From 48cf19f9571cc5519908ee2d5ae0df71a9e5871e Mon Sep 17 00:00:00 2001 From: Sameer Naik Date: Sat, 23 Jul 2016 14:08:19 +0530 Subject: [PATCH] nginx" updated configs --- assets/runtime/config/nginx/gitlab | 9 +++++++-- assets/runtime/config/nginx/gitlab-ssl | 9 +++++++-- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/assets/runtime/config/nginx/gitlab b/assets/runtime/config/nginx/gitlab index 6cba103b..f4a4760f 100644 --- a/assets/runtime/config/nginx/gitlab +++ b/assets/runtime/config/nginx/gitlab @@ -52,10 +52,15 @@ server { proxy_http_version 1.1; - proxy_set_header Host $http_host; + ## By overwriting Host and clearing X-Forwarded-Host we ensure that + ## internal HTTP redirects generated by GitLab always send users to + ## YOUR_SERVER_FQDN. + proxy_set_header Host {{GITLAB_HOST}}; + proxy_set_header X-Forwarded-Host ""; + proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto {{NGINX_X_FORWARDED_PROTO}}; + proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://gitlab-workhorse; } diff --git a/assets/runtime/config/nginx/gitlab-ssl b/assets/runtime/config/nginx/gitlab-ssl index b0730bff..bd6d21b4 100644 --- a/assets/runtime/config/nginx/gitlab-ssl +++ b/assets/runtime/config/nginx/gitlab-ssl @@ -98,11 +98,16 @@ server { proxy_http_version 1.1; - proxy_set_header Host $http_host; + ## By overwriting Host and clearing X-Forwarded-Host we ensure that + ## internal HTTP redirects generated by GitLab always send users to + ## YOUR_SERVER_FQDN. + proxy_set_header Host {{GITLAB_HOST}}; + proxy_set_header X-Forwarded-Host ""; + proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto {{NGINX_X_FORWARDED_PROTO}}; + proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://gitlab-workhorse; }