Age | Commit message (Collapse) | Author |
|
Right now the logic for determing when HTTPS redirection should happen
is split in both the GitLab Rails and Pages processes. This means that
the Pages configuration in Omnibus has to be specified correctly
for Sidekiq for the HTTPS-only feature to work properly. We can
simplify this by consolidating alll the HTTPS redirection logic
here and removing it from Rails.
Closes https://gitlab.com/gitlab-org/gitlab-pages/issues/163
|
|
Fix HTTP to HTTPS redirection not working for default domains
Closes #162
See merge request gitlab-org/gitlab-pages!106
|
|
If a default domain is in use, the group domain will be passed into the
IsHTTPSOnly() call, but this will always return false because the HTTPS-only
flag can only be determined by looking at the HTTP request host rather than
the URL.
For example, for the project https://gitlab.com/tanukitalks/tanukitalks.gitlab.io,
this is what happened previously:
1. For a project in the default domain (e.g. `gitlab.io`), GitLab Pages loads
`config.json` and sees the group is `tanukitalks` with the project name
`tanuitalks.gitlab.io`. It stores the HTTPS-only flag inside the project
config.
2. Note that for projects in the default domain, the `domainConfig` is
empty. This makes sense because there is no domain configuration specified
since the default domain is being used, and we need to redirect on a
project-by-project basis.
3. User requests https://tanukitalks.gitlab.io.
4. GitLab Pages looks up `tanukitalks.gitlab.io`, and it returns the domain
`tanukitalks` with an empty `domainConfig` and project `tanukitalks.gitlab.io`.
5. Since there is no `domainConfig`, `IsHTTPSOnly` attempts to resolve the
project from the URL.
6. However, since the URL is using the default domain, the path is `/`, which
doesn't resolve to any project.
In the new behavior, we check the hostname of the request to see if it matches
any project before trying to parse the URL.
Closes #162
|
|
Log duplicate domain names
Closes #160
See merge request gitlab-org/gitlab-pages!107
|
|
This will help make it easier to track stale `config.json` files on disk.
Closes https://gitlab.com/gitlab-org/gitlab-pages/issues/160
|
|
Abort domain scan if a failure is encountered
Closes gitlab-com/infrastructure#4749
See merge request gitlab-org/gitlab-pages!102
|
|
|
|
|
|
Update Prometheus vendoring.
See merge request gitlab-org/gitlab-pages!105
|
|
Update vendor github.com/grpc-ecosystem/go-grpc-middleware@v1.0.0
See merge request gitlab-org/gitlab-pages!104
|
|
|
|
|
|
|
|
|
|
This prevents the total domain list to be cleared out completely while
the system is running.
Closes https://gitlab.com/gitlab-com/infrastructure/issues/4749
|
|
Release GitLab Pages v1.0.0
Closes #145
See merge request gitlab-org/gitlab-pages!101
|
|
|
|
Add support for reverse proxy
See merge request gitlab-org/gitlab-pages!99
|
|
|
|
|
|
Fix logic for output of domains in debug mode
See merge request gitlab-org/gitlab-pages!98
|
|
Switch to a GitLab fork of go-mimedb
See merge request gitlab-org/gitlab-pages!100
|
|
|
|
|
|
Document some processes as they currently stand
See merge request gitlab-org/gitlab-pages!96
|
|
|
|
|
|
|
|
|
|
Use permissive unix socket permissions
Closes #141
See merge request gitlab-org/gitlab-pages!95
|
|
|
|
|
|
Make the old in-place chroot behaviour available as a command-line flag
Closes #129
See merge request gitlab-org/gitlab-pages!92
|
|
|
|
Create /dev/random and /dev/urandom when daemonizing and jailing
Closes #10
See merge request gitlab-org/gitlab-pages!93
|
|
Go on Linux normally uses the getrandom() syscall to get entropy. However,
this is onl available for Linux version >= 3.17
Making /dev/random and /dev/urandom available in the chrooted jail allows the
daemon to operate correctly on these systems. It's important to handle this
automatically, as the previous workaround of manually creating these character
devices is made more difficult by the use of a random directory in $TMPDIR.
|
|
Clean up the created jail directory if building the jail doesn't work
Closes #131
See merge request gitlab-org/gitlab-pages!90
|
|
|
|
Release v0.9.0
Closes #132
See merge request gitlab-org/gitlab-pages!91
|
|
|
|
Add gRPC admin health check
See merge request gitlab-org/gitlab-pages!85
|
|
|
|
Work around golang.org/x/lint download trouble
See merge request gitlab-org/gitlab-pages!89
|
|
|
|
Add test dependency to gitignore
See merge request gitlab-org/gitlab-pages!88
|
|
Use require.NoError instead of assert.NoError
See merge request gitlab-org/gitlab-pages!87
|
|
|
|
|
|
Add more gRPC dependencies
See merge request gitlab-org/gitlab-pages!86
|
|
|