Redirection loop (301 and ERR_TOO_MANY_REDIRECTS) when Pages is configured with namespace_in_path
Hello,
We have a problem similar to issue #452459 (closed) with a redirection loop (HTTP status code 301, endless slashes added to the URL and ERR_TOO_MANY_REDIRECTS) but we are running Gitlab and GitLab Pages version 17.0.1 with namespace_in_path enabled (= true) and auth_redirect_uri commented (= nil)
I followed the doc Pages domain with TLS support, without wildcard DNS
I also tried to set gitlab_pages['access_control'] = false or true and defined gitlab_pages['auth_redirect_uri'] = 'https://pages.example.com/auth' or nil with no effect on the problem.
gitlab.example.com is for us gittest.ourdomain.com pages.example.com is for us pagestest.ourdomain.com so similar to the doc Prerequisites from GitLab Pages in theory, this is a supported configuration "Does it work?" = "Yes" for Pages without wildcard.
REFERENCES
- When namespace_in_path is enabled and auth_redirect_uri is manually updated to non-projects url, auth flow fails same pattern "Pages then issues a redirect back to itself, adding a '/' at the end. This results in a situation of TOO_MANY_REDIRECTS, where every redirect adds a new '/' to the end of the request."
- Feedback for GitLab Pages without DNS wildcard - NGINX : "This is fixed and closed. Fix will be part of %17.0 release."
- GitLab Pages without DNS wildcard - MVC
- Remove experimental state from support for namespace in path for pages namespace_in_path which is currently in beta and was experimental until a month ago
Troubleshooting
curl https://pages.example.com
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>
curl -I https://pages.example.com
HTTP/2 301
server: nginx
date: Mon, 03 Jun 2024 09:54:29 GMT
content-type: text/html
content-length: 162
location: https://pages.example.com//
strict-transport-security: max-age=63072000
wget https://pages.example.com
--2024-06-03 11:54:56-- https://pages.example.com/
Resolving pages.example.com (pages.example.com)... 172.x.x.x
Connecting to pages.example.com (pages.example.com)|172.x.x.x|:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://pages.example.com// [following]
--2024-06-03 11:54:56-- https://pages.example.com//
Reusing existing connection to pages.example.com:443.
HTTP request sent, awaiting response... 301 Moved Permanently
...
Location: https://pages.example.com////////////////////// [following]
20 redirections exceeded.Config
vi /etc/gitlab/gitlab.rb
## GitLab URL
external_url "https://gitlab.example.com"
##! Define to enable GitLab Pages
pages_external_url 'https://pages.example.com'
pages_nginx['ssl_certificate'] = "/etc/ssl/certs/gitlab.example.com-cert-20240603.pem"
pages_nginx['ssl_certificate_key'] = "/etc/ssl/private/gitlab.example.com-key-20240603.pem"
pages_nginx['enable'] = true
pages_nginx['redirect_http_to_https'] = true
gitlab_pages['namespace_in_path'] = true
gitlab_pages['access_control'] = true
gitlab_pages['auth_redirect_uri'] = nil # Defaults to projects subdomain of pages_external_url and + '/auth'
#gitlab_pages['auth_redirect_uri'] = 'https://pages.example.com/auth'
nginx['redirect_http_to_https'] = true
##! Most root CA's are included by default
#nginx['ssl_client_certificate'] = "/etc/gitlab/ssl/ca.crt"
nginx['ssl_client_certificate'] = "/etc/ssl/certs/ca-certificates.crt"
nginx['ssl_certificate'] = "/etc/ssl/certs/gitlab.example.com-cert-20240603.pem"
nginx['ssl_certificate_key'] = "/etc/ssl/private/gitlab.example.com-key-20240603.pem"
gitlab-ctl reconfigure
gitlab-ctl restartThank you in advance for your help.