diff options
Diffstat (limited to 'lib/support/nginx/gitlab-ssl')
-rw-r--r-- | lib/support/nginx/gitlab-ssl | 53 |
1 files changed, 30 insertions, 23 deletions
diff --git a/lib/support/nginx/gitlab-ssl b/lib/support/nginx/gitlab-ssl index 314525518f1..7dabfba87e2 100644 --- a/lib/support/nginx/gitlab-ssl +++ b/lib/support/nginx/gitlab-ssl @@ -42,10 +42,9 @@ upstream gitlab { server unix:/home/git/gitlab/tmp/sockets/gitlab.socket fail_timeout=0; } -## Experimental: gitlab-git-http-server -# upstream gitlab-git-http-server { -# server localhost:8181; -# } +upstream gitlab-git-http-server { + server unix:/home/git/gitlab/tmp/sockets/gitlab-git-http-server.socket fail_timeout=0; +} ## Redirects all HTTP traffic to the HTTPS host server { @@ -161,25 +160,33 @@ server { proxy_pass http://gitlab; } - ## Experimental: send Git HTTP traffic to gitlab-git-http-server instead of Unicorn - # location ~ [-\/\w\.]+\.git\/ { - # ## If you use HTTPS make sure you disable gzip compression - # ## to be safe against BREACH attack. - # gzip off; - - # ## https://github.com/gitlabhq/gitlabhq/issues/694 - # ## Some requests take more than 30 seconds. - # proxy_read_timeout 300; - # proxy_connect_timeout 300; - # proxy_redirect off; - - # proxy_set_header Host $http_host; - # proxy_set_header X-Real-IP $remote_addr; - # proxy_set_header X-Forwarded-Ssl on; - # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # proxy_set_header X-Forwarded-Proto $scheme; - # proxy_pass http://gitlab-git-http-server; - # } + location ~ [-\/\w\.]+\.git\/ { + ## If you use HTTPS make sure you disable gzip compression + ## to be safe against BREACH attack. + gzip off; + + ## https://github.com/gitlabhq/gitlabhq/issues/694 + ## Some requests take more than 30 seconds. + proxy_read_timeout 300; + proxy_connect_timeout 300; + proxy_redirect off; + + # Do not buffer Git HTTP responses + proxy_buffering off; + + # The following settings only work with NGINX 1.7.11 or newer + # + # # Pass chunked request bodies to gitlab-git-http-server as-is + # proxy_request_buffering off; + # proxy_http_version 1.1; + + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Ssl on; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://gitlab-git-http-server; + } ## Enable gzip compression as per rails guide: ## http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression |