zoukankan      html  css  js  c++  java
  • gitlab支持https最简单方法

    gitlab支持https方法

    使用gitlab内部nginx直接支持https

    通过外部nginx代理(本次使用的方法)

      访问流程外部nginx--->gitlab的gitlab_workhorse tcp端口

    启动脚本

    nginx['enable'] = false 关闭gitlab内部nginx,也可以不关直接用下面脚本

    [root@xuliang gitlab]# cat run.sh
    #!/bin/bash
    docker run -itd --rm
    --hostname dev-gitlab.xx.cn
    -p 8181:8181
    --env GITLAB_OMNIBUS_CONFIG="external_url 'https://dev-gitlab.xx.cn/'; gitlab_rails['lfs_enabled'] = true; letsencrypt['enable'] = false; nginx['enable'] = true; nginx['listen_https'] = false; nginx['listen_port'] = 80;nginx['http2_enabled'] = false; nginx['redirect_http_to_https'] = true;"
    --name gitlab
    -v /opt/gitlab/config:/etc/gitlab
    -v /opt/gitlab/logs:/var/log/gitlab
    -v /opt/gitlab/data:/var/opt/gitlab
    --privileged=true
    gitlab/gitlab-ce:latest

    修改gitlab.rb文件

    ##### 使用gitlab_workhorse模式 ,修改为tcp使用8181端口


    ```
    [root@xuliang gitlab]# cat config/gitlab.rb |grep -v ^#|grep -v ^$
    gitlab_rails['gitlab_default_can_create_group'] = false
    gitlab_workhorse['enable'] = true
    gitlab_workhorse['listen_network'] = "tcp"
    gitlab_workhorse['listen_addr'] = "0.0.0.0:8181"
    nginx['proxy_set_headers'] = {
    "X-Forwarded-Proto" => "http"
    }

    配置nginx代理

    #### #nginx代理使用gitlab_workhorse tcp地址即可

    ```

    server {
    listen 80;
    server_name dev-gitlab.xx.cn;
    return 301 https://$host$request_uri;
    }

    server {
    listen 443 ssl;
    ssl_certificate ssl/xx-cn.crt;
    ssl_certificate_key ssl/xx-cn.key;
    client_max_body_size 0;
    server_name dev-gitlab.xx.cn;
    location / {
    proxy_pass http://192.168.100.173:8181;
    proxy_set_header Host $http_host;

    sendfile off;
    proxy_redirect http://192.168.100.173:8181 https://dev-gitlab.xx.cn;
    proxy_http_version 1.1;

    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_max_temp_file_size 0;

    #this is the maximum upload size
    client_max_body_size 1000m;
    client_body_buffer_size 128k;

    proxy_connect_timeout 90;
    proxy_send_timeout 90;
    proxy_read_timeout 90;
    proxy_buffering off;
    proxy_request_buffering off; # Required for HTTP CLI commands in Jenkins > 2.54
    proxy_set_header Connection ""; # Clear for keepalive


    }
    }
    ```

  • 相关阅读:
    go通道小案例
    go执行cmd命令并获取输出内容
    vue快速生成二维码
    vue.js数字简化 万转化k显示
    uniapp实现小程序获取用户信息
    实现图片预加载功能
    C# MD5加密字符串方法
    一个封装的 HttpClientHelper
    简易通过队列存储并异步打日志实现
    变量
  • 原文地址:https://www.cnblogs.com/xuliang666/p/14558833.html
Copyright © 2011-2022 走看看