Answer the question
In order to leave comments, you need to log in
How to correctly configure gitlab config behind nginx reverse proxy so that certificates are registered on the nginx server and not on the gitlab server?
there is a gitlab server that works in the internal grid and there is nginx (external ip) the
nginx config is simple, proxy_pass 10.10.10.10 + the certificate and path on the nginx server are added to the config.
If you go from outside to gitlab, then the ssl certificate is displayed correctly, and if you look at the certificate from the gitlab server, then he does not see it. What needs to be written in the /etc/gitlab/gitlab.rb configs so that the certificate is correct, which is visible to external users? Or the option is only to manually register in the settings. I don’t want to register a certificate on the gitlab server every 3 months =))
nginx['ssl_certificate'] = "/etc/gitlab/ssl/git-le.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/git-le-key.key"
Answer the question
In order to leave comments, you need to log in
You can set up everyone to log into Gitlab through an external Nginx. Then you won't have to mess around with different settings.
I have Gitlab configured to work only over HTTP, and SSL is added to Traefik (and not through Nginx, like you have)
Gitlab config:
services:
gitlab-web:
image: 'gitlab/gitlab-ce:14.8.2-ce.0'
hostname: 'dev.slavikf.com'
ports:
- '22:22'
labels:
- traefik.enable=true
- traefik.http.routers.gitlab-web.tls.certresolver=myresolver
- traefik.http.routers.gitlab-web.tls=true
- traefik.http.routers.gitlab-web.rule=Host(`dev.slavikf.com`)
- traefik.http.services.gitlab-web.loadbalancer.server.port=80
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://dev.slavikf.com'
registry_external_url 'https://dev.slavikf.com'
nginx['real_ip_header'] = 'X-Forwarded-For'
nginx['real_ip_recursive'] = 'on'
nginx['listen_port'] = 80
nginx['listen_https'] = false
nginx['redirect_http_to_https'] = false
...
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question