Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gitlab with Apache 2.4 gives 502: AH01102: error reading status line from remote server 127.0.0.1:8080 #313

Open
BairDev opened this issue Jan 26, 2021 · 0 comments
Open

Gitlab with Apache 2.4 gives 502: AH01102: error reading status line from remote server 127.0.0.1:8080 #313

BairDev opened this issue Jan 26, 2021 · 0 comments

Comments

@BairDev
Copy link

BairDev commented Jan 26, 2021

I am not a server admin, so I do not configure Apache Servers on a daily basis.

But I want to use Gitlab on our server with SSL and Apache 2.4.6. (httpd on CentOS 7).

So far I have added the certificates (.pem) and turned on SSL.

head -30 /opt/gitlab/embedded/service/gitlab-rails/config/gitlab.yml

gitlab:
    ## Web server settings (note: host is the FQDN, do not include http://)
    host: gitlab.my-domain.org
    port: 443
    https: true

    # The maximum time unicorn/puma can spend on the request. This needs to be smaller than the worker timeout.
    # Default is 95% of the worker timeout
    max_request_duration_seconds: 57

I do not understand the <location> part of my Apache Config in:

<IfModule mod_ssl.c>
<VirtualHost *:443>  
  ServerName gitlab.my-domain.org
  ServerSignature Off

  ProxyPreserveHost On
  ProxyTimeout 60
  AllowEncodedSlashes NoDecode

  SSLEngine on
  SSLProxyEngine on
  SSLCertificateFile /etc/letsencrypt/live/some-original-domain/cert.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/some-original-domain/privkey.pem
  Include /etc/letsencrypt/options-ssl-apache.conf
  SSLCertificateChainFile /etc/letsencrypt/live/some-original-domain/chain.pem

  <Location />
    # New authorization commands for apache 2.4 and up
    # http://httpd.apache.org/docs/2.4/upgrading.html#access
    Require all granted
    ProxyPassReverse http://127.0.0.1:8080
    ProxyPassReverse https://gitlab.my-domain.org/
  </Location>

  RewriteEngine on
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
  RewriteCond %{REQUEST_URI} ^/uploads/.*
  RewriteRule .* https://127.0.0.1:8080%{REQUEST_URI} [P,QSA]

  RequestHeader set X_FORWARDED_PROTO 'https'
  RequestHeader set X-Forwarded-Ssl on

  # needed for downloading attachments
  DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public

  #Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
  # ErrorDocument 404 /404.html
  # ErrorDocument 422 /422.html
  # ErrorDocument 500 /500.html
  # ErrorDocument 503 /deploy.html

  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
  ErrorLog  /var/log/httpd/gitlab.my-domain_error.log
  CustomLog /var/log/httpd/gitlab.my-domain_forwarded.log common_forwarded
  CustomLog /var/log/httpd/gitlab.my-domain_access.log combined env=!dontlog
  CustomLog /var/log/httpd/gitlab.my-domain.log combined

</VirtualHost>
</IfModule>

There must be some misconfiguration, I only see:

 [proxy_http:error] [pid 18466] (103)Software caused connection abort: [client {IP}:32906] AH01102: error reading status line from remote server 127.0.0.1:8080
[proxy:error] [pid 18466] [client {IP}:32906] AH00898: Error reading from remote server returned by /

Also for wget http://localhost:8080/api/v3/internal/check on the server

{....} connection refused
ERROR 410: Gone.

Finally gitlab-rake gitlab:check:

Checking GitLab subtasks ...

Checking GitLab Shell ...

GitLab Shell: ... GitLab Shell version >= 13.7.0 ? ... OK (13.7.0)
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Internal API available: OK
Redis available via internal API: OK
gitlab-shell self-check successful

Checking GitLab Shell ... Finished

Checking Gitaly ...

Gitaly: ... default ... OK

Checking Gitaly ... Finished

Checking Sidekiq ...

Sidekiq: ... Running? ... yes
Number of Sidekiq processes ... 1

Checking Sidekiq ... Finished

Checking Incoming Email ...

Incoming Email: ... Reply by email is disabled in config/gitlab.yml

Checking Incoming Email ... Finished

Checking LDAP ...

LDAP: ... LDAP is disabled in config/gitlab.yml

Checking LDAP ... Finished

Checking GitLab App ...

Git configured correctly? ... yes
Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... skipped (no tmp uploads folder yet)
Init script exists? ... skipped (omnibus-gitlab has no init script)
Init script up-to-date? ... skipped (omnibus-gitlab has no init script)
Projects have namespace: ... 
GitLab Instance / Monitoring ... yes
sdp-dev / sdp-services ... yes
sdp-dev / co2compass-app ... yes
sdp-dev / sdp-api ... yes
sdp-dev / sdp-ops ... yes
Redis version >= 4.0.0? ... yes
Ruby version >= 2.5.3 ? ... yes (2.6.6)
Git version >= 2.24.0 ? ... yes (2.28.0)
Git user has default SSH configuration? ... yes
Active users: ... 3
Is authorized keys file accessible? ... yes
GitLab configured to store new projects in hashed storage? ... yes
All projects are in hashed storage? ... yes

Checking GitLab App ... Finished


Checking GitLab subtasks ... Finished

I think it is not a timeout issue, because the whole request from my browser takes ~150ms. I was able to reach the Gitlab instance via http before.
Any idea?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@BairDev