Hello,
I have been working on this on and off for the past week. I have a Docker container running GitLab on my home network using docker compose. I run a few services on my home network, so I was trying to put it behind an Nginx reverse proxy. The issue I think I am running into is that I don’t have a DNS route or Domain name for the gitlab instance. I only have its IP address and it the port number I can reference it by.
I keep getting “502 Bad Gateway” errors when Nginx tries to pass the connection. Here is the error log from my Nginx Error log.
2019/05/05 14:23:52 [error] 19172#0: *2238 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 67.23.232.183, server: git.domain.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://192.168.11.110:9080/favicon.ico", host: "git.domain.com", referrer: "http://git.domain.com/"
This is my Nginx confiuration.
server {
listen 0.0.0.0:80;
listen [::]:80 ipv6only=on;
server_name git.domain.com; ## Replace this with something like gitlab.example.com
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://192.168.11.110:9080;
}
}
server {
listen 0.0.0.0:443 ssl;
listen [::]:443 ipv6only=on ssl default_server;
server_name git.domain.com; ## Replace this with something like gitlab.example.com
server_tokens off; ## Don't show the nginx version number, a security best practice
root /opt/gitlab/embedded/service/gitlab-rails/public;
ssl on;
ssl_certificate /etc/nginx/ssl/gitlab.crt;
ssl_certificate_key /etc/nginx/ssl/gitlab.key;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:
AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
client_max_body_size 0;
gzip off;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://192.168.11.110:9080;
}
}
And this is my Docker compose file.
web:
image: 'gitlab/gitlab-ce:latest'
restart: always
hostname: 'git.domain.com'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://192.168.11.110:9080'
gitlab_rails['gitlab_shell_ssh_port'] = 2224
letsencrypt['enabled'] = false
nginx['enable'] = true
nginx['redirect_http_to_https'] = false
# Reverse proxy nginx config
ports:
- '9080:80'
- '2224:22'
volumes:
- '/var/lib/gitlab/config:/etc/gitlab'
- '/var/lib/gitlab/logs:/var/log/gitlab'
- '/var/lib/gitlab/data:/var/opt/gitlab'
Can anyone please look this over and let me know if I am missing anything. If you guys/girls need any more information pelase let me know and I do my best to get it for you.
Many thanks,