Google Git
Sign in
gerrit / gerrit / 9ad8ba528e4faa1360fedad3a53fb9c233f40e43^! / . / Documentation / config-apache2.txt
commit9ad8ba528e4faa1360fedad3a53fb9c233f40e43[log] [tgz]
authorShawn O. Pearce <sop@google.com>Fri Dec 11 19:06:21 2009 -0800
committerShawn O. Pearce <sop@google.com>Sat Dec 12 20:26:30 2009 -0800
tree81bbe945b1422e14d893b4d1a0e2b6f49f9c97e1
parent9a310e5880feff15ec0a48e44363c37830b37aa7 [diff] [blame]
documentation: Rewrite installation guide to use new init process

Now that installation is more or less just one command with a guided
interaction asking configuration questions we can start to simplify
the user guide.

Change-Id: Id98f9843d29e1fe0b445c2a714ace9ec3938ff79
Signed-off-by: Shawn O. Pearce <sop@google.com>

diff --git a/Documentation/config-apache2.txt b/Documentation/config-apache2.txt
new file mode 100644
index 0000000..67c82ca
--- /dev/null
+++ b/Documentation/config-apache2.txt

@@ -0,0 +1,77 @@
+Gerrit Code Review - Apache 2 Reverse Proxy
+===========================================
+
+Description
+-----------
+
+Gerrit can be configured to run behind an Apache server using
+'mod_proxy'.  This allows Apache to bind to the privileged ports 80
+(or 443 for SSL), as well as offloads the SSL processing overhead
+from Java to optimized native C code.
+
+
+Configuration
+------------
+
+Enable the necessary Apache2 modules:
+
+----
+  a2enmod proxy_http
+  a2enmod ssl          ; # optional, needed for HTTPS / SSL
+----
+
+Ensure `'$site_path'/etc/gerrit.config` has the property
+link:config-gerrit.html#httpd.listenUrl[httpd.listenUrl] configured
+to use 'proxy-http://' or 'proxy-https://' and a free port number.
+This may have already been configured if proxy support was enabled
+during 'init'.
+
+----
+  [httpd]
+  	listenUrl = proxy-http://127.0.0.1:8081/r/
+----
+
+Configure an Apache VirtualHost to proxy to the Gerrit daemon, setting
+the 'ProxyPass' line to use the 'http://' URL configured above.
+
+----
+	<VirtualHost *>
+	  ServerName review.example.com
+
+	  ProxyRequests Off
+	  ProxyVia Off
+	  ProxyPreserveHost On
+
+	  <Proxy *>
+		Order deny,allow
+		Allow from all
+	  </Proxy>
+
+	  ProxyPass /r/ http://127.0.0.1:8081/r/
+	</VirtualHost>
+----
+
+SSL
+~~~
+
+To enable Apache to perform the SSL processing, use 'proxy-https://'
+in httpd.listenUrl within Gerrit's configuration file, and enable
+the SSL engine in the Apache VirtualHost block:
+
+----
+	<VirtualHost *:443>
+	  SSLEngine on
+	  SSLCertificateFile    conf/server.crt
+	  SSLCertificateKeyFile conf/server.key
+
+	  ... same as above ...
+	</VirtualHost>
+----
+
+See the Apache 'mod_ssl' documentation for more details on how to
+configure SSL within the server, like controlling how strong of an
+encryption algorithm is required.
+
+GERRIT
+------
+Part of link:index.html[Gerrit Code Review]