Closed
Bug 1263680
Opened 8 years ago
Closed 8 years ago
Update hgweb ansible configs to work with CentOS 7
Categories
(Developer Services :: Mercurial: hg.mozilla.org, defect)
Developer Services
Mercurial: hg.mozilla.org
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: gps, Assigned: gps)
References
Details
Attachments
(2 files)
We currently support RHEL 6 and CentOS 6. We need to support CentOS 7 for production.
Assignee | ||
Comment 1•8 years ago
|
||
CentOS 7 runs httpd 2.4 instead of 2.2. There were a few changes in 2.4 that require httpd config changes. Most of them around authnz handling. Review commit: https://reviewboard.mozilla.org/r/45655/diff/#index_header See other reviews: https://reviewboard.mozilla.org/r/45655/
Attachment #8740231 -
Flags: review?(klibby)
Attachment #8740232 -
Flags: review?(klibby)
Assignee | ||
Comment 2•8 years ago
|
||
The changes to support CentOS 7 in Ansible aren't too bad. Unlike the hg-ssh conversion, we still support CentOS 6 because we'll need to keep the old hgweb machines running for a little bit. Review commit: https://reviewboard.mozilla.org/r/45657/diff/#index_header See other reviews: https://reviewboard.mozilla.org/r/45657/
Comment 3•8 years ago
|
||
Comment on attachment 8740232 [details] MozReview Request: ansible/hg-web: support CentOS 7 (bug 1263680); r?fubar https://reviewboard.mozilla.org/r/45657/#review42331 lgtm
Attachment #8740232 -
Flags: review?(klibby) → review+
Comment 4•8 years ago
|
||
Comment on attachment 8740231 [details] MozReview Request: ansible/hg-web: support httpd 2.4 (bug 1263680); r?fubar https://reviewboard.mozilla.org/r/45655/#review42321 Happy as it is, since it'll match prod; added some notes to consider as possible cleanup/improvement. ::: ansible/roles/hg-web/templates/httpd.conf.j2:28 (Diff revision 1) > +{% if ansible_distribution_major_version == '6' %} > LoadModule authn_default_module modules/mod_authn_default.so > -LoadModule authz_host_module modules/mod_authz_host.so > LoadModule authz_default_module modules/mod_authz_default.so > +{% else %} > +LoadModule authz_core_module modules/mod_authz_core.so Shouldn't be an issue, but worth noting: httpd24 default config moves the LoadModule stuff off to 'Include conf.modules.d/*.conf' ::: ansible/roles/hg-web/templates/httpd.conf.j2:114 (Diff revision 1) > HostnameLookups Off > > ErrorLog logs/error_log > LogLevel warn > > LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined Do we want to add '%{X-Forwarded-For}i' in here so we can get client IPs from zeus? ::: ansible/roles/hg-web/templates/httpd.conf.j2:139 (Diff revision 1) > + {% else %} > + Require all granted > + {% endif %} > </Directory> > > IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable Charset=UTF-8 Another httpd24-ism: IndexOptions and all of the icon stuff is moved to conf.d/autoindex.conf
Attachment #8740231 -
Flags: review?(klibby) → review+
Assignee | ||
Comment 5•8 years ago
|
||
https://reviewboard.mozilla.org/r/45655/#review42321 > Do we want to add '%{X-Forwarded-For}i' in here so we can get client IPs from zeus? Yeah, I'd like to hook up a new log format for these new hosts that doesn't suck as much. We still have the logging built into the Mercurial application layer, which does record X-Forwarded-For. So we're not losing any data. It's just not in the httpd logs. > Another httpd24-ism: IndexOptions and all of the icon stuff is moved to conf.d/autoindex.conf The httpd.conf for hgweb is self-contained. There are no `Include` directives. I think this is safest because you never know when your distro or some package install will add a new .conf file and it could completely change the operational characteristics of your server. (I've learned this the hard way.) It isn't difficult to create your own httpd.conf. I much prefer doing that than relying on the one-size-fits-all that the distro ships.
Assignee | ||
Comment 6•8 years ago
|
||
https://hg.mozilla.org/hgcustom/version-control-tools/rev/0d9b510e2ae0bbcb09ff52649c300a4784fc3a6a ansible/hg-web: support httpd 2.4 (bug 1263680); r=fubar https://hg.mozilla.org/hgcustom/version-control-tools/rev/5357c2ae79878276fc5946498a65f89d6a085ebc ansible/hg-web: support CentOS 7 (bug 1263680); r=fubar
Assignee | ||
Comment 7•8 years ago
|
||
https://hg.mozilla.org/hgcustom/version-control-tools/rev/aa4be8c57922eb890436b94a6d939ba59b40ff66 docker/hgweb-chroot: build with CentOS 7 (bug 1263680)
Assignee | ||
Comment 8•8 years ago
|
||
I'm calling this bug done. `./deploy hgmo` from v-c-t is currently able to deploy to the new CentOS 7 machines in prod.
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•