github/gitlab-recipes
1
1
Fork 0
mirror of https://github.com/gitlabhq/gitlab-recipes.git synced 2026-01-13 08:28:05 -05:00
Code Issues Packages Projects Releases Wiki Activity
509 Commits 11 Branches 0 Tags
apache-old
Commit Graph

48 Commits

Author SHA1 Message Date
Achilleas Pipinellis
1d70fd7c57 Fix regex 2015-10-28 17:20:42 +02:00
Adriano Cataluddi
e879c8244e Updated configuration for Gitlab 8.x and Apache Httpd 2.2.x. after rebase and integration of b8290a5c24 commit. 2015-10-26 22:34:47 +01:00
Adriano Cataluddi
12fba4387f Added configuration for Gitlab 8.x and Apache Httpd 2.2.x. 2015-10-26 22:18:02 +01:00
Daniel Widerin
b8290a5c24 Fix rewrites for gitlab-git-http-server 
Aligned them to nginx config in gitlab-ce to make downloads work.
 2015-10-24 22:06:02 +02:00
Achilleas Pipinellis
8cee293637 Merge branch 'master' of github.com:gitlabhq/gitlab-recipes 2015-10-12 12:39:02 +03:00
Vasiliy Tyubek
77d30b9a73 Issue #268 Updated Apache config for not to encode %2F double 2015-10-12 11:49:45 +03:00
Corey Sewell
b4987445bb Add notes on how to allow gitlab-git-http-server to listen on port 8181 2015-09-26 21:31:21 +12:00
Corey Sewell
12f752241a Always route uploads through Unicorn 
Replace gitlab-git-http-server regex with that used for Nginx. Fixes #30
 2015-09-25 14:56:22 +12:00
Corey Sewell
9cff0f5cd9 Typo fixes and notes update 2015-09-23 19:54:30 +12:00
Corey Sewell
c933b51053 Add example for GitLab 8.0 with Apache 2.4 2015-09-23 09:28:56 +12:00
Achilleas Pipinellis
2fa3ec7ab4 Add 'RequestHeader set X-Forwarded-Ssl on' in apache configs 
https://github.com/gitlabhq/gitlabhq/issues/6119#issuecomment-131191050
 2015-08-15 10:52:31 +03:00
Jérôme Tamarelle
73abde7501 (Apache) Keep slashes encoded for the API 
> If using namespaced projects call make sure that the NAMESPACE/PROJECT_NAME
> is URL-encoded, eg. /api/v3/projects/diaspora%2Fdiaspora
> (where / is represented by %2F).
http://doc.gitlab.com/ce/api/projects.html#get-single-project
 2014-06-30 15:40:28 +02:00
Achilleas Pipinellis
60748d95b9 Fixes #5 (gitlab.com) 2014-06-16 16:31:29 +03:00
Corin Simpson-Bryars
7c9cb85390 Update apache2.4 for forward secrecy/no compression 
Adds forward secrecy and disables SSL/TLS compression which is potentially exploitable.
 2014-04-10 02:44:34 +01:00
Fabrício Godoy
2a7a7a2346 Fixed SELinux modifications for Apache 
The boolean httpd_enable_homedirs isn't needed. httpd_read_user_content is enough (http://serverfault.com/a/461738).
All file context rules can be applied in one transaction (http://danwalsh.livejournal.com/41593.html).
 2014-03-23 19:17:19 -03:00
Charles Luzzato
649860a1f9 Added link to apache2.4 doc 2014-02-08 12:08:51 +00:00
Charles Luzzato
125a2d1f65 Added the file for HTTP access with Apache2.4 2014-02-08 12:05:37 +00:00
Charles Luzzato
c4f69ce3f8 Added information about the Apache2.4 files in the README.md 2014-02-08 12:03:54 +00:00
Chluz
5e16ecc3d6 Create new file for apache 2.4 and above 
Changed the authorization commands to conform to apache2.4 and above
http://httpd.apache.org/docs/2.4/upgrading.html#access
 2014-02-08 11:41:33 +00:00
Achilleas Pipinellis
5492da2729 Centos guide to be on par with official guide 2014-01-27 15:26:43 +02:00
Konrad Mohrfeldt
90d3a173bf add mod_headers module dependency for RequestHeader directive 2013-11-10 20:57:26 +01:00
codeling
61f39093fe Incorporate fix for incorrect http redirect 
Incorporates fix from https://github.com/gitlabhq/gitlabhq/issues/715 to make gitlab properly redirect to https instead of http when configured for https
 2013-11-09 11:50:07 +01:00
Sam Gleske
54314ecabc Apache config - better based on SSL config 
This is a better proxy config which is based on the
gitlab-ssl.conf.
 2013-10-30 15:30:41 -04:00
semiosis
eeea95da07 Changed the http-https redirect rule 
As per comments by @sag47 here:
https://github.com/gitlabhq/gitlabhq/issues/4997#issuecomment-25738169
 2013-10-04 21:10:35 -04:00
semiosis
98153fb3cc Fixing rewriterule 
The (.*) regex didn't work with gitlab 6.1 so I switched back to using REQUEST_URI.
 2013-10-03 22:29:52 -04:00
semiosis
29410935c8 Updated with suggestions from sag47 
Made changes as per comments by @sag47

