<!--- Please read this! Before you create a new issue, please make sure that you already ran `sudo gitlab-ctl reconfigure` Also make sure to search in https://gitlab.com/gitlab-org/omnibus-gitlab/issues, to verify the issue you're about to submit isn't a duplicate. ---> ### Summary <!-- Describe in short the bug you've encountered --> If enabling Smartcard and setting `nginx['redirect_http_to_https'] = true`, the resulting Smartcard nginx configuration is invalid and causes nginx to not start in v18.5.x. ``` root@gitlab-18:/# gitlab-ctl status | grep nginx down: nginx: 0s, normally up, want up; run: log: (pid 674) 360s root@gitlab-18:/# tail -f /var/log/gitlab/nginx/error.log 2026/01/06 03:54:48 [emerg] 1638#0: a duplicate default server for 0.0.0.0:80 in /var/opt/gitlab/nginx/conf/service_conf/gitlab-smartcard.conf:35 ``` The changes in the Smartcard nginx config pre and post upgrade from 18.4.x to 18.5.x: ``` $ diff pre.conf post.conf 35c35 < listen *:80; --- > listen *:80 default_server; 60c60 < include /var/opt/gitlab/nginx/conf/gitlab-health.conf; --- > include /var/opt/gitlab/nginx/conf/service_conf/gitlab-health.partial; 67c67 < listen *:3444 ssl; --- > listen *:3444 default_server ssl; 170c170 < include /var/opt/gitlab/nginx/conf/gitlab-health.conf; --- > include /var/opt/gitlab/nginx/conf/service_conf/gitlab-health.partial; ``` The `default_server` being duplicated in the file for each server block seems to cause a problem. ### Workaround Set `nginx['default_server_enabled'] = false` ``` $ diff post.conf post-no-default.conf 35c35 < listen *:80 default_server; --- > listen *:80; 67c67 < listen *:3444 default_server ssl; --- > listen *:3444 ssl; ``` ### Steps to reproduce <!-- How one can reproduce the issue - this is very important --> 1. Have a working v18.4.x GitLab Omnibus node 2. Configure Smartcard and set `nginx['redirect_http_to_https'] = true` 3. Upgrade to v18.5.x 4. Check nginx is running and check nginx error log ### What is the current *bug* behavior? <!-- What actually happens --> Nginx stops running, the error log shows: `a duplicate default server for 0.0.0.0:80 in /var/opt/gitlab/nginx/conf/service_conf/gitlab-smartcard.conf:35` ### What is the expected *correct* behavior? <!-- What you should see instead --> The resulting nginx configuration should be valid ### Relevant logs <details> <summary> Relevant logs </summary> <pre> <!-- Paste any relevant logs. Live log output can be found with `sudo gitlab-ctl tail`. Log files live in `/var/log/gitlab` by default. --> </pre> </details> ### Details of package version <details> <summary>Provide the package version installation details</summary> <pre> <!-- For Debian, Ubuntu based systems, paste the output of: `dpkg-query -l "gitlab-*"` For RHEL based systems (CentOS, RHEL, OL, Scientific, OpenSUSE, SLES), paste the output of: `rpm -qa | grep 'gitlab'` If you can't provide these details, see https://about.gitlab.com/getting-help/ page on where to ask your question. --> </pre> </details> ### Environment details * Operating System: `REPLACE-WITH-DETAILS` * Installation Target, remove incorrect values: * Bare Metal Machine * VM: Digital Ocean, AWS, GCP, Azure, Other `REPLACE-WITH-DETAILS` * Other: `REPLACE-WITH-DETAILS` * Installation Type, remove incorrect values: * New Installation * Upgrade from version `REPLACE-WITH-DETAILS` * Other: `REPLACE-WITH-DETAILS` * Is there any other software running on the machine: `REPLACE-WITH-DETAILS` * Is this a single or multiple node installation? * Resources * CPU: `REPLACE-WITH-DETAILS` * Memory total: `REPLACE-WITH-DETAILS` ### Configuration details <details> <summary> Provide the relevant sections of `/etc/gitlab/gitlab.rb` </summary> <pre> <!-- Paste the details but omit lines starting with `#`. Relevant lines can be retrieved by running `grep -v -e '^#' -e '^$' /etc/gitlab/gitlab.rb`. Be certain to sanitize sensitive configuration such as passwords and secrets. --> </pre> </details>