Home / server / Questions / 909663
In Process
Ice Drake
Asked: 2018-04-27 20:07:47 +0800 CST

Nginx Configuration for GitLab as a subdirectory of a domain

  • 772

I am trying to configure Nginx on one server to route to a default GitLab installation on another server (192.168.1.3) through reverse proxy such that GitLab would work at the path http://myserver/gitlab, https://myserver/gitlab, http://192.168.1.3, and https://192.168.1.3. However, I think I ran into trouble since the server with GitLab also use Nginx as its own reverse proxy. Thus, I am not sure how to configure Nginx on both servers for GitLab to work properly.

Here is the current Nginx's configuration on the main Nginx server:

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;

    server_name myserver;

    location / {
        proxy_set_header HOST $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass $scheme://192.168.1.4;
    }

    location ~/gitlab/(.*)$ {
        proxy_set_header HOST $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass $scheme://192.168.1.3/$1;
    }
}

Here is the default Nginx's configuration on the GitLab server:

upstream gitlab {
    server unix:/home/git/gitlab/tmp/sockets/gitlab.socket fail_timeout=0;
}

upstream gitlab-workhorse {
    server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
}

server {
    listen 0.0.0.0:80;
    include /etc/nginx/include/gitlab-proxy;
}

server {
    listen 0.0.0.0:443 ssl;
    include /etc/nginx/include/ssl;
    include /etc/nginx/include/gitlab-proxy;
}

Here is what is on /etc/nginx/include/gitlab-proxy:

root /home/git/gitlab/public;

access_log /var/log/nginx/gitlab.access.log;
error_log /var/log/nginx/gitlab.error.log;

location / {
    try_files $uri $uri/index.html $uri.html @gitlab;
}

location @gitlab {
    proxy_set_header HOST $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-NginX-Proxy true;
    proxy_set_header X-Forwarded-Proto $scheme;

    proxy_pass http://gitlab;
    proxy_redirect off;
    proxy_buffering off;
}

location ~ [-\/\w\.]+\.git\/ {
    proxy_set_header HOST $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-NginX-Proxy true;
    proxy_set_header X-Forwarded-Proto $scheme;

    proxy_pass http://gitlab-workhorse;
    proxy_redirect off;
    proxy_buffering off;

    proxy_connect_timeout 300;
    proxy_read_timeout 300;
}

The host name of gitlab is addressed to 127.0.0.1 on the GitLab server.

FYI, this question is similar to the question here except that it is asking for SSL in particular. The GitLab environment GITLAB_RELATIVE_URL_ROOT is changed. It is something I don't know how to change or even want to change as I want it to be still accessible via http://192.168.1.3 and https://192.168.1.3. Also, it uses Docker container for Nginx.

nginx

0 Answers