Related

Rails in production precompile Question Question
Install application after droplet was created Question Question

Question

DO floating IP for the main GitLab and GitLab Pages setup on separate droplets

Posted November 3, 2019 379 views
Applications

I have an Omnibus GitLab CE setup with Pages on a second droplet. I am using floating IP for required second IP when enabling custom domains (per this doc). With this setup I am having the following issues with custom domain pages:

  1. Custom domains serve the Pages wildcard certificate instead of the custom domain certificates. even though I did added custom domain certificate manually and also enabled for it an automatic certificate management. I can view custom page published website if I add exception in the browser.
  2. Custom domains do not get redirected to HTTPS, with redirection checkbox enabled.
  3. Custom domains HTTP isn’t working and is getting 502 Gitlab error.

I am suspecting I am either misconfigured my gitlab.rb or maybe the DO floating IP isn’t fully/properly working for such setup, so DO droplets ultimately will not support it.

Any help would be hugely appreciated.

gitlab.rb for main GitLab droplet

external_url 'https://GITLAB.DOMAIN'
nginx['redirect_http_to_https'] = true

pages_external_url "https://PAGES.DOMAIN"
gitlab_pages['enable'] = false
gitlab_rails['pages_path'] = "/mnt/pages"

pages_nginx['redirect_http_to_https'] = true
pages_nginx['ssl_certificate'] = "/etc/letsencrypt/live/PAGES.DOMAIN/fullchain.pem"
pages_nginx['ssl_certificate_key'] = "/etc/letsencrypt/live/PAGES.DOMAIN/privkey.pem"

pages_nginx['enable'] = false
nginx['listen_addresses'] = ['GITLAB_IP']
gitlab_pages['external_http'] = ['GITLAB_FLOATING_IP:80']
gitlab_pages['external_https'] = ['GITLAB_FLOATING_IP:443']

gitlab.rb for Pages droplet

pages_external_url "https://PAGES.DOMAIN"

external_url "http://GITLAB_IP"
postgresql['enable'] = false
redis['enable'] = false
prometheus['enable'] = false
unicorn['enable'] = false
sidekiq['enable'] = false
gitlab_workhorse['enable'] = false
gitaly['enable'] = false
alertmanager['enable'] = false
node_exporter['enable'] = false
gitlab_rails['auto_migrate'] = false

pages_nginx['enable'] = true
pages_nginx['redirect_http_to_https'] = true
pages_nginx['ssl_certificate'] = "/etc/letsencrypt/live/PAGES.DOMAIN/fullchain.pem"
pages_nginx['ssl_certificate_key'] = "/etc/letsencrypt/live/PAGES.DOMAIN/privkey.pem"
Add a comment
By:
localalex
edited by MattIPv4
Add a comment
Submit an answer

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Related

Looking for something else?

Ask a new question Search for more help