Configure Apache for GitLab

This commit is contained in:
Salt 2020-04-26 04:10:08 -05:00
parent a9dd6b65ec
commit 16e27e1b80
2 changed files with 18 additions and 8 deletions

View File

@ -96,8 +96,9 @@
- name: Create webroot
file:
path: "{{ gitlab_webroot }}"
src: "/var/gitlab/public"
mode: "0755"
state: directory
state: link
- name: Copy over virtual host configs
template:
src: apache2-vhost-ssl.conf

View File

@ -13,13 +13,7 @@ SSLStrictSNIVHostCheck off
SSLEngine on
SSLCertificateFile /etc/pki/cert/crt/{{ gitlab_url }}.crt
SSLCertificateKeyFile /etc/pki/cert/private/{{ gitlab_url }}.key
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitlab_url}}-fullchain.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">\
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
SSLCertificateChainFile /etc/pki/cert/crt/{{ gitlab_url }}-fullchain.crt
ServerName {{ gitlab_url }}
DocumentRoot {{ gitlab_webroot }}
<Directory "{{ gitlab_webroot }}">
@ -27,4 +21,19 @@ SSLStrictSNIVHostCheck off
AllowOverride All
Options MultiViews FollowSymlinks
</Directory>
<Location />
Require all granted
ProxyPassReverse http://127.0.0.1:8086
ProxyPassReverse http://git.9iron.club/
</Location>
# Forward all requets to GL except error docs and ACME challenges
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} ^/uploads/.*
RewriteCond %{REQUEST_URI} !\.well-known-acme-challenge
RewriteRule .* http://127.0.0.1:8086%{REQUEST_URI} [P,QSA,NE]
RequestHeader set X_FORWARDED_PROTO 'https'
RequestHeader set X-Forwarded-Ssl on
</VirtualHost>