plesk 服务器上的 Gitlab 错误 502

tag-icon tag-icon nginx gitlab plesk
plesk 服务器上的 Gitlab 错误 502

在运行 CentOS 6.8 和 Plesk 12.0.18 的 VPS 上,我安装了 Gitlab Omnibus 8.12.7 - 经过一些配置后,它就可以很好地用于 Plesk 和 Git(我可以访问 plesk 和它管理的网站,并在 git 服务器上推送/拉取)。我只需要将 Gitlab 配置为不与捆绑的 nginx 一起运行。

问题是我无法访问 Gitlab,我从 Gitlab 收到 502 错误页面。

以下是配置.rb文件:

external_url 'https://git.mydomain.fr'

gitlab_workhorse['enable'] = true
gitlab_workhorse['listen_network'] = "tcp"
gitlab_workhorse['listen_umask'] = 000
gitlab_workhorse['listen_addr'] = "localhost:8181"
gitlab_workhorse['auth_backend'] = "http://localhost:8081"

unicorn['port'] = 8081

web_server['external_users'] = ['vps_admin']

nginx['enable'] = false
nginx['redirect_http_to_https'] = true

gitlab_pages['enable'] = false

gitlab_rails['git_timeout'] = 600
nginx['keepalive_timeout'] = 300
unicorn['worker_timeout'] = 300

未引用的配置行仅被注释。

使用该设置(运行后gitlab-ctl reconfigure,重新启动服务器)我看到 Unicorn / Workhorse / git 在正确的端口号上运行,并且没有出现错误消息(gitlab-ctl tail没有显示任何错误)。

我创建了git.mydomain.fr在Plesk中配置vhost,并在nginx设置中进行如下配置:

location /uploads/ {
    gzip off;

    proxy_read_timeout      300;
    proxy_connect_timeout   300;
    proxy_redirect          off;

    proxy_set_header    Host                $http_host;
    proxy_set_header    X-Real-IP           $remote_addr;
    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
    proxy_set_header    X-Forwarded-Proto   $scheme;
    proxy_set_header    X-Frame-Options     SAMEORIGIN;

    proxy_pass http://gitlab;
}

location @gitlab {
    gzip off;

    proxy_read_timeout      300;
    proxy_connect_timeout   300;
    proxy_redirect          off;

    proxy_set_header    Host                $http_host;
    proxy_set_header    X-Real-IP           $remote_addr;
    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
    proxy_set_header    X-Forwarded-Proto   $scheme;
    proxy_set_header    X-Frame-Options     SAMEORIGIN;

    proxy_pass http://gitlab;
}

location ~ ^/[\w\.-]+/[\w\.-]+/gitlab-lfs/objects {
    client_max_body_size 0;
    error_page 418 = @gitlab-workhorse;
    return 418;
}

location ~ ^/[\w\.-]+/[\w\.-]+/(info/refs|git-upload-pack|git-receive-pack)$ {
    client_max_body_size 0;
    error_page 418 = @gitlab-workhorse;
    return 418;
}

location ~ ^/[\w\.-]+/[\w\.-]+/repository/archive {
    client_max_body_size 0;
    error_page 418 = @gitlab-workhorse;
    return 418;
}

location ~ ^/api/v3/projects/.*/repository/archive {
    client_max_body_size 0;
    error_page 418 = @gitlab-workhorse;
    return 418;
}

location ~ ^/[\w\.-]+/[\w\.-]+/builds/download {
    client_max_body_size 0;
    error_page 418 = @gitlab-workhorse;
    return 418;
}

location ~ /ci/api/v1/builds/[0-9]+/artifacts {
    client_max_body_size 0;
    error_page 418 = @gitlab-workhorse;
    return 418;
}

location @gitlab-workhorse {
    client_max_body_size 0;

    proxy_read_timeout      300;
    proxy_connect_timeout   300;
    proxy_redirect          off;

    proxy_buffering off;
    proxy_set_header    Host                $http_host;
    proxy_set_header    X-Real-IP           $remote_addr;
    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
    proxy_set_header    X-Forwarded-Proto   $scheme;

    proxy_pass http://gitlab-workhorse;
}

location ~ ^/(assets)/ {
    root /opt/gitlab/embedded/service/gitlab-rails/public;
    gzip_static on; # to serve pre-gzipped version
    expires max;
    add_header Cache-Control public;
}

location ~ / {
    root /opt/gitlab/embedded/service/gitlab-rails/public;
    try_files $uri $uri/index.html $uri.html @gitlab;
}

error_page 500 /500.html;
error_page 502 /502.html;
error_page 503 /503.html;
error_page 404 /404.html;
error_page 422 /422.html;

并采用以下 Apache 设置:

ServerAdmin [email protected]
ServerName git.mydomain.fr
DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
<Directory /opt/gitlab/embedded/service/gitlab-rails/public>
    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
    Options -MultiViews
</Directory>

ErrorLog logs/ssl_git_error.log
LogLevel debug
CustomLog logs/ssl_git_access.log combined

内容如下/etc/nginx/conf.d/gitlab.conf

upstream gitlab {
  server unix:/var/opt/gitlab/gitlab-rails/sockets/gitlab.socket fail_timeout=0;
}

upstream gitlab-workhorse {
    server localhost:8181;
    #server unix:/var/opt/gitlab/gitlab-rails/sockets/gitlab-workhorse.socket fail_timeout=0;
}

有人知道这里可能出了什么问题吗? RAM 正常(我有 3GB),日志中没有显示任何错误... 访问 gitlab 时仅出现 502 错误。

答案1

我遇到了完全相同的问题。这是因为 webuser 无权访问 gitlab-socket。禁用内置 nginx 时,必须将外部 web 用户添加到 gitlab-www 组。操作如下:

步骤 1:编辑 /etc/gitlab/gitlab.rb 文件。找到以下行(注释掉的请取消注释):

web_server['external_users'] = []

我在 plesk 中添加了与我的 gitlab 域 (xxxx) 以及 nginx、apache 和 git 关联的用户。所以我的看起来像这样(其中 xxxx 是此域的用户):

web_server['external_users'] = ['xxxx', 'nginx', 'git', 'apache']

第 2 步:重新配置

gitlab-ctl reconfigure

相关内容