如何使用nginx(安装在docker上)反向代理gitlab(也安装在docker上)

gopyfrb3  于 2023-02-07  发布在  Nginx
关注(0)|答案(2)|浏览(255)

我根据官方文档安装了gitlab。

sudo docker run --detach \
  --hostname git.stupidpz.com \
  --publish 8443:443 --publish 880:80 --publish 822:22 \
  --name gitlab \
  --restart always \
  --volume $GITLAB_HOME/config:/etc/gitlab \
  --volume $GITLAB_HOME/logs:/var/log/gitlab \
  --volume $GITLAB_HOME/data:/var/opt/gitlab \
  --shm-size 256m \
  gitlab/gitlab-ee:latest

现在我想使用Nginx(由我自己安装)来反向代理gitlab,而不是gitlab容器附带的nginx。
根据官方文档,我在gitlab.rb中添加了一些代码

# Define the external url
external_url 'http://git.stupidpz.com'

# Disable the built-in nginx
nginx['enable'] = false

# Disable the built-in puma
puma['enable'] = false

# Set the internal API URL
gitlab_rails['internal_api_url'] = 'http://git.stupidpz.com'

# Define the web server process user (ubuntu/nginx)
web_server['external_users'] = ['nginx']

然后gitlab无法访问,我在此文件/var/log/gitblab/gitlab_workhorse/current中发现了一些错误日志

{"correlation_id":"","duration_ms":0,"error":"badgateway: failed to receive response: dial tcp 127.0.0.1:8080: connect: connection refused","level":"error","method":"GET","msg":"","time":"2023-01-25T20:57:21Z","uri":""}
{"correlation_id":"","duration_ms":0,"error":"badgateway: failed to receive response: dial tcp 127.0.0.1:8080: connect: connection refused","level":"error","method":"GET","msg":"","time":"2023-01-25T20:57:31Z","uri":""}
{"correlation_id":"","duration_ms":0,"error":"badgateway: failed to receive response: dial tcp 127.0.0.1:8080: connect: connection refused","level":"error","method":"GET","msg":"","time":"2023-01-25T20:57:41Z","uri":""}
{"correlation_id":"","duration_ms":0,"error":"badgateway: failed to receive response: dial tcp 127.0.0.1:8080: connect: connection refused","level":"error","method":"GET","msg":"","time":"2023-01-25T20:57:51Z","uri":""}

除了在gitlab.rb中添加一些代码外,没有做其他任何事情。
我想知道这个dial tcp 127.0.0.1:8080是从哪里来的?
我希望你能帮助我,或者给予我一个正确的演示。非常感谢。这个问题已经困扰了我两天了

z2acfund

z2acfund1#

现在我明白了为什么我不能让它工作了,我混淆了使用现有的乘客/NGINX安装使用非捆绑的Web服务器如果你只需要使用你自己的nginx来代理gitlab(它们都安装在docker上),你只需要添加两行到gitlab.rb

# Disable the built-in nginx
nginx['enable'] = false
# Define the web server process user (ubuntu/nginx)
web_server['external_users'] = ['nginx']

这是nginx的会议

upstream gitlab-workhorse {
  server unix://var/opt/gitlab/gitlab-workhorse/sockets/socket fail_timeout=0;
}

server {
  listen *:80;
  server_name git.example.com;
  server_tokens off;
  root /opt/gitlab/embedded/service/gitlab-rails/public;

  client_max_body_size 250m;

  access_log  /var/log/gitlab/nginx/gitlab_access.log;
  error_log   /var/log/gitlab/nginx/gitlab_error.log;

  # Ensure Passenger uses the bundled Ruby version
  passenger_ruby /opt/gitlab/embedded/bin/ruby;

  # Correct the $PATH variable to included packaged executables
  passenger_env_var PATH "/opt/gitlab/bin:/opt/gitlab/embedded/bin:/usr/local/bin:/usr/bin:/bin";

  # Make sure Passenger runs as the correct user and group to
  # prevent permission issues
  passenger_user git;
  passenger_group git;

  # Enable Passenger & keep at least one instance running at all times
  passenger_enabled on;
  passenger_min_instances 1;

  location ~ ^/[\w\.-]+/[\w\.-]+/(info/refs|git-upload-pack|git-receive-pack)$ {
    # 'Error' 418 is a hack to re-use the @gitlab-workhorse block
    error_page 418 = @gitlab-workhorse;
    return 418;
  }

  location ~ ^/[\w\.-]+/[\w\.-]+/repository/archive {
    # 'Error' 418 is a hack to re-use the @gitlab-workhorse block
    error_page 418 = @gitlab-workhorse;
    return 418;
  }

  location ~ ^/api/v3/projects/.*/repository/archive {
    # 'Error' 418 is a hack to re-use the @gitlab-workhorse block
    error_page 418 = @gitlab-workhorse;
    return 418;
  }

