Skip to content

Commit

Permalink
do not use rack init as default
Browse files Browse the repository at this point in the history
  • Loading branch information
@alexandermeindl
alexandermeindl committed Jan 17, 2024
1 parent 36b861f commit 5b21e12
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 1 deletion.
8 changes: 7 additions & 1 deletion roles/gitlab/defaults/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,8 @@ gitlab_sidekiq_log_format: json
gitlab_redis_url: 'unix:/run/redis/redis.sock'
gitlab_authbackend_port: 8080

gitlab_rails_rack_timeout: 600

gitlab_git_prefix: /usr/local
gitlab_git_bin: '{{ gitlab_git_prefix }}/bin/git'
gitlab_rails_env: production
Expand Down Expand Up @@ -265,8 +267,12 @@ gitlab_object_store_connection:
# ? https://docs.gitlab.com/ee/administration/object_storage.html#proxy-download
gitlab_object_store_proxy_download: true

gitlab_initializers_rack_attack: false

gitlab_systemd_start_limit_burst: 5

gitlab_systemd_start_limit_interval_sec_mailroom: 100s
gitlab_systemd_start_limit_interval_sec_puma: 11min
gitlab_systemd_start_limit_interval_sec_puma: 600
gitlab_systemd_start_limit_interval_sec_sidekiq: 11min
gitlab_systemd_restart_sec: 60

Expand Down
10 changes: 10 additions & 0 deletions roles/gitlab/tasks/setup.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -303,6 +303,16 @@
owner: '{{ gitlab_user }}'
group: '{{ gitlab_group }}'
mode: 0644
when: gitlab_initializers_rack_attack
notify:
- Restart gitlab
- Restart gitlab.slice

- name: Remove initializers_rack_attack
when: not gitlab_initializers_rack_attack
ansible.builtin.file:
path: '{{ gitlab_path }}/config/initializers/rack_attack.rb'
state: absent
notify:
- Restart gitlab
- Restart gitlab.slice
Expand Down
2 changes: 2 additions & 0 deletions roles/gitlab/templates/etc/systemd/system/gitlab-puma.service.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ PartOf=gitlab.target
Wants=redis.service postgresql.service
After=redis.service postgresql.service
StartLimitIntervalSec={{ gitlab_systemd_start_limit_interval_sec_puma }}
StartLimitBurst={{ gitlab_systemd_start_limit_burst }}

[Service]
Type=simple
Expand All @@ -16,6 +17,7 @@ WorkingDirectory={{ gitlab_path }}
Environment=RAILS_ENV={{ gitlab_rails_env }}
Environment=USER={{ gitlab_user }}
Environment=GITLAB_LOG_LEVEL={{ gitlab_log_level }}
Environment=GITLAB_RAILS_RACK_TIMEOUT={{ gitlab_rails_rack_timeout }}
# see https://gitlab.com/gitlab-org/gitlab/-/issues/352055
Environment=WIPE_METRICS_DIR=1
Environment=prometheus_multiproc_dir={{ gitlab_path }}/tmp/prometheus_multiproc_dir
Expand Down

0 comments on commit 5b21e12

Please sign in to comment.