我的 GitLab 在端口 9999 上运行,可以使用以下 URL 访问
http://server01.example.com:9999/(重定向至http://server01.example.com:9999/users/sign_in)
或者也可以通过以下网址直接访问 http://server01.example.com:9999/users/sign_in
我已将 nginx 配置为监听端口 443。以下是我当前的配置。
server {
client_max_body_size 40M;
listen 443;
server_name server01.example.com;
location /gitlab/ {
rewrite ^/.* http://$server_name/gitlab/users/sign_in permanent;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:9999/users/sign_in/;
proxy_redirect off;
}
}
当我尝试访问http://server01.example.com:443/gitlab/
它将被重定向到以下 URL,
http://server01.example.com/gitlab/users/sign_in
并告诉我“页面未找到错误”。 Nginx 错误日志显示以下内容。
2018/07/15 07:09:37 [error] 20300#0: *3 open() "/usr/share/nginx/html/gitlab/users/sign_in" failed (2: No such file or directory), client: xx.xxx.xxx.xxx, server: _, request: "GET /gitlab/users/sign_in HTTP/1.1", host: "server01.example.com"
更新1:
当前配置:
server {
client_max_body_size 40M;
listen 443 ssl;
server_name server01.example.com;
ssl_certificate /etc/nginx/ssl/tlscert.crt;
ssl_certificate_key /etc/nginx/ssl/private.key;
location /gitlab/ {
rewrite ^/.* https://$server_name/gitlab/users/sign_in/ permanent;
proxy_pass http://127.0.0.1:9999/;
proxy_redirect http://127.0.0.1:9999/ https://$server_name/gitlab/;
}
}
https://server01.example.com/gitlab/users/sign_in
此页面无法正常工作 server01.example.com 重定向您次数过多。请尝试清除您的 cookie。ERR_TOO_MANY_REDIRECTS
答案1
如果您指定 nginx 版本(gitlab 版本、linux 发行版和版本也不会受到影响),将会很有用。
我可能会在您的配置中进行一些调整,禁用重定向并发送代理的标头:
server {
listen 443 ssl;
server_name server01.example.com;
client_max_body_size 40M;
ssl_certificate /etc/nginx/ssl/tlscert.crt;
ssl_certificate_key /etc/nginx/ssl/private.key;
location /gitlab/ {
proxy_pass http://127.0.0.1:9999/;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
}
如果这不起作用(这取决于你的 nginx 版本)我会尝试重写一些东西,例如:
server {
listen 443 ssl;
server_name server01.example.com;
client_max_body_size 40M;
ssl_certificate /etc/nginx/ssl/tlscert.crt;
ssl_certificate_key /etc/nginx/ssl/private.key;
location /gitlab/ {
rewrite ^/gitlab(/.*)$ $1 break;
proxy_pass http://127.0.0.1:9999/;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
}
但无论如何我都会放弃重定向。我认为这是导致您出现问题的原因。
答案2
这是因为您重定向到http://,而不是https://:
rewrite ^/.* http://$server_name/gitlab/users/sign_in permanent;
此外,proxy_pass http://127.0.0.1:9999/users/sign_in/;您的/gitlab/只有登录页面。根据您的rewrite,您不会尝试这样做。您不应该有例如
server {
client_max_body_size 40M;
listen 443 ssl;
server_name server01.example.com;
# All the missing SSL configuration
location /gitlab/ {
#rewrite ^/gitlab/$ https://$server_name/gitlab/users/sign_in permanent;
proxy_pass http://127.0.0.1:9999/;
proxy_redirect http://127.0.0.1:9999/ https://$server_name/gitlab/;
}
}
GitLab 已经进行了重定向,因此rewrite可能不需要proxy_redirect。