Apache2 ProxyPass for Rails App Gitlab
https://stackoverflow.com/questions/10954516
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am attempting to setup a proxy with Apache2 so that incoming requests to http://myipaddress.com go to http://localhost:3000/ where I have Gitlab ( a rails app ) running. The following is what I have in my Apache configuration file on Ubuntu 10.04. I can successfully access the gitlab default page initially, but any subsequent requests performed by me by clicking on other pages after that go to a 404 NOT FOUND page. I can manually enter /gitlab/ in front of any of these failed redirects and they work just fine. How can I make this work without having to rewrite /gitlab/ after each redirect request after the initial request?
## Setup a proxy which listens on the port that gitlabh does ( from start_server.sh )
ProxyRequests Off
ProxyPass /gitlab/ http://localhost:3000/
ProxyPassReverse /gitlab/ http://localhost:3000/
#DocumentRoot /home/gitlabhq/gitlabhq/public
<Proxy http://localhost:3000/>
Order deny,allow
Allow from all
</Proxy>
I understand that I could have the code below , which would solve my problem. But I don't know how to modify the prefix of the gitlab rails service. I'd really appreciate some help!
ProxyPass /gitlab/ http://localhost:3000/gitlab/
ProxyPassReverse /gitlab/ http://localhost:3000/gitlab/
UPDATE:
Thanks to Friek's comment I've come very close to solving this. Below is part of my http.conf file. The only problem is when I hit the home button or the logo on the gitlab app it attempts to redirect to gitlab/ which gives me the basic index.html file from Apache2 saying 'it works!'. How can I configure this to allow me to simply got /gitlab and it takes me to the root home view of gitlab?? Thanks!
## For Gitlab using Apache2 Passenger
## Install on Ubuntu by:
## sudo gem install passenger && sudo passenger-install-apache2-module
## but only after running the install_and_configure_git.py script
## and creating a soft link to the rails gitlab /public directory like so:
## sudo ln -s /home/gitlabhq/gitlabhq/public /var/www/gitlab
LoadModule passenger_module /usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13/ext/apache2/mod_passenger.so
PassengerRoot /usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.13
PassengerRuby /usr/local/bin/ruby
<VirtualHost *:80>
ServerName gitlab
## Set the overall Document Root
DocumentRoot /var/www
<Directory /var/www>
Allow from all
</Directory>
## Set the Rails Base URI
RackBaseURI /gitlab
RailsBaseURI /gitlab
<Directory /var/www/gitlab>
Allow from all
Options -MultiViews
</Directory>
</VirtualHost>
Solution
I came across this gist that worked for me. In case it ever goes dead, I'll repost it.
unicorn config file
Edit file /home/gitlab/gitlab/config/unicorn.rb
Find line listen "#{app_dir}/tmp/sockets/gitlab.socket" and comment it. Uncomment line listen "127.0.0.1:8080"
required modules for apache
- sudo a2enmod proxy
- sudo a2enmod proxy_balancer
- sudo a2enmod proxy_http
- sudo a2enmod rewrite
/home/gitlab/gitlab/config/gitlab.conf
<VirtualHost *:80>
ServerName git.domain.com
# Point this to your public folder of teambox
DocumentRoot /home/gitlab/gitlab
RewriteEngine On
<Proxy balancer://unicornservers>
BalancerMember http://127.0.0.1:8080
</Proxy>
# Redirect all non-static requests to thin
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://unicornservers%{REQUEST_URI} [P,QSA,L]
ProxyPass / balancer://unicornservers/
ProxyPassReverse / balancer://unicornservers/
ProxyPreserveHost on
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
# Custom log file locations
ErrorLog /var/log/apache2/gitlab_error.log
CustomLog /var/log/apache2/gitlab_access.log combined
</VirtualHost>
OTHER TIPS
<VirtualHost *:80>
ServerName gitlab
## Set the overall Document Root
DocumentRoot /var/www
<Directory /var/www>
Allow from all
</Directory>
## Set the Rails Base URI
RackBaseURI /gitlab
RailsBaseURI /gitlab
<Directory /var/www/gitlab>
Allow from all
Options -MultiViews
</Directory>
</VirtualHost>
These settings in your httpd.conf or your sites config file should do., Please remove the reverse proxy settings if you have any and try, it will work.,
if you have below lines along with above config, please remove the below lines,
ProxyPass /gitlab/ http://localhost:3000/gitlab/
ProxyPassReverse /gitlab/ http://localhost:3000/gitlab/
Proxy on
Restart your webserver
service apache2 restart
This is in case someone new comes across this issue.
