gitlabce niginx配置
时间: 2024-06-13 20:05:45 浏览: 7
为了配置GitLab CE的Nginx,您需要遵循以下步骤:
1. 停止GitLab CE和Nginx:
```shell
sudo gitlab-ctl stop
sudo service nginx stop
```
2. 配置GitLab CE使用系统自带的Nginx:
```shell
sudo vi /etc/gitlab/gitlab.rb
```
找到以下行并将其取消注释:
```ruby
nginx['enable'] = false
web_server['external_users'] = ['nginx']
```
然后将以下行添加到文件的末尾:
```ruby
nginx['enable'] = true
nginx['client_max_body_size'] = '250m'
nginx['redirect_http_to_https'] = true
nginx['redirect_http_to_https_port'] = 80
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.example.com.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.example.com.key"
nginx['ssl_ciphers'] = "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK"
nginx['ssl_protocols'] = "TLSv1.2 TLSv1.3"
nginx['ssl_prefer_server_ciphers'] = "on"
nginx['ssl_session_cache'] = "builtin:1000 shared:SSL:10m"
nginx['ssl_session_timeout'] = "5m"
nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem"
nginx['listen_addresses'] = ['0.0.0.0']
nginx['listen_port'] = 80
nginx['listen_https'] = false
nginx['proxy_set_headers'] = {
"X-Forwarded-Proto" => "https",
"X-Forwarded-Ssl" => "on"
}
nginx['real_ip_trusted_addresses'] = ['192.168.1.0/24']
nginx['real_ip_header'] = 'X-Real-IP'
nginx['real_ip_recursive'] = 'on'
```
注意:请将上述配置中的“gitlab.example.com”替换为您的GitLab域名。
3. 重新配置GitLab CE:
```shell
sudo gitlab-ctl reconfigure
```
4. 启动GitLab CE和Nginx:
```shell
sudo gitlab-ctl start
sudo service nginx start
```