Nginx configuration for working with gitlab

Question

There is Gitlab EE (8.15 omnibus). Documentation and repositories have examples of nginx configs for working with Gitlab ( documentation , repo )

Let me give you a second example, as shorter:

upstream gitlab-workhorse { server unix:/var/opt/gitlab/gitlab-workhorse/socket; } server { listen *:80; server_name git.mydomain.ru; server_tokens off; root /opt/gitlab/embedded/service/gitlab-rails/public; access_log /var/log/nginx/gitlab.access.log; error_log /var/log/nginx/gitlab.error.log; location / { client_max_body_size 0; gzip off; proxy_read_timeout 300; proxy_connect_timeout 300; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://gitlab-workhorse; } }

nginx can not be restarted with either the first or the second. test config gives the result:

  $ sudo nginx -t nginx: [emerg] a duplicate default server for 0.0.0.0:80 in /etc/nginx/sites-enabled/gitlab.conf:6 nginx: configuration file /etc/nginx/nginx.conf test failed

How to configure nginx to work with Gitlab?

The "as is" config is really invalid, but if it is included inside the http block (which I think is done by default), then it is normal.
Look in /etc/nginx/nginx.conf ... this is me to the fact that the results of your test most likely have nothing to do with the observed problem.
I would get advice on the problem, why do not configs in the docks?

Answer 1 · 2017-01-17T20:53:41

The answer was in the documentation, it was necessary to carefully read.

In my case I used nginx already installed in the system, the documentation section for this case results in the following config :

 upstream gitlab-workhorse { server unix://var/opt/gitlab/gitlab-workhorse/socket fail_timeout=0; } server { listen *:80; server_name git.example.com; server_tokens off; root /opt/gitlab/embedded/service/gitlab-rails/public; client_max_body_size 250m; access_log /var/log/gitlab/nginx/gitlab_access.log; error_log /var/log/gitlab/nginx/gitlab_error.log; # Ensure Passenger uses the bundled Ruby version passenger_ruby /opt/gitlab/embedded/bin/ruby; # Correct the $PATH variable to included packaged executables passenger_env_var PATH "/opt/gitlab/bin:/opt/gitlab/embedded/bin:/usr/local/bin:/usr/bin:/bin"; # Make sure Passenger runs as the correct user and group to # prevent permission issues passenger_user git; passenger_group git; # Enable Passenger & keep at least one instance running at all times passenger_enabled on; passenger_min_instances 1; location ~ ^/[\w\.-]+/[\w\.-]+/(info/refs|git-upload-pack|git-receive-pack)$ { # 'Error' 418 is a hack to re-use the @gitlab-workhorse block error_page 418 = @gitlab-workhorse; return 418; } location ~ ^/[\w\.-]+/[\w\.-]+/repository/archive { # 'Error' 418 is a hack to re-use the @gitlab-workhorse block error_page 418 = @gitlab-workhorse; return 418; } location ~ ^/api/v3/projects/.*/repository/archive { # 'Error' 418 is a hack to re-use the @gitlab-workhorse block error_page 418 = @gitlab-workhorse; return 418; } # Build artifacts should be submitted to this location location ~ ^/[\w\.-]+/[\w\.-]+/builds/download { client_max_body_size 0; # 'Error' 418 is a hack to re-use the @gitlab-workhorse block error_page 418 = @gitlab-workhorse; return 418; } # Build artifacts should be submitted to this location location ~ /ci/api/v1/builds/[0-9]+/artifacts { client_max_body_size 0; # 'Error' 418 is a hack to re-use the @gitlab-workhorse block error_page 418 = @gitlab-workhorse; return 418; } location @gitlab-workhorse { ## https://github.com/gitlabhq/gitlabhq/issues/694 ## Some requests take more than 30 seconds. proxy_read_timeout 3600; proxy_connect_timeout 300; proxy_redirect off; # Do not buffer Git HTTP responses proxy_buffering off; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://gitlab-workhorse; ## The following settings only work with NGINX 1.7.11 or newer # ## Pass chunked request bodies to gitlab-workhorse as-is # proxy_request_buffering off; # proxy_http_version 1.1; } ## Enable gzip compression as per rails guide: ## http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression ## WARNING: If you are using relative urls remove the block below ## See config/application.rb under "Relative url support" for the list of ## other files that need to be changed for relative url support location ~ ^/(assets)/ { root /opt/gitlab/embedded/service/gitlab-rails/public; gzip_static on; # to serve pre-gzipped version expires max; add_header Cache-Control public; } error_page 502 /502.html; }

passenger_* directives may be incomprehensible to nginx, it will generate an error on startup, and a similar message during a test

 $ sudo nginx -s reload nginx: [emerg] unknown directive "passenger_root" in /etc/nginx/nginx.conf:66

You need to install Passenger and enable the passenger nginx module (I’ll summarize the commands below, a description can be found at the link above).

Passenger installation:

 sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7 sudo apt-get install -y apt-transport-https ca-certificates # Add our APT repository sudo sh -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger jessie main > /etc/apt/sources.list.d/passenger.list' sudo apt-get update # Install Passenger + Nginx sudo apt-get install -y nginx-extras passenger

Enable the passenger module in the nginx config

 include /etc/nginx/passenger.conf;

and restart last:

 sudo service nginx restart

GitLab starts and prompts you to enter the root user password. There remains a fine tuning.

Nginx configuration for working with gitlab

1 answer 1

More articles: