diff options
author | James Moger <james.moger@gitblit.com> | 2012-02-09 17:13:12 -0500 |
---|---|---|
committer | James Moger <james.moger@gitblit.com> | 2012-02-09 17:13:12 -0500 |
commit | 4b9d645571ec49e61a7ac4d0056dacf9c7b282b3 (patch) | |
tree | dddc73502f473a443a0594d66f5e9494de9a17c9 | |
parent | e7883877a98dfcae3f75f1c1a562120d89aed22a (diff) | |
download | gitblit-4b9d645571ec49e61a7ac4d0056dacf9c7b282b3.tar.gz gitblit-4b9d645571ec49e61a7ac4d0056dacf9c7b282b3.zip |
Added AJP connector and some documentation on how to use it (issue 59)
-rw-r--r-- | .classpath | 61 | ||||
-rw-r--r-- | distrib/gitblit.properties | 17 | ||||
-rw-r--r-- | docs/01_setup.mkd | 62 | ||||
-rw-r--r-- | docs/04_releases.mkd | 3 | ||||
-rw-r--r-- | src/com/gitblit/GitBlitServer.java | 38 | ||||
-rw-r--r-- | src/com/gitblit/build/Build.java | 6 |
6 files changed, 154 insertions, 33 deletions
@@ -1,30 +1,31 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<classpath>
- <classpathentry kind="src" path="src"/>
- <classpathentry kind="src" path="tests"/>
- <classpathentry kind="src" path="resources"/>
- <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
- <classpathentry kind="lib" path="ext/log4j-1.2.16.jar" sourcepath="ext/log4j-1.2.16-sources.jar"/>
- <classpathentry kind="lib" path="ext/slf4j-api-1.6.1.jar" sourcepath="ext/slf4j-api-1.6.1-sources.jar"/>
- <classpathentry kind="lib" path="ext/slf4j-log4j12-1.6.1.jar" sourcepath="ext/slf4j-log4j12-1.6.1-sources.jar"/>
- <classpathentry kind="lib" path="ext/jcommander-1.17.jar" sourcepath="ext/jcommander-1.17-sources.jar"/>
- <classpathentry kind="lib" path="ext/bcprov-jdk16-1.46.jar" sourcepath="ext/bcprov-jdk16-1.46-sources.jar"/>
- <classpathentry kind="lib" path="ext/bcmail-jdk16-1.46.jar" sourcepath="ext/bcmail-jdk16-1.46-sources.jar"/>
- <classpathentry kind="lib" path="ext/jsch-0.1.44-1.jar" sourcepath="ext/jsch-0.1.44-1-sources.jar"/>
- <classpathentry kind="lib" path="ext/rome-0.9.jar" sourcepath="ext/rome-0.9-sources.jar"/>
- <classpathentry kind="lib" path="ext/jdom-1.1.jar" sourcepath="ext/jdom-1.1-sources.jar"/>
- <classpathentry kind="lib" path="ext/junit-4.8.2.jar"/>
- <classpathentry kind="lib" path="ext/jetty-webapp-7.4.3.v20110701.jar" sourcepath="ext/jetty-webapp-7.4.3.v20110701-sources.jar"/>
- <classpathentry kind="lib" path="ext/gson-1.7.1.jar" sourcepath="ext/gson-1.7.1-sources.jar"/>
- <classpathentry kind="lib" path="ext/mail-1.4.3.jar" sourcepath="ext/mail-1.4.3-sources.jar"/>
- <classpathentry kind="lib" path="ext/googlecharts-1.4.18.jar" sourcepath="ext/googlecharts-1.4.18-sources.jar"/>
- <classpathentry kind="lib" path="ext/javax.servlet-3.0.1.jar" sourcepath="ext/javax.servlet-3.0.1-sources.jar"/>
- <classpathentry kind="lib" path="ext/markdownpapers-core-1.2.5.jar" sourcepath="ext/markdownpapers-core-1.2.5-sources.jar"/>
- <classpathentry kind="lib" path="ext/wicket-1.4.19.jar" sourcepath="ext/wicket-1.4.19-sources.jar"/>
- <classpathentry kind="lib" path="ext/wicket-auth-roles-1.4.19.jar" sourcepath="ext/wicket-auth-roles-1.4.19-sources.jar"/>
