]> source.dussan.org Git - gitblit.git/commitdiff
Added AJP connector and some documentation on how to use it (issue 59)
authorJames Moger <james.moger@gitblit.com>
Thu, 9 Feb 2012 22:13:12 +0000 (17:13 -0500)
committerJames Moger <james.moger@gitblit.com>
Thu, 9 Feb 2012 22:13:12 +0000 (17:13 -0500)
.classpath
distrib/gitblit.properties
docs/01_setup.mkd
docs/04_releases.mkd
src/com/gitblit/GitBlitServer.java
src/com/gitblit/build/Build.java

index 47dcc1bcc20150595d87c7fd22f476bbd4fe59c0..d8cd9093e477b61e3978dbfc429519e7b74a76dc 100644 (file)
@@ -1,30 +1,31 @@
-<?xml version="1.0" encoding="UTF-8"?>\r
-<classpath>\r
-       <classpathentry kind="src" path="src"/>\r
-       <classpathentry kind="src" path="tests"/>\r
-       <classpathentry kind="src" path="resources"/>\r
-       <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>\r
-       <classpathentry kind="lib" path="ext/log4j-1.2.16.jar" sourcepath="ext/log4j-1.2.16-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/slf4j-api-1.6.1.jar" sourcepath="ext/slf4j-api-1.6.1-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/slf4j-log4j12-1.6.1.jar" sourcepath="ext/slf4j-log4j12-1.6.1-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/jcommander-1.17.jar" sourcepath="ext/jcommander-1.17-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/bcprov-jdk16-1.46.jar" sourcepath="ext/bcprov-jdk16-1.46-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/bcmail-jdk16-1.46.jar" sourcepath="ext/bcmail-jdk16-1.46-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/jsch-0.1.44-1.jar" sourcepath="ext/jsch-0.1.44-1-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/rome-0.9.jar" sourcepath="ext/rome-0.9-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/jdom-1.1.jar" sourcepath="ext/jdom-1.1-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/junit-4.8.2.jar"/>\r
-       <classpathentry kind="lib" path="ext/jetty-webapp-7.4.3.v20110701.jar" sourcepath="ext/jetty-webapp-7.4.3.v20110701-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/gson-1.7.1.jar" sourcepath="ext/gson-1.7.1-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/mail-1.4.3.jar" sourcepath="ext/mail-1.4.3-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/googlecharts-1.4.18.jar" sourcepath="ext/googlecharts-1.4.18-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/javax.servlet-3.0.1.jar" sourcepath="ext/javax.servlet-3.0.1-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/markdownpapers-core-1.2.5.jar" sourcepath="ext/markdownpapers-core-1.2.5-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/wicket-1.4.19.jar" sourcepath="ext/wicket-1.4.19-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/wicket-auth-roles-1.4.19.jar" sourcepath="ext/wicket-auth-roles-1.4.19-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/wicket-extensions-1.4.19.jar" sourcepath="ext/wicket-extensions-1.4.19-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/org.eclipse.jgit-1.2.0.201112221803-r.jar" sourcepath="ext/org.eclipse.jgit-1.1.0.201109151100-r-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/org.eclipse.jgit.http.server-1.2.0.201112221803-r.jar" sourcepath="ext/org.eclipse.jgit.http.server-1.2.0.201112221803-r-sources.jar"/>\r
-       <classpathentry kind="lib" path="ext/groovy-all-1.8.5.jar" sourcepath="ext/groovy-all-1.8.5-sources.jar"/>\r
-       <classpathentry kind="output" path="bin"/>\r
-</classpath>\r
