Difference between revisions of "Gitlab recipes"

From ElphelWiki
Jump to: navigation, search
(Nginx behind apache2 misconfiguration)
(Solution)
 
(4 intermediate revisions by the same user not shown)
Line 12: Line 12:
 
  <font size='1em'>gitlab bind() to 0.0.0.0:80 failed (98: Address already in use)</font>
 
  <font size='1em'>gitlab bind() to 0.0.0.0:80 failed (98: Address already in use)</font>
  
Also, running '''gitlab-ctl status''' shows that nginx keeps getting restarted
+
Also, running '''gitlab-ctl status''' shows that nginx is getting restarted:
 
  <font size='1em'>run: gitaly: (pid 22266) 938s; run: log: (pid 18631) 277569s
 
  <font size='1em'>run: gitaly: (pid 22266) 938s; run: log: (pid 18631) 277569s
 
  run: gitlab-monitor: (pid 22295) 938s; run: log: (pid 18630) 277569s
 
  run: gitlab-monitor: (pid 22295) 938s; run: log: (pid 18630) 277569s
 
  run: gitlab-workhorse: (pid 22300) 937s; run: log: (pid 18617) 277569s
 
  run: gitlab-workhorse: (pid 22300) 937s; run: log: (pid 18617) 277569s
  run: logrotate: (pid 22312) '''2s'''; run: log: (pid 18635) 277569s
+
  run: logrotate: (pid 22312) 937s; run: log: (pid 18635) 277569s
  run: nginx: (pid 23828) 731s; run: log: (pid 18629) 277569s
+
  run: nginx: (pid 23828) <font color='red'>'''2s'''</font>; run: log: (pid 18629) 277569s
 
  run: node-exporter: (pid 22394) 936s; run: log: (pid 18636) 277569s
 
  run: node-exporter: (pid 22394) 936s; run: log: (pid 18636) 277569s
 
  run: postgres-exporter: (pid 22401) 936s; run: log: (pid 18649) 277569s
 
  run: postgres-exporter: (pid 22401) 936s; run: log: (pid 18649) 277569s
Line 54: Line 54:
  
 
===Solution===
 
===Solution===
In ''/etc/gitlab/gitlab.rb'' uncommented and changed '''nginx['redirect_http_to_https_port']''' to another port
+
In ''/etc/gitlab/gitlab.rb'' uncommented and changed '''nginx['redirect_http_to_https_port']''' to another port:
 +
<font size='1em'>nginx['redirect_http_to_https_port'] = 8033</font>
 +
Then:
 +
<font size='1em'>~# gitlab-ctl reconfigure
 +
~# gitlab-ctl restart</font>

Latest revision as of 10:47, 26 February 2018

X-Frame headers

X-Frame-Options header

  • Edit: /opt/gitlab/embedded/service/gitlab-rails/app/controllers/application_controller.rb in def default_headers:
-headers['X-Frame-Options'] = 'DENY'
+headers['X-Frame-Options'] = 'ALLOW-FROM https://www.elphel.com/'
  • Restart services
gitlab-ctl restart


Nginx behind apache2 misconfiguration

Error log

gitlab bind() to 0.0.0.0:80 failed (98: Address already in use)

Also, running gitlab-ctl status shows that nginx is getting restarted:

run: gitaly: (pid 22266) 938s; run: log: (pid 18631) 277569s
run: gitlab-monitor: (pid 22295) 938s; run: log: (pid 18630) 277569s
run: gitlab-workhorse: (pid 22300) 937s; run: log: (pid 18617) 277569s
run: logrotate: (pid 22312) 937s; run: log: (pid 18635) 277569s
run: nginx: (pid 23828) 2s; run: log: (pid 18629) 277569s
run: node-exporter: (pid 22394) 936s; run: log: (pid 18636) 277569s
run: postgres-exporter: (pid 22401) 936s; run: log: (pid 18649) 277569s
run: postgresql: (pid 22406) 935s; run: log: (pid 18618) 277569s
run: prometheus: (pid 22414) 935s; run: log: (pid 18616) 277569s
run: redis: (pid 22429) 934s; run: log: (pid 18625) 277569s
run: redis-exporter: (pid 22434) 934s; run: log: (pid 18615) 277569s
run: sidekiq: (pid 22440) 933s; run: log: (pid 18626) 277569s
run: unicorn: (pid 22447) 933s; run: log: (pid 18619) 277569s

Versions

GitLab 10.5.1
GitLab Shell 6.0.3
GitLab Workhorse v3.6.0
GitLab API v4
Ruby 2.3.6p384
Rails 4.2.10
postgresql 9.6.5

Problem

  • /etc/gitlab/gitlab.rb:
# nginx['enable'] = true
# nginx['client_max_body_size'] = '250m'
# nginx['redirect_http_to_https'] = false
# nginx['redirect_http_to_https_port'] = 80

redirect_http_to_https default option is probably true or is ignored resulting in a nginx config record:

  • /var/opt/gitlab/nginx/conf/gitlab-http.conf:
server {
  listen *:80;
  ...
}

which is in conflict with Apache

Solution

In /etc/gitlab/gitlab.rb uncommented and changed nginx['redirect_http_to_https_port'] to another port:

nginx['redirect_http_to_https_port'] = 8033

Then:

~# gitlab-ctl reconfigure
~# gitlab-ctl restart