Merge branch 'master' into 'master'

Add parameter to tell nginx what IP address to bind on This adds a parameter to set the IP address nginx listens on, so you don't have to dedicate ports 80/443 of all addresses on a box to gitlab. The default is set to '*' which was hard-coded before.

Merge branch 'master' into 'master'
Add parameter to tell nginx what IP address to bind on This adds a parameter to set the IP address nginx listens on, so you don't have to dedicate ports 80/443 of all addresses on a box to gitlab. The default is set to '*' which was hard-coded before.
Jacob Vosmaer
2 parents c8368bbf 2ac7eb9e
Showing 2 changed files with 3 additions and 2 deletions Show diff stats
files/gitlab-cookbooks/gitlab/attributes/default.rb
files/gitlab-cookbooks/gitlab/templates/default/nginx-gitlab-http.conf.erb
@@ -210,3 +210,4 @@ default[&#39;gitlab&#39;][&#39;nginx&#39;][&#39;redirect_http_to_https&#39;] = false
 default['gitlab']['nginx']['redirect_http_to_https_port'] = 80
 default['gitlab']['nginx']['ssl_certificate'] = "/etc/gitlab/ssl/#{node['fqdn']}.crt"
 default['gitlab']['nginx']['ssl_certificate_key'] = "/etc/gitlab/ssl/#{node['fqdn']}.key"
+default['gitlab']['nginx']['listen_address'] = '*'
@@ -21,7 +21,7 @@ upstream gitlab {
 <% if @https && @redirect_http_to_https %>
 server {
-  listen *:<%= @redirect_http_to_https_port %>;
+  listen <%= @listen_address %>:<%= @redirect_http_to_https_port %>;
   server_name <%= @fqdn %>;
   server_tokens off;
   return 301 https://<%= @fqdn %>:<%= @port %>$request_uri;
@@ -29,7 +29,7 @@ server {
 <% end %>
 server {
-  listen *:<%= @port %>;
+  listen <%= @listen_address %>:<%= @port %>;
   server_name <%= @fqdn %>;
   server_tokens off;     # don't show the version number, a security best practice
   root /opt/gitlab/embedded/service/gitlab-rails/public;
	@@ -210,3 +210,4 @@ default['gitlab']['nginx']['redirect_http_to_https'] = false		@@ -210,3 +210,4 @@ default['gitlab']['nginx']['redirect_http_to_https'] = false
210	default['gitlab']['nginx']['redirect_http_to_https_port'] = 80	210	default['gitlab']['nginx']['redirect_http_to_https_port'] = 80
211	default['gitlab']['nginx']['ssl_certificate'] = "/etc/gitlab/ssl/#{node['fqdn']}.crt"	211	default['gitlab']['nginx']['ssl_certificate'] = "/etc/gitlab/ssl/#{node['fqdn']}.crt"
212	default['gitlab']['nginx']['ssl_certificate_key'] = "/etc/gitlab/ssl/#{node['fqdn']}.key"	212	default['gitlab']['nginx']['ssl_certificate_key'] = "/etc/gitlab/ssl/#{node['fqdn']}.key"
		213	+default['gitlab']['nginx']['listen_address'] = '*'
	@@ -21,7 +21,7 @@ upstream gitlab {		@@ -21,7 +21,7 @@ upstream gitlab {
21		21
22	<% if @https && @redirect_http_to_https %>	22	<% if @https && @redirect_http_to_https %>
23	server {	23	server {
24	- listen *:<%= @redirect_http_to_https_port %>;	24	+ listen <%= @listen_address %>:<%= @redirect_http_to_https_port %>;
25	server_name <%= @fqdn %>;	25	server_name <%= @fqdn %>;
26	server_tokens off;	26	server_tokens off;
27	return 301 https://<%= @fqdn %>:<%= @port %>$request_uri;	27	return 301 https://<%= @fqdn %>:<%= @port %>$request_uri;
	@@ -29,7 +29,7 @@ server {		@@ -29,7 +29,7 @@ server {
29	<% end %>	29	<% end %>
30		30
31	server {	31	server {
32	- listen *:<%= @port %>;	32	+ listen <%= @listen_address %>:<%= @port %>;
33	server_name <%= @fqdn %>;	33	server_name <%= @fqdn %>;
34	server_tokens off; # don't show the version number, a security best practice	34	server_tokens off; # don't show the version number, a security best practice
35	root /opt/gitlab/embedded/service/gitlab-rails/public;	35	root /opt/gitlab/embedded/service/gitlab-rails/public;