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+       <classpathentry kind="src" path="src"/>
+       <classpathentry kind="src" path="tests"/>
+       <classpathentry kind="src" path="resources"/>
+       <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
+       <classpathentry kind="lib" path="ext/log4j-1.2.16.jar" sourcepath="ext/log4j-1.2.16-sources.jar"/>
+       <classpathentry kind="lib" path="ext/slf4j-api-1.6.1.jar" sourcepath="ext/slf4j-api-1.6.1-sources.jar"/>
+       <classpathentry kind="lib" path="ext/slf4j-log4j12-1.6.1.jar" sourcepath="ext/slf4j-log4j12-1.6.1-sources.jar"/>
+       <classpathentry kind="lib" path="ext/jcommander-1.17.jar" sourcepath="ext/jcommander-1.17-sources.jar"/>
+       <classpathentry kind="lib" path="ext/bcprov-jdk16-1.46.jar" sourcepath="ext/bcprov-jdk16-1.46-sources.jar"/>
+       <classpathentry kind="lib" path="ext/bcmail-jdk16-1.46.jar" sourcepath="ext/bcmail-jdk16-1.46-sources.jar"/>
+       <classpathentry kind="lib" path="ext/jsch-0.1.44-1.jar" sourcepath="ext/jsch-0.1.44-1-sources.jar"/>
+       <classpathentry kind="lib" path="ext/rome-0.9.jar" sourcepath="ext/rome-0.9-sources.jar"/>
+       <classpathentry kind="lib" path="ext/jdom-1.1.jar" sourcepath="ext/jdom-1.1-sources.jar"/>
+       <classpathentry kind="lib" path="ext/junit-4.8.2.jar"/>
+       <classpathentry kind="lib" path="ext/jetty-webapp-7.4.3.v20110701.jar" sourcepath="ext/jetty-webapp-7.4.3.v20110701-sources.jar"/>
+       <classpathentry kind="lib" path="ext/gson-1.7.1.jar" sourcepath="ext/gson-1.7.1-sources.jar"/>
+       <classpathentry kind="lib" path="ext/mail-1.4.3.jar" sourcepath="ext/mail-1.4.3-sources.jar"/>
+       <classpathentry kind="lib" path="ext/googlecharts-1.4.18.jar" sourcepath="ext/googlecharts-1.4.18-sources.jar"/>
+       <classpathentry kind="lib" path="ext/javax.servlet-3.0.1.jar" sourcepath="ext/javax.servlet-3.0.1-sources.jar"/>
+       <classpathentry kind="lib" path="ext/markdownpapers-core-1.2.5.jar" sourcepath="ext/markdownpapers-core-1.2.5-sources.jar"/>
+       <classpathentry kind="lib" path="ext/wicket-1.4.19.jar" sourcepath="ext/wicket-1.4.19-sources.jar"/>
+       <classpathentry kind="lib" path="ext/wicket-auth-roles-1.4.19.jar" sourcepath="ext/wicket-auth-roles-1.4.19-sources.jar"/>
+       <classpathentry kind="lib" path="ext/wicket-extensions-1.4.19.jar" sourcepath="ext/wicket-extensions-1.4.19-sources.jar"/>
+       <classpathentry kind="lib" path="ext/org.eclipse.jgit-1.2.0.201112221803-r.jar" sourcepath="ext/org.eclipse.jgit-1.1.0.201109151100-r-sources.jar"/>
+       <classpathentry kind="lib" path="ext/org.eclipse.jgit.http.server-1.2.0.201112221803-r.jar" sourcepath="ext/org.eclipse.jgit.http.server-1.2.0.201112221803-r-sources.jar"/>
+       <classpathentry kind="lib" path="ext/groovy-all-1.8.5.jar" sourcepath="ext/groovy-all-1.8.5-sources.jar"/>
+       <classpathentry kind="lib" path="ext/jetty-ajp-7.4.3.v20110701.jar" sourcepath="ext/jetty-ajp-7.4.3.v20110701-sources.jar"/>
+       <classpathentry kind="output" path="bin"/>
+</classpath>
index 0f7f728621933f38e4b248ab8aeaa792600424f2..fb911237d5b6b1b30fcb2c5284c5c3612f3360c2 100644 (file)
@@ -623,6 +623,14 @@ server.httpPort = 0
 # RESTART REQUIRED\r
 server.httpsPort = 8443\r
 \r
+# Port for serving an Apache JServ Protocol (AJP) 1.3 connector for integrating\r
+# Gitblit GO into an Apache HTTP server setup.  <= 0 disables this connector.\r
+# Recommended value: 8009\r
+#\r
+# SINCE 0.9.0\r
+# RESTART REQUIRED\r
