From cd87085d5bb9b798f6c15e09ba1c18f224a039b5 Mon Sep 17 00:00:00 2001 From: Sameer Naik Date: Sat, 26 Apr 2014 15:45:59 +0530 Subject: [PATCH 1/4] set the default GITLAB_PORT to 443 if https is enabled, else set it to 80 --- assets/init | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/assets/init b/assets/init index 13c58827..20a1ca6c 100755 --- a/assets/init +++ b/assets/init @@ -2,7 +2,7 @@ set -e GITLAB_HOST=${GITLAB_HOST:-localhost} -GITLAB_PORT=${GITLAB_PORT:-80} +GITLAB_PORT=${GITLAB_PORT:-} GITLAB_HTTPS=${GITLAB_HTTPS:-false} GITLAB_EMAIL=${GITLAB_EMAIL:-gitlab@localhost} GITLAB_SUPPORT=${GITLAB_SUPPORT:-support@localhost} @@ -84,6 +84,12 @@ case "${DB_TYPE}" in *) echo "Unsupported database adapter. Available adapters are mysql and postgres." && exit 1 ;; esac +if [ "${GITLAB_HTTPS}" == "true" ]; then + GITLAB_PORT=${GITLAB_PORT:-443} +else + GITLAB_PORT=${GITLAB_PORT:-80} +fi + case "${GITLAB_BACKUPS}" in daily|monthly) GITLAB_BACKUP_EXPIRY=${GITLAB_BACKUP_EXPIRY:-604800} ;; disable|*) GITLAB_BACKUP_EXPIRY=${GITLAB_BACKUP_EXPIRY:-0} ;; From 296a6ad02780092fb773461a0ed76ecba7c0a929 Mon Sep 17 00:00:00 2001 From: Sameer Naik Date: Sat, 26 Apr 2014 16:42:51 +0530 Subject: [PATCH 2/4] construct the gitlab_url based on whether https is enabled and whether the default ports are changed --- assets/config/gitlab-shell/config.yml | 2 +- assets/init | 17 +++++++++++------ 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/assets/config/gitlab-shell/config.yml b/assets/config/gitlab-shell/config.yml index f3619b19..905b0bc2 100644 --- a/assets/config/gitlab-shell/config.yml +++ b/assets/config/gitlab-shell/config.yml @@ -2,7 +2,7 @@ user: git # Url to gitlab instance. Used for api calls. Should end with a slash. -gitlab_url: "http://{{GITLAB_HOST}}/" +gitlab_url: "{{GITLAB_URL}}" http_settings: # user: someone diff --git a/assets/init b/assets/init index 20a1ca6c..f95b0136 100755 --- a/assets/init +++ b/assets/init @@ -84,11 +84,16 @@ case "${DB_TYPE}" in *) echo "Unsupported database adapter. Available adapters are mysql and postgres." && exit 1 ;; esac -if [ "${GITLAB_HTTPS}" == "true" ]; then - GITLAB_PORT=${GITLAB_PORT:-443} -else - GITLAB_PORT=${GITLAB_PORT:-80} -fi +case "${GITLAB_HTTPS}" in + true) + GITLAB_URL="https://${GITLAB_HOST}${GITLAB_PORT:+:$GITLAB_PORT}/" + GITLAB_PORT=${GITLAB_PORT:-443} + ;; + *) + GITLAB_URL="http://${GITLAB_HOST}${GITLAB_PORT:+:$GITLAB_PORT}/" + GITLAB_PORT=${GITLAB_PORT:-80} + ;; +esac case "${GITLAB_BACKUPS}" in daily|monthly) GITLAB_BACKUP_EXPIRY=${GITLAB_BACKUP_EXPIRY:-604800} ;; @@ -229,7 +234,7 @@ sudo -u git -H sed 's/{{REDIS_HOST}}/'"${REDIS_HOST}"'/' -i /home/git/gitlab/con sudo -u git -H sed 's/{{REDIS_PORT}}/'"${REDIS_PORT}"'/' -i /home/git/gitlab/config/resque.yml # configure gitlab-shell -sudo -u git -H sed 's/{{GITLAB_HOST}}/'"${GITLAB_HOST}:${GITLAB_PORT}"'/' -i /home/git/gitlab-shell/config.yml +sudo -u git -H sed 's,{{GITLAB_URL}},'"${GITLAB_URL}"',' -i /home/git/gitlab-shell/config.yml sudo -u git -H sed 's/{{REDIS_HOST}}/'"${REDIS_HOST}"'/' -i /home/git/gitlab-shell/config.yml sudo -u git -H sed 's/{{REDIS_PORT}}/'"${REDIS_PORT}"'/' -i /home/git/gitlab-shell/config.yml