My ngix site config file (/etc/nginx/sites-enabled/) is given below. Right now I can access this site by going to localhost but I would like to know how to change the site url to localhost/gitlab. I need localhost reserved for a different website.
upstream gitlab {
server unix:/home/git/gitlab/tmp/sockets/gitlab.socket;
}
server {
# listen *:80 default_server; # e.g., listen 192.168.1.1:80; In most cases *:80 is a good idea
server_name localhost; # e.g., server_name source.example.com;
server_tokens off; # don't show the version number, a security best practice
root /home/git/gitlab/public;
# individual nginx logs for this gitlab vhost
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
# serve static files from defined root folder;.
# #gitlab is a named location for the upstream fallback, see below
try_files $uri $uri/index.html $uri.html #gitlab;
}
# if a file, which is not found in the root folder is requested,
# then the proxy pass the request to the upsteam (gitlab unicorn)
location #gitlab {
proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://gitlab;
}
}
Update: GitLab now has better support for relative URLs and dedicated documentation:
Source installations http://docs.gitlab.com/ee/install/relative_url.html
Omnibus packages https://docs.gitlab.com/omnibus/settings/configuration.html#configuring-a-relative-url-for-gitlab
You want to move GitLab in a relative url. Bear in mind that except for the nginx config, you must also change the url in 3 other places. See the directions in gitlab.yml:
# Uncomment and customize the last line to run in a non-root path
# WARNING: This feature is known to work, but unsupported
# Note that three settings need to be changed for this to work.
# 1) In your application.rb file: config.relative_url_root = "/gitlab"
# 2) In your gitlab.yml file: relative_url_root: /gitlab
# 3) In your unicorn.rb: ENV['RAILS_RELATIVE_URL_ROOT'] = "/gitlab"
All these configs are under /home/git/gitlab/config.
I don't know if these answers have been successful for OP, but for me nothing worked at all :
trafficking with location ...
Uncommenting files with relative URL, etc .
I did find a "tweak" which both elegant and concise, but requires you to have a registered domain name (not suitable for local IPs 192.168.0.x) :
Set up a DNS A Zone pointing to your server's IP (the same as your main domain) : gitlab.mydomain.me.
Update server_name mydomain.me to server_name gitlab.mydomain.me; in /etc/nginx/sites-available/gitlab.
Restart nginx : sudo service nginx restart.
You now have a working gitlab subdomain, and your "main" domain is free.
Well you're not actually changing the site name, you're moving it to a sub-directory, so you can easily change the
location / { ... }
to be a sub directory
location /gitlab { ... }
and reload nginx then it should work, but you need to make sure that if the website doesn't create relative URL's then you need to change it's config so it doesn't create a link that would move you outside the /gitlab directory.
Related
I have reconfigured nginx but i can't get it to restart using the following config:
conf:
server {
listen 80;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
server {
listen 80;
server_name example.com;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location /robots.txt {
alias /path/to/robots.txt;
access_log off;
log_not_found off;
}
location = /favicon.ico { access_log off; log_not_found off; }
location / {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 30;
proxy_read_timeout 30;
proxy_pass http://127.0.0.1:8000;
}
location /static {
expires 1M;
alias /path/to/staticfiles;
}
}
after running sudo nginx -c conf -t to test the configuration the following error is returned i can't figure out what is really the problem
nginx: [emerg] "server" directive is not allowed here in /etc/nginx/sites-available/config:1
nginx: configuration file /etc/nginx/sites-available/config test failed
That is not an nginx configuration file. It is part of an nginx configuration file.
The nginx configuration file (usually called nginx.conf) will look like:
events {
...
}
http {
...
server {
...
}
}
The server block is enclosed within an http block.
Often the configuration is distributed across multiple files, by using the include directives to pull in additional fragments (for example from the sites-enabled directory).
Use sudo nginx -t to test the complete configuration file, which starts at nginx.conf and pulls in additional fragments using the include directive. See this document for more.