+server.ajpPort = 0\r
+\r
 # Specify the interface for Jetty to bind the standard connector.\r
 # You may specify an ip or an empty value to bind to all interfaces.\r
 # Specifying localhost will result in Gitblit ONLY listening to requests to\r
@@ -641,6 +649,15 @@ server.httpBindInterface = localhost
 # RESTART REQUIRED\r
 server.httpsBindInterface = localhost\r
 \r
+# Specify the interface for Jetty to bind the AJP connector.\r
+# You may specify an ip or an empty value to bind to all interfaces.\r
+# Specifying localhost will result in Gitblit ONLY listening to requests to\r
+# localhost.\r
+#\r
+# SINCE 0.9.0\r
+# RESTART REQUIRED\r
+server.ajpBindInterface = localhost\r
+\r
 # Password for SSL keystore.\r
 # Keystore password and certificate password must match.\r
 # This is provided for convenience, its probably more secure to set this value\r
index 8b5702b69ca1c0fa3410aeb4243065e4ee2e0130..1a3b9a9c74002bd4af4b886cc1bb851481f98e56 100644 (file)
@@ -93,6 +93,68 @@ Command-Line parameters override the values in `gitblit.properties` at runtime.
 **Example**\r
 \r
     java -jar gitblit.jar --userService c:\myrealm.config --storePassword something\r
+    \r
+## Running Gitblit behind Apache\r
+\r
+Gitblit runs fine behind Apache.  You may use either *mod_proxy* (GO or WAR) or *mod_proxy_ajp* (GO).\r
+\r
+Each Linux distribution may vary on the exact configuration of Apache 2.2.  \r
+Here is a sample configuration that works on Debian 7.0 (Wheezy), your distribution may be different.\r
+\r
+1. First we need to make sure we have Apache's proxy modules available.  \r
+<pre>\r
+sudo su\r
+cd /etc/apache2/mods-enabled\r
+ln -s ../mods-available/proxy.load proxy.load\r
+ln -s ../mods-available/proxy_balancer.load proxy_balancer.load\r
+ln -s ../mods-available/proxy_http.load proxy_http.load\r
+ln -s ../mods-available/proxy_ajp.load proxy_ajp.load\r
+</pre>\r
+2. Then we need to make sure we are configuring Apache to use the proxy modules and to setup the proxied connection from Apache to Gitblit GO or from Apache to your chosen servlet container.  The following snippet is stored as `/etc/apache2/conf.d/gitblit`.  \r
+%BEGINCODE%\r
+# Turn off support for true Proxy behaviour as we are acting as \r
+# a transparent proxy\r
+ProxyRequests Off\r
+\r
+# Turn off VIA header as we know where the requests are proxied\r
+ProxyVia Off\r
\r
+# Turn on Host header preservation so that the servlet container\r
+# can write links with the correct host and rewriting can be avoided.\r
+#\r
+# This is important for all git push/pull/clone operations.\r
+ProxyPreserveHost On\r
\r
+# Set the permissions for the proxy\r
+&lt;Proxy *&gt;\r
+       AddDefaultCharset off\r
+       Order deny,allow\r
+       Allow from all\r
+&lt;/Proxy&gt;\r
\r
+# Turn on Proxy status reporting at /status\r
+# This should be better protected than: Allow from all\r
+ProxyStatus On\r
+&lt;Location /status&gt;\r
+       SetHandler server-status\r
+       Order Deny,Allow\r
+       Allow from all\r
+&lt;/Location&gt;\r
+\r
+# The proxy context path must match the Gitblit context path.\r
+# For Gitblit GO, see server.contextPath in gitblit.properties.\r
+\r
+#ProxyPass /gitblit http://localhost:8080/gitblit\r
+#ProxyPass /gitblit ajp://localhost:8009/gitblit\r
+%ENDCODE%  \r
+**Please** make sure to:  \r
+    1. Review the security of these settings as appropriate for your deployment\r
+    2. Uncomment the *ProxyPass* setting for whichever connection you prefer (http/ajp)\r
