Hii, I have just setup gitlab self hosted on a baremetal server using docker container. I am also using Nginx as a reverse proxy. I am sharing my docker-compose and nginx file (please see the images named gitlab-1 and gitlab-2)
This setup was working fine, in the DNS Only mode of cloudflare, with lets encrypt certificate. I was able to clone both with HTTPS and SSH
- git clone **git clone ssh://git@gitlab.example.com:2224/pcompany/netflix/myproject1.git
But after I enabled the cloudflare proxy with cloudflare certs and full end to end encryption. I could not clone. Everything is working fine, but I cannot clone
I cannot clone with this ::
git clone ssh://git@gitlab.example.com:2224/pcompany/myproject1.git (after cloudflare proxy is enabled - i cannot clone like this - earlier i can)
It keeps blinking for a long time and then gives the error.
Cloning into ‘myproject1’…
ssh: connect to host gitlab.webelight.co.in port 2224: Network is unreachable
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
However, I can easily clone when i use IP instead of domain
git clone ssh://git@xx.xx.xx.xx:2224/pcompany/myproject1.git (again, i can clone with IP even after the Cloudflare proxy is enabled)
Why is this happening. And I know that this is happening after I enabled cloudflare proxy.
Please suggest me a workaround for this
Few things to note:
1- we are using cloudflare free plan
2- We want to use the proxy mode
I am using gitlab.example.com because I cant show real domain
4- can we use another domain for ssh with proxy enabled, and try to proxy request to 2224 port somehow, does gitlab support it
One solution that i found is: SSH over HTTPS
I am sharing new docker compose (check gitlab-3 image)
My idea here is - to clone using
git clone ssh://git@xx.xx.xx.xx:443/pcompany/myproject1.git
and then nginx will listen to the request, and somehow proxy pass to port 2224
Is this correct? if not then what can I do