How to correctly configure Apaches mod_proxy for GitLab under a suburl in combination with other suburls

Question

I have a server on which I want to run GitLab beside other services. After googling around for some time I found out that I need to do some mod_proxy tricks to get Apache2 to forward requests to GitLab. But now when I try to access any URL on the server that is not a GitLab URL under /git, I simply get an error. I can't even access apaches standard index.html page which I clearly should. The server is running under Ubuntu 14.04 LTS. The configuration file for gitlab is:

#This configuration has been tested on GitLab 6.0.0 and GitLab 6.0.1
#Note this config assumes unicorn is listening on default port 8080.
#Module dependencies
#  mod_rewrite
#  mod_proxy
#  mod_proxy_http
<VirtualHost *:80>
  ServerName lmmweb
  ServerSignature Off

  ProxyPreserveHost On

  # Ensure that encoded slashes are not decoded but left in their encoded state.
  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
  AllowEncodedSlashes NoDecode

<Location /git>
  # New authorization commands for apache 2.4 and up
  # http://httpd.apache.org/docs/2.4/upgrading.html#access
  Require all granted

  ProxyPassReverse http://127.0.0.1:8080
</Location>

  #apache equivalent of nginx try files
  # http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
  # http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
  RewriteEngine on
  RewriteCond %{DOCUMENT_ROOT}/git/%{REQUEST_FILENAME} !-f
  RewriteRule /git/.* http:  //  127.0.0.1  :8080%{REQUEST_URI} [P,QSA]

  # needed for downloading attachments
  DocumentRoot /home/git/gitlab/public

  #Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
  ErrorDocument 404 /404.html
  ErrorDocument 422 /422.html
  ErrorDocument 500 /500.html
  ErrorDocument 503 /deploy.html

  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
  ErrorLog  /var/log/apache2/gitlab/error.log

</VirtualHost>

I'm pretty sure that there must be a failure inside the RewriteRules but can't find it. I have included double spaces inside the RewriteRule for http:// ... as I'm getting some error due to a lack of reputation.

Best regards and thanks for your help.

Answer 1

I found the solution to this:

The problem is that overrides all other defined vhosts. It was necessary for my setup to let this gitlab instance run under a different port and then proxy to this one from the main configuration.

So my vhost is now <VirtualHost:8081> and before a Listen 8081. In the config file where I wanted to configure the suburls, I added:

<Location /git>
  ProxyPass http://mydomain:8081/git
  ProxyPassReverse http://mydomain:8081/git
</Location>

Answer 2

Coincidentally I solved the issue few minutes before seeing your answer, but it's not the end of the story. It happens that on creation of new projects (and probably in other places too) Gitlab still reports http instead of https protocol on generated URLs. And one for example would like to access the gitlab nginx server (when using a Omnibus installation, as it seems it's the case here) only as localhost in the reverse proxy pass. To achieve this you need the following Apache configuration:

ProxyPreserveHost On
<Location /gitlab>
    ProxyPass http://localhost:8929/gitlab
    ProxyPassReverse http://localhost:8929/gitlab
    # Necessary so Gitlab can return https addresses on some generated URLs
    RequestHeader set X-FORWARDED-PROTOCOL https
    RequestHeader set X-Forwarded-Ssl on
</Location>

Following variables must then be injected in the Gitlab environment, or written in gitlab.rb, so the service can be accessed only as localhost:

  external_url 'http://localhost:8929/gitlab'
  # nginx['listen_port'] = 80 # I use this when mapping host 8929 to 80 in docker container
  nginx['listen_https'] = false
  gitlab_rails['gitlab_shell_ssh_port'] = 2222
  # Following is necessary otherwise Gitlab will generate git URLs pointing to localhost
  gitlab_rails['gitlab_ssh_host'] = 'git.myexeternaldomain.com'