Skip to content

G
gitlab-ce
Commit 771798f5 authored by Gabriel Mazetto's avatar Gabriel Mazetto
Browse files
Options

HTTPS/SSL checks for Geo Nodes

parent b125c8df
Hide whitespace changes
Inline Side-by-side
Showing with 26 additions and 10 deletions
lib/tasks/gitlab/check.rake
View file @ 771798f5
...@@ -950,6 +950,10 @@ namespace :gitlab do ...@@ -950,6 +950,10 @@ namespace :gitlab do
'doc/gitlab-geo/README.md' 'doc/gitlab-geo/README.md'
end end
def see_custom_certificate_doc
'https://docs.gitlab.com/omnibus/common_installation_problems/README.html#using-self-signed-certificate-or-custom-certificate-authorities'
end
def sudo_gitlab(command) def sudo_gitlab(command)
"sudo -u #{gitlab_user} -H #{command}" "sudo -u #{gitlab_user} -H #{command}"
end end
...@@ -1098,8 +1102,14 @@ namespace :gitlab do ...@@ -1098,8 +1102,14 @@ namespace :gitlab do
end end
def check_gitlab_geo_node(node) def check_gitlab_geo_node(node)
display_error = Proc.new do |e|
puts 'no'.color(:red)
puts ' Reason:'.color(:blue)
puts " #{e.message}"
end
begin begin
response = Net::HTTP.start(node.uri.host, node.uri.port) do |http| response = Net::HTTP.start(node.uri.host, node.uri.port, use_ssl: (node.uri.scheme == 'https')) do |http|
http.request(Net::HTTP::Get.new(node.uri)) http.request(Net::HTTP::Get.new(node.uri))
end end
...@@ -1109,18 +1119,15 @@ namespace :gitlab do ...@@ -1109,18 +1119,15 @@ namespace :gitlab do
puts 'no'.color(:red) puts 'no'.color(:red)
end end
rescue Errno::ECONNREFUSED => e rescue Errno::ECONNREFUSED => e
puts 'no'.color(:red) display_error.call(e)
puts ' Reason:'.color(:blue)
puts " #{e.message}"
try_fixing_it( try_fixing_it(
'Check if the machine is online and GitLab is running', 'Check if the machine is online and GitLab is running',
'Check your firewall rules and make sure this machine can reach target machine', 'Check your firewall rules and make sure this machine can reach target machine',
"Make sure port and protocol are correct: '#{node.url}', or change it in Admin > Geo Nodes" "Make sure port and protocol are correct: '#{node.url}', or change it in Admin > Geo Nodes"
) )
rescue SocketError => e rescue SocketError => e
puts 'no'.color(:red) display_error.call(e)
puts ' Reason:'.color(:blue)
puts " #{e.message}"
if e.cause && e.cause.message.starts_with?('getaddrinfo') if e.cause && e.cause.message.starts_with?('getaddrinfo')
try_fixing_it( try_fixing_it(
...@@ -1129,10 +1136,19 @@ namespace :gitlab do ...@@ -1129,10 +1136,19 @@ namespace :gitlab do
'If machine host is incorrect, change it in Admin > Geo Nodes' 'If machine host is incorrect, change it in Admin > Geo Nodes'
) )
end end
rescue OpenSSL::SSL::SSLError => e
display_error.call(e)
try_fixing_it(
'If you have a self-signed CA or certificate you need to whitelist in Omnibus',
)
for_more_information(see_custom_certificate_doc)
try_fixing_it(
'If you have a valid certificate make sure you have the full certificate chain in the pem file'
)
rescue Exception => e rescue Exception => e
puts 'no'.color(:red) display_error.call(e)
puts ' Reason:'.color(:blue)
puts " #{e.message}"
end end
end end
end end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7