From 7c187a2305e4c90f339ed5d7b79790bd04c9b601 Mon Sep 17 00:00:00 2001 From: Jacob Vosmaer Date: Fri, 16 May 2014 16:27:21 +0200 Subject: [PATCH] Bring nginx config up to date with upstream --- files/gitlab-cookbooks/gitlab/templates/default/nginx-gitlab-http.conf.erb | 15 +++++++++++++++ 1 file changed, 15 insertions(+), 0 deletions(-) diff --git a/files/gitlab-cookbooks/gitlab/templates/default/nginx-gitlab-http.conf.erb b/files/gitlab-cookbooks/gitlab/templates/default/nginx-gitlab-http.conf.erb index 7b8fe04..ae0355a 100644 --- a/files/gitlab-cookbooks/gitlab/templates/default/nginx-gitlab-http.conf.erb +++ b/files/gitlab-cookbooks/gitlab/templates/default/nginx-gitlab-http.conf.erb @@ -63,6 +63,10 @@ server { # if a file, which is not found in the root folder is requested, # then the proxy pass the request to the upsteam (gitlab unicorn) location @gitlab { + # If you use https make sure you disable gzip compression + # to be safe against BREACH attack + <%= 'gzip off;' if @https %> + proxy_read_timeout 300; # Some requests take more than 30 seconds. proxy_connect_timeout 300; # Some requests take more than 30 seconds. proxy_redirect off; @@ -75,5 +79,16 @@ server { proxy_pass http://gitlab; } + # Enable gzip compression as per rails guide: http://guides.rubyonrails.org/asset_pipeline.html#gzip-compression + # WARNING: If you are using relative urls do remove the block below + # See config/application.rb under "Relative url support" for the list of + # other files that need to be changed for relative url support + location ~ ^/(assets)/ { + root /home/git/gitlab/public; + gzip_static on; # to serve pre-gzipped version + expires max; + add_header Cache-Control public; + } + error_page 502 /502.html; } -- libgit2 0.21.2