mirror of
https://github.com/sameersbn/docker-gitlab.git
synced 2026-01-18 13:58:25 +00:00
cd18eb156a
When relative_url is in used, the links to assets in the `application.css` file to not have the relative_url prefix. To fix this we proxy pass asset requests to the upstream gitlab unicorn. Fixes #521
97 lines
3.5 KiB
Plaintext
97 lines
3.5 KiB
Plaintext
## GitLab
|
|
##
|
|
## Lines starting with two hashes (##) are comments with information.
|
|
## Lines starting with one hash (#) are configuration parameters that can be uncommented.
|
|
##
|
|
##################################
|
|
## CONTRIBUTING ##
|
|
##################################
|
|
##
|
|
## If you change this file in a Merge Request, please also create
|
|
## a Merge Request on https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests
|
|
##
|
|
###################################
|
|
## configuration ##
|
|
###################################
|
|
##
|
|
## See installation.md#using-https for additional HTTPS configuration details.
|
|
|
|
upstream gitlab {
|
|
server unix:{{GITLAB_INSTALL_DIR}}/tmp/sockets/gitlab.socket fail_timeout=0;
|
|
}
|
|
|
|
upstream gitlab-workhorse {
|
|
server unix:{{GITLAB_INSTALL_DIR}}/tmp/sockets/gitlab-workhorse.socket fail_timeout=0;
|
|
}
|
|
|
|
## Normal HTTP host
|
|
server {
|
|
## Either remove "default_server" from the listen line below,
|
|
## or delete the /etc/nginx/sites-enabled/default file. This will cause gitlab
|
|
## to be served if you visit any address that your server responds to, eg.
|
|
## the ip address of the server (http://x.x.x.x/)n 0.0.0.0:80 default_server;
|
|
listen 0.0.0.0:80 default_server;
|
|
listen [::]:80 default_server;
|
|
server_name {{GITLAB_HOST}}; ## Replace this with something like gitlab.example.com
|
|
server_tokens off; ## Don't show the nginx version number, a security best practice
|
|
root {{GITLAB_INSTALL_DIR}}/public;
|
|
|
|
## See app/controllers/application_controller.rb for headers set
|
|
add_header X-Accel-Buffering {{NGINX_ACCEL_BUFFERING}};
|
|
add_header Strict-Transport-Security "max-age={{NGINX_HSTS_MAXAGE}};";
|
|
|
|
## Individual nginx logs for this GitLab vhost
|
|
access_log {{GITLAB_LOG_DIR}}/nginx/gitlab_access.log;
|
|
error_log {{GITLAB_LOG_DIR}}/nginx/gitlab_error.log;
|
|
|
|
location {{GITLAB_RELATIVE_URL_ROOT__without_trailing_slash}} {
|
|
client_max_body_size 0;
|
|
gzip off;
|
|
|
|
## https://github.com/gitlabhq/gitlabhq/issues/694
|
|
## Some requests take more than 30 seconds.
|
|
proxy_read_timeout 300;
|
|
proxy_connect_timeout 300;
|
|
proxy_redirect off;
|
|
proxy_buffering {{NGINX_PROXY_BUFFERING}};
|
|
|
|
proxy_http_version 1.1;
|
|
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto {{NGINX_X_FORWARDED_PROTO}};
|
|
|
|
proxy_pass http://gitlab-workhorse;
|
|
}
|
|
|
|
## If a static asset file is requested, then proxy passes the request to
|
|
## the upsteam (gitlab unicorn).
|
|
## As of 8.3.0 gitlab-workhorse does not properly generated the static assets
|
|
## when relative_url is used
|
|
location {{GITLAB_RELATIVE_URL_ROOT__with_trailing_slash}}assets {
|
|
try_files $uri /index.html $uri.html @gitlab;
|
|
}
|
|
|
|
location @gitlab {
|
|
## If you use HTTPS make sure you disable gzip compression
|
|
## to be safe against BREACH attack.
|
|
# gzip off;
|
|
|
|
## https://github.com/gitlabhq/gitlabhq/issues/694
|
|
## Some requests take more than 30 seconds.
|
|
proxy_read_timeout 300;
|
|
proxy_connect_timeout 300;
|
|
proxy_redirect off;
|
|
proxy_buffering {{NGINX_PROXY_BUFFERING}};
|
|
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto {{NGINX_X_FORWARDED_PROTO}};
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://gitlab;
|
|
}
|
|
}
|