2026-01-25 14:08:09 +00:00 · 2018-11-10 23:37:48 +01:00 · 2018-11-10 23:37:48 +01:00 · 5c59e16edb
commit 5c59e16edb
parent 5ed969bf1a
3 changed files with 54 additions and 35 deletions
--- a/README.md
+++ b/README.md
@ -917,6 +917,7 @@ Below is the complete list of available options that can be used to customize yo
 | `GITLAB_PAGES_EXTERNAL_HTTP` | Sets GitLab Pages external http to receive request on an independen port. Disabled by default |
 | `GITLAB_PAGES_EXTERNAL_HTTPS` | Sets GitLab Pages external https to receive request on an independen port. Disabled by default |
 | `GITLAB_PAGES_ACCESS_CONTROL` | Set to `true` to enable access control for pages. Allows access to a Pages site to be controlled based on a user’s membership to that project. Disabled by default. |
+| `GITLAB_PAGES_NGINX_PROXY` | Disable the nginx proxy for gitlab pages, defaults to `true`. When set to `false` this will turn off the nginx proxy to the gitlab pages daemon, used when the user provides their own http load balancer in combination with a gitlab pages custom domain setup. |
 | `GITLAB_HTTPS` | Set to `true` to enable https support, disabled by default. |
 | `GITALY_CLIENT_PATH` | Set default path for gitaly. defaults to `/home/git/gitaly` |
 | `GITALY_TOKEN` | Set a gitaly token, blank by default. |
--- a/assets/runtime/env-defaults
+++ b/assets/runtime/env-defaults
@ -414,6 +414,7 @@ GITLAB_PAGES_HTTPS=${GITLAB_PAGES_HTTPS:-false}
 GITLAB_PAGES_EXTERNAL_HTTP=${GITLAB_PAGES_EXTERNAL_HTTP:-}
 GITLAB_PAGES_EXTERNAL_HTTPS=${GITLAB_PAGES_EXTERNAL_HTTPS:-}
 GITLAB_PAGES_ACCESS_CONTROL=${GITLAB_PAGES_ACCESS_CONTROL:-false}
+GITLAB_PAGES_NGINX_PROXY=${GITLAB_PAGES_NGINX_PROXY:-true}

 ## Gitaly
 GITALY_CLIENT_PATH=${GITALY_CLIENT_PATH:-$GITLAB_GITALY_INSTALL_DIR}
--- a/assets/runtime/functions
+++ b/assets/runtime/functions
@ -1121,22 +1121,24 @@ nginx_configure_gitlab_hsts() {
  fi
 }

- nginx_configure_gitlab_ipv6() {
-   if [[ ! -f /proc/net/if_inet6 ]]; then
-     # disable ipv6 support in nginx for gitlab
-     sed -i \
-       -e "/listen \[::\]:80/d" \
-       -e "/listen \[::\]:443/d" \
-       ${GITLAB_NGINX_CONFIG}
-     # disable ipv6 support in nginx for pages
-     if [[ ${GITLAB_PAGES_ENABLED} == true ]]; then
-       sed -i \
-         -e "/listen \[::\]:80/d" \
-         -e "/listen \[::\]:443/d" \
-         ${GITLAB_PAGES_NGINX_CONFIG}
-     fi
-   fi
- }
+nginx_configure_gitlab_ipv6() {
+  if [[ ! -f /proc/net/if_inet6 ]]; then
+    # disable ipv6 support in nginx for gitlab
+    sed -i \
+      -e "/listen \[::\]:80/d" \
+      -e "/listen \[::\]:443/d" \
+      ${GITLAB_NGINX_CONFIG}
+    # disable ipv6 support in nginx for pages
+    if [[ ${GITLAB_PAGES_ENABLED} == true ]]; then
+      if [[ ${GITLAB_PAGES_NGINX_PROXY} == true ]]; then
+        sed -i \
+          -e "/listen \[::\]:80/d" \
+          -e "/listen \[::\]:443/d" \
+          ${GITLAB_PAGES_NGINX_CONFIG}
+      fi
+    fi
+  fi
+}

