Apidcloud

CentOS 6.4 http.conf gitlab virtual host

Dec 11th, 2015
89
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <VirtualHost *:443>
  2. # ssl setup
  3. SSLEngine ON
  4. SSLProtocol all -SSLv2 -SSLv3
  5. SSLHonorCipherOrder On
  6. SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNU$
  7.  
  8. SSLCertificateFile /etc/letsencrypt/live/domain.com/cert.pem
  9. SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem
  10. SSLCertificateChainFile /etc/letsencrypt/live/domain.com/chain.pem
  11.  
  12. ServerName sub.domain.com
  13. ServerAlias www.sub.domain.com
  14. ServerSignature Off
  15.  
  16. ProxyPreserveHost On
  17.  
  18. # Ensure that encoded slashes are not decoded but left in their encoded state.
  19. # http://doc.gitlab.com/ce/api/projects.html#get-single-project
  20. AllowEncodedSlashes On
  21.  
  22. <Location />
  23. Order deny,allow
  24. Allow from all
  25.  
  26. #Allow forwarding to gitlab-workhorse
  27. ProxyPassReverse http://127.0.0.1:8181
  28. #Allow forwarding to GitLab Rails app (Unicorn)
  29. ProxyPassReverse http://127.0.0.1:8080
  30. ProxyPassReverse http://sub.overlordgt.xyz/
  31. </Location>
  32.  
  33. # Apache equivalent of nginx try files
  34. # http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
  35. # http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
  36. RewriteEngine on
  37.  
  38. #Forward these requests to gitlab-workhorse
  39. RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/gitlab-lfs/objects.* [OR]
  40. RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/builds/download.* [OR]
  41. RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/repository/archive.* [OR]
  42. RewriteCond %{REQUEST_URI} ^/api/v3/projects/.*/repository/archive.* [OR]
  43. RewriteCond %{REQUEST_URI} ^/ci/api/v1/builds/[0-9]+/artifacts.* [OR]
  44. RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/(info/refs|git-upload-pack|git-receive-pack)$
  45. RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
  46.  
  47. #Forward any other requests to GitLab Rails app (Unicorn)
  48. RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
  49. RewriteCond %{REQUEST_URI} ^/uploads
  50. RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA,NE]
  51. RequestHeader set X_FORWARDED_PROTO 'https'
  52. RequestHeader set X-Forwarded-Ssl on
  53.  
  54. # needed for downloading attachments
  55. DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
  56.  
  57. #Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
  58. ErrorDocument 404 /404.html
  59. ErrorDocument 422 /422.html
  60. ErrorDocument 500 /500.html
  61. ErrorDocument 503 /deploy.html
  62. </VirtualHost>
RAW Paste Data