Date: Tuesday, August 8, 2017 @ 21:28:45
  Author: svenstaro
Revision: 249627

upgpkg: gitlab 9.4.3-3

Remove webserver config templates

I can't downstream maintain these properly and there is no good upstream source 
for those anymore.
This kind of thing is much better done in the wiki or upstream but not as files 
maintained by me.

Modified:
  gitlab/trunk/PKGBUILD
Deleted:
  gitlab/trunk/apache-ssl.conf.example
  gitlab/trunk/apache.conf.example
  gitlab/trunk/apache2.2-ssl.conf.example
  gitlab/trunk/apache2.2.conf.example
  gitlab/trunk/nginx-ssl.conf.example
  gitlab/trunk/nginx.conf.example

----------------------------+
 PKGBUILD                   |   25 +--------
 apache-ssl.conf.example    |   94 ------------------------------------
 apache.conf.example        |   64 ------------------------
 apache2.2-ssl.conf.example |   93 -----------------------------------
 apache2.2.conf.example     |   63 ------------------------
 nginx-ssl.conf.example     |  112 -------------------------------------------
 nginx.conf.example         |   69 --------------------------
 7 files changed, 3 insertions(+), 517 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD    2017-08-08 21:26:41 UTC (rev 249626)
+++ PKGBUILD    2017-08-08 21:28:45 UTC (rev 249627)
@@ -8,7 +8,7 @@
 
 pkgname=gitlab
 pkgver=9.4.3
-pkgrel=2
+pkgrel=3
 pkgdesc="Project management and code hosting application"
 arch=('x86_64')
 url="https://gitlab.com/gitlab-org/gitlab-ce/tree/master#README";
@@ -33,14 +33,7 @@
         gitlab-backup.timer
         gitlab.target
         gitlab.tmpfiles.d
-        gitlab.logrotate
-        apache.conf.example
-        apache-ssl.conf.example
-        apache2.2.conf.example
-        apache2.2-ssl.conf.example
-        nginx.conf.example
-        nginx-ssl.conf.example
-        lighttpd.conf.example)
+        gitlab.logrotate)
 install='gitlab.install'
 
sha512sums=('1caac46183ce7a7926401a831459bb8e5fc006420e3208c637bb7cf8e13f94c7da69adf968cd911b97f82b3842e7afc3f122eeb708d68e8f8c1a750c348e5978'
             
'56cce150645ef74fa42a6100c8bc7689c4012579e1f3ba237c06c367b121246b39e968044615fa21c4757bc8e9d06f37f8ac8d39aa8b808c758e716857553f66'
@@ -50,14 +43,7 @@
             
'c11d2c59da8325551a465227096e8d39b0e4bcd5b1db21565cf3439e431838c04bc00aa6f07f4d493f3f47fd6b4e25aeb0fe0fc1a05756064706bf5708c960ec'
             
'c519a51d31300074ea12594fbcc8e9610d991ef04b1dac94d93a2b201df3465999cc7c6ac7f3896e02b117c2366d61dea1ef2f6b9cd7b18998385a7f26e5700f'
             
'abacbff0d7be918337a17b56481c84e6bf3eddd9551efe78ba9fb74337179e95c9b60f41c49f275e05074a4074a616be36fa208a48fc12d5b940f0554fbd89c3'
-            
'20b93eab504e82cc4401685b59e6311b4d2c0285bc594d47ce4106d3f418a3e2ba92c4f49732748c0ba913aa3e3299126166e37d2a2d5b4d327d66bae4b8abda'
-            
'441585489fb992d5e893f14bf0770df04ada95ffdbfcc80bb98a44eda7db520d12c985f600d003d80a196562654d2231598f8481ff9bf664bb5889f564e897e7'
-            
'99f31439d348e21f764875b6207db8663b47f3224ad6a9f35b89c8a2ed29a9e831a974aa6b9429a3882fb74c1c9d42ed5c38b2d16ae122b5d55d5873a0c57cd3'
-            
'624eb1f13e0265522290faa8c22b4150e6081ca2580391c9dfd871f1ee1b9c1c745c95d3d8f7fdbf85038990060141b844c3d8097c577ab68e5506bfa2d2dddb'
-            
'248d47b44fa5ed65e2a940f2b60d0482c481b3a438357ca510848221370367ffbc0d83ce046d688bebbbc75d4e321b140f6a5ce1a9d7ec0b034fafcf92dee107'
-            
'53a9d6d6f87874b29e48a8fb2e207094ebc1a80af478562ec4b591926d59e135a3166c20966704aa948ca7063ba63c1ec4ac290a343832fa18025ec3d85081ba'
-            
'6d3006da591acefcc534c6e3f1da8e812d0b3b21fc416bfaa8678b8e2d922be6b17d1c92b0d7164de3b8ad864139253707107ca082f78e823d23f3b65fcb5914'
-            
'c78b6f46abcf603d8db6e38cf50868e14145928422ddfe17c88e2f006b5b910dddf456ec5d6d724b250994530643963809688a98f7e12ebd5b5dabf7f96f0e06')
+            
'20b93eab504e82cc4401685b59e6311b4d2c0285bc594d47ce4106d3f418a3e2ba92c4f49732748c0ba913aa3e3299126166e37d2a2d5b4d327d66bae4b8abda')
 
