-
-
Save xujiajun/57b1589ab633220fe8ac75ddced4c367 to your computer and use it in GitHub Desktop.
Revisions
-
Sameer Naik created this gist
Jul 28, 2014 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,55 @@ upstream gitlab { server 172.17.42.1:10080; } ## This is a normal HTTP host which redirects all traffic to the HTTPS host. server { listen 80; server_name git.example.com; server_tokens off; root /dev/null; rewrite ^ https://$server_name$request_uri permanent; } server { listen 443 ssl spdy; server_name git.example.com; server_tokens off; root /dev/null; ssl on; ## Increase this if you want to upload large attachments ## Or if you want to accept large git objects over http client_max_body_size 20m; add_header Strict-Transport-Security max-age=63072000; # add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; ## Individual nginx logs for this vhost access_log /var/log/nginx/gitlab_access.log; error_log /var/log/nginx/gitlab_error.log; ## proxy pass the request to upsteam. location / { ## If you use https make sure you disable gzip compression ## to be safe against BREACH attack. gzip off; ## https://github.com/gitlabhq/gitlabhq/issues/694 ## Some requests take more than 30 seconds. proxy_read_timeout 300; proxy_connect_timeout 300; proxy_redirect off; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://gitlab; } }
Sameer Naik
created
this gist