system-config/modules/cgit/templates/git.vhost.erb
Clark Boylan dea75ed695 Load balance git requests.
* install_modules.sh: Add puppetlabs-haproxy forge module.

* modules/cgit/manifests/init.pp: Add haproxy config to load balance
https, https and git protocol git access. Each git server will host git
http on port 8080, https on port 4443 and git protocol on 29418. These
endpoints will then be load balanced by a single haproxy instance
listening on ports 80, 443 and 9418. The use of haproxy and having
services listen on offset ports to accomodate haproxy is toggleable
using the $balance_git and $behind_proxy boolean flags.
Additionally, configure rsyslog for haproxy.

* modules/cgit/files/rsyslog.haproxy.conf: Enable syslog over UDP on
port 514. This is needed by haproxy to perform logging. Send local0
messages to /var/log/haproxy.log.

* modules/cgit/templates/ssl.conf.erb: Make Apache https listen port
configurable. Remove default virtualhost.

* modules/cgit/templates/httpd.conf.erb: Make Apache http listen port
configurable.

* modules/cgit/templates/git.vhost..erb: Make Apache http(s) listen
ports configuruable. Allow http without redirecting to https as a
fallback option to accomodate CentOS clients.

* modules/openstack_project/manifests/git.pp: Pass load balancer
variables through to the cgit manifest.

* manifests/site.pp: Configure git.o.o to run the load balancer haproxy
and balance across the new gitXX.o.o nodes.

Change-Id: Icefc5923cff9a7c6ce62c1923ec2ea87ebc6474a
2013-08-22 10:52:04 -07:00

56 lines
1.8 KiB
Plaintext

<VirtualHost *:<%= scope.lookupvar("cgit::http_port") %>>
ServerName <%= scope.lookupvar("cgit::vhost_name") %>
ServerAdmin <%= scope.lookupvar("cgit::serveradmin") %>
Alias /cgit-data /usr/share/cgit
ScriptAlias /cgit /var/www/cgi-bin/cgit
Alias /static <%= scope.lookupvar("cgit::staticfiles") %>
RewriteEngine On
RewriteRule ^/$ /cgit [R]
SetEnv GIT_PROJECT_ROOT /var/lib/git/
SetEnv GIT_HTTP_EXPORT_ALL
AliasMatch ^/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /var/lib/git/$1
AliasMatch ^/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /var/lib/git/$1
ScriptAlias / /usr/libexec/git-core/git-http-backend/
ErrorLog /var/log/httpd/git-error.log
LogLevel warn
CustomLog /var/log/httpd/git-access.log combined
</VirtualHost>
<VirtualHost *:<%= scope.lookupvar("cgit::https_port") %>>
ServerName <%= scope.lookupvar("cgit::vhost_name") %>
ServerAdmin <%= scope.lookupvar("cgit::serveradmin") %>
Alias /cgit-data /usr/share/cgit
ScriptAlias /cgit /var/www/cgi-bin/cgit
Alias /static <%= scope.lookupvar("cgit::staticfiles") %>
RewriteEngine On
RewriteRule ^/$ /cgit [R]
SetEnv GIT_PROJECT_ROOT /var/lib/git/
SetEnv GIT_HTTP_EXPORT_ALL
AliasMatch ^/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /var/lib/git/$1
AliasMatch ^/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /var/lib/git/$1
ScriptAlias / /usr/libexec/git-core/git-http-backend/
ErrorLog /var/log/httpd/git-error.log
LogLevel warn
CustomLog /var/log/httpd/git-access.log combined
SSLEngine on
SSLCertificateFile <%= scope.lookupvar("cgit::ssl_cert_file") %>
SSLCertificateKeyFile <%= scope.lookupvar("cgit::ssl_key_file") %>
<% if scope.lookupvar("cgit::ssl_chain_file") != "" %>
SSLCertificateChainFile <%= scope.lookupvar("cgit::ssl_chain_file") %>
<% end %>
</VirtualHost>