+    3. Correctly set the ports and context paths both in the *ProxyPass* definition and your Gitblit installation  \r
+    If you are using Gitblit GO you can easily configure the AJP connector by specifying a non-zero AJP port.  \r
+    Please remember that on Linux/UNIX, ports < 1024 require root permissions to open.\r
+    4. Set *web.mountParameters=false* in `gitblit.properties` or `web.xml` this will use parameterized URLs.  \r
+    Alternatively, you can respecify *web.forwardSlashCharacter*.\r
 \r
 ## Upgrading Gitblit\r
 Generally, upgrading is easy.\r
index 2b64eaed66570b5a9b250eec8438f410644fdfc5..e82c27411d4d2703abd243f57a9b7e007b83fc36 100644 (file)
@@ -15,6 +15,9 @@
 \r
 #### additions\r
 \r
+- Added a built-in AJP connector for integrating Gitblit GO into an Apache mod_proxy setup (issue 59)  \r
+    **New:** *server.ajpPort = 0*\r
+    **New:** *server.ajpBindInterface = localhost*\r
 - On the Repositories page show a bang *!* character in the color swatch of a repository with a working copy (issue 49)  \r
 Push requests to these repositories will be rejected.\r
 - On all non-bare Repository pages show *WORKING COPY* in the upper right corner (issue 49)\r
index fd9135fd8f8e645e72e1cc19c60cfbfa1ed42701..3f996fcc86e4efb43326e7189d6945f0b16926d6 100644 (file)
@@ -30,6 +30,7 @@ import java.text.MessageFormat;
 import java.util.ArrayList;\r
 import java.util.List;\r
 \r
+import org.eclipse.jetty.ajp.Ajp13SocketConnector;\r
 import org.eclipse.jetty.server.Connector;\r
 import org.eclipse.jetty.server.Server;\r
 import org.eclipse.jetty.server.bio.SocketConnector;\r
@@ -203,6 +204,21 @@ public class GitBlitServer {
                        }\r
                }\r
 \r
+               // conditionally configure the ajp connector\r
+               if (params.ajpPort > 0) {\r
+                       Connector ajpConnector = createAJPConnector(params.ajpPort);\r
+                       String bindInterface = settings.getString(Keys.server.ajpBindInterface, null);\r
+                       if (!StringUtils.isEmpty(bindInterface)) {\r
+                               logger.warn(MessageFormat.format("Binding connector on port {0,number,0} to {1}",\r
+                                               params.ajpPort, bindInterface));\r
+                               ajpConnector.setHost(bindInterface);\r
+                       }\r
+                       if (params.ajpPort < 1024 && !isWindows()) {\r
+                               logger.warn("Gitblit needs to run with ROOT permissions for ports < 1024!");\r
+                       }\r
+                       connectors.add(ajpConnector);\r
+               }\r
+\r
                // tempDir is where the embedded Gitblit web application is expanded and\r
                // where Jetty creates any necessary temporary files\r
                File tempDir = new File(params.temp);\r
@@ -298,9 +314,6 @@ public class GitBlitServer {
 \r
                connector.setPort(port);\r
                connector.setMaxIdleTime(30000);\r
-               if (port < 1024 && !isWindows()) {\r
-                       logger.warn("Gitblit needs to run with ROOT permissions for ports < 1024!");\r
-               }\r
                return connector;\r
        }\r
 \r
@@ -354,6 +367,22 @@ public class GitBlitServer {
                connector.setMaxIdleTime(30000);\r
                return connector;\r
        }\r
+       \r
+       /**\r
