I installed gitlab with the offical Docker container:
docker run -d -p 8002:80 -v /mnt/gitlab/etc/gitlab:/etc/gitlab -v /mnt/gitlab/var/opt/gitlab:/var/opt/gitlab -v /mnt/gitlab/var/log/gitlab:/var/log/gitlab gitlab/gitlab-ce
I'm using nginx as reverse proxy:
upstream gitlab {
server localhost:8002;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
keepalive_timeout 70;
ssl_certificate /etc/letsencrypt/live/git.cedware.com/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/git.cedware.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name git.cedware.com;
client_max_body_size 300M;
location / {
proxy_http_version 1.1;
proxy_pass http://localhost:8002/;
proxy_set_header Host $host;
proxy_set_header X-Forwared-Ssl off;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
This all works totally fine, until I add this line to the gitlab.rb
external_url 'https://git.cedware.com';
After restarting the container, nginx can't reach gitlab. Can someone tell me what's wrong with my setup?
Edit:
This is the output of curl -v https://git.cedware.com
:
* Rebuilt URL to: https://git.cedware.com/
* Trying 37.120.177.116...
* Connected to git.cedware.com (37.120.177.116) port 443 (#0)
* found 175 certificates in /etc/ssl/certs/ca-certificates.crt
* found 700 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384
* server certificate verification OK
* server certificate status verification SKIPPED
* common name: git.cedware.com (matched)
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #3
* subject: CN=git.cedware.com
* start date: Wed, 04 Jan 2017 16:58:00 GMT
* expire date: Tue, 04 Apr 2017 16:58:00 GMT
* issuer: C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3
* compression: NULL
* ALPN, server accepted to use http/1.1
> GET / HTTP/1.1
> Host: git.cedware.com
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 502 Bad Gateway
< Server: nginx/1.10.0 (Ubuntu)
< Date: Thu, 05 Jan 2017 08:45:52 GMT
< Content-Type: text/html
< Content-Length: 182
< Connection: keep-alive
<
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.10.0 (Ubuntu)</center>
</body>
</html>
* Connection #0 to host git.cedware.com left intact
And this is the content of the nginx error.log:
> 2017/01/05 09:47:43 [error] 26258#26258: *1 recv() failed (104:
> Connection reset by peer) while reading response header from upstream,
> client: 217.7.247.238, server: git.cedware.com, request: "GET /
> HTTP/1.1", upstream: "http://127.0.0.1:8002/", host: "git.cedware.com"
> 2017/01/05 09:47:43 [error] 26258#26258: *1 recv() failed (104:
> Connection reset by peer) while reading response header from upstream,
> client: 217.7.247.238, server: git.cedware.com, request: "GET /
> HTTP/1.1", upstream: "http://[::1]:8002/", host: "git.cedware.com"
> 2017/01/05 09:47:43 [error] 26258#26258: *1 no live upstreams while
> connecting to upstream, client: 217.7.247.238, server:
> git.cedware.com, request: "GET /favicon.ico HTTP/1.1", upstream:
> "http://localhost/favicon.ico", host: "git.cedware.com", referrer:
> "https://git.cedware.com/"
As per the nginx
error shown in the log the upstream is not responding. This is not a nginx
error.
Most likely your container is either down or stuck in a restart loop.
Use docker ps
to see the container status. Then use docker logs <containername>
to see any errors it generates.
It is possible that gitlab doesn't like your gitlab.rb
modification. The log should tell you more.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With