Hello,
Pour ma part j'ai installé gitlab avec le built-in nginx et ça ne pose pas de problème de l'avoir à côté de rutorrent. Je préfère utiliser les outils de la manière dont ils ont été conçus, je mets sur un port, puis ensuite le nginx de mon système dispatch les server_name sur les ports correspondants.
Dans ma config gitlab.rb :
external_url 'https://gitlab.example.com'
nginx['listen_addresses'] = ['127.0.0.1', "[::1]"]
nginx['listen_port'] = 8226
nginx['listen_https'] = false
Dans la config nginx :
server {
listen 80;
listen [::]:80;
server_name gitlab.example.com;
server_tokens off;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
include snippets/ssl-params.conf;
root /dev/null;
server_tokens off;
client_max_body_size 100m;
server_name gitlab.example.com;
access_log /var/log/nginx/gitlab-access.log;
error_log /var/log/nginx/gitlab-error.log;
location / {
proxy_pass http://localhost:8226;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Url-Scheme $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_buffering off;
}
ssl_certificate /etc/letsencrypt/live/gitlab.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/gitlab.example.com/privkey.pem; # managed by Certbot
ssl_trusted_certificate /etc/letsencrypt/live/gitlab.example.com/chain.pem;
}
Et la config nginx pour rutorrent, j'ai aussi un reverse proxy :
server {
listen 80;
listen [::]:80;
server_name rutorrent.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name rutorrent.example.com;
include snippets/ssl-params.conf;
root /var/www/rutorrent;
access_log /var/log/nginx/rutorrent-access.log;
error_log /var/log/nginx/rutorrent-error.log;
auth_basic "Closed!";
auth_basic_user_file /etc/nginx/auth;
location ~* \.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf|x-html|html|css|xml|js|woff|woff2|ttf|svg|eot)$ {
expires 30d;
access_log off;
log_not_found off;
}
location / {
try_files $uri $uri/ =404;
}
location /RPC2 {
include /etc/nginx/scgi_params;
scgi_pass 127.0.0.1:5000;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php/rutorrent.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffers 4 256K;
fastcgi_buffer_size 128K;
fastcgi_busy_buffers_size 256K;
fastcgi_temp_file_write_size 256K;
}
ssl_certificate /etc/letsencrypt/live/rutorrent.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/rutorrent.example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/rutorrent.example.com/chain.pem;
}