  # Build artifacts should be submitted to this location
  location ~ ^/[\w\.-]+/[\w\.-]+/builds/download {
      client_max_body_size 0;
      # 'Error' 418 is a hack to re-use the @gitlab-workhorse block
      error_page 418 = @gitlab-workhorse;
      return 418;
  }

  # Build artifacts should be submitted to this location
  location ~ /ci/api/v1/builds/[0-9]+/artifacts {
      client_max_body_size 0;
      # 'Error' 418 is a hack to re-use the @gitlab-workhorse block
      error_page 418 = @gitlab-workhorse;
      return 418;
  }

  # Build artifacts should be submitted to this location
  location ~ /api/v4/jobs/[0-9]+/artifacts {
      client_max_body_size 0;
      # 'Error' 418 is a hack to re-use the @gitlab-workhorse block
      error_page 418 = @gitlab-workhorse;
      return 418;
  }

  # For protocol upgrades from HTTP/1.0 to HTTP/1.1 we need to provide Host header if its missing
  if ($http_host = "") {
  # use one of values defined in server_name
    set $http_host_with_default "git.example.com";
  }

  if ($http_host != "") {
    set $http_host_with_default $http_host;
  }

  location @gitlab-workhorse {

    ## https://github.com/gitlabhq/gitlabhq/issues/694
    ## Some requests take more than 30 seconds.
    proxy_read_timeout      3600;
    proxy_connect_timeout   300;
    proxy_redirect          off;

    # Do not buffer Git HTTP responses
    proxy_buffering off;

    proxy_set_header    Host                $http_host_with_default;
    proxy_set_header    X-Real-IP           $remote_addr;
    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
    proxy_set_header    X-Forwarded-Proto   $scheme;

    proxy_pass http://gitlab-workhorse;

    ## The following settings only work with NGINX 1.7.11 or newer
    #
    ## Pass chunked request bodies to gitlab-workhorse as-is
    # proxy_request_buffering off;
    # proxy_http_version 1.1;
  }

  ## Enable gzip compression as per rails guide:
  ## http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression
  ## WARNING: If you are using relative urls remove the block below
  ## See config/application.rb under "Relative url support" for the list of
  ## other files that need to be changed for relative url support
  location ~ ^/(assets)/ {
    root /opt/gitlab/embedded/service/gitlab-rails/public;
    gzip_static on; # to serve pre-gzipped version
    expires max;
    add_header Cache-Control public;
  }

  ## To access Grafana
  location /-/grafana/ {
    proxy_pass http://localhost:3000/;
  }

  error_page 502 /502.html;
}

最后但并非最不重要的是,您需要向nginx的容器添加另一个bash,

-v /var/opt/gitlab:/var/opt/gitlab

这会让你的nginx容器连接到gitlab容器,否则你会得到“找不到var/opt/gitlab/gitlab-workhorse/sockets/socket”的提示。

5jdjgkvh

5jdjgkvh2#

看起来你正在远程主机上安装一个GitLab示例作为自定义git服务器。有3个部分必须工作。

  1. DNS设置、远程主机端口和防火墙设置。
    1.在远程主机上安装GitLab。
    1.有效的SSL证书和正确的HTTPS nginx配置。
    第一步实际上取决于您的虚拟机和容器的设置,但本质上,要确保它(VM或容器)具有响应请求的公共端口。
    这些变量必须在远程主机的环境中按原样设置
    --卷$GITLAB_HOME/配置:/etc/gitlab
    --卷$GITLAB_HOME/日志:/变量/日志/gitlab
    --卷$GITLAB_HOME/数据:/var/选项/gitlab
    上面的URL包含了所有的GitLab安装步骤,一旦你登录并验证它安装正确,并在远程主机上按预期运行。
    然后,安装并配置nginx。由于GitLab可能会传输凭据和其他安全数据,因此您需要setup https on nginx
    一个Nginx配置的例子可以在here中找到,还有一个Mozilla的工具可以使构建一个自定义的nginx配置更容易,可以找到here
    你显示的错误有这个URL“127.0.0.1:8080”。很可能你已经提供了这个URL到gitlab.rb配置的某个地方,这可能是一个错误。但是没有整个配置文件,我不能确定。
    此外,GitLab映像可能需要运行自己的nginx示例,这样当启动该容器时,它就可以作为一个git服务器来工作。要反向代理这个GitLab示例,你可能需要在你的主机上安装nginx,并将其指向GitLab Image的nginx。
    您可以通过在Gitlab Image的nginx配置中添加一个新的server {}块来删除第二个nginx示例。

相关问题