I have installed the latest Gitlab-CE (8.10) on CentOS 7 (fresh install) via the Omnibus package as described here: https://about.gitlab.com/downloads/#centos7
Now, I would like to change the default port at which one can access the Gitlab web interface. To this end, I followed the instructions at http://docs.gitlab.com/omnibus/settings/nginx.html#change-the-default-port-and-the-ssl-certificate-locations, namely I included
external_url "http://127.0.0.1:8765"
in the configuration file /etc/gitlab/gitlab.rb and then updated the configuration with gitlab-ctl reconfigure && gitlab-ctl restart.
However, when I then navigate to http://127.0.0.1:8765, Gitlab keeps redirecting to http://127.0.0.1/users/sign_in, i.e., the port specification is somehow discarded. When I then manually change the URL in the browser to http://127.0.0.1:8765/users/sign_in, it correctly displays the login page and interestingly, all links on the page (e.g., "Explore", "Help") contain the port specification.
In order to fix this behavior, is it necessary to specify the port also somewhere else than in /etc/gitlab/gitlab.rb?
Issue here: https://gitlab.com/gitlab-org/gitlab-ce/issues/20131
Workaround:
add this line to /etc/gitlab/gitlab.rb:
nginx['proxy_set_headers'] = { "X-Forward-Port" => "8080", "Host" => "<hostname>:8080" }
replace port and hostname with your values, then as root or with sudo:
gitlab-ctl reconfigure
gitlab-ctl restart
It helps me on Debian 8.5, gitlab-ce from gitlab repo.
In addition of external_url, the documentation also suggests to set a few NGiNX proxy headers:
By default, when you specify external_url, omnibus-gitlab will set a few NGINX proxy headers that are assumed to be sane in most environments.
For example, omnibus-gitlab will set:
"X-Forwarded-Proto" => "https",
"X-Forwarded-Ssl" => "on"
(if you have specified https schema in the external_url).
However, if you have a situation where your GitLab is in a more complex setup like behind a reverse proxy, you will need to tweak the proxy headers in order to avoid errors like The change you wanted was rejected or Can't verify CSRF token authenticity Completed 422 Unprocessable.
This can be achieved by overriding the default headers, eg. specify in /etc/gitlab/gitlab.rb:
nginx['proxy_set_headers'] = {
"X-Forwarded-Proto" => "http",
"CUSTOM_HEADER" => "VALUE"
}
Save the file and reconfigure GitLab for the changes to take effect.
This way you can specify any header supported by NGINX you require.
The OP ewcz confirms in the comments:
I just uncommented the default settings for nginx['proxy_set_headers'] in /etc/gitlab/gitlab.rb (also, changing X-Forwarded-Proto to http and removing X-Forwarded-Ssl) and suddenly it works!
I changed the etc/gitlab.rb following the comments above and my port did not change.
external_url http://localhost:13080/
...
nginx['proxy_set_headers'] = {
"X-Real-IP" => "$remote_addr",
"X-Forwarded-For" => "$proxy_add_x_forwarded_for",
"X-Forwarded-Proto" => "https",
"X-Forwarded-Ssl" => "on",
"X-Forward-Port" => "13080",
"Host" => "localhost:13080"
}
gitlab-ctl reconfigure
gitlab-ctl restart
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 狗以群分 的文章《Changing the default Gitlab port》','https://www.manongdao.com/article-600434.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}