Example valid nginx.conf for reverse proxy; In case someone is stuck like me.
where 10.x.x.x is the server where you are running the nginx proxy server and to which you are connecting to with the browser, and 10.y.y.y is where your real web server is running
events {
worker_connections 4096; ## Default: 1024
}
http {
server {
listen 80;
listen [::]:80;
server_name 10.x.x.x;
location / {
proxy_pass http://10.y.y.y:80/;
proxy_set_header Host $host;
}
}
}
Here is the snippet if you want to do SSL pass through. That is if 10.y.y.y is running a HTTPS webserver. Here 10.x.x.x, or where the nignx runs is listening to port 443, and all traffic to 443 is directed to your target web server
events {
worker_connections 4096; ## Default: 1024
}
stream {
server {
listen 443;
proxy_pass 10.y.y.y:443;
}
}
and you can serve it up in docker too
docker run --name nginx-container --rm --net=host -v /home/core/nginx/nginx.conf:/etc/nginx/nginx.conf nginx
The path to the nginx.conf file which is the primary Configuration file for Nginx - which is also the file which shall INCLUDE the Path for other Nginx Config files as and when required is /etc/nginx/nginx.conf.
You may access and edit this file by typing this at the terminal
cd /etc/nginx
/etc/nginx$ sudo nano nginx.conf
Further in this file you may Include other files - which can have a SERVER directive as an independent SERVER BLOCK - which need not be within the HTTP or HTTPS blocks, as is clarified in the accepted answer above.
I repeat - if you need a SERVER BLOCK to be defined within the PRIMARY Config file itself than that SERVER BLOCK will have to be defined within an enclosing HTTP or HTTPS block in the /etc/nginx/nginx.conf file which is the primary Configuration file for Nginx.
Also note -its OK if you define , a SERVER BLOCK directly not enclosing it within a HTTP or HTTPS block , in a file located at path /etc/nginx/conf.d . Also to make this work you will need to include the path of this file in the PRIMARY Config file as seen below :-
http{
include /etc/nginx/conf.d/*.conf; #includes all files of file type.conf
}
Further to this you may comment out from the PRIMARY Config file , the line
http{
#include /etc/nginx/sites-available/some_file.conf; # Comment Out
include /etc/nginx/conf.d/*.conf; #includes all files of file type.conf
}
and need not keep any Config Files in /etc/nginx/sites-available/ and also no need to SYMBOLIC Link them to /etc/nginx/sites-enabled/ , kindly note this works for me - in case anyone think it doesnt for them or this kind of config is illegal etc etc , pls do leave a comment so that i may correct myself - thanks .
EDIT :- According to the latest version of the Official Nginx CookBook , we need not create any Configs within - /etc/nginx/sites-enabled/ , this was the older practice and is DEPRECIATED now .
Thus No need for the INCLUDE DIRECTIVE include /etc/nginx/sites-available/some_file.conf; .
Quote from Nginx CookBook page - 5 .
"In some package repositories, this folder is named sites-enabled, and
configuration files are linked from a folder named site-available;
this convention is depre‐ cated."
There might be just a typo anywhere inside a file imported by the config. For example, I made a typo deep inside my config file:
loccation /sense/movies/ {
mp4;
}
(loccation instead of location), and this causes the error:
nginx: [emerg] "server" directive is not allowed here in /etc/nginx/sites-enabled/xxx.xx:1
Replace include /etc/nginx/conf.d/*.conf; in nginx.conf with include /etc/nginx/conf.d/includes-optional/cpanel-proxy-vendors/*.conf; or /etc/nginx/conf.d/includes-optional/site-available/*.conf;
It is on an amazon server so I checked the following post:
Changing Apache document root on AWS EC2 does not work
and
How to edit httpd.conf file in AMAZON EC2
or in general: How do I change the root directory of an apache server?
Well the information provided did help me so far.
The only file I could find in the etc/apache2 folder is the following:
Edit: The content of the config file is:
"Alias /javascript /usr/share/javascript/
Options FollowSymLinks MultiViews
"
I asked two month ago on his site: http://www.louisaslett.com/RStudio_AMI/, but didnt get an answer.
My question: How can i change the document root on an RStudio AMI server, so that I can change the directory of the rstudio login page away from the root directory to - say - domain.com/login and have a landing page + other folders on the root (domain.com).
Thank you for your help!
Edit:
After the answer from Frédéric Henri and edit:
Here is the content of my rstudio.conf file.
location / {
proxy_pass http://localhost:8787;
proxy_redirect http://localhost:8787/ $scheme://$host/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 20d;
access_log /var/log/nginx/rstudio-access.log;
error_log /var/log/nginx/rstudio-error.log;
}
Assuming i have the index.html file in the directory /home/idx/index.html, how would i change the file then.
