Hosting your gitlab behind a reverse proxy server

Published by moxlotus on

Recently, I have decided to use a reverse proxy server to handle all the servers that I am hosting. This helps to mitigate the use of port number behind the url. e.g. http://mydomain:12345. Some of you, who tried to do that for a gitlab server, has probably realized that the urls generated by your gitlab are incorrect.

For example, your gitlab server uses external_url: 192.168.1.100:12345, and your reverse proxy points http://mydomain to 192.168.1.100:12345. Despite the masking of IP using reverse proxy server, the urls generated for the project continues to use 192.168.1.100:12345, which is probably not accessible from the internet.

Below is the solution to the problem.

sudo -e /etc/gitlab/gitlab.rb

set external_url. In my case, I m using the LAN address.

external_url 'http://192.168.2.12:7000'

Next, navigate to /var/opt/gitlab/gitlab-rails/etc, open gitlab.yml and change the following parameters

host: mydomain
port: 80 
https: false

Restart your gitlab and you will be able to see the changes.

sudo gitlab-ctl restart

WARNING: DO NOT USE sudo gitlab-ctl reconfigure. This will override the changes that you have just made.

update
For those of you that are using Apache to act as a proxy server, it seems that you will need to have external_url to be the same as your proxy url. This is necessary for those running gitlab CI.
Here are the steps to do that. instead of setting your external_url to your LAN address, you may use your TLD that is being used by your Apache.

external_url 'http://codestrian.com'

in the same file, change the following settings

web_server['username'] = 'www-data'
web_server['group'] = 'www-data'
nginx['enable] = false
gitlab_git_http_server['listen_network'] = "tcp"
gitlab_git_http_server['listen_addr'] = "localhost:7000"

Reconfigure gitlab

gitlab-ctl reconfigure

In the update, I have assumed that you have prior knowledge on how to configure a proxy server using Apache.

Share it with others
Categories: NetworkTools

1 Comment

A guide to configure GitLab using HTTPS under apache reverse proxy – Codestrian · January 14, 2018 at 6:25 AM

[…] It has been a while since my last blog entry, I have just spent a few hours migrating some web applications from my old server to the new server. While migrating the web applications, I realized that among all the applications, gitlab is the only one which is still using http. So I have decided to spend some time to upgrade the protocol from http to https. As the process is not really that smooth sailing, I have decided to document down the configurations that needs to be changed. This is a guide that follows my previously written article hosting gitlab using reverse proxy. […]

Comments are closed.