...
 
Commits (1)
...@@ -3,14 +3,30 @@ ...@@ -3,14 +3,30 @@
The configuration files in this directory were tested with GitLab 8.1. For The configuration files in this directory were tested with GitLab 8.1. For
versions of GitLab older than 8.0, check the `apache-old` branch. versions of GitLab older than 8.0, check the `apache-old` branch.
## Installations from source
If you are using Apache version 2.4 or above, please use files If you are using Apache version 2.4 or above, please use files
[gitlab-apache24.conf](gitlab-apache24.conf) or [gitlab-ssl-apache24.conf](gitlab-ssl-apache24.conf) [gitlab-apache24.conf](gitlab-apache24.conf) or [gitlab-ssl-apache24.conf](gitlab-ssl-apache24.conf)
for the HTTP and HTTPS versions of the vhost repectively. for the HTTP and HTTPS versions of the vhost repectively.
If you are using Apache version 2.2 or above, please use files If you are using Apache version 2.2, please use files
[gitlab-apache22.conf](gitlab-apache22.conf) or [gitlab-ssl-apache22.conf](gitlab-ssl-apache22.conf) [gitlab-apache22.conf](gitlab-apache22.conf) or [gitlab-ssl-apache22.conf](gitlab-ssl-apache22.conf)
for the HTTP and HTTPS versions of the vhost repectively. for the HTTP and HTTPS versions of the vhost repectively.
To allow `gitlab-git-http-server` to listen on port 8181, edit or create
`/etc/default/gitlab` and change or add the following:
```
gitlab_git_http_server_options="-listenUmask 0 -listenNetwork tcp -listenAddr 127.0.0.1:8181 -authBackend http://127.0.0.1:8080"
```
## Installations unsing the Omnibus packages
[Omnibus packages][] use their own bundled Nginx server. If you want to use your
own external Apache server, follow the steps to [configure GitLab][omnibuswebext].
In the last step you will need to download the config from this repository.
# RHEL6/CentOS6 recommendations # RHEL6/CentOS6 recommendations
Most of the settings below were tested on CentOS 6, but are probably applicable Most of the settings below were tested on CentOS 6, but are probably applicable
...@@ -214,3 +230,5 @@ to better understand it. ...@@ -214,3 +230,5 @@ to better understand it.
[sock]: http://httpd.apache.org/docs/2.2/mod/mod_proxy.html [sock]: http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
[reports]: https://github.com/gitlabhq/gitlabhq/issues/5139 [reports]: https://github.com/gitlabhq/gitlabhq/issues/5139
[digiocean]: https://www.digitalocean.com/community/tutorials/how-to-get-started-with-mod_pagespeed-with-apache-on-an-ubuntu-and-debian-cloud-server [digiocean]: https://www.digitalocean.com/community/tutorials/how-to-get-started-with-mod_pagespeed-with-apache-on-an-ubuntu-and-debian-cloud-server
[Omnibus packages]: https://about.gitlab.com/downloads/
[omnibuswebext]: http://doc.gitlab.com/omnibus/settings/nginx.html#using-a-non-bundled-web-server
# This configuration has been tested on GitLab 8.1 # This configuration has been tested on GitLab 8.1
# Note this config assumes unicorn is listening on default port 8080 and gitlab-git-http-server is listening on port 8181. # Note this config assumes unicorn is listening on default port 8080 and gitlab-git-http-server is listening on port 8181.
# To allow gitlab-git-http-server to listen on port 8181, edit or create /etc/default/gitlab and change or add the following: # To allow gitlab-git-http-server to listen on port 8181, edit or create /etc/default/gitlab and change or add the following:
# gitlab_git_http_server_options="-listenUmask 0 -listenNetwork tcp -listenAddr localhost:8181 -authBackend http://127.0.0.1:8080" # gitlab_git_http_server_options="-listenUmask 0 -listenNetwork tcp -listenAddr 127.0.0.1:8181 -authBackend http://127.0.0.1:8080"
#Module dependencies #Module dependencies
# mod_rewrite # mod_rewrite
...@@ -9,7 +9,7 @@ ...@@ -9,7 +9,7 @@
# mod_proxy_http # mod_proxy_http
# HTTP Configuration # HTTP Configuration
<VirtualHost *:80> <VirtualHost *:80>
ServerName gitlab.example.com ServerName YOUR_SERVER_FQDN
ServerSignature Off ServerSignature Off
ProxyPreserveHost On ProxyPreserveHost On
...@@ -26,7 +26,7 @@ ...@@ -26,7 +26,7 @@
ProxyPassReverse http://127.0.0.1:8181 ProxyPassReverse http://127.0.0.1:8181
#Allow forwarding to GitLab Rails app (Unicorn) #Allow forwarding to GitLab Rails app (Unicorn)
ProxyPassReverse http://127.0.0.1:8080 ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse http://gitlab.example.com/ ProxyPassReverse http://YOUR_SERVER_FQDN/
