我想通过apache和ssl一起使用GitLab。我跟着this指南,但仍然收到503 Service Unavailable消息。
我已按照GitLab的instruction中所述安装了GitLab。
我的gitlab.rb配置看起来像指南中的文件:
external_url 'https://domain:4443'
nginx['ssl_certificate'] = "/etc/gitlab/tls/SignedCertificateBundle.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/tls/SignedCertificate.key"
我的虚拟主机:
<VirtualHost *:443>
ServerName domain
ServerAlias domain
Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
SSLEngine on
SSLCertificateFile /etc/gitlab/tls/SignedCertificate.crt
SSLCertificateKeyFile /etc/gitlab/tls/SignedCertificate.key
SSLCACertificateFile /etc/gitlab/tls/IntermediateCertificate.crt
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
SSLProxyEngine on
ProxyRequests Off
ProxyPass / https://domain:4443/
ProxyPassReverse / https://domain/
Header edit Location ^http://domain/ https://domain/
RequestHeader set X-Forwarded-Proto "https"
</VirtualHost>
我忘记了什么吗?
答案 0 :(得分:0)
我为我的问题找到了一个解决方案(也许其他人也在努力解决这个问题)
我的gitlab.rb配置文件:
external_url 'https://domain'
nginx['listen_address'] = 'localhost'
nginx['listen_port'] = 8888
nginx['listen_https'] = false
我的虚拟主持人:
<VirtualHost *:443>
ServerName domain
ServerAlias domain
ServerAdmin mail
RequestHeader set Host "domain"
RequestHeader add X-Forwarded-Ssl on
RequestHeader set X-Forwarded-Proto "https"
ProxyPreserveHost On
ProxyPass / http://localhost:8888/
ProxyPassReverse / http://localhost:8888/
SSLEngine on
SSLCertificateFile /etc/gitlab/tls/SignedCertificate.crt
SSLCertificateKeyFile /etc/gitlab/tls/SignedCertificate.key
SSLCACertificateFile /etc/gitlab/tls/IntermediateCertificate.crt
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384
</VirtualHost>
对我来说,GitLab正在使用TLS over apache