我在让 gitlab 在我的服务器上运行时遇到问题。
环境是:
Ubuntu 16.04.1 长期支持版
Apache 2.4
我通过综合脚本安装了 gitlab,编辑了 gitlab.rb 以使其与 apache 一起工作,制作了一个专用的虚拟主机,在 SSL 证书上遇到了一些困难,让它工作了,但是我遇到了一个我无法解决的错误解决。
当我转到 https://gitlab.mydomain.com/users/sign_in 时我有一个不错的503。 错误日志说:
[Tue Apr 18 16:58:56.556702 2017] [proxy:error] [pid 31966] (111)Connection refused: AH00957: HTTPS: attempt to connect to 127.0.0.1:8181 (*) failed
[Tue Apr 18 16:58:56.556722 2017] [proxy_http:error] [pid 31966] [client 93.182.244.38:60339] AH01114: HTTP: failed to make connection to backend: 127.0.0.1, referer: https://gitlab.mydomain.com/users/sign_in
这是使用的虚拟主机:
<VirtualHost *:443>
ServerName gitlab.mydomain.com
ServerSignature Off
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.com/privkey.pem
ProxyPreserveHost On
# Ensure that encoded slashes are not decoded but left in their encoded state.
# http://doc.gitlab.com/ce/api/projects.html#get-single-project
AllowEncodedSlashes NoDecode
<Location />
# New authorization commands for apache 2.4 and up
# http://httpd.apache.org/docs/2.4/upgrading.html#access
Require all granted
#Allow forwarding to gitlab-workhorse
ProxyPassReverse https://127.0.0.1:8181
ProxyPassReverse https://gitlab.mydomain.com/
</Location>
# Apache equivalent of nginx try files
# http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
# http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
RewriteEngine on
#Forward all requests to gitlab-workhorse
RewriteRule .* https://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
# needed for downloading attachments
DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
# It is assumed that the log directory is in /var/log/httpd.
# For Debian distributions you might want to change this to
# /var/log/apache2.
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog ${APACHE_LOG_DIR}/gitlab_error.log
CustomLog ${APACHE_LOG_DIR}/gitlab_forwarded.log common_forwarded
CustomLog ${APACHE_LOG_DIR}/gitlab_access.log combined env=!dontlog
CustomLog ${APACHE_LOG_DIR}/gitlab.log combined
</VirtualHost>
我做错了什么?
感谢您的帮助。
最佳答案
gitlab-workhorse doesn't support SSL connections
Workhorse can handle some requests without involving Rails at all: for example, Javascript files and CSS files are served straight from disk.
Workhorse can modify responses sent by Rails: for example if you use send_file in Rails then gitlab-workhorse will open the file on disk and send its contents as the response body to the client.
Workhorse can take over requests after asking permission from Rails. Example: handling git clone.
Workhorse can modify requests before passing them to Rails. Example: when handling a Git LFS upload Workhorse first asks permission from Rails, then it stores the request body in a tempfile, then it sends a modified request containing the tempfile path to Rails.
Workhorse can manage long-lived WebSocket connections for Rails. Example: handling the terminal websocket for environments.
Workhorse does not connect to Postgres, only to Rails and (optionally) Redis.
We assume that all requests that reach Workhorse pass through an upstream proxy such as NGINX or Apache first.
Workhorse does not accept HTTPS connections.
Workhorse does not clean up idle client connections.
We assume that all requests to Rails pass through Workhorse.
关于ssl - 带有apache连接的gitlab被拒绝,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/43475858/