I have Gitlab CE installed and working fine on Ubuntu 14.04:
# apt-cache policy gitlab-ce | head
gitlab-ce:
Installed: 8.4.1-ce.0
Candidate: 8.4.1-ce.0
Version table:
*** 8.4.1-ce.0 0
500 https://packages.gitlab.com/gitlab/gitlab-ce/ubuntu/ trusty/main amd64 Packages
100 /var/lib/dpkg/status
8.4.0-ce.0 0
500 https://packages.gitlab.com/gitlab/gitlab-ce/ubuntu/ trusty/main amd64 Packages
8.3.4-ce.0 0
There’s a captive portal/transparent proxy that restricts internet access (not controlled by us), as well as a normal proxy server (using the other as a parent proxy, controlled by us). The normal proxy server has been configured to allow unauthenticated access from the Gitlab server’s IP. In /etc/gitlab/gitlab.rb, I have:
gitlab_rails['env'] = {
"http_proxy" => "http://proxy.fqdn:80",
"https_proxy" => "http://proxy.fqdn:80",
"HTTP_PROXY" => "http://proxy.fqdn:80",
"HTTPS_PROXY" => "http://proxy.fqdn:80"
}
(Yes, the proxy server listens on port 80, and I have run gitlab-ctl reconfigure several times.)
Yet, when I try to enable Github OAuth, it fails with a 500 internal Server Error. /var/log/gitlab/gitlab-rails/production.log at the time showed:
Started GET "/import/github/callback?code=[FILTERED]" for 127.0.0.1 at 2016-01-27 01:21:04 +0530
Processing by Import::GithubController#callback as HTML
Parameters: {"code"=>"[FILTERED]"}
Completed 500 Internal Server Error in 104ms (ActiveRecord: 3.7ms)
Faraday::SSLError (SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol):
lib/gitlab/github_import/client.rb:27:in `get_token'
app/controllers/import/github_controller.rb:8:in `callback'
I strongly suspect Gitlab ignored the proxy and went for a direct connection, and the attempt by the captive portal to intercept the HTTPS connection caused this.
Did I configure it wrong? How do I debug this?
apt-get, using the same proxy in /etc/apt/apt.conf, works fine.