Google Git
Sign in
gerrit / modules / virtualhost / 54bc17d2531b2165e7a1b1c24d6eb967b18cfe4f
commit54bc17d2531b2165e7a1b1c24d6eb967b18cfe4f[log] [tgz]
authorLuca Milanesio <luca.milanesio@gmail.com>Thu Jul 04 09:59:21 2024 +0100
committerLuca Milanesio <luca.milanesio@gmail.com>Thu Jul 04 10:00:46 2024 +0100
treea9f17782c11d43c4ea36a7e167e1c658f9545146
parent78066fc41cacd0552e23366f492712c9b941fdf7 [diff]
Mention explicitly that general regex aren't supported

The general regex were neither explicitly allowed nor forbidden;
add a specific note in the documentation and checks in the code
and tests for making sure that the only general regex allowed
is ^.*

Change-Id: I61d51430e5586f805a4f7691ac6c865e0afc78b8
3 files changed
tree: a9f17782c11d43c4ea36a7e167e1c658f9545146
  1. src/
  2. .gitignore
  3. BUILD
  4. LICENSE
  5. README.md
README.md

Gerrit VirtualHost

Gerrit lib module to split the projects' space into virtual hosts similarly of what you would do with an HTTP Server and different domain names.

How to build

Build this module as it was a Gerrit plugin:

  • Clone Gerrit source tree
  • Clone the virtualhost source tree
  • Link the virtualhost directory to Gerrit /plugins/virtualhost
  • From Gerrit source tree run bazel build plugins/virtualhost
  • The virtualhost.jar module is generated under /bazel-genfiles/plugins/virtualhost/

How install

Copy virtualhost.jar library to Gerrit /lib and add the following two extra settings to gerrit.config:

[gerrit]
  installModule = com.gerritforge.gerrit.modules.virtualhost.GuiceModule

[httpd]
  filterClass = com.gerritforge.gerrit.modules.virtualhost.VirtualHostFilter

Propagation of the X-Forwarded-Host Header:

When Gerrit is hidden behind multiple service layers (eg. reverse-proxy and load balancer), it is essential to ensure the propagation from the upstream proxy of the header X-Forwarded-Host from the upstream proxy.

How to define virtual hosts

/etc/virtualhost.config contains the definition of the virtual hosts and the set of projects included.

Each server section defines a virtual host and contains a set of projects included. Projects are defined using Gerrit ref-matching expressions and can be repeated multiple times to include multiple matchers.

Example to include all the projects starting with team1/ and the ones starting with the username:

[server "team1.mycompany.com"]
  projects = team1/*
  projects = ${username}/*

Default host

For all the other server names that are not defined and for SSH access, there is a special default section that lists of visible projects.

Example to include all the projects by default:

[default]
  projects = ^.*

NOTE: The ^.* is the only regular expression supported by the virtualhost module because of the potential performance implication of a generic regular expression evaluation during the ACLs. Bear in mind that any possible action perform in Gerrit will go through the virtualhost module filtering and therefore it is paramount to minimize the potential performance impact.