The following didnt work for me:
proxy_pass http://localhost/home/idx;
proxy_redirect http://localhost/home/idx/ $scheme://$host/;
Or:
proxy_pass /home/idx;
proxy_redirect /home/idx/ $scheme://$host/;
and where would i configure to redirect my rstudio login to.
Thank you!
You are right and looking at the right place if you were using apache2/httpd web server; but in the case of the RStudio AMI it uses nginx web server so all configuration are stored in /etc/nginx
You can review Configure nginx with multiple locations with different root folders on subdomain to see how you can work with the conf file
In your current configuration, it is defined mainly 3 locations:
http://<web_server_ip>/
The conf file used for this case is /etc/nginx/RStudioAMI/rstudio.conf It processes all request and forward to http://localhost:8787 where rstudio is running.
http://<web_server_ip>/julia
The conf file used for this case is /etc/nginx/RStudioAMI/julia.conf It processes all request and forward to http://localhost:8000 where julia is running.
http://<web_server_ip>/shiny
The conf file used for this case is /etc/nginx/RStudioAMI/shiny.conf It processes all request and forward to http://localhost:3838 where shiny is running.
For example you could have the main location (which is simply / pointing to a specific folder) and changed the rstudio.conf to handle http://<web_server_ip>/rstudio
EDIT
where would i configure to redirect my rstudio login to
If you want the rstudio login page to be accessible from http://<server>/rtudio (for example) you would need to change in the `/etc/nginx/RStudioAMI/rstudio.conf``
location /rstudio/ {
proxy_pass http://localhost:8787/;
proxy_redirect http://localhost:8787/ $scheme://$host/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 20d;
access_log /var/log/nginx/rstudio-access.log;
error_log /var/log/nginx/rstudio-error.log;
}
If you want to point the main http://<server>/index.html pointing to /home/idx/index.html you need to change in /etc/nginx/sites-enabled/RStudioAMI.conf and have a main location defined pointing to your root element
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80 default_server;
index index.html;
location = / {
root /var/www/html;
}
include /etc/nginx/RStudioAMI/*.conf;
}
Note: Anytime you make a change to a nginx conf file, you need to restart nginx.
with: /etc/init.d/nginx restart.
I have Gitlab 5.2 + Nginx installed on a local machine in my university. Clone over http works for machines that are within the internal network, but trying to clone from a machine on an external network results in an "fatal: Authentication failed" message, even though the exact same credentials are supplied. (I use the same credentials as the ones I use to log in to Gitlab via the web interface)
The Gitlab web interface is accessible from external networks. It is only the clone over http that fails (clone over ssh is not possible because port 22 is blocked)
Here are some lines from the relevant configuration files:
from config/gitlab.yml
host: mydomain
port: 80
https: false
Here are the relevant lines from the ngnix config file
server {
listen *:80 default_server; # In most cases *:80 is a good idea
server_name mydomain; # e.g., server_name source.example.com;
root /home/git/gitlab/public;
# individual nginx logs for this gitlab vhost
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
# serve static files from defined root folder;.
# #gitlab is a named location for the upstream fallback, see below
try_files $uri $uri/index.html $uri.html #gitlab;
}
# if a file, which is not found in the root folder is requested,
# then the proxy pass the request to the upsteam (gitlab unicorn)
location #gitlab {
proxy_read_timeout 2000; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_connect_timeout 2000; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://gitlab;
}
}
Note: I have added this line to /etc/hosts: 127.0.0.1 mydomain but it doesn't really help. (based on https://github.com/gitlabhq/gitlabhq/issues/3483#issuecomment-15783597)
Any ideas on what the issue might be/how I might debug this?
I believe this is fixed in 5.3, so try updating. See:
https://github.com/gitlabhq/gitlabhq/blob/master/CHANGELOG#L41
https://github.com/gitlabhq/gitlabhq/blob/master/config/gitlab.yml.example#L151
I've successfully installed GitLab for management of private repositories (it's quite awesome!).
