Gitlab: Difference between revisions
imported>Onny mNo edit summary |
imported>Onny Add troubleshooting section for running behind reverse proxy |
||
| Line 31: | Line 31: | ||
systemd.services.gitlab-backup.environment.BACKUP = "dump"; | systemd.services.gitlab-backup.environment.BACKUP = "dump"; | ||
</syntaxHighlight> | |||
== Troubleshooting == | |||
=== Error 422 The change you requested was rejected on login ==== | |||
There might be different reasons for this error to show up after a failing login. One possible issue could be that your Gitlab instance is configured to be served with SSL encryption but running unencrypted behind a reverse proxy | |||
<syntaxHighlight lang="nix"> | |||
services.gitlab = { | |||
enable = true; | |||
port = 443; | |||
https = true; | |||
[...] | |||
</syntaxHighlight> | |||
To solve this, add following http headers to your upstream reverse proxy. In this example for the web server [[Caddy]] but it can be set for others too | |||
<syntaxHighlight lang="nix"> | |||
caddy = { | |||
enable = true; | |||
virtualHosts = { | |||
"git.example.org".extraConfig = '' | |||
reverse_proxy http://10.100.0.3 { | |||
header_up X-Forwarded-Proto https | |||
header_up X-Forwarded-Ssl on | |||
} | |||
''; | |||
}; | |||
}; | |||
</syntaxHighlight> | </syntaxHighlight> | ||
[[Category:Services]] | [[Category:Services]] | ||
[[Category:Web Applications]] | [[Category:Web Applications]] | ||