</Location> </Location>
#apache equivalent of nginx try files #apache equivalent of nginx try files
...@@ -57,9 +57,9 @@ ...@@ -57,9 +57,9 @@
# For Debian distributions you might want to change this to # For Debian distributions you might want to change this to
# /var/log/apache2. # /var/log/apache2.
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/gitlab.example.com_error.log ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
CustomLog /var/log/httpd/logs/gitlab.example.com_forwarded.log common_forwarded CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/gitlab.example.com_access.log combined env=!dontlog CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/gitlab.example.com.log combined CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
</VirtualHost> </VirtualHost>
# This configuration has been tested on GitLab 8.0.0 # This configuration has been tested on GitLab 8.1
# Note this config assumes unicorn is listening on default port 8080 and gitlab-git-http-server is listening on port 8181. # Note this config assumes unicorn is listening on default port 8080 and gitlab-git-http-server is listening on port 8181.
# To allow gitlab-git-http-server to listen on port 8181, edit or create /etc/default/gitlab and change or add the following: # To allow gitlab-git-http-server to listen on port 8181, edit or create /etc/default/gitlab and change or add the following:
# gitlab_git_http_server_options="-listenUmask 0 -listenNetwork tcp -listenAddr localhost:8181 -authBackend http://127.0.0.1:8080" # gitlab_git_http_server_options="-listenUmask 0 -listenNetwork tcp -listenAddr 127.0.0.1:8181 -authBackend http://127.0.0.1:8080"
#Module dependencies #Module dependencies
# mod_rewrite # mod_rewrite
......
# This configuration has been tested on GitLab 8.1
# Note this config assumes unicorn is listening on default port 8080 and
# gitlab-git-http-server is listening on port 8181. To allow gitlab-git-http-server to
# listen on port 8181, edit /etc/gitlab/gitlab.rb and change the following:
#
# gitlab_git_http_server['listen_network'] = "tcp"
# gitlab_git_http_server['listen_addr'] = "127.0.0.1:8181"
#
#Module dependencies
# mod_rewrite
# mod_proxy
# mod_proxy_http
# HTTP Configuration
<VirtualHost *:80>
ServerName YOUR_SERVER_FQDN
ServerSignature Off
ProxyPreserveHost On
# Ensure that encoded slashes are not decoded but left in their encoded state.
# http://doc.gitlab.com/ce/api/projects.html#get-single-project
AllowEncodedSlashes NoDecode
<Location />
Order deny,allow
Allow from all
#Allow forwarding to gitlab-git-http-server
ProxyPassReverse http://127.0.0.1:8181
#Allow forwarding to GitLab Rails app (Unicorn)
ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse http://YOUR_SERVER_FQDN/
</Location>
#apache equivalent of nginx try files
# http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
# http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
RewriteEngine on
#Forward these requests to gitlab-git-http-server
RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/repository/archive.* [OR]
RewriteCond %{REQUEST_URI} ^/api/v3/projects/.*/repository/archive.* [OR]
RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/(info/refs|git-upload-pack|git-receive-pack)$
RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
#Forward any other requests to GitLab Rails app (Unicorn)
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} ^/uploads
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA,NE]
# needed for downloading attachments
DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
# It is assumed that the log directory is in /var/log/httpd.
# For Debian distributions you might want to change this to
# /var/log/apache2.
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
</VirtualHost>
# This configuration has been tested on GitLab 8.1
# Note this config assumes unicorn is listening on default port 8080 and
# gitlab-git-http-server is listening on port 8181. To allow gitlab-git-http-server to
# listen on port 8181, edit /etc/gitlab/gitlab.rb and change the following:
#
# gitlab_git_http_server['listen_network'] = "tcp"
# gitlab_git_http_server['listen_addr'] = "127.0.0.1:8181"
#
#Module dependencies
# mod_rewrite
# mod_proxy
# mod_proxy_http
<VirtualHost *:80>
ServerName YOUR_SERVER_FQDN
ServerSignature Off
ProxyPreserveHost On
# Ensure that encoded slashes are not decoded but left in their encoded state.
# http://doc.gitlab.com/ce/api/projects.html#get-single-project
AllowEncodedSlashes NoDecode
<Location />
# New authorization commands for apache 2.4 and up
# http://httpd.apache.org/docs/2.4/upgrading.html#access
Require all granted
#Allow forwarding to gitlab-git-http-server
ProxyPassReverse http://127.0.0.1:8181
#Allow forwarding to GitLab Rails app (Unicorn)
ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse http://YOUR_SERVER_FQDN/
</Location>
#apache equivalent of nginx try files
# http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
# http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
RewriteEngine on
#Forward these requests to gitlab-git-http-server
RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/repository/archive.* [OR]
RewriteCond %{REQUEST_URI} ^/api/v3/projects/.*/repository/archive.* [OR]
RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/(info/refs|git-upload-pack|git-receive-pack)$
RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
#Forward any other requests to GitLab Rails app (Unicorn)
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} ^/uploads
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA,NE]