 _datadir="/usr/share/webapps/${pkgname}"
 _etcdir="/etc/webapps/${pkgname}"
@@ -211,11 +197,6 @@
 
   install -Dm644 "${srcdir}/gitlab.tmpfiles.d" 
"${pkgdir}/usr/lib/tmpfiles.d/gitlab.conf"
   install -Dm644 "${srcdir}/gitlab.logrotate" 
"${pkgdir}/etc/logrotate.d/gitlab"
-
-  # Install webserver config templates
-  for config_file in apache apache-ssl apache2.2 apache2.2-ssl nginx nginx-ssl 
lighttpd; do
-    install -m644 "${srcdir}/${config_file}.conf.example" 
"${pkgdir}/usr/share/doc/${pkgname}"
-  done
 }
 
 # vim:set ts=2 sw=2 et:

Deleted: apache-ssl.conf.example
===================================================================
--- apache-ssl.conf.example     2017-08-08 21:26:41 UTC (rev 249626)
+++ apache-ssl.conf.example     2017-08-08 21:28:45 UTC (rev 249627)
@@ -1,94 +0,0 @@
-# This configuration has been tested on GitLab 8.2
-# Note this config assumes unicorn is listening on default port 8080 and
-# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to
-# listen on port 8181, edit or create /etc/default/gitlab and change or add 
the following:
-#
-# gitlab_workhorse_options="-listenUmask 0 -listenNetwork tcp -listenAddr 
127.0.0.1:8181 -authBackend http://127.0.0.1:8080";
-#
-#Module dependencies
-# mod_rewrite
-# mod_ssl
-# mod_proxy
-# mod_proxy_http
-# mod_headers
-
-# This section is only needed if you want to redirect http traffic to https.
-# You can live without it but clients will have to type in https:// to reach 
gitlab.
-<VirtualHost *:80>
-  ServerName YOUR_SERVER_FQDN
-  ServerSignature Off
-
-  RewriteEngine on
-  RewriteCond %{HTTPS} !=on
-  RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
-</VirtualHost>
-
-<VirtualHost *:443>
-  SSLEngine on
-  #strong encryption ciphers only
-  #see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
-  SSLProtocol all -SSLv2 -SSLv3
-  SSLHonorCipherOrder on
-#  SSLCipherSuite 
"ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
-  SSLCipherSuite 
"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"
-  Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
-  SSLCompression Off
-  SSLCertificateFile /etc/httpd/ssl.crt/YOUR_SERVER_FQDN.crt
-  SSLCertificateKeyFile /etc/httpd/ssl.key/YOUR_SERVER_FQDN.key
-  SSLCACertificateFile /etc/httpd/ssl.crt/your-ca.crt
-
-  ServerName YOUR_SERVER_FQDN
-  ServerSignature Off
-
-  ProxyPreserveHost On
-
-  # Ensure that encoded slashes are not decoded but left in their encoded 
state.
-  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
-  AllowEncodedSlashes NoDecode
-
-  <Location />
-    # New authorization commands for apache 2.4 and up
-    # http://httpd.apache.org/docs/2.4/upgrading.html#access
-    Require all granted
-
-    #Allow forwarding to gitlab-workhorse
-    ProxyPassReverse http://127.0.0.1:8181
-    ProxyPassReverse http://YOUR_SERVER_FQDN/
-  </Location>
-
-  # Apache equivalent of nginx try files
-  # 
http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
-  # 
http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
-  RewriteEngine on
-
-  #Don't escape encoded characters in api requests
-  RewriteCond %{REQUEST_URI} ^/api/v3/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
-
-  #Forward all requests to gitlab-workhorse except existing files like error 
documents
-  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
-  RewriteCond %{REQUEST_URI} ^/uploads/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
-
-  RequestHeader set X_FORWARDED_PROTO 'https'
-  RequestHeader set X-Forwarded-Ssl on
-
-  # needed for downloading attachments
-  DocumentRoot /usr/share/webapps/gitlab/public
-
-  #Set up apache error documents, if back end goes down (i.e. 503 error) then 
a maintenance/deploy page is thrown up.
-  ErrorDocument 404 /404.html
-  ErrorDocument 422 /422.html
-  ErrorDocument 500 /500.html
-  ErrorDocument 503 /deploy.html
-
-  # It is assumed that the log directory is in /var/log/httpd.
-  # For Debian distributions you might want to change this to
-  # /var/log/apache2.
-  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
-  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined 
env=!dontlog
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
-
-</VirtualHost>