- <classpathentry kind="lib" path="ext/wicket-extensions-1.4.19.jar" sourcepath="ext/wicket-extensions-1.4.19-sources.jar"/>
- <classpathentry kind="lib" path="ext/org.eclipse.jgit-1.2.0.201112221803-r.jar" sourcepath="ext/org.eclipse.jgit-1.1.0.201109151100-r-sources.jar"/>
- <classpathentry kind="lib" path="ext/org.eclipse.jgit.http.server-1.2.0.201112221803-r.jar" sourcepath="ext/org.eclipse.jgit.http.server-1.2.0.201112221803-r-sources.jar"/>
- <classpathentry kind="lib" path="ext/groovy-all-1.8.5.jar" sourcepath="ext/groovy-all-1.8.5-sources.jar"/>
- <classpathentry kind="output" path="bin"/>
-</classpath>
+<?xml version="1.0" encoding="UTF-8"?> +<classpath> + <classpathentry kind="src" path="src"/> + <classpathentry kind="src" path="tests"/> + <classpathentry kind="src" path="resources"/> + <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/> + <classpathentry kind="lib" path="ext/log4j-1.2.16.jar" sourcepath="ext/log4j-1.2.16-sources.jar"/> + <classpathentry kind="lib" path="ext/slf4j-api-1.6.1.jar" sourcepath="ext/slf4j-api-1.6.1-sources.jar"/> + <classpathentry kind="lib" path="ext/slf4j-log4j12-1.6.1.jar" sourcepath="ext/slf4j-log4j12-1.6.1-sources.jar"/> + <classpathentry kind="lib" path="ext/jcommander-1.17.jar" sourcepath="ext/jcommander-1.17-sources.jar"/> + <classpathentry kind="lib" path="ext/bcprov-jdk16-1.46.jar" sourcepath="ext/bcprov-jdk16-1.46-sources.jar"/> + <classpathentry kind="lib" path="ext/bcmail-jdk16-1.46.jar" sourcepath="ext/bcmail-jdk16-1.46-sources.jar"/> + <classpathentry kind="lib" path="ext/jsch-0.1.44-1.jar" sourcepath="ext/jsch-0.1.44-1-sources.jar"/> + <classpathentry kind="lib" path="ext/rome-0.9.jar" sourcepath="ext/rome-0.9-sources.jar"/> + <classpathentry kind="lib" path="ext/jdom-1.1.jar" sourcepath="ext/jdom-1.1-sources.jar"/> + <classpathentry kind="lib" path="ext/junit-4.8.2.jar"/> + <classpathentry kind="lib" path="ext/jetty-webapp-7.4.3.v20110701.jar" sourcepath="ext/jetty-webapp-7.4.3.v20110701-sources.jar"/> + <classpathentry kind="lib" path="ext/gson-1.7.1.jar" sourcepath="ext/gson-1.7.1-sources.jar"/> + <classpathentry kind="lib" path="ext/mail-1.4.3.jar" sourcepath="ext/mail-1.4.3-sources.jar"/> + <classpathentry kind="lib" path="ext/googlecharts-1.4.18.jar" sourcepath="ext/googlecharts-1.4.18-sources.jar"/> + <classpathentry kind="lib" path="ext/javax.servlet-3.0.1.jar" sourcepath="ext/javax.servlet-3.0.1-sources.jar"/> + <classpathentry kind="lib" path="ext/markdownpapers-core-1.2.5.jar" sourcepath="ext/markdownpapers-core-1.2.5-sources.jar"/> + <classpathentry kind="lib" path="ext/wicket-1.4.19.jar" sourcepath="ext/wicket-1.4.19-sources.jar"/> + <classpathentry kind="lib" path="ext/wicket-auth-roles-1.4.19.jar" sourcepath="ext/wicket-auth-roles-1.4.19-sources.jar"/> + <classpathentry kind="lib" path="ext/wicket-extensions-1.4.19.jar" sourcepath="ext/wicket-extensions-1.4.19-sources.jar"/> + <classpathentry kind="lib" path="ext/org.eclipse.jgit-1.2.0.201112221803-r.jar" sourcepath="ext/org.eclipse.jgit-1.1.0.201109151100-r-sources.jar"/> + <classpathentry