Closed hc128168 closed 5 years ago
I figured because there is only 1 port to specify in GITLab env, but NGNIX will try to bounce HTTP request to a port with SSL -- 443. Hence, the best way to get around it is to map 10443 to 443 and then NGNIX will bounce to the same port -- then no need to port forward 2 ports. Safer.
Here is my docker-composer.xml on my Synology DS1019+ NAS:
(I initially messed it up few times before I ended up with the version above)
I added Letsencrypt's certificate via DSM, and marked as default. I could go to my DSM's page over HTTPS. Then I copied them over:
And also
openssl dhparam -out dhparam.pem 2048
on my desktop and copied over.And then I did
sudo docker-compose down
and thensudo docker-compose up -d
. But it didn't work. My chrome browser gave meERR_SSL_PROTOCOL_ERROR
.Then, I tried
wget -v https://[my domain]:10080
and it gave me:Curl gave slightly more info:
It looks like GITLab isn't responding with HTTPS. It certainly reached nginx as I tailed
gitlab/logs/nginx/gitlab_access.log
and I saw my request:Accessing via HTTP is fine once
GITLAB_HTTPS
is set to false.Tho, one thing I noticed is that inside the container, I don't see
SSL_KEY_PATH
,SSL_CA_CERTIFICATES_PATH
norSSL_DHPARAM_PATH
inenv
:But I assume it is okay to miss those env variables because I see the cert/key configured in
/etc/nginx/sites-enabled/gitlab
:I feel maybe I messed up the initial setup few times and so it is in a weird state. How can I restart from scratch? (Sorry I am not familiar with Docker...and so stupid question here).
Or any idea what goes wrong?
Thanks in advance.