Difference between revisions of "Gitlab recipes"
From ElphelWiki
(Created page with "==X-Frame-Options header== * Edit: ''/opt/gitlab/embedded/service/gitlab-rails/app/controllers/application_controller.rb'' in '''def default_headers''': -headers['X-Frame-Opt...") |
(→Solution) |
||
| (10 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | ==X-Frame-Options header== | + | ==<font color='darkblue'>X-Frame headers</font>== |
| + | ===X-Frame-Options header=== | ||
* Edit: ''/opt/gitlab/embedded/service/gitlab-rails/app/controllers/application_controller.rb'' in '''def default_headers''': | * Edit: ''/opt/gitlab/embedded/service/gitlab-rails/app/controllers/application_controller.rb'' in '''def default_headers''': | ||
-headers['X-Frame-Options'] = 'DENY' | -headers['X-Frame-Options'] = 'DENY' | ||
| Line 5: | Line 6: | ||
* Restart services | * Restart services | ||
gitlab-ctl restart | gitlab-ctl restart | ||
| + | |||
| + | |||
| + | ==<font color='darkblue'>Nginx behind apache2 misconfiguration</font>== | ||
| + | ===Error log=== | ||
| + | <font size='1em'>gitlab bind() to 0.0.0.0:80 failed (98: Address already in use)</font> | ||
| + | |||
| + | Also, running '''gitlab-ctl status''' shows that nginx is getting restarted: | ||
| + | <font size='1em'>run: gitaly: (pid 22266) 938s; run: log: (pid 18631) 277569s | ||
| + | run: gitlab-monitor: (pid 22295) 938s; run: log: (pid 18630) 277569s | ||
| + | run: gitlab-workhorse: (pid 22300) 937s; run: log: (pid 18617) 277569s | ||
| + | run: logrotate: (pid 22312) 937s; run: log: (pid 18635) 277569s | ||
| + | run: nginx: (pid 23828) <font color='red'>'''2s'''</font>; run: log: (pid 18629) 277569s | ||
| + | run: node-exporter: (pid 22394) 936s; run: log: (pid 18636) 277569s | ||
| + | run: postgres-exporter: (pid 22401) 936s; run: log: (pid 18649) 277569s | ||
| + | run: postgresql: (pid 22406) 935s; run: log: (pid 18618) 277569s | ||
| + | run: prometheus: (pid 22414) 935s; run: log: (pid 18616) 277569s | ||
| + | run: redis: (pid 22429) 934s; run: log: (pid 18625) 277569s | ||
| + | run: redis-exporter: (pid 22434) 934s; run: log: (pid 18615) 277569s | ||
| + | run: sidekiq: (pid 22440) 933s; run: log: (pid 18626) 277569s | ||
| + | run: unicorn: (pid 22447) 933s; run: log: (pid 18619) 277569s</font> | ||
| + | |||
| + | ===Versions=== | ||
| + | <font size='1em'>GitLab 10.5.1 | ||
| + | GitLab Shell 6.0.3 | ||
| + | GitLab Workhorse v3.6.0 | ||
| + | GitLab API v4 | ||
| + | Ruby 2.3.6p384 | ||
| + | Rails 4.2.10 | ||
| + | postgresql 9.6.5</font> | ||
| + | |||
| + | ===Problem=== | ||
| + | * /etc/gitlab/gitlab.rb: | ||
| + | <font size='1em'># nginx['enable'] = true | ||
| + | # nginx['client_max_body_size'] = '250m' | ||
| + | # nginx['redirect_http_to_https'] = false | ||
| + | # nginx['redirect_http_to_https_port'] = 80</font> | ||
| + | |||
| + | ''redirect_http_to_https'' default option is probably '''true''' or is ignored resulting in a nginx config record: | ||
| + | |||
| + | * /var/opt/gitlab/nginx/conf/gitlab-http.conf: | ||
| + | <font size='1em'>server { | ||
| + | listen *:80; | ||
| + | ... | ||
| + | }</font> | ||
| + | |||
| + | which is in conflict with Apache | ||
| + | |||
| + | ===Solution=== | ||
| + | In ''/etc/gitlab/gitlab.rb'' uncommented and changed '''nginx['redirect_http_to_https_port']''' to another port: | ||
| + | <font size='1em'>nginx['redirect_http_to_https_port'] = 8033</font> | ||
| + | Then: | ||
| + | <font size='1em'>~# gitlab-ctl reconfigure | ||
| + | ~# gitlab-ctl restart</font> | ||
Latest revision as of 11:47, 26 February 2018
Contents
X-Frame headers
X-Frame-Options header
- Edit: /opt/gitlab/embedded/service/gitlab-rails/app/controllers/application_controller.rb in def default_headers:
-headers['X-Frame-Options'] = 'DENY' +headers['X-Frame-Options'] = 'ALLOW-FROM https://www.elphel.com/'
- Restart services
gitlab-ctl restart
Nginx behind apache2 misconfiguration
Error log
gitlab bind() to 0.0.0.0:80 failed (98: Address already in use)
Also, running gitlab-ctl status shows that nginx is getting restarted:
run: gitaly: (pid 22266) 938s; run: log: (pid 18631) 277569s run: gitlab-monitor: (pid 22295) 938s; run: log: (pid 18630) 277569s run: gitlab-workhorse: (pid 22300) 937s; run: log: (pid 18617) 277569s run: logrotate: (pid 22312) 937s; run: log: (pid 18635) 277569s run: nginx: (pid 23828) 2s; run: log: (pid 18629) 277569s run: node-exporter: (pid 22394) 936s; run: log: (pid 18636) 277569s run: postgres-exporter: (pid 22401) 936s; run: log: (pid 18649) 277569s run: postgresql: (pid 22406) 935s; run: log: (pid 18618) 277569s run: prometheus: (pid 22414) 935s; run: log: (pid 18616) 277569s run: redis: (pid 22429) 934s; run: log: (pid 18625) 277569s run: redis-exporter: (pid 22434) 934s; run: log: (pid 18615) 277569s run: sidekiq: (pid 22440) 933s; run: log: (pid 18626) 277569s run: unicorn: (pid 22447) 933s; run: log: (pid 18619) 277569s
Versions
GitLab 10.5.1 GitLab Shell 6.0.3 GitLab Workhorse v3.6.0 GitLab API v4 Ruby 2.3.6p384 Rails 4.2.10 postgresql 9.6.5
Problem
- /etc/gitlab/gitlab.rb:
# nginx['enable'] = true # nginx['client_max_body_size'] = '250m' # nginx['redirect_http_to_https'] = false # nginx['redirect_http_to_https_port'] = 80
redirect_http_to_https default option is probably true or is ignored resulting in a nginx config record:
- /var/opt/gitlab/nginx/conf/gitlab-http.conf:
server {
listen *:80;
...
}
which is in conflict with Apache
Solution
In /etc/gitlab/gitlab.rb uncommented and changed nginx['redirect_http_to_https_port'] to another port:
nginx['redirect_http_to_https_port'] = 8033
Then:
~# gitlab-ctl reconfigure ~# gitlab-ctl restart
