I have a question that I assume is recurring, but I can’t find an answer in the forum search.
We limit push size with Admin → Settings → Account and limit → Maximum push size
But that doesn’t apply to the Web UI, and we have users occasionally erroneously uploading large files that way. Is there a way to limit the size of Web UI uploads?
You can probably edit /etc/gitlab/gitlab.rb and set this value:
# nginx['client_max_body_size'] = '250m'
the default is 250m, so you may wish to reduce that to stop them uploading large files.
Thanks for the suggestion, I’ll test that.
Unfortunately, it looks like nginx[‘client_max_body_size’] would also restrict the API, which we don’t want to do. We’re looking for a fix specific to restricting the size of uploads through the Web UI.
You can limit Web UI upload size by configuring your web server. If you’re using NGINX, update the client_max_body_size setting in your config file. For Apache, you can use LimitRequestBody to restrict file sizes. Unfortunately, GitLab doesn’t have a built-in setting for this, so adjusting your server configuration is the best approach.
@jacoboliverleo, unfortunately nginx[‘client_max_body_size’] also restricts the API, which we don’t want to do – we’re looking for a fix that’s specific to restricting the size of uploads through the Web UI.
The inability to restrict this does appear to be an important config omission.
Perhaps open an issue here so that Gitlab Dev’s can integrate it: Issues · GitLab.org / GitLab · GitLab
Your other option is by using the:
nginx['custom_nginx_config'] = "include /etc/gitlab/my-custom-nginx.conf;"
and within that file, configure location block for /api but with different value for client_max_body_size that is higher than the one already mentioned. You’ll then limit the web interface just as you want, with also having a different value for /api.
@iwalker I’ll try that suggestion, and have posted this issue: Missing config option to limit size of Web UI uploads (#525442) · Issues · GitLab.org / GitLab · GitLab
So using nginx['custom_nginx_config'] will not work, as the location block will be outside of Gitlab’s api “server” block.
However, there is nginx['custom_gitlab_server_config'], see docs on nginx setting
I have tested the following works, when I hard code a project UR. When I try to commit file(s) +5MB I get an error “failed to commit” in the Web UI:
nginx['custom_gitlab_server_config'] = "location ^~ /api/v4/projects/group-one/test-pages/repository/commits {\n client_max_body_size 5M;\n}\n"
Unfortunately when I move to use regex, the limit is not working.
nginx['custom_gitlab_server_config'] = "location ~ ^/api/v\d/projects/.+/repository/commits {\n proxy_cache off;\nproxy_pass http://gitlab-workhorse;\nproxy_intercept_errors off;\nclient_max_body_size 5M;\n}\n"
Reviewing the compiled NGINX file at /var/opt/gitlab/nginx/conf/gitlab-http.conf,
I notice that Gitlab puts these custom rules at the end of the config. Therefore when regex is used, the main /api/v4 route is picked up first (I believe per nginx match ordering).
Yeah, that’s the tricky part , nginx[‘client_max_body_size’] affects both the Web UI and API, so it’s not ideal if you only want to limit UI uploads.
As far as I know, GitLab doesn’t currently support separate limits for just the Web UI. A possible workaround could be a reverse proxy or middleware that filters by route and applies size limits just to upload endpoints. Not perfect, but it gives a bit more control.