Difference between revisions of "Gitlab recipes"

From ElphelWiki
Jump to: navigation, search
(Created page with "==X-Frame-Options header== * Edit: ''/opt/gitlab/embedded/service/gitlab-rails/app/controllers/application_controller.rb'' in '''def default_headers''': -headers['X-Frame-Opt...")
 
(Solution)
 
(10 intermediate revisions by the same user not shown)
Line 1: Line 1:
==X-Frame-Options header==
+
==<font color='darkblue'>X-Frame headers</font>==
 +
===X-Frame-Options header===
 
* Edit: ''/opt/gitlab/embedded/service/gitlab-rails/app/controllers/application_controller.rb'' in '''def default_headers''':
 
* Edit: ''/opt/gitlab/embedded/service/gitlab-rails/app/controllers/application_controller.rb'' in '''def default_headers''':
 
  -headers['X-Frame-Options'] = 'DENY'
 
  -headers['X-Frame-Options'] = 'DENY'
Line 5: Line 6:
 
* Restart services
 
* Restart services
 
  gitlab-ctl restart
 
  gitlab-ctl restart
 +
 +
 +
==<font color='darkblue'>Nginx behind apache2 misconfiguration</font>==
 +
===Error log===
 +
<font size='1em'>gitlab bind() to 0.0.0.0:80 failed (98: Address already in use)</font>
 +
 +
Also, running '''gitlab-ctl status''' shows that nginx is getting restarted:
 +
<font size='1em'>run: gitaly: (pid 22266) 938s; run: log: (pid 18631) 277569s
 +
run: gitlab-monitor: (pid 22295) 938s; run: log: (pid 18630) 277569s
 +
run: gitlab-workhorse: (pid 22300) 937s; run: log: (pid 18617) 277569s
 +
run: logrotate: (pid 22312) 937s; run: log: (pid 18635) 277569s
 +
run: nginx: (pid 23828) <font color='red'>'''2s'''</font>; run: log: (pid 18629) 277569s
 +
run: node-exporter: (pid 22394) 936s; run: log: (pid 18636) 277569s
 +
run: postgres-exporter: (pid 22401) 936s; run: log: (pid 18649) 277569s
 +
run: postgresql: (pid 22406) 935s; run: log: (pid 18618) 277569s
 +
run: prometheus: (pid 22414) 935s; run: log: (pid 18616) 277569s
 +
run: redis: (pid 22429) 934s; run: log: (pid 18625) 277569s
 +
run: redis-exporter: (pid 22434) 934s; run: log: (pid 18615) 277569s
 +
run: sidekiq: (pid 22440) 933s; run: log: (pid 18626) 277569s
 +
run: unicorn: (pid 22447) 933s; run: log: (pid 18619) 277569s</font>
 +
 +
===Versions===
 +
<font size='1em'>GitLab 10.5.1
 +
GitLab Shell 6.0.3
 +
GitLab Workhorse v3.6.0
 +
GitLab API v4
 +
Ruby 2.3.6p384
 +
Rails 4.2.10
 +
postgresql 9.6.5</font>
 +
 +
===Problem===
 +
* /etc/gitlab/gitlab.rb:
 +
<font size='1em'># nginx['enable'] = true
 +
# nginx['client_max_body_size'] = '250m'
 +
# nginx['redirect_http_to_https'] = false
 +
# nginx['redirect_http_to_https_port'] = 80</font>
 +
 +
''redirect_http_to_https'' default option is probably '''true''' or is ignored resulting in a nginx config record:
 +
 +
* /var/opt/gitlab/nginx/conf/gitlab-http.conf:
 +
<font size='1em'>server {
 +
  listen *:80;
 +
  ...
 +
}</font>
 +
 +
which is in conflict with Apache
 +
 +
===Solution===
 +
In ''/etc/gitlab/gitlab.rb'' uncommented and changed '''nginx['redirect_http_to_https_port']''' to another port:
 +
<font size='1em'>nginx['redirect_http_to_https_port'] = 8033</font>
 +
Then:
 +
<font size='1em'>~# gitlab-ctl reconfigure
 +
~# gitlab-ctl restart</font>

Latest revision as of 11:47, 26 February 2018

X-Frame headers

X-Frame-Options header

  • Edit: /opt/gitlab/embedded/service/gitlab-rails/app/controllers/application_controller.rb in def default_headers:
-headers['X-Frame-Options'] = 'DENY'
+headers['X-Frame-Options'] = 'ALLOW-FROM https://www.elphel.com/'
  • Restart services
gitlab-ctl restart


Nginx behind apache2 misconfiguration

Error log

gitlab bind() to 0.0.0.0:80 failed (98: Address already in use)

Also, running gitlab-ctl status shows that nginx is getting restarted:

run: gitaly: (pid 22266) 938s; run: log: (pid 18631) 277569s
run: gitlab-monitor: (pid 22295) 938s; run: log: (pid 18630) 277569s
run: gitlab-workhorse: (pid 22300) 937s; run: log: (pid 18617) 277569s
run: logrotate: (pid 22312) 937s; run: log: (pid 18635) 277569s
run: nginx: (pid 23828) 2s; run: log: (pid 18629) 277569s
run: node-exporter: (pid 22394) 936s; run: log: (pid 18636) 277569s
run: postgres-exporter: (pid 22401) 936s; run: log: (pid 18649) 277569s
run: postgresql: (pid 22406) 935s; run: log: (pid 18618) 277569s
run: prometheus: (pid 22414) 935s; run: log: (pid 18616) 277569s
run: redis: (pid 22429) 934s; run: log: (pid 18625) 277569s
run: redis-exporter: (pid 22434) 934s; run: log: (pid 18615) 277569s
run: sidekiq: (pid 22440) 933s; run: log: (pid 18626) 277569s
run: unicorn: (pid 22447) 933s; run: log: (pid 18619) 277569s

Versions

GitLab 10.5.1
GitLab Shell 6.0.3
GitLab Workhorse v3.6.0
GitLab API v4
Ruby 2.3.6p384
Rails 4.2.10
postgresql 9.6.5

Problem

  • /etc/gitlab/gitlab.rb:
# nginx['enable'] = true
# nginx['client_max_body_size'] = '250m'
# nginx['redirect_http_to_https'] = false
# nginx['redirect_http_to_https_port'] = 80

redirect_http_to_https default option is probably true or is ignored resulting in a nginx config record:

  • /var/opt/gitlab/nginx/conf/gitlab-http.conf:
server {
  listen *:80;
  ...
}

which is in conflict with Apache

Solution

In /etc/gitlab/gitlab.rb uncommented and changed nginx['redirect_http_to_https_port'] to another port:

nginx['redirect_http_to_https_port'] = 8033

Then:

~# gitlab-ctl reconfigure
~# gitlab-ctl restart