Deleted: apache.conf.example
===================================================================
--- apache.conf.example 2017-08-08 21:26:41 UTC (rev 249626)
+++ apache.conf.example 2017-08-08 21:28:45 UTC (rev 249627)
@@ -1,64 +0,0 @@
-# This configuration has been tested on GitLab 8.2
-# Note this config assumes unicorn is listening on default port 8080 and
-# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to
-# listen on port 8181, edit or create /etc/default/gitlab and change or add 
the following:
-#
-# gitlab_workhorse_options="-listenUmask 0 -listenNetwork tcp -listenAddr 
127.0.0.1:8181 -authBackend http://127.0.0.1:8080";
-#
-#Module dependencies
-# mod_rewrite
-# mod_proxy
-# mod_proxy_http
-<VirtualHost *:80>
-  ServerName YOUR_SERVER_FQDN
-  ServerSignature Off
-
-  ProxyPreserveHost On
-
-  # Ensure that encoded slashes are not decoded but left in their encoded 
state.
-  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
-  AllowEncodedSlashes NoDecode
-
-  <Location />
-    # New authorization commands for apache 2.4 and up
-    # http://httpd.apache.org/docs/2.4/upgrading.html#access
-    Require all granted
-
-    #Allow forwarding to gitlab-workhorse
-    ProxyPassReverse http://127.0.0.1:8181
-    ProxyPassReverse http://YOUR_SERVER_FQDN/
-  </Location>
-
-  # Apache equivalent of nginx try files
-  # 
http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
-  # 
http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
-  RewriteEngine on
-
-  #Don't escape encoded characters in api requests
-  RewriteCond %{REQUEST_URI} ^/api/v3/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
-
-  #Forward all requests to gitlab-workhorse except existing files like error 
documents
-  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
-  RewriteCond %{REQUEST_URI} ^/uploads/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
-
-  # needed for downloading attachments
-  DocumentRoot /usr/share/webapps/gitlab/public
-
-  #Set up apache error documents, if back end goes down (i.e. 503 error) then 
a maintenance/deploy page is thrown up.
-  ErrorDocument 404 /404.html
-  ErrorDocument 422 /422.html
-  ErrorDocument 500 /500.html
-  ErrorDocument 503 /deploy.html
-
-  # It is assumed that the log directory is in /var/log/httpd.
-  # For Debian distributions you might want to change this to
-  # /var/log/apache2.
-  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
-  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined 
env=!dontlog
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
-
-</VirtualHost>

