其实由于GitLab只负责监听本地socket文件,而web服务器采用了Nginx等。只需要在web server上做适当的配置即可。
下面是一个采用Nginx的例子,对GitLab安装指南下载的gitlab脚本文件做了适当的修改。
# GITLAB# Maintainer: @randx# App Version: 4.0
upstream gitlab { server unix:/home/gitlab/gitlab/tmp/sockets/gitlab.socket;}
server { listen 443; ssl on; ssl_certificate /etc/nginx/sites-available/server.crt; ssl_certificate_key /etc/nginx/sites-available/server.key;
server_name localhost; #Ubuntu1204-dell source.cml.com; # e.g., server_name source.example.com; root /home/gitlab/gitlab/public;
# individual nginx logs for this gitlab vhost access_log /var/log/nginx/gitlab_access.log; error_log /var/log/nginx/gitlab_error.log;
location / { # serve static files from defined root folder;. # @gitlab is a named location for the upstream fallback, see below try_files $uri $uri/index.html $uri.html @gitlab; }
# if a file, which is not found in the root folder is requested, # then the proxy pass the request to the upsteam (gitlab unicorn) location @gitlab { proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694 proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr;
proxy_pass ; }}
注意 server { 下面的四行。
监听443端口,启用ssl,server.crt和server.key文件是参考Nginx的文档生成的。
最后proxy_pass 不能修改,不要改成https,否则不能工作。
现在试一下用https的方式check out 代码:
git clone https://….
报错,,说证书校验有问题:
error: server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
最简单的解决方法是加一个环境变量:
export GIT_SSL_NO_VERIFY=1
GitLab 的详细介绍:请点这里GitLab 的下载地址:请点这里
你的脸是为了呈现上帝赐给人类最贵重的礼物–微笑,