Can't clone via HTTPS for CI Runners
Hi Folks,
Here's my goal: Run CI Multi Runner on a Mac for an iOS/Android project.
Here's what I'm running:
- CentOS 6 Server with: Omnibus Gitlab v. 8.9.6-ce (Separate NGINX setup, v1.6.2 ) (also, note, this is a recent upgrade from Omnibus V7?)
- Mac OS El Capitan (10.11?) with Xcode and everything. (Manually clones just fine via ssh)
Here's my NGINX setup for gitlab on the Centos Server:
upstream gitlab {
server unix:/var/opt/gitlab/gitlab-workhorse/socket;
}
server {
listen 80;
server_name mygitinstall.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name mygitinstall.com;
server_tokens off; ## Don't show the nginx version number, a security best practice
root /opt/gitlab/embedded/service/gitlab-rails/public;
ssl on;
include ssl.conf;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
client_max_body_size 3G;
access_log /var/log/gitlab/nginx/gitlab_access.log;
error_log /var/log/gitlab/nginx/gitlab_error.log;
location / {
try_files $uri $uri/index.html $uri.html @gitlab;
}
location /uploads/ {
gzip off;
proxy_read_timeout 600;
proxy_connect_timeout 600;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://gitlab;
}
location @gitlab {
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://gitlab;
}
location ~ ^/(assets)/ {
root /opt/gitlab/embedded/service/gitlab-rails/public;
gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
}
error_page 502 /502.html;
}
Here's what i've run into:
- Clone works fine from SSH, but not HTTPS
- HTTPS clone works for tiny repos, but anything bigger and it fails pretty much right away with the below message:
- I've ran the clones using the CI tokens too and it fails for big repos (over 50mb-ish), but not the little repos (5mb-ish).
git clone https://gitlab-ci-token:[token]@mygitinstall.com/person/project.git
Cloning into 'project'...
remote: Counting objects: 7626, done.
error: RPC failed; result=18, HTTP code = 200
remote: Compressing objects: 100% (6382/6382), done.
fatal: The remote end hung up unexpectedly
fatal: early EOFs: 0% (1/7626)
fatal: index-pack failedI'm sure you've seen this before. I've looked through your issues list and found similar things. So, I upped the Unicorn.rb settings timeout to 6000 seconds (configured via gitlab.rb presented below) Workhorse has its timeout set to 10 minutes too.
Also, since its 8.9 series, Here's how things are running: my NGINX <---> Workhorse <---> Unicorn
Let me know what I'm doing wrong and how I can fix this. Attached is my full gitlab.rb file for reference. gitlab.rb
Please let me know what I should do to fix this problem.