422 Unprocessable Entity,JS Files,gitlab 8.17,apache ssl

昨天在ubuntu 16.04上安装了一个新的gitlab 8.17.0安装程序并将其设置为我记录的旧版本.我正在运行一个apache2,它将letsencry作为代理.看起来好像一切运行良好,但没有加载一些JS文件.我得到“422 Unprocessable Entity”https at

> domain / assets / webpack / application-XXX.js
> domain / assets / webpack / lib_dX.js
> domain / assets / webpack / users-X.js
> domain / assets / webpack / lib_d3-X.js
> domain / assets / webpack / users-X.js

/etc/gitlab/gitlab.rb

external_url 'https://gitlab.example.com'

nginx['listen_address'] = 'localhost'
nginx['listen_port'] = 8080
nginx['listen_https'] = false

web_server['external_users'] = ['www-data']
nginx['enable'] = false

/etc/apache2/sites-available/gitlab.example.com.conf

<VirtualHost *:80>
        ServerName gitlab.example.com
        ServerAdmin mail@gitlab.example.com

        ErrorLog /var/log/apache2/gitlab.example.com/error.log
        CustomLog /var/log/apache2/gitlab.example.com/access.log combined

        Redirect 301 / https://gitlab.example.com/
</VirtualHost>

<VirtualHost *:443>
        ServerName gitlab.example.com
        ServerAdmin mail@gitlab.example.com

        ErrorLog /var/log/apache2/gitlab.example.com/error.log
        CustomLog /var/log/apache2/gitlab.example.com/access.log combined

        RequestHeader set X-Forwarded-Proto "https"
        RequestHeader set X-Forwarded-Port "443"
        ProxyPreserveHost On
        ProxyPass / http://localhost:8080/
        ProxyPassReverse / http://localhost:8080/

        SSLEngine on
        SSLCertificateFile /etc/letsencrypt/live/gitlab.example.com/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/gitlab.example.com/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/gitlab.example.com/chain.pem

  <Proxy http://localhost:8080/>
    Order deny,allow
    Allow from all
  </Proxy>
</VirtualHost>

有没有人有解决问题的想法?

谢谢!祝你周日愉快.

最佳答案 我在提供静态文件时遇到了同样的问题,但在nginx代理后面.在/var/log/gitlab/gitlab-rails/production.log文件中有错误:

Started GET "/assets/webpack/application-0b895f7016d93748393a-v2.js" for 127.0.0.1 at 2017-03-05 11:14:21 +0100
Processing by ApplicationController#route_not_found as JS
  Parameters: {"unmatched_route"=>"assets/webpack/application-0b895f7016d93748393a-v2"}
Security warning: an embedded <script> tag on another site requested protected JavaScript.
If you know what you're doing, go ahead and disable forgery protection on this action to
permit cross-origin JavaScript embedding.
Completed 422 Unprocessable Entity in 28ms (ActiveRecord: 1.8ms)

ActionController::InvalidCrossOriginRequest (Security warning: an embedded 
<script> tag on another site requested protected JavaScript. If you know 
what you're doing, go ahead and disable forgery protection on this action to 
permit cross-origin JavaScript embedding.):
  lib/gitlab/middleware/multipart.rb:93:in `call'
  lib/gitlab/request_profiler/middleware.rb:14:in `call'
  lib/gitlab/middleware/go.rb:16:in `call'

所以我在/opt/gitlab/embedded/service/gitlab-rails/config/environments/production.rb中进行了更改:

  config.action_controller.allow_forgery_protection = false

  # Disable Rails's static asset server (Apache or nginx will already do this)
  config.serve_static_files = true

并重新启动gitlab(gitlab-ctl restart).现在它可以工作,但我认为我的服务器的安全性被削弱了.

点赞