Gitlab is listenning on all unassigned https subdomains (using a non-bundled nginx-server)

Hi, everyone.

I’ve been busy for some days with the problem that all my unassigned(!) https subdomains forward to gitlab. I use my own nginx webserver where I have set up an extra route for gitlab.

The sites-enabled config file looks like this:

upstream gitlab-workhorse {
server unix:/var/opt/gitlab/gitlab-workhorse/socket fail_timeout=0;

server {
listen 443 ssl;
listen [::]:443 ssl;
server_name gitlab.mydomain.tld;
server_tokens off;
root /opt/gitlab/embedded/service/gitlab-rails/public;

ssl on;
ssl_certificate /etc/gitlab/ssl/gitlab.mydomain.tld.crt;
ssl_certificate_key /etc/gitlab/ssl/gitlab.mydomain.tld.key;

  # GitLab needs backwards compatible ciphers to retain compatibility with Java IDEs
  ssl_ciphers "xxx";
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers on;
  ssl_session_cache shared:SSL:10m;
  ssl_session_timeout 5m;

access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;

location / {
client_max_body_size 0;
gzip off;

## Some requests take more than 30 seconds.
proxy_read_timeout      300;
proxy_connect_timeout   300;
proxy_redirect          off;

proxy_http_version 1.1;
proxy_set_header    Host                $http_host;
proxy_set_header    X-Real-IP           $remote_addr;
proxy_set_header    X-Forwarded-Ssl     on;
proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
proxy_set_header    X-Forwarded-Proto   $scheme;
proxy_pass http://gitlab-workhorse;


server {
listen 80;
listen [::]:80 ipv6only=on;
server_name gitlab.mydomain.tld;
server_tokens off;
return 301 https://$http_host$request_uri;
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;

I also disabled nginx in the gitlab.rb file.

nginx[‘enable’] = false

I am grateful for any help.