昨天在ubuntu 16.04上安装了一个新的gitlab 8.17.0安装程序并将其设置为我记录的旧版本.我正在运行一个apache2,它将letsencry作为代理.看起来好像一切运行良好,但没有加载一些JS文件.我得到“422 Unprocessable Entity”https at
> domain / assets / webpack / application-XXX.js
> domain / assets / webpack / lib_dX.js
> domain / assets / webpack / users-X.js
> domain / assets / webpack / lib_d3-X.js
> domain / assets / webpack / users-X.js
/etc/gitlab/gitlab.rb
external_url 'https://gitlab.example.com'
nginx['listen_address'] = 'localhost'
nginx['listen_port'] = 8080
nginx['listen_https'] = false
web_server['external_users'] = ['www-data']
nginx['enable'] = false
/etc/apache2/sites-available/gitlab.example.com.conf
<VirtualHost *:80>
ServerName gitlab.example.com
ServerAdmin mail@gitlab.example.com
ErrorLog /var/log/apache2/gitlab.example.com/error.log
CustomLog /var/log/apache2/gitlab.example.com/access.log combined
Redirect 301 / https://gitlab.example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName gitlab.example.com
ServerAdmin mail@gitlab.example.com
ErrorLog /var/log/apache2/gitlab.example.com/error.log
CustomLog /var/log/apache2/gitlab.example.com/access.log combined
RequestHeader set X-Forwarded-Proto "https"
RequestHeader set X-Forwarded-Port "443"
ProxyPreserveHost On
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/gitlab.example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/gitlab.example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/gitlab.example.com/chain.pem
<Proxy http://localhost:8080/>
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>
有没有人有解决问题的想法?
谢谢!祝你周日愉快.
最佳答案 我在提供静态文件时遇到了同样的问题,但在nginx代理后面.在/var/log/gitlab/gitlab-rails/production.log文件中有错误:
Started GET "/assets/webpack/application-0b895f7016d93748393a-v2.js" for 127.0.0.1 at 2017-03-05 11:14:21 +0100
Processing by ApplicationController#route_not_found as JS
Parameters: {"unmatched_route"=>"assets/webpack/application-0b895f7016d93748393a-v2"}
Security warning: an embedded <script> tag on another site requested protected JavaScript.
If you know what you're doing, go ahead and disable forgery protection on this action to
permit cross-origin JavaScript embedding.
Completed 422 Unprocessable Entity in 28ms (ActiveRecord: 1.8ms)
ActionController::InvalidCrossOriginRequest (Security warning: an embedded
<script> tag on another site requested protected JavaScript. If you know
what you're doing, go ahead and disable forgery protection on this action to
permit cross-origin JavaScript embedding.):
lib/gitlab/middleware/multipart.rb:93:in `call'
lib/gitlab/request_profiler/middleware.rb:14:in `call'
lib/gitlab/middleware/go.rb:16:in `call'
所以我在/opt/gitlab/embedded/service/gitlab-rails/config/environments/production.rb中进行了更改:
config.action_controller.allow_forgery_protection = false
# Disable Rails's static asset server (Apache or nginx will already do this)
config.serve_static_files = true
并重新启动gitlab(gitlab-ctl restart).现在它可以工作,但我认为我的服务器的安全性被削弱了.