# needed for downloading attachments
DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
# It is assumed that the log directory is in /var/log/httpd.
# For Debian distributions you might want to change this to
# /var/log/apache2.
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
</VirtualHost>
# This configuration has been tested on GitLab 8.1
# Note this config assumes unicorn is listening on default port 8080 and
# gitlab-git-http-server is listening on port 8181. To allow gitlab-git-http-server to
# listen on port 8181, edit /etc/gitlab/gitlab.rb and change the following:
#
# gitlab_git_http_server['listen_network'] = "tcp"
# gitlab_git_http_server['listen_addr'] = "127.0.0.1:8181"
#
#Module dependencies
# mod_rewrite
# mod_ssl
# mod_proxy
# mod_proxy_http
# mod_headers
# This section is only needed if you want to redirect http traffic to https.
# You can live without it but clients will have to type in https:// to reach gitlab.
<VirtualHost *:80>
ServerName YOUR_SERVER_FQDN
ServerSignature Off
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
#strong encryption ciphers only
#see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
SSLProtocol all -SSLv2
SSLHonorCipherOrder on
SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
SSLCompression Off
SSLCertificateFile /etc/pki/tls/certs/YOUR_SERVER_FQDN.crt
SSLCertificateKeyFile /etc/pki/tls/private/YOUR_SERVER_FQDN.key
SSLCACertificateFile /etc/pki/tls/certs/YOUR_SERVER_FQDN.ca-bundle.crt
ServerName YOUR_SERVER_FQDN
ServerSignature Off
ProxyPreserveHost On
# Ensure that encoded slashes are not decoded but left in their encoded state.
# http://doc.gitlab.com/ce/api/projects.html#get-single-project
AllowEncodedSlashes NoDecode
<Location />
Order deny,allow
Allow from all
#Allow forwarding to gitlab-git-http-server
ProxyPassReverse http://127.0.0.1:8181
#Allow forwarding to GitLab Rails app (Unicorn)
ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse http://YOUR_SERVER_FQDN/
</Location>
# Apache equivalent of nginx try files
# http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
# http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
RewriteEngine on
#Forward these requests to gitlab-git-http-server
RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/repository/archive.* [OR]
RewriteCond %{REQUEST_URI} ^/api/v3/projects/.*/repository/archive.* [OR]
RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/(info/refs|git-upload-pack|git-receive-pack)$
RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
#Forward any other requests to GitLab Rails app (Unicorn)
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} ^/uploads
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA,NE]
RequestHeader set X_FORWARDED_PROTO 'https'