From 96d975d9f4b53bee402faee5798e3b52890d922c Mon Sep 17 00:00:00 2001 From: Sameer Naik Date: Sat, 26 Apr 2014 16:44:47 +0530 Subject: [PATCH 3/4] use https protocol in the wget request if https is enabled --- assets/init | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/assets/init b/assets/init index f95b0136..a21f0674 100755 --- a/assets/init +++ b/assets/init @@ -357,8 +357,11 @@ EOF crontab -u git /tmp/cron.git && rm -rf /tmp/cron.git # kickstart the rails application - wget "http://localhost" -O /dev/null - + if [ "${GITLAB_HTTPS}" == "true" ]; then + wget --no-check-certificate "https://${GITLAB_HOST}" -O /dev/null + else + wget "http://${GITLAB_HOST}" -O /dev/null + fi # watch the access logs tail -F /var/log/nginx/gitlab_access.log From c8a62b1c94678c6e140091bea5283f1fe5ef56b0 Mon Sep 17 00:00:00 2001 From: Sameer Naik Date: Sat, 26 Apr 2014 16:52:58 +0530 Subject: [PATCH 4/4] fix git over ssh when the default http/https ports are not used. Internally the SSH and the http/https servers always bind to ports 22 and 80/443 respectively. If the GITLAB_PORT variable is set to any other port, then cloning over SSH would not work. This is because internally gitlab-shell tries to communicate with the gitlab server over http interface. In gitlab-shell configured with the GITLAB_PORT value the conmmunication will effective fail and thereby the cloning operation would return an error. To fix this, we make gitlab-shell communicate with the http server directly with the default http/https ports since this is all internal. Prior to this update, cloning repositories over ssh protocol would not work when the container is started in the following way: ```bash docker run -i -t --rm \ -p 8888:80 -p 2222:22 \ -e "GITLAB_PORT=8888" -e "GITLAB_SHELL_SSH_PORT=2222" \ sameersbn/gitlab ``` --- Changelog.md | 1 + assets/init | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/Changelog.md b/Changelog.md index 77ec8818..507dc38c 100644 --- a/Changelog.md +++ b/Changelog.md @@ -1,6 +1,7 @@ # Changelog **latest** +- fix git over ssh when the default http/https ports are not used. - compile the assets only if it does not exist or if the gitlab version has changed. - upgrade gitlab-shell to version 1.9.4 - cache compiled assets to boost application startup. diff --git a/assets/init b/assets/init index a21f0674..16ed2a50 100755 --- a/assets/init +++ b/assets/init @@ -238,6 +238,12 @@ sudo -u git -H sed 's,{{GITLAB_URL}},'"${GITLAB_URL}"',' -i /home/git/gitlab-she sudo -u git -H sed 's/{{REDIS_HOST}}/'"${REDIS_HOST}"'/' -i /home/git/gitlab-shell/config.yml sudo -u git -H sed 's/{{REDIS_PORT}}/'"${REDIS_PORT}"'/' -i /home/git/gitlab-shell/config.yml +# hack: make git over ssh work when the default http/https ports are not used. +case "${GITLAB_HTTPS}" in + true) sed -i 's,#{config.gitlab_url}/api/v3/internal,https://localhost/api/v3/internal,' -i /home/git/gitlab-shell/lib/gitlab_net.rb ;; + *) sed -i 's,#{config.gitlab_url}/api/v3/internal,http://localhost/api/v3/internal,' -i /home/git/gitlab-shell/lib/gitlab_net.rb ;; +esac + # configure unicorn workers sed 's/{{UNICORN_WORKERS}}/'"${UNICORN_WORKERS}"'/' -i /home/git/gitlab/config/unicorn.rb