====== Gitlab за Nginx Proxy Manager (HTTPS) ======
===== Конфигурация Gitlab =====
Изменить настройки файла **/etc/gitlab/gitlab.rb** на:
external_url 'https://example.ru'
gitlab_rails['gitlab_ssh_host'] = 'example.ru'
gitlab_rails['gitlab_host'] = 'example.ru'
nginx['redirect_http_to_https'] = false
nginx['listen_port'] = 80
nginx['listen_https'] = false
nginx['proxy_set_headers'] = {
"Host" => "$http_host_with_default",
"X-Forwarded-For" => "$proxy_add_x_forwarded_for",
"X-Forwarded-Proto" => "https",
"X-Forwarded-Ssl" => "on"
}
nginx['real_ip_trusted_addresses'] = ['xxx.xxx.xxx.xxx/32']
nginx['real_ip_header'] = 'X-Real-IP'
nginx['real_ip_recursive'] = 'on'
letsencrypt['enable'] = false
где:
* **external_url** - внешнее DNS-имя
* **gitlab_rails['gitlab_ssh_host']** - DNS-имя до SSH (если нужно)
* **gitlab_rails['gitlab_host']** - внешнее DNS-имя
* **nginx['real_ip_trusted_addresses']** - IP-адрес Nginx Proxy Manager'а (массив)
===== Настройка Nginx Proxy Manager =====
- Добавить новый **Proxy Host**
- Указать протокол, IP-адрес, порт до Gitlab-сервера внутри сети
- Во вкладке **Advanced** в поле **Custom Nginx Configuration** прописать:
location / {
proxy_pass $forward_scheme://$server:$port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 2;
proxy_http_version 1.1;
proxy_ssl_server_name on;
proxy_ignore_client_abort on;
fastcgi_ignore_client_abort on;
proxy_buffering off;
proxy_intercept_errors on;
proxy_buffers 16 16k;
proxy_buffer_size 16k;
client_max_body_size 0;
}