Fix cert paths when not stored in GDK dir
What does this merge request do?
Fixes GitLab HTTP Router's Procfile options when NGINX SSL certificate paths are absolute paths.
Why?
I happen to specify absolute paths in my secondary Geo site's gdk.yml
for the NGINX SSL certificate and key paths. I could copy them to the secondary Geo site's GDK directory, but--
I also notice that the NGINX paths are almost always wrapped in config.gdk_root.join(...)
, as in this line, so it seems safer to be more consistent.
The behavior of config.gdk_root.join(...)
is that it doesn't modify the path if it is already absolute.
How to set up and validate locally
Numbered steps to set up and validate the change are strongly suggested.
I run two GDKs for Geo. I use HTTPS. I configure the secondary GDK to use the certs in the primary GDK's dir:
Click here to expand my secondary GDKs `gdk.yml`
---
gdk:
runit_wait_secs: 40
update_hooks:
after:
- make gitlab/git-checkout-auto-generated-files
before:
- gdk stop rails-background-jobs
- pkill -lf 'sidekiq-cluster' || true
- support/exec-cd gitlab bin/spring stop || true
- rake gitlab:truncate_logs
geo:
enabled: true
secondary: true
hostname: gdk2.test
https:
enabled: true
listen_address: 172.16.123.1
nginx:
enabled: true
http:
port: 8081
http2:
enabled: true
ssl:
certificate: "/Users/mkozonogitlab/Developer/gdk/gdk.test+1.pem"
key: "/Users/mkozonogitlab/Developer/gdk/gdk.test+1-key.pem"
port: 3444
postgresql:
dir: "/Users/mkozonogitlab/Developer/gdk/postgresql"
sshd:
enabled: true
listen_port: 2223
web_listen: 172.16.123.1:9123
vite:
enabled: true
hot_module_reloading: false
port: 3809
webpack:
enabled: false
workhorse:
configured_port: 3334
Click here to expand my primary GDK's `gdk.yml` for reference
---
gdk:
update_hooks:
after:
- make gitlab/git-checkout-auto-generated-files
before:
- gdk stop rails-background-jobs
- pkill -lf 'sidekiq-cluster' || true
- support/exec-cd gitlab bin/spring stop || true
- rake gitlab:truncate_logs
geo:
enabled: true
secondary: false
gitlab:
rails:
allowed_hosts:
- gdk2.test
hostname: gdk.test
https:
enabled: true
listen_address: 172.16.123.1
nginx:
enabled: true
http2:
enabled: true
ssl:
certificate: "/Users/mkozonogitlab/Developer/gdk/gdk.test+1.pem"
key: "/Users/mkozonogitlab/Developer/gdk/gdk.test+1-key.pem"
port: 3443
sshd:
enabled: false
vite:
enabled: true
hot_module_reloading: false
webpack:
enabled: false
Impacted categories
The following categories relate to this merge request:
-
gdk-reliability - e.g. When a GDK action fails to complete. -
gdk-usability - e.g. Improvements or suggestions around how the GDK functions. -
gdk-performance - e.g. When a GDK action is slow or times out.
Merge request checklist
-
This change is backward compatible. If not, please include steps to communicate to our users. -
Tests added for new functionality. If not, please raise an issue to follow-up. - [-] Documentation added/updated, if needed.
- [-] Announcement added, if change is notable.
-
gdk doctor
test added, if needed. -
Add the ~highlight
label if this MR should be included in theCHANGELOG.md
.