From 234605dbc1f90a464a410a01c07cfede9683ec09 Mon Sep 17 00:00:00 2001 From: ian Date: Wed, 22 Mar 2017 22:09:42 +0900 Subject: [PATCH 1/2] Remove ipv6only directive from listen parameter in nginx config for pages --- assets/runtime/config/nginx/gitlab-pages | 4 ++-- assets/runtime/config/nginx/gitlab-pages-ssl | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/assets/runtime/config/nginx/gitlab-pages b/assets/runtime/config/nginx/gitlab-pages index 8a11ca2f..6f2978dd 100644 --- a/assets/runtime/config/nginx/gitlab-pages +++ b/assets/runtime/config/nginx/gitlab-pages @@ -3,7 +3,7 @@ ## Pages serving host server { listen 0.0.0.0:80; - listen [::]:80 ipv6only=on; + listen [::]:80; ## Replace this with something like pages.gitlab.com server_name ~^.*{{GITLAB_PAGES_DOMAIN}}; ## Individual nginx logs for GitLab pages @@ -20,4 +20,4 @@ server { # Define custom error pages error_page 403 /403.html; error_page 404 /404.html; -} \ No newline at end of file +} diff --git a/assets/runtime/config/nginx/gitlab-pages-ssl b/assets/runtime/config/nginx/gitlab-pages-ssl index 49414492..6b7b10cb 100644 --- a/assets/runtime/config/nginx/gitlab-pages-ssl +++ b/assets/runtime/config/nginx/gitlab-pages-ssl @@ -8,7 +8,7 @@ server { ## to be served if you visit any address that your server responds to, eg. ## the ip address of the server (http://x.x.x.x/) listen 0.0.0.0:80; - listen [::]:80 ipv6only=on; + listen [::]:80; ## Replace this with something like pages.gitlab.com server_name ~^.*{{GITLAB_PAGES_DOMAIN}}; @@ -74,4 +74,4 @@ server { # Define custom error pages error_page 403 /403.html; error_page 404 /404.html; -} \ No newline at end of file +} From 7ae13a0a19b99439fa55b6ce4014b82a4f614bb7 Mon Sep 17 00:00:00 2001 From: ian Date: Wed, 22 Mar 2017 22:14:46 +0900 Subject: [PATCH 2/2] Fix incomplete generation of pages nginx config. Fixes #1127 --- assets/runtime/config/nginx/gitlab-pages-ssl | 4 ++-- assets/runtime/functions | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/assets/runtime/config/nginx/gitlab-pages-ssl b/assets/runtime/config/nginx/gitlab-pages-ssl index 6b7b10cb..9eaa3244 100644 --- a/assets/runtime/config/nginx/gitlab-pages-ssl +++ b/assets/runtime/config/nginx/gitlab-pages-ssl @@ -32,8 +32,8 @@ server { ## Strong SSL Security ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & https://cipherli.st/ ssl on; - ssl_certificate {{SSL_CERTIFICATE_PATH}}; - ssl_certificate_key {{SSL_KEY_PATH}}; + ssl_certificate {{SSL_PAGES_CERT_PATH}}; + ssl_certificate_key {{SSL_PAGES_KEY_PATH}}; # GitLab needs backwards compatible ciphers to retain compatibility with Java IDEs ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; diff --git a/assets/runtime/functions b/assets/runtime/functions index 090bb241..9db79ebf 100644 --- a/assets/runtime/functions +++ b/assets/runtime/functions @@ -1022,6 +1022,7 @@ nginx_configure_pages(){ echo "Configuring nginx::gitlab-pages..." if [[ ${GITLAB_PAGES_HTTPS} == true ]]; then update_template ${GITLAB_PAGES_NGINX_CONFIG} \ + GITLAB_PORT \ GITLAB_PAGES_DOMAIN \ GITLAB_PAGES_PORT \ GITLAB_LOG_DIR \