Question: inserting custom nginx config with nginx['custom_gitlab_server_config'] in omnibus installation
Summary:
I'm trying to add CORS support to my 9.0.2 omnibus installation by adding custom nginx code to the gitlab server config.
Based on the docs I can do so using the nginx['custom_gitlab_server_config']
key.
Trying to add custom nginx config to the root:
nginx['custom_gitlab_server_config'] = "location ^~ / {\ninclude /etc/gitlab/nginx_cors_mixin.conf;\n}\n"
causes gitlab-ctl reconfigure
to fail (can't start nginx) and this error appears in /var/log/gitlab/nginx/error.log
:
[emerg] 10097#0: duplicate location "/" in /var/opt/gitlab/nginx/conf/gitlab-http.conf:106
Trying A Specific Location
Alternatively, if I do set a not-already-defined location, then everything under that location simply fails to load with a 404 error. For example:
nginx['custom_gitlab_server_config'] = "location ^~ /dummy-namespace {\ninclude /etc/gitlab/nginx_cors_mixin.conf;\n}\n"
causes http://gitlab.my.company/dummy-namespace
to load OK, but http://gitlab.my.company/dummy-namespace/proj1
and http://gitlab.my.company/dummy-namespace/proj2
to return 404.
Other thoughts:
- I have verified that the nginx config injection works by checking
/var/opt/gitlab/nginx/conf/gitlab-http.conf
.
nginx_cors_mixin.conf
#
# Enable CORS header support
#
# Taken without shame from
# https://gist.github.com/Stanback/7145487
#
# For testing, we'll only allow CORS from:
# + 192.168.11.30
set $cors '';
if ($http_origin ~ '^http://192\.168\.11\.30$') {
set $cors 'true';
}
if ($cors = 'true') {
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
# required to be able to read Authorization header in frontend
#add_header 'Allow-Control-Expose-Headers' 'Authorization' always;
}
if ($request_method = 'OPTIONS') {
# Tell the client that this pre-flight info is valid for 20 days
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}