{"id":18557,"date":"2024-11-19T20:01:10","date_gmt":"2024-11-19T12:01:10","guid":{"rendered":"https:\/\/fwq.ai\/blog\/?p=18557"},"modified":"2024-11-19T20:01:10","modified_gmt":"2024-11-19T12:01:10","slug":"gitlab%e5%a6%82%e4%bd%95%e4%bd%bf%e7%94%a8%e9%bb%98%e8%ae%a4%e7%9a%84nginx","status":"publish","type":"post","link":"https:\/\/fwq.ai\/blog\/18557\/","title":{"rendered":"Gitlab\u5982\u4f55\u4f7f\u7528\u9ed8\u8ba4\u7684nginx"},"content":{"rendered":"

Gitlab\u5b89\u88c5\u7684OM\u7248\uff0c\u9ed8\u8ba4\u4f1a\u5b89\u88c5nginx\uff0c\u5e76\u5728 gitlab-ctl start \u4e2d\u4f1a\u9ed8\u8ba4\u542f\u52a8 nginx\u3002\u4f46\u5982\u679c\u60f3\u7528\u81ea\u5e26\u7684nginx\u8bbe\u7f6e\uff0c\u53ef\u4ee5\u53c2\u8003\u672c\u6587\u8fdb\u884c\u8bbe\u7f6e\u3002<\/p>\n

