2

I have setup Gitlab on my server successfully and have configured it to run on Apache as that is what I use for hosting my current sites.

I have used Let's Encrypt to add SSL encryption across my domains and selected to make them 'secure' and so a re-write rule was placed in all of my .conf files to redirect HTTP requests to HTTPS.

This works on all of my other .conf files except for the Gitlab one.

It uses the below to handle the redirect:

RewriteCond %{SERVER_NAME} = gitlab.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

Can anyone help point out why it might not be working correctly?

Full virtual host below:

<VirtualHost *:80>
  ServerName gitlab.example.com
  ServerSignature Off

  ProxyPreserveHost On

  # Ensure that encoded slashes are not decoded but left in their encoded state.
  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
  AllowEncodedSlashes NoDecode

  <Location />
    # New authorization commands for apache 2.4 and up
    # http://httpd.apache.org/docs/2.4/upgrading.html#access
    Require all granted

    #Allow forwarding to gitlab-workhorse
    ProxyPassReverse http://127.0.0.1:8181
    ProxyPassReverse http://gitlab.example.com/

  </Location>

  # Apache equivalent of nginx try files
  # http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
  # http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
  RewriteEngine on

  #Don't escape encoded characters in api requests
  RewriteCond %{REQUEST_URI} ^/api/v3/.*
  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]

  #Forward all requests to gitlab-workhorse except existing files like error documents
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
  RewriteCond %{REQUEST_URI} ^/uploads/.*
  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]

  # needed for downloading attachments
  DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public

  #Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
  ErrorDocument 404 /404.html
  ErrorDocument 422 /422.html
  ErrorDocument 500 /500.html
  ErrorDocument 503 /deploy.html

  # It is assumed that the log directory is in /var/log/httpd.
  # For Debian distributions you might want to change this to
  # /var/log/apache2.
  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
  ErrorLog  ${APACHE_LOG_DIR}/gitlab.example.com_error.log
  CustomLog ${APACHE_LOG_DIR}/gitlab.example.com_forwarded.log common_forwarded
  CustomLog ${APACHE_LOG_DIR}/gitlab.example.com_access.log combined env=!dontlog
  CustomLog ${APACHE_LOG_DIR}/gitlab.example.com.log combined
#    ErrorLog ${APACHE_LOG_DIR}/error.log
#    CustomLog ${APACHE_LOG_DIR}/access.log showmedomain

RewriteCond %{SERVER_NAME} = gitlab.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>
James
  • 345
  • 3
  • 11
  • SERVER_NAME? Shouldn't it be "HTTP_HOST"? – Pothi Kalimuthu May 15 '16 at 08:41
  • 1
    @Pothi that is what Let's Encrypt automatically generated for me. It is the same in all of my `.conf` files and it works fine inside them - it is only the Gitlab one that causes issues. – James May 15 '16 at 08:45
  • Oh. Yes. I didn't read it properly. Sorry @James. – Pothi Kalimuthu May 15 '16 at 11:34
  • OK weird, this now works... I tested this yesterday on my computer, then in incognito and then independently on my mobile network and it wasn't working. However today it does... Could this be due to something being cached on the client side? – James May 16 '16 at 01:49

0 Answers0