Deleted: apache2.2-ssl.conf.example
===================================================================
--- apache2.2-ssl.conf.example  2017-08-08 21:26:41 UTC (rev 249626)
+++ apache2.2-ssl.conf.example  2017-08-08 21:28:45 UTC (rev 249627)
@@ -1,93 +0,0 @@
-# This configuration has been tested on GitLab 8.2
-# Note this config assumes unicorn is listening on default port 8080 and
-# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to
-# listen on port 8181, edit or create /etc/default/gitlab and change or add 
the following:
-#
-# gitlab_workhorse_options="-listenUmask 0 -listenNetwork tcp -listenAddr 
127.0.0.1:8181 -authBackend http://127.0.0.1:8080";
-#
-#Module dependencies
-# mod_rewrite
-# mod_ssl
-# mod_proxy
-# mod_proxy_http
-# mod_headers
-
-# This section is only needed if you want to redirect http traffic to https.
-# You can live without it but clients will have to type in https:// to reach 
gitlab.
-<VirtualHost *:80>
-  ServerName YOUR_SERVER_FQDN
-  ServerSignature Off
-
-  RewriteEngine on
-  RewriteCond %{HTTPS} !=on
-  RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
-</VirtualHost>
-
-<VirtualHost *:443>
-  SSLEngine on
-  #strong encryption ciphers only
-  #see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
-  SSLProtocol all -SSLv2 -SSLv3
-  SSLHonorCipherOrder on
-#  SSLCipherSuite 
"ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
-  SSLCipherSuite 
"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"
-  Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
-  SSLCompression Off
-  SSLCertificateFile /etc/httpd/ssl.crt/YOUR_SERVER_FQDN.crt
-  SSLCertificateKeyFile /etc/httpd/ssl.key/YOUR_SERVER_FQDN.key
-  SSLCACertificateFile /etc/httpd/ssl.crt/your-ca.crt
-
-  ServerName YOUR_SERVER_FQDN
-  ServerSignature Off
-
-  ProxyPreserveHost On
-
-  # Ensure that encoded slashes are not decoded but left in their encoded 
state.
-  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
-  AllowEncodedSlashes NoDecode
-
-  <Location />
-    Order deny,allow
-    Allow from all
-
-    #Allow forwarding to gitlab-workhorse
-    ProxyPassReverse http://127.0.0.1:8181
-    ProxyPassReverse http://YOUR_SERVER_FQDN/
-  </Location>
-
-  # Apache equivalent of nginx try files
-  # 
http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
-  # 
http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
-  RewriteEngine on
-
-  #Don't escape encoded characters in api requests
-  RewriteCond %{REQUEST_URI} ^/api/v3/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
-
-  #Forward all requests to gitlab-workhorse except existing files like error 
documents
-  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
-  RewriteCond %{REQUEST_URI} ^/uploads/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
-
-  RequestHeader set X_FORWARDED_PROTO 'https'
-  RequestHeader set X-Forwarded-Ssl on
-
-  # needed for downloading attachments
-  DocumentRoot /usr/share/webapps/gitlab/public
-
-  #Set up apache error documents, if back end goes down (i.e. 503 error) then 
a maintenance/deploy page is thrown up.
-  ErrorDocument 404 /404.html
-  ErrorDocument 422 /422.html
-  ErrorDocument 500 /500.html
-  ErrorDocument 503 /deploy.html
-
-  # It is assumed that the log directory is in /var/log/httpd.
-  # For Debian distributions you might want to change this to
-  # /var/log/apache2.
-  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
-  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined 
env=!dontlog
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
-
-</VirtualHost>

Deleted: apache2.2.conf.example
===================================================================
--- apache2.2.conf.example      2017-08-08 21:26:41 UTC (rev 249626)
+++ apache2.2.conf.example      2017-08-08 21:28:45 UTC (rev 249627)
@@ -1,63 +0,0 @@
-# This configuration has been tested on GitLab 8.2
-# Note this config assumes unicorn is listening on default port 8080 and
-# gitlab-workhorse is listening on port 8181. To allow gitlab-workhorse to
-# listen on port 8181, edit or create /etc/default/gitlab and change or add 
the following:
-#
-# gitlab_workhorse_options="-listenUmask 0 -listenNetwork tcp -listenAddr 
127.0.0.1:8181 -authBackend http://127.0.0.1:8080";
-#
-#Module dependencies
-# mod_rewrite
-# mod_proxy
-# mod_proxy_http
-<VirtualHost *:80>
-  ServerName YOUR_SERVER_FQDN
-  ServerSignature Off
-
-  ProxyPreserveHost On
-
-  # Ensure that encoded slashes are not decoded but left in their encoded 
state.
-  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
-  AllowEncodedSlashes NoDecode
-
-  <Location />
-    Order deny,allow
-    Allow from all
-
-    #Allow forwarding to gitlab-workhorse
-    ProxyPassReverse http://127.0.0.1:8181
-    ProxyPassReverse http://YOUR_SERVER_FQDN/
-  </Location>
-
-  # Apache equivalent of nginx try files
-  # 
http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
-  # 
http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
-  RewriteEngine on
-
-  #Don't escape encoded characters in api requests
-  RewriteCond %{REQUEST_URI} ^/api/v3/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
-
-  #Forward all requests to gitlab-workhorse except existing files like error 
documents
-  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
-  RewriteCond %{REQUEST_URI} ^/uploads/.*
-  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
-
-  # needed for downloading attachments
-  DocumentRoot /usr/share/webapps/gitlab/public
-
-  #Set up apache error documents, if back end goes down (i.e. 503 error) then 
a maintenance/deploy page is thrown up.
-  ErrorDocument 404 /404.html
-  ErrorDocument 422 /422.html
-  ErrorDocument 500 /500.html
-  ErrorDocument 503 /deploy.html
-
-  # It is assumed that the log directory is in /var/log/httpd.
-  # For Debian distributions you might want to change this to
-  # /var/log/apache2.
-  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
-  ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined 
env=!dontlog
-  CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
-
-</VirtualHost>