 <\/p>\n

Gitlab\u9ed8\u8ba4\u5b89\u88c5\u7684nginx\u7684\u76ee\u5f55<\/strong><\/p>\n

\/var\/opt\/gitlab\/nginx<\/pre>\n
Tips 1\uff1a<\/strong>\u5728\/var\/opt\/gitlab\u76ee\u5f55\u4e0b\uff0c\u9664\u4e86nginx \u8fd8\u6709\u5176\u5b83\u4e00\u4e9b\u4f9d\u8d56\u670d\u52a1\u3002<\/p>\n
Tips 2\uff1a<\/strong>unicorn\u662fruby\u7684http server\uff0cnginx\u53ea\u662f\u53cd\u5411\u4ee3\u7406\u3002\u8fd9\u4e2a\u662f\u7075\u9b42\uff0c\u628a\u63e1\u4e86\u8fd9\u4e2a\u539f\u5219\u66f4\u6539\u6210\u81ea\u5e26\u7684nginx\u5c31\u624b\u5230\u64d2\u6765\u4e86\u3002<\/p>\n
\u672c\u4eba\u81ea\u5e26\u7684nginx\u7684\u914d\u7f6e\u76ee\u5f55 \/etc\/nginx\/sites.d<\/p>\n
# cp \/var\/opt\/gitlab\/nginx\/conf\/gitlab-http.conf \/etc\/nginx\/sites.d\/gitlab-http.conf
\n# cp \/var\/opt\/gitlab\/nginx\/conf\/nginx-status.conf \/etc\/nginx\/sites.d\/gitlab-nginx-status.conf<\/p>\n
\u4fee\u6539\u4ee3\u7801\uff1a<\/strong><\/p>\n
vim \/etc\/nginx\/nginx.conf\r\nuser\u00a0 git; \/\/\u5c06nginx\u7684\u8fd0\u884c\u7528\u6237\u66f4\u6539\u4e3agit\uff0c\u4e3b\u8981\u662f\u4e3a\u4e86\u80fd\u591f\u548c\r\n\/var\/opt\/gitlab\/gitlab-workhorse\/socket\u901a\u4fe1\u3002<\/pre>\n
vim \/etc\/nginx\/sites.d\/gitlab-http.conf \uff0c\u5934\u90e8\u589e\u52a0\u5982\u4e0b\u4ee3\u7801\uff1a<\/strong><\/p>\n
upstream gitlab-workhorse {\r\n\u00a0 server unix:\/var\/opt\/gitlab\/gitlab-workhorse\/socket;\r\n}\r\nproxy_cache_path proxy_cache keys_zone=gitlab:10m max_size=1g levels=1:2;\r\nproxy_cache gitlab;\r\nmap $http_upgrade $connection_upgrade {\r\n\u00a0 default upgrade;\r\n\u00a0 ''\u00a0\u00a0\u00a0\u00a0\u00a0 close;\r\n}<\/pre>\n
\u8d34\u4e0a\u672c\u4eba\u7684\u914d\u7f6e\uff1a<\/p>\n
pstream gitlab-workhorse {
\nserver unix:\/var\/opt\/gitlab\/gitlab-workhorse\/socket;
\n#server 192.168.80.122:8080;
\n}<\/p>\n
proxy_cache_path proxy_cache keys_zone=gitlab:10m max_size=1g levels=1:2;
\nproxy_cache gitlab;<\/p>\n
map $http_upgrade $connection_upgrade {
\ndefault upgrade;
\n\u201d\u00a0\u00a0\u00a0\u00a0\u00a0 close;
\n}<\/p>\n
server {
\nlisten 80;<\/p>\n
server_name 122.100.com;
\nserver_tokens off; ## Don\u2019t show the nginx version number, a security best practice<\/p>\n
## Increase this if you want to upload large attachments
\n## Or if you want to accept large git objects over http
\nclient_max_body_size 0;<\/p>\n
add_header Strict-Transport-Security \u201cmax-age=31536000\u2033;<\/p>\n
access_log\u00a0 \/var\/log\/nginx\/access.log main;
\nerror_log\u00a0\u00a0 \/var\/log\/nginx\/error.log;<\/p>\n
if ($http_host = \u201c\u201d) {
\nset $http_host_with_default \u201c122.100.com\u201d;
\n}<\/p>\n
if ($http_host != \u201c\u201d) {
\nset $http_host_with_default $http_host;
\n}<\/p>\n
## If you use HTTPS make sure you disable gzip compression
\n## to be safe against BREACH attack.
\n## https:\/\/github.com\/gitlabhq\/gitlabhq\/issues\/694
\n## Some requests take more than 30 seconds.
\nproxy_read_timeout\u00a0\u00a0\u00a0\u00a0\u00a0 3600;
\nproxy_connect_timeout\u00a0\u00a0 300;
\nproxy_redirect\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 off;
\nproxy_http_version 1.1;<\/p>\n
proxy_set_header Host $http_host_with_default;
\nproxy_set_header X-Real-IP $remote_addr;
\nproxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
\nproxy_set_header Upgrade $http_upgrade;
\nproxy_set_header Connection $connection_upgrade;
\nproxy_set_header X-Forwarded-Proto http;<\/p>\n
location \/ {
\nproxy_cache off;
\nproxy_pass\u00a0 http:\/\/gitlab-workhorse;
\n}<\/p>\n
location \/assets {
\nproxy_cache gitlab;
\nproxy_pass\u00a0 http:\/\/gitlab-workhorse;
\n}<\/p>\n
error_page 404 \/404.html;
\nerror_page 422 \/422.html;
\nerror_page 500 \/500.html;
\nerror_page 502 \/502.html;
\nlocation ~ ^\/(404|422|500|502)(-custom)?\\.html$ {
\nroot \/opt\/gitlab\/embedded\/service\/gitlab-rails\/public;
\ninternal;
\n}<\/p>\n
}<\/p>\n","protected":false},"excerpt":{"rendered":"
Gitlab\u5b89\u88c5\u7684OM\u7248\uff0c\u9ed8\u8ba4\u4f1a\u5b89\u88c5nginx\uff0c\u5e76\u5728 gitlab-ctl start \u4e2d\u4f1a\u9ed8\u8ba4\u542f\u52a8 nginx\u3002\u4f46\u5982\u679c\u60f3\u7528\u81ea\u5e26\u7684nginx\u8bbe\u7f6e\uff0c\u53ef\u4ee5\u53c2\u8003\u672c\u6587\u8fdb\u884c\u8bbe\u7f6e\u3002   Gitlab\u9ed8\u8ba4\u5b89\u88c5\u7684nginx\u7684\u76ee\u5f55 \/var\/opt\/gitlab\/nginx Tips 1\uff1a\u5728\/var\/opt\/gitlab\u76ee\u5f55\u4e0b\uff0c\u9664\u4e86nginx \u8fd8\u6709\u5176\u5b83\u4e00\u4e9b\u4f9d\u8d56\u670d\u52a1\u3002 Tips 2\uff1aunicorn\u662fruby\u7684http server\uff0cnginx\u53ea\u662f\u53cd\u5411\u4ee3\u7406\u3002\u8fd9\u4e2a\u662f\u7075\u9b42\uff0c\u628a\u63e1\u4e86\u8fd9\u4e2a\u539f\u5219\u66f4\u6539\u6210\u81ea\u5e26\u7684nginx\u5c31\u624b\u5230\u64d2\u6765\u4e86\u3002 \u672c\u4eba\u81ea\u5e26\u7684nginx\u7684\u914d\u7f6e\u76ee\u5f55 \/etc\/nginx\/sites.d # cp \/var\/opt\/gitlab\/nginx\/conf\/gitlab-http.conf \/etc\/nginx\/sites.d\/gitlab-http.conf # cp \/var\/opt\/gitlab\/nginx\/conf\/nginx-status.conf \/etc\/nginx\/sites.d\/gitlab-nginx-status.conf \u4fee\u6539\u4ee3\u7801\uff1a vim \/etc\/nginx\/nginx.conf user\u00a0 git; \/\/\u5c06nginx\u7684\u8fd0\u884c\u7528\u6237\u66f4\u6539\u4e3agit\uff0c\u4e3b\u8981\u662f\u4e3a\u4e86\u80fd\u591f\u548c \/var\/opt\/gitlab\/gitlab-workhorse\/socket\u901a\u4fe1\u3002 vim \/etc\/nginx\/sites.d\/gitlab-http.conf \uff0c\u5934\u90e8\u589e\u52a0\u5982\u4e0b\u4ee3\u7801\uff1a upstream gitlab-workhorse { \u00a0 server unix:\/var\/opt\/gitlab\/gitlab-workhorse\/socket; } proxy_cache_path proxy_cache keys_zone=gitlab:10m max_size=1g levels=1:2; proxy_cache gitlab; map $http_upgrade $connection_upgrade { \u00a0 default upgrade; […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"class_list":["post-18557","post","type-post","status-publish","format-standard","hentry","category-docker"],"_links":{"self":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/18557","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/comments?post=18557"}],"version-history":[{"count":1,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/18557\/revisions"}],"predecessor-version":[{"id":18558,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/18557\/revisions\/18558"}],"wp:attachment":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/media?parent=18557"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/categories?post=18557"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/tags?post=18557"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}