This helped me, notice the ProxyPassReverse lines. My full issue and resolution is at https://stackoverflow.com/a/22390543/3112527 .
<IfModule mod_ssl.c>
<VirtualHost *:443>
Servername gitlab.my_domain.com
ServerAdmin my_admin@my_domain.com
SSLCertificateFile /etc/apache2/ssl.crt/gitlab_my_domain.crt
SSLCertificateKeyFile /etc/apache2/ssl.crt/gitlab_my_domain_private.key
SSLCACertificateFile /etc/apache2/ssl.crt/gitlab.ca-bundle
##### All the other Apache SSL setup skipped here for StackOverflow ####
ProxyPreserveHost On
<Location />
# New authorization commands for apache 2.4 and up
# http://httpd.apache.org/docs/2.4/upgrading.html#access
Require all granted
# For relative URL root "host:your_gitlab_port/relative_root"
#ProxyPassReverse http://127.0.0.1:8085/gitlab
#ProxyPassReverse https://gitlab.my_domain.com/gitlab
# For non-relative URL root
ProxyPassReverse http://127.0.0.1:8085
ProxyPassReverse https://gitlab.my_domain.com/
</Location>
# apache equivalent of nginx try files
# http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
# https://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA]
RequestHeader set X_FORWARDED_PROTO 'https'
# needed for downloading attachments
DocumentRoot /home/git/gitlab/public
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/apache2/gitlab-ssl_error.log
CustomLog /var/log/apache2/gitlab-ssl_forwarded.log common_forwarded
CustomLog /var/log/apache2/gitlab-ssl_access.log combined env=!dontlog
CustomLog /var/log/apache2/gitlab-ssl.log combined
</VirtualHost>
</IfModule>
(from https://github.com/gitlabhq/gitlab-recipes/blob/master/web-server/apache/gitlab-ssl-apache2.4.conf)
I ended up here while Googling for errors I encountered while setting up Rails + unicorn using Apache (on port 80) to proxy to unicorn (on port 3000). In case it's of use to anyone else, here's my config:
<VirtualHost example.com:80>
ServerAdmin webmaster@example.com
ServerName example.com
ServerAlias www.example.com
ProxyPreserveHost On
<Location />
Require all granted
ProxyPassReverse http://example.com:3000
</Location>
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .* http://example.com:3000%{REQUEST_URI} [P,QSA]
DocumentRoot /home/user/rails-dir/public
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
LogLevel warn
ErrorLog /home/user/rails-dir/log/apache-error.log
CustomLog /home/user/rails-dir/log/apache-access.log combined
</VirtualHost>
This question also troubles me quite a long time. It's fixed now.
The most helpful resource is from the Gitlab official document about using-a-non-bundled-web-server.
They also provide full workable recipe.
If you are using Apache version 2.4 or above, please use files gitlab-apache24.conf or gitlab-ssl-apache24.conf for the HTTP and HTTPS versions of the vhost repectively.
If you are using Apache version 2.2, please use files gitlab-apache22.conf or gitlab-ssl-apache22.conf for the HTTP and HTTPS versions of the vhost repectively.
The problem now simple to
Make sure you pick the right configuration file depending whether you choose to serve GitLab with SSL or not. The only thing you need to change is
YOUR_SERVER_FQDNwith your own FQDN and if you use SSL, the location where your SSL keys currently reside. You also might need to change the location of your log files.
to make sure the Apache2 version, use apache2 -version
If use HTTPS version, you may need to make sure your cert file is deployed correctly e.g. the files are placed consistent with recipe file specified.