kind="lib" path="ext/org.eclipse.jgit.http.server-1.2.0.201112221803-r.jar" sourcepath="ext/org.eclipse.jgit.http.server-1.2.0.201112221803-r-sources.jar"/> + <classpathentry kind="lib" path="ext/groovy-all-1.8.5.jar" sourcepath="ext/groovy-all-1.8.5-sources.jar"/> + <classpathentry kind="lib" path="ext/jetty-ajp-7.4.3.v20110701.jar" sourcepath="ext/jetty-ajp-7.4.3.v20110701-sources.jar"/> + <classpathentry kind="output" path="bin"/> +</classpath> diff --git a/distrib/gitblit.properties b/distrib/gitblit.properties index 0f7f7286..fb911237 100644 --- a/distrib/gitblit.properties +++ b/distrib/gitblit.properties @@ -623,6 +623,14 @@ server.httpPort = 0 # RESTART REQUIRED
server.httpsPort = 8443
+# Port for serving an Apache JServ Protocol (AJP) 1.3 connector for integrating
+# Gitblit GO into an Apache HTTP server setup. <= 0 disables this connector.
+# Recommended value: 8009
+#
+# SINCE 0.9.0
+# RESTART REQUIRED
+server.ajpPort = 0
+
# Specify the interface for Jetty to bind the standard connector.
# You may specify an ip or an empty value to bind to all interfaces.
# Specifying localhost will result in Gitblit ONLY listening to requests to
@@ -641,6 +649,15 @@ server.httpBindInterface = localhost # RESTART REQUIRED
server.httpsBindInterface = localhost
+# Specify the interface for Jetty to bind the AJP connector.
+# You may specify an ip or an empty value to bind to all interfaces.
+# Specifying localhost will result in Gitblit ONLY listening to requests to
+# localhost.
+#
+# SINCE 0.9.0
+# RESTART REQUIRED
+server.ajpBindInterface = localhost
+
# Password for SSL keystore.
# Keystore password and certificate password must match.
# This is provided for convenience, its probably more secure to set this value
diff --git a/docs/01_setup.mkd b/docs/01_setup.mkd index 8b5702b6..1a3b9a9c 100644 --- a/docs/01_setup.mkd +++ b/docs/01_setup.mkd @@ -93,6 +93,68 @@ Command-Line parameters override the values in `gitblit.properties` at runtime. **Example**
java -jar gitblit.jar --userService c:\myrealm.config --storePassword something
+
+## Running Gitblit behind Apache
+
+Gitblit runs fine behind Apache. You may use either *mod_proxy* (GO or WAR) or *mod_proxy_ajp* (GO).
+
+Each Linux distribution may vary on the exact configuration of Apache 2.2.
+Here is a sample configuration that works on Debian 7.0 (Wheezy), your distribution may be different.
+
+1. First we need to make sure we have Apache's proxy modules available.
+<pre>
+sudo su
+cd /etc/apache2/mods-enabled
+ln -s ../mods-available/proxy.load proxy.load
+ln -s ../mods-available/proxy_balancer.load proxy_balancer.load
+ln -s ../mods-available/proxy_http.load proxy_http.load
+ln -s ../mods-available/proxy_ajp.load proxy_ajp.load
+</pre>
+2. Then we need to make sure we are configuring Apache to use the proxy modules and to setup the proxied connection from Apache to Gitblit GO or from Apache to your chosen servlet container. The following snippet is stored as `/etc/apache2/conf.d/gitblit`.
