Hosting your gitlab behind a reverse proxy server
Recently, I have decided to use a reverse proxy server to handle all the servers that I am hosting. This helps to mitigate the use of port number behind the url. e.g. http://mydomain:12345. Some of you, who tried to do that for a gitlab server, has probably realized that the urls generated by your gitlab are incorrect.
For example, your gitlab server uses external_url: 192.168.1.100:12345, and your reverse proxy points http://mydomain to 192.168.1.100:12345. Despite the masking of IP using reverse proxy server, the urls generated for the project continues to use 192.168.1.100:12345, which is probably not accessible from the internet.
Below is the solution to the problem.
sudo -e /etc/gitlab/gitlab.rb
set external_url. In my case, I m using the LAN address.
external_url 'http://192.168.2.12:7000'
Next, navigate to /var/opt/gitlab/gitlab-rails/etc, open gitlab.yml and change the following parameters
host: mydomain
port: 80
https: false
Restart your gitlab and you will be able to see the changes.
sudo gitlab-ctl restart
WARNING: DO NOT USE sudo gitlab-ctl reconfigure. This will override the changes that you have just made.
update
For those of you that are using Apache to act as a proxy server, it seems that you will need to have external_url to be the same as your proxy url. This is necessary for those running gitlab CI.
Here are the steps to do that. instead of setting your external_url to your LAN address, you may use your TLD that is being used by your Apache.
external_url 'http://codestrian.com'
in the same file, change the following settings
web_server['username'] = 'www-data'
web_server['group'] = 'www-data'
nginx['enable] = false
gitlab_git_http_server['listen_network'] = "tcp"
gitlab_git_http_server['listen_addr'] = "localhost:7000"
Reconfigure gitlab
gitlab-ctl reconfigure
In the update, I have assumed that you have prior knowledge on how to configure a proxy server using Apache.
1 Comment
A guide to configure GitLab using HTTPS under apache reverse proxy – Codestrian · January 14, 2018 at 6:25 AM
[…] It has been a while since my last blog entry, I have just spent a few hours migrating some web applications from my old server to the new server. While migrating the web applications, I realized that among all the applications, gitlab is the only one which is still using http. So I have decided to spend some time to upgrade the protocol from http to https. As the process is not really that smooth sailing, I have decided to document down the configurations that needs to be changed. This is a guide that follows my previously written article hosting gitlab using reverse proxy. […]
Comments are closed.