The problem I am having is by default, Gitlab login is presented when anyone hits my subdomain. I would like to protect the entire area with a basic_auth layer before the user gets the GitLab login screen. Unfortunately, this breaks my ability to push/pull from GitLab when it's enabled.
my nginx config to enable basic_auth:
auth_basic "Restricted";
auth_basic_user_file htpasswd;
Any ideas on how I can enable basic_auth without breaking git / gitlab functionality?
Add this to /etc/gitlab/gitlab.rb:
nginx['custom_gitlab_server_config'] = "auth_basic 'Restricted';\n auth_basic_user_file htpasswd;\n"
And run gitlab-ctl reconfigure
Kind of a hack at the moment but give this is a shot.
Edit your nginx site configuration to add / modify the following locations
location ^~ /api/v3/internal/allowed {
proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://gitlab;}
location / {
auth_basic "Gitlab Restricted Access";
auth_basic_user_file /home/git/gitlab/htpasswd.users;
# serve static files from defined root folder;.
# #gitlab is a named location for the upstream fallback, see below
try_files $uri $uri/index.html $uri.html #gitlab;
}
Leaving your #gitlab location block as is.
The trick is you let /api/v3/internal/allowd bypass the authentication. If you look at the logs when you do an git pull / push a request is made to the server whether or not to allow it. And on the standard nginx config with htpasswd that request would be blocked because the server has no idea about the authentication required.
Anyway not sure if there's a better alternative (couldn't find any) but this seems to work for me.
Your issue is that you want set a password restriction for public access to GitLab, but let Gitlab-Shell access the local GitLab instance without restriction.
You can have 2 nginx configurations depending on the IP interface. Change the line listen 0.0.0.0:80 default_server to listen 127.0.0.1:80 default_server.
https://github.com/gitlabhq/gitlabhq/blob/v7.7.2/lib/support/nginx/gitlab#L37-38
I installed gitlab using its installation guide. Everything was OK, but when I open localhost:80 in the browser all I see it the message Welcome to nginx!. I can't find any log file with any errors in it.
I am running Ubuntu in VirtualBox. My /etc/nginx/sites-enabled/gitlab config file reads:
# GITLAB
# Maintainer: #randx
# App Version: 3.0
upstream gitlab {
server unix:/home/gitlab/gitlab/tmp/sockets/gitlab.socket;
}
server {
listen 192.168.1.1:80; # e.g., listen 192.168.1.1:80;
server_name aridev-VirtualBox; # e.g., server_name source.example.com;
root /home/gitlab/gitlab/public;
# individual nginx logs for this gitlab vhost
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
# serve static files from defined root folder;.
# #gitlab is a named location for the upstream fallback, see below
try_files $uri $uri/index.html $uri.html #gitlab;
}
# if a file, which is not found in the root folder is requested,
# then the proxy pass the request to the upsteam (gitlab unicorn)
location #gitlab {
proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://gitlab;
}
}
The nginx documentation says:
Server names are defined using the server_name directive and determine which server block is used for a given request.
That means in your case that that you have to enter aridev-VirtualBox within your browser instead of localhost.
To get this working you have to enter aridev-VirtualBox within your local Hosts file and point it to the IP of your VirtualBox PC.
This would look something like follows:
192.168.1.1 aridev-VirtualBox
I removed /etc/nginx/sites-enabled/default to get rid of that problem.
Try following both orkoden's advice of removing the default site from /etc/nginx/sites-enabled/ but also comment out your listen line since the default implied line there should be sufficient.
Also, make sure that when you make changes to these configurations, shut down both the gitlab and nginx services and start them in the order of gitlab first, followed by nginx.
Your configuration file is right. # /etc/nginx/sites-enabled/gitlab
Maybe I think your gitlab file link is wrong.
So Example:
ln -s /etc/nginx/sites-available/default
/etc/nginx/sites-enabled/gitlab
pls check default content == your /etc/nginx/sites-enabled/gitlab
content
after
Me I changed this line :
proxy_pass http://gitlab;
by this :
proxy_pass http://localhost:3000;
3000 is the port of my unicorn server.
moreover I did a chown root:ngnix on the conf file and it work now.
Old topic, but it may happen when there is a previously installed nginx.
$ gitlab-ctl reconfigure
or restart will not complain but the previous nginx instance may actually running instead of the one under gitlab.
This just happened to me.
Shutdown and disable this old nginx instance and do again:
$ gitlab-ctl reconfigure