+%BEGINCODE%
+# Turn off support for true Proxy behaviour as we are acting as
+# a transparent proxy
+ProxyRequests Off
+
+# Turn off VIA header as we know where the requests are proxied
+ProxyVia Off
+
+# Turn on Host header preservation so that the servlet container
+# can write links with the correct host and rewriting can be avoided.
+#
+# This is important for all git push/pull/clone operations.
+ProxyPreserveHost On
+
+# Set the permissions for the proxy
+<Proxy *>
+ AddDefaultCharset off
+ Order deny,allow
+ Allow from all
+</Proxy>
+
+# Turn on Proxy status reporting at /status
+# This should be better protected than: Allow from all
+ProxyStatus On
+<Location /status>
+ SetHandler server-status
+ Order Deny,Allow
+ Allow from all
+</Location>
+
+# The proxy context path must match the Gitblit context path.
+# For Gitblit GO, see server.contextPath in gitblit.properties.
+
+#ProxyPass /gitblit http://localhost:8080/gitblit
+#ProxyPass /gitblit ajp://localhost:8009/gitblit
+%ENDCODE%
+**Please** make sure to:
+ 1. Review the security of these settings as appropriate for your deployment
+ 2. Uncomment the *ProxyPass* setting for whichever connection you prefer (http/ajp)
+ 3. Correctly set the ports and context paths both in the *ProxyPass* definition and your Gitblit installation
+ If you are using Gitblit GO you can easily configure the AJP connector by specifying a non-zero AJP port.
+ Please remember that on Linux/UNIX, ports < 1024 require root permissions to open.
+ 4. Set *web.mountParameters=false* in `gitblit.properties` or `web.xml` this will use parameterized URLs.
+ Alternatively, you can respecify *web.forwardSlashCharacter*.
## Upgrading Gitblit
Generally, upgrading is easy.
diff --git a/docs/04_releases.mkd b/docs/04_releases.mkd index 2b64eaed..e82c2741 100644 --- a/docs/04_releases.mkd +++ b/docs/04_releases.mkd @@ -15,6 +15,9 @@ #### additions
+- Added a built-in AJP connector for integrating Gitblit GO into an Apache mod_proxy setup (issue 59)
+ **New:** *server.ajpPort = 0*
+ **New:** *server.ajpBindInterface = localhost*
- On the Repositories page show a bang *!* character in the color swatch of a repository with a working copy (issue 49)
Push requests to these repositories will be rejected.
- On all non-bare Repository pages show *WORKING COPY* in the upper right corner (issue 49)
diff --git a/src/com/gitblit/GitBlitServer.java b/src/com/gitblit/GitBlitServer.java index fd9135fd..3f996fcc 100644 --- a/src/com/gitblit/GitBlitServer.java +++ b/src/com/gitblit/GitBlitServer.java @@ -30,6 +30,7 @@ import java.text.MessageFormat; import java.util.ArrayList;
import java.util.List;
+import org.eclipse.jetty.ajp.Ajp13SocketConnector;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.bio.SocketConnector;
@@ -203,6 +204,21 @@ public class GitBlitServer { }
}
+ // conditionally configure the ajp connector
+ if (params.ajpPort > 0) {
+ Connector ajpConnector = createAJPConnector(params.ajpPort);
+ String bindInterface = settings.getString(Keys.server.ajpBindInterface, null);
+ if (!StringUtils.isEmpty(bindInterface)) {
+ logger.warn(MessageFormat.format("Binding connector on port {0,number,0} to {1}",
+ params.ajpPort, bindInterface));
+ ajpConnector.setHost(bindInterface);
+ }
+ if (params.ajpPort < 1024 && !isWindows()) {
+ logger.warn("Gitblit needs to run with ROOT permissions for ports < 1024!");
+ }
+ connectors.add(ajpConnector);
+ }
+
// tempDir is where the embedded Gitblit web application is expanded and
// where Jetty creates any necessary temporary files
File tempDir = new File(params.temp);
@@ -298,9 +314,6 @@ public class GitBlitServer { connector.setPort(port);
connector.setMaxIdleTime(30000);
- if (port < 1024 && !isWindows()) {
- logger.warn("Gitblit needs to run with ROOT permissions for ports < 1024!");
- }
return connector;
}
@@ -354,6 +367,22 @@ public class GitBlitServer { connector.setMaxIdleTime(30000);
return connector;
}
+
+ /**
+ * Creates an ajp connector.