+        * Creates an ajp connector.\r
+        * \r
+        * @param port\r
+        * @return an ajp connector\r
+        */\r
+       private static Connector createAJPConnector(int port) {\r
+               logger.info("Setting up AJP Connector on port " + port);\r
+               Ajp13SocketConnector ajp = new Ajp13SocketConnector();\r
+               ajp.setPort(port);\r
+               if (port < 1024 && !isWindows()) {\r
+                       logger.warn("Gitblit needs to run with ROOT permissions for ports < 1024!");\r
+               }\r
+               return ajp;\r
+       }\r
 \r
        /**\r
         * Tests to see if the operating system is Windows.\r
@@ -461,6 +490,9 @@ public class GitBlitServer {
                @Parameter(names = "--httpsPort", description = "HTTPS port to serve.  (port <= 0 will disable this connector)")\r
                public Integer securePort = FILESETTINGS.getInteger(Keys.server.httpsPort, 443);\r
 \r
+               @Parameter(names = "--ajpPort", description = "AJP port to serve.  (port <= 0 will disable this connector)")\r
+               public Integer ajpPort = FILESETTINGS.getInteger(Keys.server.ajpPort, 0);\r
+\r
                @Parameter(names = "--storePassword", description = "Password for SSL (https) keystore.")\r
                public String storePassword = FILESETTINGS.getString(Keys.server.storePassword, "");\r
 \r
index ccb4265bfbece93bb7a7b8eaec3dbac47b6912ab..4e8190a74491dfea48ac8abd2f9b6db61b02394d 100644 (file)
@@ -73,6 +73,7 @@ public class Build {
        public static void runtime() {\r
                downloadFromApache(MavenObject.JCOMMANDER, BuildType.RUNTIME);\r
                downloadFromApache(MavenObject.JETTY, BuildType.RUNTIME);\r
+               downloadFromApache(MavenObject.JETTY_AJP, BuildType.RUNTIME);\r
                downloadFromApache(MavenObject.SERVLET, BuildType.RUNTIME);\r
                downloadFromApache(MavenObject.SLF4JAPI, BuildType.RUNTIME);\r
                downloadFromApache(MavenObject.SLF4LOG4J, BuildType.RUNTIME);\r
@@ -99,6 +100,7 @@ public class Build {
                downloadFromApache(MavenObject.JUNIT, BuildType.RUNTIME);\r
                downloadFromApache(MavenObject.JCOMMANDER, BuildType.COMPILETIME);\r
                downloadFromApache(MavenObject.JETTY, BuildType.COMPILETIME);\r
+               downloadFromApache(MavenObject.JETTY_AJP, BuildType.COMPILETIME);\r
                downloadFromApache(MavenObject.SERVLET, BuildType.COMPILETIME);\r
                downloadFromApache(MavenObject.SLF4JAPI, BuildType.COMPILETIME);\r
                downloadFromApache(MavenObject.SLF4LOG4J, BuildType.COMPILETIME);\r
@@ -389,6 +391,10 @@ public class Build {
                                "bc75f05dd4f7fa848720ac669b8b438ee4a6b146",\r
                                "dcd42f672e734521d1a6ccc0c2f9ecded1a1a281");\r
 \r
+               public static final MavenObject JETTY_AJP = new MavenObject("Jetty-AJP",\r
+                               "org/eclipse/jetty", "jetty-ajp", "7.4.3.v20110701", 32000, 22000,\r
+                               97000, "ddeb533bcf29e9b95555a9c0f34c1de3ab14c430", "bc4798286d705ea972643b3a0b31f46a0c53f605", "");\r
+\r
                public static final MavenObject SERVLET = new MavenObject("Servlet 3.0", "org/glassfish",\r
                                "javax.servlet", "3.0.1", 84000, 211000, 0,\r
                                "58f17c941cd0607bb5edcbcafc491d02265ac9a1",\r