Deleted: nginx-ssl.conf.example
===================================================================
--- nginx-ssl.conf.example      2017-08-08 21:26:41 UTC (rev 249626)
+++ nginx-ssl.conf.example      2017-08-08 21:28:45 UTC (rev 249627)
@@ -1,112 +0,0 @@
-## GitLab
-##
-## Modified from nginx http version
-## Modified from 
http://blog.phusion.nl/2012/04/21/tutorial-setting-up-gitlab-on-debian-6/
-## Modified from 
https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
-##
-## Lines starting with two hashes (##) are comments with information.
-## Lines starting with one hash (#) are configuration parameters that can be 
uncommented.
-##
-##################################
-##        CONTRIBUTING          ##
-##################################
-##
-## If you change this file in a Merge Request, please also create
-## a Merge Request on 
https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
-##
-###################################
-##         configuration         ##
-###################################
-##
-## See installation.md#using-https for additional HTTPS configuration details.
-
-upstream gitlab-workhorse {
-  server unix:/run/gitlab/gitlab-workhorse.socket fail_timeout=0;
-}
-
-## Redirects all HTTP traffic to the HTTPS host
-server {
-  ## Either remove "default_server" from the listen line below,
-  ## or delete the /etc/nginx/sites-enabled/default file. This will cause 
gitlab
-  ## to be served if you visit any address that your server responds to, eg.
-  ## the ip address of the server (http://x.x.x.x/)
-  listen 0.0.0.0:80;
-  listen [::]:80 ipv6only=on default_server;
-  server_name YOUR_SERVER_FQDN; ## Replace this with something like 
gitlab.example.com
-  server_tokens off; ## Don't show the nginx version number, a security best 
practice
-  return 301 https://$http_host$request_uri;
-  access_log  /var/log/nginx/gitlab_access.log;
-  error_log   /var/log/nginx/gitlab_error.log;
-}
-
-## HTTPS host
-server {
-  listen 0.0.0.0:443 ssl;
-  listen [::]:443 ipv6only=on ssl default_server;
-  server_name YOUR_SERVER_FQDN; ## Replace this with something like 
gitlab.example.com
-  server_tokens off; ## Don't show the nginx version number, a security best 
practice
-
-  ## Strong SSL Security
-  ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & 
https://cipherli.st/
-  ssl on;
-  ssl_certificate /etc/nginx/ssl/gitlab.crt;
-  ssl_certificate_key /etc/nginx/ssl/gitlab.key;
-
-  # GitLab needs backwards compatible ciphers to retain compatibility with 
Java IDEs
-  ssl_ciphers 
"ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
-  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-  ssl_prefer_server_ciphers on;
-  ssl_session_cache shared:SSL:10m;
-  ssl_session_timeout 5m;
-
-  ## See app/controllers/application_controller.rb for headers set
-
-  ## [Optional] If your certficate has OCSP, enable OCSP stapling to reduce 
the overhead and latency of running SSL.
-  ## Replace with your ssl_trusted_certificate. For more info see:
-  ## - https://medium.com/devops-programming/4445f4862461
-  ## - https://www.ruby-forum.com/topic/4419319
-  ## - 
https://www.digitalocean.com/community/tutorials/how-to-configure-ocsp-stapling-on-apache-and-nginx
-  # ssl_stapling on;
-  # ssl_stapling_verify on;
-  # ssl_trusted_certificate /etc/nginx/ssl/stapling.trusted.crt;
-  # resolver 208.67.222.222 208.67.222.220 valid=300s; # Can change to your 
DNS resolver if desired
-  # resolver_timeout 5s;
-
-  ## [Optional] Generate a stronger DHE parameter:
-  ##   sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096
-  ##
-  # ssl_dhparam /etc/ssl/certs/dhparam.pem;
-
-  ## Individual nginx logs for this GitLab vhost
-  access_log  /var/log/nginx/gitlab_access.log;
-  error_log   /var/log/nginx/gitlab_error.log;
-
-  location / {
-    client_max_body_size 0;
-    gzip off;
-
-    ## https://github.com/gitlabhq/gitlabhq/issues/694
-    ## Some requests take more than 30 seconds.
-    proxy_read_timeout      300;
-    proxy_connect_timeout   300;
-    proxy_redirect          off;
-
-    proxy_http_version 1.1;
-
-    proxy_set_header    Host                $http_host;
-    proxy_set_header    X-Real-IP           $remote_addr;
-    proxy_set_header    X-Forwarded-Ssl     on;
-    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
-    proxy_set_header    X-Forwarded-Proto   $scheme;
-    proxy_pass http://gitlab-workhorse;
-  }
-
-  error_page 404 /404.html;
-  error_page 422 /422.html;
-  error_page 500 /500.html;
-  error_page 502 /502.html;
-  location ~ ^/(404|422|500|502)\.html$ {
-    root /usr/share/webapps/gitlab/public;
-    internal;
-  }
-}