+ *
+ * @param port
+ * @return an ajp connector
+ */
+ private static Connector createAJPConnector(int port) {
+ logger.info("Setting up AJP Connector on port " + port);
+ Ajp13SocketConnector ajp = new Ajp13SocketConnector();
+ ajp.setPort(port);
+ if (port < 1024 && !isWindows()) {
+ logger.warn("Gitblit needs to run with ROOT permissions for ports < 1024!");
+ }
+ return ajp;
+ }
/**
* Tests to see if the operating system is Windows.
@@ -461,6 +490,9 @@ public class GitBlitServer { @Parameter(names = "--httpsPort", description = "HTTPS port to serve. (port <= 0 will disable this connector)")
public Integer securePort = FILESETTINGS.getInteger(Keys.server.httpsPort, 443);
+ @Parameter(names = "--ajpPort", description = "AJP port to serve. (port <= 0 will disable this connector)")
+ public Integer ajpPort = FILESETTINGS.getInteger(Keys.server.ajpPort, 0);
+
@Parameter(names = "--storePassword", description = "Password for SSL (https) keystore.")
public String storePassword = FILESETTINGS.getString(Keys.server.storePassword, "");
diff --git a/src/com/gitblit/build/Build.java b/src/com/gitblit/build/Build.java index ccb4265b..4e8190a7 100644 --- a/src/com/gitblit/build/Build.java +++ b/src/com/gitblit/build/Build.java @@ -73,6 +73,7 @@ public class Build { public static void runtime() {
downloadFromApache(MavenObject.JCOMMANDER, BuildType.RUNTIME);
downloadFromApache(MavenObject.JETTY, BuildType.RUNTIME);
+ downloadFromApache(MavenObject.JETTY_AJP, BuildType.RUNTIME);
downloadFromApache(MavenObject.SERVLET, BuildType.RUNTIME);
downloadFromApache(MavenObject.SLF4JAPI, BuildType.RUNTIME);
downloadFromApache(MavenObject.SLF4LOG4J, BuildType.RUNTIME);
@@ -99,6 +100,7 @@ public class Build { downloadFromApache(MavenObject.JUNIT, BuildType.RUNTIME);
downloadFromApache(MavenObject.JCOMMANDER, BuildType.COMPILETIME);
downloadFromApache(MavenObject.JETTY, BuildType.COMPILETIME);
+ downloadFromApache(MavenObject.JETTY_AJP, BuildType.COMPILETIME);
downloadFromApache(MavenObject.SERVLET, BuildType.COMPILETIME);
downloadFromApache(MavenObject.SLF4JAPI, BuildType.COMPILETIME);
downloadFromApache(MavenObject.SLF4LOG4J, BuildType.COMPILETIME);
@@ -389,6 +391,10 @@ public class Build { "bc75f05dd4f7fa848720ac669b8b438ee4a6b146",
"dcd42f672e734521d1a6ccc0c2f9ecded1a1a281");
+ public static final MavenObject JETTY_AJP = new MavenObject("Jetty-AJP",
+ "org/eclipse/jetty", "jetty-ajp", "7.4.3.v20110701", 32000, 22000,
+ 97000, "ddeb533bcf29e9b95555a9c0f34c1de3ab14c430", "bc4798286d705ea972643b3a0b31f46a0c53f605", "");
+
public static final MavenObject SERVLET = new MavenObject("Servlet 3.0", "org/glassfish",
"javax.servlet", "3.0.1", 84000, 211000, 0,
"58f17c941cd0607bb5edcbcafc491d02265ac9a1",
|