RequestHeader set X-Forwarded-Ssl on
# needed for downloading attachments
DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
# It is assumed that the log directory is in /var/log/httpd.
# For Debian distributions you might want to change this to
# /var/log/apache2.
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
</VirtualHost>
# This configuration has been tested on GitLab 8.1
# Note this config assumes unicorn is listening on default port 8080 and
# gitlab-git-http-server is listening on port 8181. To allow gitlab-git-http-server to
# listen on port 8181, edit /etc/gitlab/gitlab.rb and change the following:
#
# gitlab_git_http_server['listen_network'] = "tcp"
# gitlab_git_http_server['listen_addr'] = "127.0.0.1:8181"
#
#Module dependencies
# mod_rewrite
# mod_ssl
# mod_proxy
# mod_proxy_http
# mod_headers
# This section is only needed if you want to redirect http traffic to https.
# You can live without it but clients will have to type in https:// to reach gitlab.
<VirtualHost *:80>
ServerName YOUR_SERVER_FQDN
ServerSignature Off
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
#strong encryption ciphers only
#see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
SSLProtocol all -SSLv2
SSLHonorCipherOrder on
SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
SSLCompression Off
SSLCertificateFile /etc/httpd/ssl.crt/YOUR_SERVER_FQDN.crt
SSLCertificateKeyFile /etc/httpd/ssl.key/YOUR_SERVER_FQDN.key
SSLCACertificateFile /etc/httpd/ssl.crt/your-ca.crt
ServerName YOUR_SERVER_FQDN
ServerSignature Off
ProxyPreserveHost On
# Ensure that encoded slashes are not decoded but left in their encoded state.
# http://doc.gitlab.com/ce/api/projects.html#get-single-project
AllowEncodedSlashes NoDecode
<Location />
# New authorization commands for apache 2.4 and up
# http://httpd.apache.org/docs/2.4/upgrading.html#access
Require all granted
#Allow forwarding to gitlab-git-http-server
ProxyPassReverse http://127.0.0.1:8181
#Allow forwarding to GitLab Rails app (Unicorn)
ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse http://YOUR_SERVER_FQDN/
</Location>
# Apache equivalent of nginx try files
# http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
# http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
RewriteEngine on
#Forward these requests to gitlab-git-http-server
RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/repository/archive.* [OR]
RewriteCond %{REQUEST_URI} ^/api/v3/projects/.*/repository/archive.* [OR]
RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/(info/refs|git-upload-pack|git-receive-pack)$
RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
#Forward any other requests to GitLab Rails app (Unicorn)
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} ^/uploads
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA,NE]
RequestHeader set X_FORWARDED_PROTO 'https'
RequestHeader set X-Forwarded-Ssl on
# needed for downloading attachments
DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
# It is assumed that the log directory is in /var/log/httpd.
# For Debian distributions you might want to change this to
# /var/log/apache2.
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/YOUR_SERVER_FQDN_error.log
CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/YOUR_SERVER_FQDN.log combined
</VirtualHost>
# This configuration has been tested on GitLab 8.1 # This configuration has been tested on GitLab 8.1
# Note this config assumes unicorn is listening on default port 8080 and gitlab-git-http-server is listening on port 8181. # Note this config assumes unicorn is listening on default port 8080 and gitlab-git-http-server is listening on port 8181.
# To allow gitlab-git-http-server to listen on port 8181, edit or create /etc/default/gitlab and change or add the following: # To allow gitlab-git-http-server to listen on port 8181, edit or create /etc/default/gitlab and change or add the following:
# gitlab_git_http_server_options="-listenUmask 0 -listenNetwork tcp -listenAddr localhost:8181 -authBackend http://127.0.0.1:8080" # gitlab_git_http_server_options="-listenUmask 0 -listenNetwork tcp -listenAddr 127.0.0.1:8181 -authBackend http://127.0.0.1:8080"
#Module dependencies #Module dependencies
# mod_rewrite # mod_rewrite
......
# This configuration has been tested on GitLab 8.1 # This configuration has been tested on GitLab 8.1
# Note this config assumes unicorn is listening on default port 8080 and gitlab-git-http-server is listening on port 8181. # Note this config assumes unicorn is listening on default port 8080 and gitlab-git-http-server is listening on port 8181.
# To allow gitlab-git-http-server to listen on port 8181, edit or create /etc/default/gitlab and change or add the following: # To allow gitlab-git-http-server to listen on port 8181, edit or create /etc/default/gitlab and change or add the following:
# gitlab_git_http_server_options="-listenUmask 0 -listenNetwork tcp -listenAddr localhost:8181 -authBackend http://127.0.0.1:8080" # gitlab_git_http_server_options="-listenUmask 0 -listenNetwork tcp -listenAddr 127.0.0.1:8181 -authBackend http://127.0.0.1:8080"
#Module dependencies #Module dependencies
# mod_rewrite # mod_rewrite
......
## Nginx config moved to official repository ## Nginx config moved to official repository
You can find the nginx config in [GitLab official repository][gitlab]. You can find the nginx config in [GitLab official repository][gitlab] which can
be used for source installations.
## Omnibus configs
[Omnibus packages][] use their own bundled nginx server. If you want to use your
own external Nginx server, follow the first 3 steps to
[configure GitLab][omnibusnginxext] and then download the appropriate config
file (ssl or non-ssl) from this directory.
After placing the configs in their appropriate location
(read [Different conf directories](#different-conf-directories)), make sure to
restart Nginx.
## CentOS related Nginx notes ## CentOS related Nginx notes
### Different conf directories ### Different conf directories
If nginx is installed through the package manager, adjust sites in `/etc/nginx/conf.d/` If nginx is installed through the package manager, adjust sites in `/etc/nginx/conf.d/`
instead of `/etc/nginx/sites-available/` or create those directories and tell `nginx` instead of `/etc/nginx/sites-available/` or create those directories and tell `nginx`
to monitor them: to monitor them:
...@@ -31,3 +43,5 @@ or replace the default `nginx` user with `git` and group `root` in `/etc/nginx/n ...@@ -31,3 +43,5 @@ or replace the default `nginx` user with `git` and group `root` in `/etc/nginx/n
user git root; user git root;
[gitlab]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/support/nginx "Nginx config for GitLab" [gitlab]: https://gitlab.com/gitlab-org/gitlab-ce/tree/master/lib/support/nginx "Nginx config for GitLab"
[Omnibus packages]: https://about.gitlab.com/downloads/
[omnibusnginxext]: http://doc.gitlab.com/omnibus/settings/nginx.html#using-a-non-bundled-web-server