How to Load Gitlab Inside an Iframe

Linux Git GitLab

So you are trying to load GitLab inside another page via iframe, and you are not able to. Due to security reasons, this is default behavior for GitLab, and as per the project (see issue 2347, this will not change, and I agree).

However for some internal users this might not be the best approach, so here’s how to enable it.

Browse to your install directory and go to your ‘nginx’ folder. If you are not sure where it is, with your GitLab instance running, use the following command (assuming you are using port 8888).

# netstat -anp | grep 8888
tcp        0      0 0.0.0.0:8888                0.0.0.0:*                   LISTEN      19761/nginx

Now use the PID to find where ‘nginx’ is running:

# ps -ef | grep 19761
root     19761  1029  0 13:12 ?        00:00:00 nginx: master process /opt/gitlab/embedded/sbin/nginx -p /var/opt/gitlab/nginx

Browse to the config folder and edit the ‘gitlab-http.conf’

# cd /var/opt/gitlab/nginx/conf

# vim gitlab-http.conf

Add the line proxy_hide_header X-Frame-Options;in thelocation /` code block

 location / {
     ## Serve static files from defined root folder.
     ## @gitlab is a named location for the upstream fallback, see below.
     try_files $uri $uri/index.html $uri.html @gitlab;
   }


   proxy_hide_header X-Frame-Options;

Comment the line proxy_hide_header X-Frame-Options; if present

location @gitlab {
    ## If you use HTTPS make sure you disable gzip compression
    ## to be safe against BREACH attack.


    ## https://github.com/gitlabhq/gitlabhq/issues/694
    ## Some requests take more than 30 seconds.
    proxy_read_timeout      300;
    proxy_connect_timeout   300;
    proxy_redirect          off;

    proxy_set_header   X-Forwarded-Proto $scheme;
    proxy_set_header   Host              $http_host;
    proxy_set_header   X-Real-IP         $remote_addr;
    proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header   X-Frame-Options   SAMEORIGIN;
    #proxy_hide_header X-Frame-Options;

    proxy_pass http://gitlab;
  }

Restart GitLab

# gitlab-ctl restart
ok: run: logrotate: (pid 31748) 1s
ok: run: nginx: (pid 31752) 0s
ok: run: postgresql: (pid 31757) 1s
ok: run: redis: (pid 31766) 0s
ok: run: sidekiq: (pid 31774) 0s
ok: run: unicorn: (pid 31786) 0s

That should be it!!!

How to View DNS Calls Made by Processes

Linux Network

We had the need at work to monitor DNS calls made by an application in a RHEL system in order to stabilish if a connection pool config change had taken full effect, or if we had missed any configuration file. And the solution was to use SystemTap for this task.

SystemTap (stap) is a scripting language and tool that simplifies the gathering of information about the running Linux system. It allows you to monitor and trace the operation of a Linux kernel.

It should be present on most RHEL server installs, but for other desktop based distros (like Arch), you might need to install it.

Overview

The image below shows you the sript working and recording DNS lookup from Firefox (note the difference on the amount of connections between Google/Yahoo vs DuckDuckGo).

Installation

Install systemtap and linux-headers:

pacman -Syu systemtap linux-headers

Initial Config and Test

Because we are trying to figure out how the application makes DNS calls, we need to find where our libc6 library lives so we can probe it for requests (most likelly /usr/lib/libc.so.6 for Arch).

pacman -Ql glibc | grep '/libc.*so'
glibc /usr/lib/libc-2.26.so
glibc /usr/lib/libc.so
------------------------
glibc /usr/lib/libc.so.6
------------------------
glibc /usr/lib/libcidn-2.26.so
glibc /usr/lib/libcidn.so
glibc /usr/lib/libcidn.so.1
glibc /usr/lib/libcrypt-2.26.so
glibc /usr/lib/libcrypt.so
glibc /usr/lib/libcrypt.so.1

To test it, make sure the string probe process("/usr/lib/libc.so.6") has the location for libc6 on your system and run the command below:

sudo /usr/bin/stap -e 'probe process("/usr/lib/libc.so.6").function("getaddrinfo") { log(execname()) }'

You may get the following warning when running the script:

WARNING: Kernel function symbol table missing [man warning::symbols]

This is because Systemtap may need a linux-build style System.map file to find addresses of kernel functions/data. Try the command below to create it by hand:

sudo cp /proc/kallsyms /boot/System.map-`uname -r`

Running It


You can run the script below (or just the code) as root to monitor the connections. Output will be displayed on your current terminal, or you can choose to save it to a file.

