我有一台服务器,我想在它上面运行 GitLab 以及其他服务。在谷歌搜索了一段时间后,我发现我需要做一些 mod_proxy 技巧来让 Apache2 将请求转发到 GitLab。但是现在,当我尝试访问服务器上 /git 下的任何非 GitLab URL 时,我只会收到错误。我甚至无法访问我显然应该访问的 apaches 标准 index.html 页面。该服务器在 Ubuntu 14.04 LTS 下运行。gitlab 的配置文件是:
#This configuration has been tested on GitLab 6.0.0 and GitLab 6.0.1
#Note this config assumes unicorn is listening on default port 8080.
#Module dependencies
# mod_rewrite
# mod_proxy
# mod_proxy_http
<VirtualHost *:80>
ServerName lmmweb
ServerSignature Off
ProxyPreserveHost On
# Ensure that encoded slashes are not decoded but left in their encoded state.
# http://doc.gitlab.com/ce/api/projects.html#get-single-project
AllowEncodedSlashes NoDecode
<Location /git>
# New authorization commands for apache 2.4 and up
# http://httpd.apache.org/docs/2.4/upgrading.html#access
Require all granted
ProxyPassReverse http://127.0.0.1:8080
</Location>
#apache equivalent of nginx try files
# http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
# http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/git/%{REQUEST_FILENAME} !-f
RewriteRule /git/.* http: // 127.0.0.1 :8080%{REQUEST_URI} [P,QSA]
# needed for downloading attachments
DocumentRoot /home/git/gitlab/public
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/apache2/gitlab/error.log
</VirtualHost>
我很确定 RewriteRules 中一定存在故障,但找不到它。我在 RewriteRule 中为 http:// ... 添加了双空格,因为缺乏信誉导致出现一些错误。
谨此致以最诚挚的敬意并感谢您的帮助。
答案1
我找到了解决这个问题的方法:
问题是覆盖了所有其他定义的虚拟主机。我的设置需要让这个 gitlab 实例在不同的端口下运行,然后从主配置代理到这个实例。
因此我的 vhost 现在<VirtualHost:8081>和之前是Listen 8081。在我想要配置子网址的配置文件中,我添加了:
<Location /git>
ProxyPass http://mydomain:8081/git
ProxyPassReverse http://mydomain:8081/git
</Location>
答案2
巧合的是,我在看到您的答案前几分钟就解决了这个问题,但这并不是故事的结束。在创建新项目时(可能在其他地方也是如此),Gitlab 仍然会在生成的 URL 上报告http而不是https协议。例如,有人希望在反向代理传递中仅作为 localhost 访问 gitlab nginx 服务器(当使用 Omnibus 安装时,这里似乎是这种情况)。要实现这一点,您需要以下 Apache 配置:
ProxyPreserveHost On
<Location /gitlab>
ProxyPass http://localhost:8929/gitlab
ProxyPassReverse http://localhost:8929/gitlab
# Necessary so Gitlab can return https addresses on some generated URLs
RequestHeader set X-FORWARDED-PROTOCOL https
RequestHeader set X-Forwarded-Ssl on
</Location>
然后必须在 Gitlab 环境中注入以下变量,或者写入gitlab.rb,以便只能作为 localhost 访问该服务:
external_url 'http://localhost:8929/gitlab'
# nginx['listen_port'] = 80 # I use this when mapping host 8929 to 80 in docker container
nginx['listen_https'] = false
gitlab_rails['gitlab_shell_ssh_port'] = 2222
# Following is necessary otherwise Gitlab will generate git URLs pointing to localhost
gitlab_rails['gitlab_ssh_host'] = 'git.myexeternaldomain.com'