View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions What am I missing in unbundling NGINX from GitLab?
Log in to Ask a Question

What am I missing in unbundling NGINX from GitLab?

nginx gitlab multiple-sites

I have been using self hosted gitlab successfully for a few weeks now and I'd like to host another website on the the same server.
As such I wanted to unbundle the nginx server from gitlab.

I followed the instructions here

https://www.linode.com/docs/development/version-control/how-to-unbundle-nginx-from-omnibus-gitlab-for-serving-multiple-websites/

my /etc/gitlab/gitlab.rb file looks like this 

external_url 'https://mysubdomain.mysite.com'
nginx['enable'] = false
web_server['external_users'] = ['www-data']
gitlab_rails['internal_api_url'] = 'https://mysubdomain.mysite.com'

and my nginx file looks like this

upstream gitlab {
    server unix:/var/opt/gitlab/gitlab-rails/sockets/gitlab.socket;
}

      server {

    server_name mysubdomain.mysite.com;
    server_tokens off; # don't show the version number, a security best practice
    root /opt/gitlab/embedded/service/gitlab-rails/public;

    # Increase this if you want to upload large attachments
    # Or if you want to accept large git objects over http
    client_max_body_size 250m;

    # individual nginx logs for this gitlab vhost
    access_log  /var/log/nginx/gitlab_access.log;
    error_log   /var/log/nginx/gitlab_error.log;

    location / {
        proxy_redirect off;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_pass http://gitlab;
    }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/mysubdomain.mysite.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/mysubdomain.mysite.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
    if ($host = mysubdomain.mysite.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

  listen 80;
  listen [::]:80;
  server_name mysubdomain.mysite.com;
    return 404; # managed by Certbot

}

With these settings I'm able to see the text on the website but none of the images load.
If I try to do a git clone then I get a 500 error in git bash.

I'm guessing this is some issue with the nginx server being able to read the files which git relies on.
However I have added the www-data user to the git-www group, so I'm guessing it isn't that.

Can anyone spot/suggest something else that I might have missed?

1 Reply

Took a lot of hacking around but it looks like it needs the assets location block, adding this fixed it. 

  location ~ ^/(assets)/ {
    root /opt/gitlab/embedded/service/gitlab-rails/public;
    gzip_static on; # to serve pre-gzipped version
    expires max;
    add_header Cache-Control public;
  }

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct