\.git/, format: nil } do + # Git HTTP clients ('git clone' etc.) get '/info/refs', to: 'git_http#info_refs' post '/git-upload-pack', to: 'git_http#git_upload_pack' post '/git-receive-pack', to: 'git_http#git_receive_pack' + + # Git LFS API (metadata) + post '/info/lfs/objects/batch', to: 'lfs_api#batch' + post '/info/lfs/objects', to: 'lfs_api#deprecated' + get '/info/lfs/objects/*oid', to: 'lfs_api#deprecated' + + # GitLab LFS object storage + scope constraints: { oid: /[a-f0-9]{64}/ } do + get '/gitlab-lfs/objects/*oid', to: 'lfs_storage#download' + + scope constraints: { size: /[0-9]+/ } do + put '/gitlab-lfs/objects/*oid/*size/authorize', to: 'lfs_storage#upload_authorize' + put '/gitlab-lfs/objects/*oid/*size', to: 'lfs_storage#upload_finalize' + end + end end # Allow /info/refs, /info/refs?service=git-upload-pack, and @@ -513,6 +529,11 @@ Rails.application.routes.draw do put '/update/*id', to: 'blob#update', constraints: { id: /.+/ }, as: 'update_blob' post '/preview/*id', to: 'blob#preview', constraints: { id: /.+/ }, as: 'preview_blob' + # + # Templates + # + get '/templates/:template_type/:key' => 'templates#show', as: :template + scope do get( '/blob/*id/diff', @@ -627,13 +648,17 @@ Rails.application.routes.draw do get '/compare/:from...:to', to: 'compare#show', as: 'compare', constraints: { from: /.+/, to: /.+/ } - resources :network, only: [:show], constraints: { id: /(?:[^.]|\.(?!json$))+/, format: /json/ } + # Don't use format parameter as file extension (old 3.0.x behavior) + # See http://guides.rubyonrails.org/routing.html#route-globbing-and-wildcard-segments + scope format: false do + resources :network, only: [:show], constraints: { id: Gitlab::Regex.git_reference_regex } - resources :graphs, only: [:show], constraints: { id: /(?:[^.]|\.(?!json$))+/, format: /json/ } do - member do - get :commits - get :ci - get :languages + resources :graphs, only: [:show], constraints: { id: Gitlab::Regex.git_reference_regex } do + member do + get :commits + get :ci + get :languages + end end end @@ -657,10 +682,10 @@ Rails.application.routes.draw do get '/wikis/*id', to: 'wikis#show', as: 'wiki', constraints: WIKI_SLUG_ID delete '/wikis/*id', to: 'wikis#destroy', constraints: WIKI_SLUG_ID put '/wikis/*id', to: 'wikis#update', constraints: WIKI_SLUG_ID - post '/wikis/*id/markdown_preview', to: 'wikis#markdown_preview', constraints: WIKI_SLUG_ID, as: 'wiki_markdown_preview' + post '/wikis/*id/preview_markdown', to: 'wikis#preview_markdown', constraints: WIKI_SLUG_ID, as: 'wiki_preview_markdown' end - resource :repository, only: [:show, :create] do + resource :repository, only: [:create] do member do get 'archive', constraints: { format: Gitlab::Regex.archive_formats_regex } end @@ -703,7 +728,9 @@ Rails.application.routes.draw do member do get :commits get :diffs + get :conflicts get :builds + get :pipelines get :merge_check post :merge post :cancel_merge_when_build_succeeds @@ -712,6 +739,7 @@ Rails.application.routes.draw do post :toggle_award_emoji post :remove_wip get :diff_for_path + post :resolve_conflicts end collection do @@ -720,6 +748,13 @@ Rails.application.routes.draw do get :update_branches get :diff_for_path end + + resources :discussions, only: [], constraints: { id: /\h{40}/ } do + member do + post :resolve + delete :resolve, action: :unresolve + end + end end resources :branches, only: [:index, :new, :create, :destroy], constraints: { id: Gitlab::Regex.git_reference_regex } @@ -742,7 +777,7 @@ Rails.application.routes.draw do end end - resources :environments, only: [:index, :show, :new, :create, :destroy] + resources :environments resources :builds, only: [:index, :show], constraints: { id: /\d+/ } do collection do @@ -782,7 +817,7 @@ Rails.application.routes.draw do end end - resources :labels, constraints: { id: /\d+/ } do + resources :labels, except: [:show], constraints: { id: /\d+/ } do collection do post :generate post :set_priorities @@ -798,6 +833,7 @@ Rails.application.routes.draw do member do post :toggle_subscription post :toggle_award_emoji + post :mark_as_spam get :referenced_merge_requests get :related_branches get :can_create_branch @@ -807,7 +843,7 @@ Rails.application.routes.draw do end end - resources :project_members, except: [:new, :edit], constraints: { id: /[a-zA-Z.\/0-9_\-#%+]+/ }, concerns: :access_requestable do + resources :project_members, except: [:show, :new, :edit], constraints: { id: /[a-zA-Z.\/0-9_\-#%+]+/ }, concerns: :access_requestable do collection do delete :leave @@ -828,6 +864,22 @@ Rails.application.routes.draw do member do post :toggle_award_emoji delete :delete_attachment + post :resolve + delete :resolve, action: :unresolve + end + end + + resource :board, only: [:show] do + scope module: :boards do + resources :issues, only: [:update] + + resources :lists, only: [:index, :create, :update, :destroy] do + collection do + post :generate + end + + resources :issues, only: [:index] + end end end @@ -854,7 +906,10 @@ Rails.application.routes.draw do resources :badges, only: [:index] do collection do scope '*ref', constraints: { ref: Gitlab::Regex.git_reference_regex } do - get :build, constraints: { format: /svg/ } + constraints format: /svg/ do + get :build + get :coverage + end end end end |