[英]git push: Missing required Host Header to host GitLab repository
When I'm trying to git push -u origin master
to my repository, I get 400 Bad Request
. 当我尝试git push -u origin master
到我的存储库时,我收到400 Bad Request
。 I've purposely redacted some information with < >. 我故意用<>删除了一些信息。 Recently unbundled nginx from gitlab-ee, and have verified accessibility via web browser to gitlab location. 最近从gitlab-ee中取消捆绑了nginx,并且已经通过网络浏览器验证了gitlab位置的可访问性。 I've also tried setting the git remote-url to https://gitlab.<mysite>.com/<user>/project.git
and the same thing happens. 我也尝试将git remote-url设置为https://gitlab.<mysite>.com/<user>/project.git
,同样的事情发生了。
Error when attempting git push 尝试git push时出错
remote: 400 Bad Request: missing required Host header fatal: unable to access 'https://oauth2:<myawesometoken>.site.com/<user>/project.git/': The requested URL returned error: 400
nginx configuration nginx配置
upstream gitlab {
server unix:/var/opt/gitlab/gitlab-rails/sockets/gitlab.socket;
}
upstream gitlab-workhorse {
server unix://var/opt/gitlab/gitlab-workhorse/socket fail_timeout=0;
#server unix:/home/git/gitlab/tmp/sockets/gitlab-workhorse.socketfail_timeout=0;
}
map $http_upgrade $connection_upgrade_gitlab {
default upgrade;
'' close;
}
log_format gitlab_access $remote_addr - $remote_user [$time_local]"$request_method $gitlab_filtere$
map $request_uri $gitlab_temp_request_uri_1 {
default $request_uri;
~(?i)^(?<start>.*)(?<temp>[\?&]private[\-_]token)=[^&]*(?<rest>.*)$"$start$temp=[FILTERED]$rest";
}
map $gitlab_temp_request_uri_1 $gitlab_temp_request_uri_2 {
default $gitlab_temp_request_uri_1;
~(?i)^(?<start>.*)(?<temp>[\?&]authenticity[\-_]token)=[^&]*(?<rest>.*)$"$start$temp=[FILTERED]$$
}
map $gitlab_temp_request_uri_2 $gitlab_filtered_request_uri {
default $gitlab_temp_request_uri_2;
~(?i)^(?<start>.*)(?<temp>[\?&]rss[\-_]token)=[^&]*(?<rest>.*)$"$start$temp=[FILTERED]$rest";
}
map $http_referer $gitlab_filtered_http_referer {
default $http_referer;
~^(?<temp>.*)\? $temp;
}
server {
server_name gitlab.<mysite>.com www.gitlab.<mysite>.com;
server_tokens off;
root /opt/gitlab/embedded/service/gitlab-rails/public;
real_ip_header X-Real-IP;
real_ip_recursive off;
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
passenger_ruby /opt/gitlab/embedded/bin/ruby;
passenger_env_var PATH "/opt/gitlab/bin:/opt/gitlab/embedded/bin:/usr/local/bin:/usr/bin:/bin";
passenger_user git;
passenger_group git;
passenger_enabled on;
passenger_min_instances 1;
location @gitlab-workhorse {
## https://github.com/gitlabhq/gitlabhq/issues/694
## Some requests take more than 30 seconds.
proxy_read_timeout 3600;
proxy_connect_timeout 300;
proxy_redirect off;
# Do not buffer Git HTTP responses
proxy_buffering off;
proxy_set_header Host $http_host_with_default;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://gitlab-workhorse;
## The following settings only work with NGINX 1.7.11 or newer
#
## Pass chunked request bodies to gitlab-workhorse as-is
# proxy_request_buffering off;
proxy_http_version 1.1;
}
location ~ ^/(assets)/ {
root /opt/gitlab/embedded/service/gitlab-rails/public;
gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
}
location / {
client_max_body_size 0;
gzip off;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade_gitlab;
proxy_pass http://gitlab;
}
error_page 404 /404.html;
error_page 422 /422.html;
error_page 500 /500.html;
error_page 502 /502.html;
error_page 503 /503.html;
location ~ ^/(404|422|500|502|503)\.html$ {
# Location to the Gitlab's public directory,
# for Omnibus this would be: /opt/gitlab/embedded/service/gitlab-rails/public.
root /home/git/gitlab/public;
internal;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/gitlab.<mysite>.com/fullchain.pem; # managed by Certb$
ssl_certificate_key /etc/letsencrypt/live/gitlab.<mysite>.com/privkey.pem; # managed by Cer$
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
listen 80;
server_name www.gitlab.<mysite>.com gitlab.<mysite>.com;
return 301 https://$host$request_uri;
if ($host = www.gitlab.<mysite>.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = gitlab.<mysite>.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
}
gitlab.rb config gitlab.rb配置
external_url 'https://gitlab.<mysite>.com'
nginx['enable'] = false
web_server['external_users'] = ['www-data']
gitlab_rails['trusted_proxies'] = [ '<serverIp>/24']
So I figured it out by looking closer at GitLab documentation: https://docs.gitlab.com/omnibus/settings/nginx.html#vhost-server-block 因此,我通过仔细查看GitLab文档了解了这一点: https ://docs.gitlab.com/omnibus/settings/nginx.html#vhost-server-block
I overlooked these two settings. 我忽略了这两个设置。 This is inside the main server block. 这是在主服务器块内。
# For protocol upgrades from HTTP/1.0 to HTTP/1.1 we need to provide Host header if its missing
if ($http_host = "") {
# use one of values defined in server_name
set $http_host_with_default "git.example.com";
}
if ($http_host != "") {
set $http_host_with_default $http_host;
}
Also, I removed client_max_body_size
from location / { ... }
and put it in the parent scope. 另外,我从location / { ... }
删除了client_max_body_size
并将其放在父范围中。
Finally, I added gitlab_rails['internal_api_url'] = 'https://gitlab.<mysite>.com'
to the gitlab.rb
config file. 最后,我在gitlab.rb
配置文件中添加了gitlab_rails['internal_api_url'] = 'https://gitlab.<mysite>.com'
。
Everything is working now as it should. 现在一切都按预期进行。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.