_#!/bin/bash


system_stap="/usr/bin/stap"

_getaddrInfo () {
  /usr/bin/stap -e 'probe process("/usr/lib/libc.so.6").function("getaddrinfo")
{
  printf("| %-15s| %-7d| %-35s |\n", execname(), pid(), kernel_string(pointer_arg(1)))
}'
}

echo ""
printf "| %-15s| %-7s| %-35s |\n" "Process" "PID" "Destination Name"
echo "|----------------|--------|-------------------------------------|"


while true ; do
  _getaddrInfo
done
probe
  process("/lib64/libc.so.6").function("__gethostbyname_r").call,
  process("/lib64/libc.so.6").function("gethostbyname").call,
  process("/lib64/libc.so.6").function("__gethostbyname2_r").call,
  process("/lib64/libc.so.6").function("gethostbyname2").call,
  process("/lib64/libc.so.6").function("__new_gethostbyname2_r").call
{
	printf("[%s][%d]->%s(%s)\n", execname(), pid(), user_string(pointer_arg(1)), kernel_string(pointer_arg(1)))
}

Output:

$ sudo ./getAdreessInfo.sh
[sudo] password for victor:           

| Process        | PID    | Destination Name                    |
|----------------|--------|-------------------------------------|
| WorkerPool/5863| 5104   | adservice.google.ca                 |
| WorkerPool/6005| 5104   | apis.google.com                     |
| WorkerPool/1335| 5104   | clients5.google.com                 |
| WorkerPool/5823| 5104   | notifications.google.com            |
| WorkerPool/1856| 5104   | lh3.googleusercontent.com           |
| WorkerPool/5297| 5104   | ogs.google.com                      |
| WorkerPool/5823| 5104   | www.google.com                      |
| WorkerPool/1335| 5104   | www.gstatic.com                     |
| WorkerPool/5863| 5104   | uaswitcher.org                      |
| WorkerPool/6005| 5104   | fonts.gstatic.com                   |
| WorkerPool/5823| 5104   | play.google.com                     |

Closing Notes


The uses for SystemTap are very wide and diverse. You will be able to find great tutorials and documentation online. I’m also providing a few links below to some great documentation to get you started.

Bash Special Parameters

Bash Linux

Special parameters are set by the shell to store information about aspects of its current state, such as the number of arguments and the exit code of the last command. Special parameters can only be referenced and cannot have it’s value assigned.

Special parameters are: $*, $@, $#, $$, $!, $?, $0, $-, $_

Parameter Definition
$* List of arguments (as a string)
$@ List of arguments (as an array)
$# Number of positional parameters
$$ PID of the current shell
$! PID of the last command executed in the background
$? Exit code of the last-executed command
$0 Path to the currently running script
$- Current shell option flags
$_ Gives the last argument to the previous command

Atom as Markdown Editor

Markdown

I have been looking for a good Markdown editor for quite a while, and after a lot of research, I finally I found one.

Some of the key features that were very important to me on a Markdown editor were:

  • Live preview
  • File browser (sidebar)
  • GitHub flavored
  • Fast and non laggy preview

And not surprisingly, Atom from GitHub was my solution.

Imgur

You might also want to:

  • Change the preferences of the already installed package markdown-preview to GitHub flavored

apm install markdown-preview-auto-open

Gnome Touchpad Settings Missing in Arch Xps 13

Linux Arch Hardware

I had an issue where the Gnome extension ‘Touchpad Indicator’ stopped working on my xps 13 (Arch). After looking a bit further, it seems that the Gnome Touchpad settings had also stopped working. All I could see was the mouse settings, and the touchpad section was completelly gone.


Solution:

With Gnome 3.20, xf86-input-synaptics is not longer supported, and you should use xf86-input-libinput instead.

You can check what is installed on your Arch system with pacman -Q | grep input. In my case, I had both packages installed:

$ pacman -Q | grep input
inputproto 2.3.2-1
libinput 1.8.2-1
xf86-input-libinput 0.26.0-1
xf86-input-synaptics 1.9.0-1
xorg-xinput 1.6.2-1

Remove xf86-input-synaptics and any configuration file (like /etc/X11/xorg.conf.d/50-synaptics.conf), install xf86-input-libinput and reboot. That should get your configuration working again.

code with