gitlab-workhorse

command module
v0.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 21, 2016 License: MIT Imports: 11 Imported by: 0

README

gitlab-workhorse

Gitlab-workhorse is a smart reverse proxy for GitLab. It handles "large" HTTP requests such as file downloads, file uploads, Git push/pull and Git archive downloads.

Usage

  gitlab-workhorse [OPTIONS]

Options:
  -authBackend string
    	Authentication/authorization backend (default "http://localhost:8080")
  -authSocket string
    	Optional: Unix domain socket to dial authBackend at
  -developmentMode
    	Allow to serve assets from Rails app
  -documentRoot string
    	Path to static files content (default "public")
  -listenAddr string
    	Listen address for HTTP server (default "localhost:8181")
  -listenNetwork string
    	Listen 'network' (tcp, tcp4, tcp6, unix) (default "tcp")
  -listenUmask int
    	Umask for Unix socket, default: 022 (default 18)
  -pprofListenAddr string
    	pprof listening address, e.g. 'localhost:6060'
  -proxyHeadersTimeout duration
    	How long to wait for response headers when proxying the request (default 1m0s)
  -version
    	Print version and exit

The 'auth backend' refers to the GitLab Rails applicatoin. The name is a holdover from when gitlab-workhorse only handled Git push/pull over HTTP.

Gitlab-workhorse can listen on either a TCP or a Unix domain socket. It can also open a second listening TCP listening socket with the Go net/http/pprof profiler server.

Relative URL support

If you are mounting GitLab at a relative URL, e.g. example.com/gitlab, then you should also use this relative URL in the authBackend setting:

gitlab-workhorse -authBackend http://localhost:8080/gitlab

Installation

To install gitlab-workhorse you need Go 1.5 or newer.

To install into /usr/local/bin run make install.

make install

To install into /foo/bin set the PREFIX variable.

make install PREFIX=/foo

Tests

make clean test

Try it out

You can try out the Git server without authentication as follows:

# Start a fake auth backend that allows everything/everybody
make test/data/test.git
go run support/fake-auth-backend.go ~+/test/data/test.git &
# Start gitlab-workhorse
make
./gitlab-workhorse

Now you can try things like:

git clone http://localhost:8181/test.git
curl -JO http://localhost:8181/test/repository/archive.zip

Example request flow

  • start POST repo.git/git-receive-pack to NGINX
  • ..start POST repo.git/git-receive-pack to gitlab-workhorse
  • ....start POST repo.git/git-receive-pack to Unicorn for auth
  • ....end POST to Unicorn for auth
  • ....start git-receive-pack process from gitlab-workhorse
  • ......start POST /api/v3/internal/allowed to Unicorn from Git hook (check protected branches)
  • ......end POST to Unicorn from Git hook
  • ....end git-receive-pack process
  • ..end POST to gitlab-workhorse
  • end POST to NGINX

License

This code is distributed under the MIT license, see the LICENSE file.

Documentation

Overview

gitlab-workhorse handles slow requests for GitLab

This HTTP server can service 'git clone', 'git push' etc. commands from Git clients that use the 'smart' Git HTTP protocol (git-upload-pack and git-receive-pack). It is intended to be deployed behind NGINX (for request routing and SSL termination) with access to a GitLab backend (for authentication and authorization) and local disk access to Git repositories managed by GitLab. In GitLab, this role was previously performed by gitlab-grack.

In this file we start the web server and hand off to the upstream type.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL