API tools faq
paste
Advertisement
bobnethu

gitlab.example.com.conf

bobnethu
Mar 26th, 2018
636
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.47 KB | None | 0 0
raw download clone embed print report
  1. <VirtualHost *:80>
  2. ServerName gitlab.example.com
  3. ServerAdmin webmaster@example.com
  4. ServerSignature Off
  5.  
  6. RewriteEngine on
  7. RewriteCond %{HTTPS} !=on
  8. RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
  9. </VirtualHost>
  10. <VirtualHost *:443>
  11. SSLEngine on
  12. #strong encryption ciphers only
  13. #see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
  14. # You might want to only keep TLS
  15. #SSLCipherSuite SSLv3:TLSv1:+HIGH:!SSLv2:!MD5:!MEDIUM:!LOW:!EXP:!ADH:!eNULL:!aNULL
  16. # Your own self-signed certificates
  17. SSLCertificateFile /etc/letsencrypt/live/gitlab.example.com/fullchain.pem
  18. SSLCertificateKeyFile /etc/letsencrypt/live/gitlab.example.com/privkey.pem
  19. # SSLCACertificateFile /etc/apache2/certs/your-ca.crt
  20.  
  21. ServerName gitlab.example.com
  22. ServerAdmin webmaster@example.com
  23. ServerSignature Off
  24. ProxyPreserveHost On
  25.  
  26. # Ensure that encoded slashes are not decoded but left in their encoded state.
  27. # http://doc.gitlab.com/ce/api/projects.html#get-single-project
  28. AllowEncodedSlashes NoDecode
  29.  
  30. <Location />
  31. #Order deny,allow
  32. #Allow from all
  33. Require all granted
  34.  
  35. ProxyPassReverse http://127.0.0.1:8060
  36. ProxyPassReverse http://gitlab.example.com/
  37. </Location>
  38.  
  39. #apache equivalent of nginx try files
  40. # http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
  41. # http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
  42. RewriteEngine on
  43. RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
  44. RewriteRule .* http://127.0.0.1:8060%{REQUEST_URI} [P,QSA]
  45. RewriteCond %{REQUEST_URI} ^/uploads/.*
  46. RequestHeader set X_FORWARDED_PROTO 'https'
  47. #RequestHeader set X-Forwarded-Ssl on
  48.  
  49.  
  50. # needed for downloading attachments
  51. DocumentRoot "/opt/gitlab/embedded/service/gitlab-rails/public"
  52.  
  53. #Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
  54. ErrorDocument 404 /404.html
  55. ErrorDocument 422 /422.html
  56. ErrorDocument 500 /500.html
  57. ErrorDocument 503 /deploy.html
  58.  
  59. LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
  60. # Path must exists
  61. ErrorLog /var/log/apache2/com/example/gitlab/gitlab_error.log
  62. CustomLog /var/log/apache2/com/example/gitlab/gitlab_forwarded.log common_forwarded
  63. CustomLog /var/log/apache2/com/example/gitlab/gitlab_access.log combined env=!dontlog
  64. CustomLog /var/log/apache2/com/example/gitlab/gitlab.log combined
  65. </VirtualHost>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!