Skip to content

Commit 057330b

Browse files
axilleasaxilleas
committed
Merge pull request #189 from Chluz/patch-1
[Webserver Conf File] GitLab 6.x - Apache v2.4 and up
2 parents 7f243a2 + 649860a commit 057330b

File tree

3 files changed

+114
-0
lines changed

3 files changed

+114
-0
lines changed

web-server/apache/README.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
# Apache 2 version
2+
If you are using Apache version 2.4 or above, please use files [gitlab-apache2.4.conf](gitlab-apache2.4.conf) or [gitlab-ssl-apache2.4.conf](gitlab-ssl-apache2.4.conf) for the HTTP and HTTPS versions of the vhost repectively.
3+
14
# RHEL6/CentOS6 recommendations
25

36
The up-to-date recommended [gitlab-ssl.conf](gitlab-ssl.conf) was configured on RHEL 6.4.

web-server/apache/gitlab-apache2.4.conf

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
#This configuration has been tested on GitLab 6.0.0 and GitLab 6.0.1
2+
#Note this config assumes unicorn is listening on default port 8080.
3+
#Module dependencies
4+
# mod_rewrite
5+
# mod_proxy
6+
# mod_proxy_http
7+
<VirtualHost *:80>
8+
ServerName gitlab.example.com
9+
ServerSignature Off
10+
11+
ProxyPreserveHost On
12+
13+
<Location />
14+
# New authorization commands for apache 2.4 and up
15+
# http://httpd.apache.org/docs/2.4/upgrading.html#access
16+
Require all granted
17+
18+
ProxyPassReverse http://127.0.0.1:8080
19+
ProxyPassReverse http://gitlab.example.com/
20+
</Location>
21+
22+
#apache equivalent of nginx try files
23+
# http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
24+
# http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
25+
RewriteEngine on
26+
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
27+
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA]
28+
29+
# needed for downloading attachments
30+
DocumentRoot /home/git/gitlab/public
31+
32+
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
33+
ErrorDocument 404 /404.html
34+
ErrorDocument 422 /422.html
35+
ErrorDocument 500 /500.html
36+
ErrorDocument 503 /deploy.html
37+
38+
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
39+
ErrorLog /var/log/httpd/logs/gitlab.example.com_error.log
40+
CustomLog /var/log/httpd/logs/gitlab.example.com_forwarded.log common_forwarded
41+
CustomLog /var/log/httpd/logs/gitlab.example.com_access.log combined env=!dontlog
42+
CustomLog /var/log/httpd/logs/gitlab.example.com.log combined
43+
44+
</VirtualHost>

web-server/apache/gitlab-ssl-apache2.4.conf

Lines changed: 67 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,67 @@
1+
#This configuration has been tested on GitLab 6.0.0 and GitLab 6.0.1
2+
#Note this config assumes unicorn is listening on default port 8080.
3+
#Module dependencies
4+
# mod_rewrite
5+
# mod_ssl
6+
# mod_proxy
7+
# mod_proxy_http
8+
# mod_headers
9+
10+
# This section is only needed if you want to redirect http traffic to https.
11+
# You can live without it but clients will have to type in https:// to reach gitlab.
12+
<VirtualHost *:80>
13+
ServerName gitlab.example.com
14+
ServerSignature Off
15+
16+
RewriteEngine on
17+
RewriteCond %{HTTPS} !=on
18+
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
19+
</VirtualHost>
20+
21+
<VirtualHost *:443>
22+
SSLEngine on
23+
#strong encryption ciphers only
24+
#see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
25+
SSLCipherSuite SSLv3:TLSv1:+HIGH:!SSLv2:!MD5:!MEDIUM:!LOW:!EXP:!ADH:!eNULL:!aNULL
26+
SSLCertificateFile /etc/httpd/ssl.crt/gitlab.example.com.crt
27+
SSLCertificateKeyFile /etc/httpd/ssl.key/gitlab.example.com.key
28+
SSLCACertificateFile /etc/httpd/ssl.crt/your-ca.crt
29+
30+
ServerName gitlab.example.com
31+
ServerSignature Off
32+
33+
ProxyPreserveHost On
34+
35+
<Location />
36+
# New authorization commands for apache 2.4 and up
37+
# http://httpd.apache.org/docs/2.4/upgrading.html#access
38+
Require all granted
39+
40+
ProxyPassReverse http://127.0.0.1:8080
41+
ProxyPassReverse http://gitlab.example.com/
42+
</Location>
43+
44+
#apache equivalent of nginx try files
45+
# http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
46+
# http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
47+
RewriteEngine on
48+
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
49+
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA]
50+
RequestHeader set X_FORWARDED_PROTO 'https'
51+
52+
# needed for downloading attachments
53+
DocumentRoot /home/git/gitlab/public
54+
55+
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
56+
ErrorDocument 404 /404.html
57+
ErrorDocument 422 /422.html
58+
ErrorDocument 500 /500.html
59+
ErrorDocument 503 /deploy.html
60+
61+
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
62+
ErrorLog /var/log/httpd/logs/gitlab.example.com_error.log
63+
CustomLog /var/log/httpd/logs/gitlab.example.com_forwarded.log common_forwarded
64+
CustomLog /var/log/httpd/logs/gitlab.example.com_access.log combined env=!dontlog
65+
CustomLog /var/log/httpd/logs/gitlab.example.com.log combined
66+
67+
</VirtualHost>

0 commit comments

Comments
 (0)