Skip to content

nginx listen_address doesn't changed after gitlab-ctl reconfigure

I have installed gitlab-7.5.3 on CentOS 6 box

# rpm -qa | grep gitlab
gitlab-7.5.3_omnibus.5.2.1.ci-1.el6.x86_64

# cat /etc/redhat-release
CentOS release 6.6 (Final)

Current settings

external_url "https://gitlab.example.net:8443"
nginx['redirect_http_to_https'] = false
nginx['listen_address'] = '127.0.0.1'
# lsof -nP -i tcp:8443
COMMAND   PID       USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
nginx   28062       root    8u  IPv4 107868      0t0  TCP 127.0.0.1:8443 (LISTEN)
nginx   29306 gitlab-www    8u  IPv4 107868      0t0  TCP 127.0.0.1:8443 (LISTEN)
nginx   29307 gitlab-www    8u  IPv4 107868      0t0  TCP 127.0.0.1:8443 (LISTEN)

The new one

external_url "https://gitlab.example.net:8443"
nginx['redirect_http_to_https'] = false
nginx['listen_address'] = '*'

Execute reconfigure

# gitlab-ctl reconfigure
Starting Chef Client, version 11.12.2
Compiling Cookbooks...
Recipe: gitlab::default

...
...

    - update content in file /var/opt/gitlab/nginx/conf/gitlab-http.conf from 44503f to 714f21
        --- /var/opt/gitlab/nginx/conf/gitlab-http.conf 2014-12-11 18:41:28.000000000 -0500
        +++ /tmp/chef-rendered-template20141211-29353-1kz1okg   2014-12-11 18:42:07.000000000 -0500
        @@ -38,7 +38,7 @@


         server {
        -  listen 127.0.0.1:8443;
        +  listen *:8443;
           server_name gitlab.example.net;
           server_tokens off; ## Don't show the nginx version number, a security best practice
           root /opt/gitlab/embedded/service/gitlab-rails/public;

Recipe: gitlab::nginx
  * service[nginx] action restart
    - restart service service[nginx]

But nginx still listening on localhost only

# lsof -nP -i tcp:8443
COMMAND   PID       USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
nginx   28062       root    8u  IPv4 107868      0t0  TCP 127.0.0.1:8443 (LISTEN)
nginx   29306 gitlab-www    8u  IPv4 107868      0t0  TCP 127.0.0.1:8443 (LISTEN)
nginx   29307 gitlab-www    8u  IPv4 107868      0t0  TCP 127.0.0.1:8443 (LISTEN)

Some simple checks

# curl -I http://192.168.207.184:8443/
curl: (7) couldn't connect to host

# curl -I http://127.0.0.1:8443/
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 11 Dec 2014 23:43:49 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Status: 302 Found
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Location: http://127.0.0.1:8443/users/sign_in
Cache-Control: no-cache
Set-Cookie: _gitlab_session=496eb0fd2cb4dd6cc21680bab79a00bc; path=/; expires=Thu, 18 Dec 2014 23:43:49 -0000; HttpOnly
Set-Cookie: request_method=HEAD; path=/
X-Request-Id: 0c42899f-41ee-4a54-8eab-0a77b17af0a8
X-Runtime: 0.143992

If I restart nginx manually all works fine

# gitlab-ctl stop nginx
ok: down: nginx: 1s, normally up

# gitlab-ctl start nginx
ok: run: nginx: (pid 31754) 1s

# lsof -nP -i tcp:8443
COMMAND   PID       USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
nginx   31754       root    6u  IPv4 113091      0t0  TCP *:8443 (LISTEN)
nginx   31755 gitlab-www    6u  IPv4 113091      0t0  TCP *:8443 (LISTEN)
nginx   31756 gitlab-www    6u  IPv4 113091      0t0  TCP *:8443 (LISTEN)