2

I set up gitlab on my personal server and used this answer and this answer (along with some input from this to make it work with my apache installation. Everything works fine, when I go to gitlab.example.com, I see the gitlab UI, can create accounts and so on. However, when I inspected the URI I get forwarded to, it is

https://gitlab.example.com//users/sign_in (note the two slashes after the domain). This is not really a problem, but I would like to know why this is and how I can fix this - especially since it works just as fine when I remove one of the slashes from the address. (So https://gitlab.example.com/users/sign_in is exactly the same).

In fact, I get forwarded twice:

  • GET https://gitlab.example.com => 301 Moved Permanently with Location:https://gitlab.example.com/
  • GET https://gitlab.example.com/ => 302 Found with Location:https://gitlab.example.com//users/sign_in

This is my apache config file (`/etc/apache2/sites-enabled/gitlab.conf):

<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerName gitlab.example.com
        ServerSignature Off

        ProxyPreserveHost On

        ProxyPassMatch ^(/[^/]+\.(html|png|ico|css|txt))$ !
        ProxyPass /assets !

        <Location />
                Order deny,allow
                Allow from all

                ProxyPassReverse http://127.0.0.1:8080
                ProxyPassReverse http://gitlab.example.com
        </Location>

        RewriteEngine on
        RewriteCond %{DOCUMENT_ROOT}/%(REQUEST_FILENAME} !-f
        RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA]

        DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public

        SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

Is this a problem with gitlab? How can I work around it?

Note: I am absolutely unsure which module is causing the forwarding behavior, if you need any other config files, just let me know.

Henrik Ilgen
  • 123
  • 5
  • Possible duplicate of [Redirect, Change URLs or Redirect HTTP to HTTPS in Apache - Everything You Ever Wanted to Know About Mod\_Rewrite Rules but Were Afraid to Ask](http://serverfault.com/questions/214512/redirect-change-urls-or-redirect-http-to-https-in-apache-everything-you-ever) – MadHatter Jun 17 '16 at 06:40

1 Answers1

2

You might want try appending a trailing slash / to the ProxyPass target URL's i.e. change

 ProxyPassReverse http://127.0.0.1:8080

into

 ProxyPassReverse http://127.0.0.1:8080/

since you're applying those directives to a path that also terminates with a trailing slash / (or only a slash in this case: <Location />) as the manual warns:

If the first argument ends with a trailing /, the second argument should also end with a trailing /, and vice versa. Otherwise, the resulting requests to the backend may miss some needed slashes and do not deliver the expected results.

HBruijn
  • 72,524
  • 21
  • 127
  • 192
  • Thanks, That worked like a charm - although I had to append the trailing slash to the other `ProxyPassReverse` directive, while the one you mentioned can stay unmodified (though it seems like it doesn't do harm to have the slash in both addresses): `ProxyPassReverse http://127.0.0.1:8080`, `ProxyPassReverse http://gitlab.example.com/` – Henrik Ilgen Jun 12 '16 at 13:32