Deleted: nginx.conf.example
===================================================================
--- nginx.conf.example  2017-08-08 21:26:41 UTC (rev 249626)
+++ nginx.conf.example  2017-08-08 21:28:45 UTC (rev 249627)
@@ -1,69 +0,0 @@
-## GitLab
-##
-## Lines starting with two hashes (##) are comments with information.
-## Lines starting with one hash (#) are configuration parameters that can be 
uncommented.
-##
-##################################
-##        CONTRIBUTING          ##
-##################################
-##
-## If you change this file in a Merge Request, please also create
-## a Merge Request on 
https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
-##
-###################################
-##         configuration         ##
-###################################
-##
-## See installation.md#using-https for additional HTTPS configuration details.
-
-upstream gitlab-workhorse {
-  server unix:/run/gitlab/gitlab-workhorse.socket fail_timeout=0;
-}
-
-## Normal HTTP host
-server {
-  ## Either remove "default_server" from the listen line below,
-  ## or delete the /etc/nginx/sites-enabled/default file. This will cause 
gitlab
-  ## to be served if you visit any address that your server responds to, eg.
-  ## the ip address of the server (http://x.x.x.x/)n 0.0.0.0:80 default_server;
-  listen 0.0.0.0:80 default_server;
-  listen [::]:80 default_server;
-  server_name YOUR_SERVER_FQDN; ## Replace this with something like 
gitlab.example.com
-  server_tokens off; ## Don't show the nginx version number, a security best 
practice
-
-  ## See app/controllers/application_controller.rb for headers set
-
-  ## Individual nginx logs for this GitLab vhost
-  access_log  /var/log/nginx/gitlab_access.log;
-  error_log   /var/log/nginx/gitlab_error.log;
-
-  location / {
-    client_max_body_size 0;
-    gzip off;
-
-    ## https://github.com/gitlabhq/gitlabhq/issues/694
-    ## Some requests take more than 30 seconds.
-    proxy_read_timeout      300;
-    proxy_connect_timeout   300;
-    proxy_redirect          off;
-
-    proxy_http_version 1.1;
-
-    proxy_set_header    Host                $http_host;
-    proxy_set_header    X-Real-IP           $remote_addr;
-    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
-    proxy_set_header    X-Forwarded-Proto   $scheme;
-
-    proxy_pass http://gitlab-workhorse;
-  }
-
-  error_page 404 /404.html;
-  error_page 422 /422.html;
-  error_page 500 /500.html;
-  error_page 502 /502.html;
-  location ~ ^/(404|422|500|502)\.html$ {
-    root /usr/share/webapps/gitlab/public;
-    internal;
-  }
-
-}

Reply via email to