- Added ProxyPassReverse http://127.0.0.1:8080
Though I'm not sure what that's for.

- Simplified regex in rewriterule

- Put back in comments with links to external docs (nginx try)
 2013-10-03 20:33:25 -04:00
semiosis
c4445b83bb Changed port from 9292 (puma) to 8080 (unicorn) 
Fixed port in the proxy backend address for unicorn on port 8080 instead of puma on port 9292.
 2013-10-03 13:40:17 -04:00
semiosis
05acc57c33 Simplified & improved apache proxy config 
Previously there was an unnecessary redirect before & after sign-in to http.  This new configuration eliminates that leak, and is easier to read.
 2013-10-03 13:27:24 -04:00
Sam Gleske
0a5b0e1b4e apache config README update 
Replace instances of gitlab.conf with gitlab-ssl.conf.  The docs
should be more consistent on what it recommends.
 2013-09-25 14:29:43 -04:00
Sam Gleske
003c15500b apache README grammar fix 
changed system to environment
 2013-09-25 14:18:40 -04:00
Sam Gleske
10b00585f3 apache README grammar corrections 2013-09-25 14:16:13 -04:00
Sam Gleske
ab4a23742f apache README grammar fix 2013-09-25 12:34:36 -04:00
Sam Gleske
97ad192492 Updating apache README 
to reflect changes for gitlab.conf and gitlab-ssl.conf
 2013-09-25 10:47:17 -04:00
Sam Gleske
303fe32a02 SSL and non-SSL apache configurations 2013-09-25 10:42:02 -04:00
Sam Gleske
d02b957565 Impersonal changes 2013-09-25 10:40:20 -04:00
Sam Gleske
4c9f3b7d2a Merge branch 'master' into docs-manage_ssl 2013-09-25 09:46:44 -04:00
Sam Gleske
2de38c67a2 Grammar correction in httpd README 2013-09-24 17:03:40 -04:00
Sam Gleske
f071d62fbd Grammar correction in httpd README 2013-09-24 17:01:45 -04:00
Sam Gleske
c1d4ca0bd0 httpd security recommendations added 
Recommendations for disabling mod_suexec and mod_deflate modules.
 2013-09-24 16:23:32 -04:00
Sam Gleske
e57b0bf0b1 Major readme overhaul for apache httpd 2013-09-24 16:10:02 -04:00
Sam Gleske
7b5ff94cfc Modified CA to be more generic 2013-09-24 15:25:48 -04:00
Sam Gleske
e2c8ca3888 More secure SSL and defined errordocuments 
Now ErrorDocuments use GitLab error documents.  When the backend
service is down (i.e. Unicorn) then Apache will show a GitLab
maintenance page (error 503).  Other errors (404, 422, 500) are
also included in the rewrite.

Updated SSL ciphers so that only the strongest SSL ciphers are
allowed.  This is primarily a security update for allowed
encryption ciphers.
 2013-09-24 14:15:03 -04:00
Sam Gleske
417d227e91 Updating mod_rewrite expression for SERVER_NAME 
Also changed the ca.crt example name to be more intuitive.
 2013-09-11 13:52:17 -04:00
Sam Gleske
0d3075dc40 A better Apache httpd config for GitLab 6 2013-09-10 14:50:09 -04:00
Axilleas Pipinellis
9833fc52a7 Use unicorn by default. Add info for puma use, implement #87 2013-08-18 16:09:47 +03:00
Axilleas Pipinellis
fabeb6ab74 Enhance existing apache config. Implement #50 and #79 
Beware that adding `ProxyPass /uploads !` would be a security issue,
since uploads are publicly available without any authentification by default.

See: https://github.com/gitlabhq/gitlabhq/issues/348#issuecomment-21682402
 2013-08-05 14:15:25 +03:00
Axilleas Pipinellis
c139f0ef5d Add dummy readme files 2013-08-02 12:21:36 +03:00
Axilleas Pipinellis
75bcb79ca6 Initial commit of new structure 2013-07-31 14:59:21 +03:00