Hi, I have a problem that I can’t solve
I have a fully working gitlab in docker deployment:
services:
gitlab:
image: gitlab/gitlab-ce:16.8.1-ce.0
container_name: gitlab
restart: on-failure
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://gitlab.test'
puma['worker_processes'] = 2
sidekiq['max_concurrency'] = 8
# Add any other gitlab.rb configuration here, each on its own line
ports:
- "80:80"
- "443:443"
- "5050:5050"
- "22:22"
volumes:
- ./gitlab-config:/etc/gitlab
- ./gitlab-logs:/var/log/gitlab
- ./gitlab-data:/var/opt/gitlab
shm_size: "256m"
gitlab-runner:
image: gitlab/gitlab-runner:v16.8.0
container_name: gitlab-runner
restart: on-failure
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./gitlab-runner-config:/etc/gitlab-runner
shm_size: "256m"
Now I want to use an additional proxy and that’s where the problems start…
I change gitlab settings and port forwarding in docker:
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://gitlab.test'
nginx['listen_https'] = false
puma['worker_processes'] = 2
sidekiq['max_concurrency'] = 8
# Add any other gitlab.rb configuration here, each on its own line
ports:
- "8001:80"
# - "443:443"
- "50501:5050"
- "22:22"
Now I’m setting up external nginx server:
http {
# some default settings
map $http_upgrade $connection_upgrade {
default upgrade;
'' '';
}
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
server {
listen 80;
listen 443 ssl http2;
server_name gitlab.test;
ssl_certificate /etc/nginx/ssl/crt.crt;
ssl_certificate_key /etc/nginx/ssl/key.key;
if ($https != "on") {
return 301 https://$server_name$request_uri;
}
location / {
proxy_pass http://127.0.0.1:8001;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 5050 ssl http2;
server_name gitlab.test;
ssl_certificate /etc/nginx/ssl/crt.crt;
ssl_certificate_key /etc/nginx/ssl/key.key;
if ($https != "on") {
return 301 https://$server_name$request_uri;
}
location / {
proxy_pass http://127.0.0.1:50501;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}
And all that is now on the browser is 502 bad gateway.
I tried making request directly from console:
curl -v http://127.0.0.1:8001
* Trying 127.0.0.1:8001...
* Connected to 127.0.0.1 (127.0.0.1) port 8001 (#0)
> GET / HTTP/1.1
> Host: 127.0.0.1:8001
> User-Agent: curl/7.76.1
> Accept: */*
>
* Recv failure: Connection reset by peer
* Closing connection 0
curl: (56) Recv failure: Connection reset by peer
Why gitlab resetting connection on its own 80 port?