Using gitlab behind Apache proxy all generated urls are wrong
Solution 1:
As per the documentation at Gitlab's github:
# Copy the example GitLab config
sudo -u git -H cp config/gitlab.yml.example config/gitlab.yml
# Make sure to change "localhost" to the fully-qualified domain name of your
# host serving GitLab where necessary
Make sure also that Apache is sending the appropriate proxy headers.
In this case the nginx configuration is irrelevant since you're using Apache to proxy. Simply remove it or turn it off.
Solution 2:
I'm quite sad no one has a clear answer for this it's cobbled between numerous other posts and some crafty conf editing. I've put it all in one place here for you folks, to save you the two hours I just wasted.
My setup is I have apache which hosts numerous sites and hosts HTTPS, which I configured as a reverse proxy pointing to gitlab. So I want my URL's that gitlab generates in the emails to point to apache's secure url. So to do this...
1: Edit your gitlab.rb file...
On CentOS 7 it's at /opt/gitlab/embedded/cookbooks/gitlab/libraries/gitlab.rb
and change the line...
external_url nil
to
external_url "http://<yoururl>:81"
2: Run gitlab-ctl reconfigure
Your nginx will now host on port 81, BUT your URLs that are emailed will look like "http://:81" and not your secure apache proxy. So to do this...
3: Edit the generated rails config file for gitlab
On CentOS 7 this is located at /var/opt/gitlab/gitlab-rails/etc/gitlab.yml
and change the line...
## Web server settings (note: host is the FQDN, do not include http://)
host: <yoururl>
port: 81
https: false
to
## Web server settings (note: host is the FQDN, do not include http://)
host: <yoururl>
port: 443
https: true
4: Restart gitlab with gitlab-ctl restart
Then just make sure nginx starts properly, if you need to, gitlab-ctl tail nginx and see what errors it spits out.
WARNING: If you run gitlab-ctl reconfigure again, you will need to make this edit again. I have searched high and low, and found no way to do this in a way that reconfigure deals with it nicely. It's a feature request someone can ask gitlab to add, should be pretty minor. An optional variable "actual_url" that when set is used for any generated URLs.
5: Profit! :)
Solution 3:
I finally followed this documentation which consists of disabling nginx and let your apache installation proxy gitlab, which makes more sense to me and anyways I had issues with some assets still loading from :8081 when trying to proxy through nginx proxy
http://ryansechrest.com/2015/08/use-apache-instead-of-built-in-nginx-in-gitlab-ce/
vi /etc/gitlab/gitlab.rb
Set your external URL
external_url 'http://mygitlab.web.site/'
Change www user and group
web_server['username'] = 'www-data'
web_server['group'] = 'www-data'
Disable nginx
nginx['enable'] = false
Set port for git server (at the end of file)
gitlab_git_http_server['listen_network'] = "tcp"
gitlab_git_http_server['listen_addr'] = "localhost:8282"
Reconfigure gitlab
gitlab-ctl reconfigure
Change your virtualhost configuration
<VirtualHost *:80>
ServerName git.domain.com
DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
ProxyPreserveHost On
AllowEncodedSlashes Off
<Location />
Order deny,allow
Allow from all
ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse http://git.domain.com/
</Location>
RewriteEngine on
#Don't escape encoded characters in api requests
RewriteCond %{REQUEST_URI} ^/api/v3/.*
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA,NE]
#Forward all requests to gitlab-workhorse except existing files like error documents
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} ^/uploads/.*
RewriteRule .* http://127.0.0.1:8282%{REQUEST_URI} [P,QSA]
</VirtualHost>
Restarts gitlab
gitlab-ctl restart