 nginx_configure_gitlab_real_ip() {
  if [[ ${NGINX_REAL_IP_RECURSIVE} == on && \
@ -1199,21 +1201,26 @@ nginx_configure_pages(){
  local GITLAB_PAGES_DOMAIN=$(echo $GITLAB_PAGES_DOMAIN | sed 's/\./\\\\./g')
  if [[ ${GITLAB_PAGES_ENABLED} == true ]]; then
    echo "Configuring nginx::gitlab-pages..."
-    if [[ ${GITLAB_PAGES_HTTPS} == true ]]; then
-      update_template ${GITLAB_PAGES_NGINX_CONFIG} \
-        GITLAB_PORT \
-        GITLAB_PAGES_DOMAIN \
-        GITLAB_PAGES_PORT \
-        GITLAB_LOG_DIR \
-        GITLAB_PAGES_DOMAIN \
-        SSL_PAGES_CERT_PATH \
-        SSL_PAGES_KEY_PATH \
-        SSL_DHPARAM_PATH \
-        GITLAB_LOG_DIR
-    else
-      update_template ${GITLAB_PAGES_NGINX_CONFIG} \
-        GITLAB_PAGES_DOMAIN \
-        GITLAB_LOG_DIR
+    if [[ ${GITLAB_PAGES_NGINX_PROXY} == true ]]; then
+      if [[ ${GITLAB_PAGES_HTTPS} == true ]]; then
+        update_template ${GITLAB_PAGES_NGINX_CONFIG} \
+          GITLAB_PORT \
+          GITLAB_PAGES_DOMAIN \
+          GITLAB_PAGES_PORT \
+          GITLAB_LOG_DIR \
+          GITLAB_PAGES_DOMAIN \
+          SSL_PAGES_CERT_PATH \
+          SSL_PAGES_KEY_PATH \
+          SSL_DHPARAM_PATH \
+          GITLAB_LOG_DIR
+      else
+        update_template ${GITLAB_PAGES_NGINX_CONFIG} \
+          GITLAB_PAGES_DOMAIN \
+          GITLAB_LOG_DIR
+      fi
+    else 
+      echo "Gitlab pages nginx proxy disabled"
+      echo "Assuming custom domain setup with own HTTP(S) load balancer'"
    fi
  fi
 }
@ -1479,11 +1486,21 @@ install_configuration_templates() {
  ## ${GITLAB_PAGES_NGINX_CONFIG}
  if [[ ${GITLAB_PAGES_ENABLED} == true ]]; then
    if [[ ${GITLAB_PAGES_HTTPS} == true && -f ${SSL_PAGES_CERT_PATH} && -f ${SSL_PAGES_KEY_PATH} ]]; then
-      install_template root: nginx/gitlab-pages-ssl ${GITLAB_PAGES_NGINX_CONFIG}
+      if [[ ${GITLAB_PAGES_NGINX_PROXY} == true ]]; then
+        install_template root: nginx/gitlab-pages-ssl ${GITLAB_PAGES_NGINX_CONFIG}
+      else
+        echo "Gitlab pages nginx proxy disabled"
+        echo "Assuming custom domain setup with own HTTP(S) load balancer'"
+      fi
    else
-      echo "SSL Key, SSL Certificate were not found."
-      echo "Assuming that the container is running behind a HTTPS enabled load balancer."
-      install_template root: nginx/gitlab-pages ${GITLAB_PAGES_NGINX_CONFIG}
+      if [[ ${GITLAB_PAGES_NGINX_PROXY} == true ]]; then
+        echo "SSL Key, SSL Certificate were not found."
+        echo "Assuming that the container is running behind a HTTPS enabled load balancer."
+        install_template root: nginx/gitlab-pages ${GITLAB_PAGES_NGINX_CONFIG}
+      else
+        echo "Gitlab pages nginx proxy disabled"
+        echo "Assuming custom domain setup with own HTTP(S) load balancer'"
+      fi
    fi
  fi