Skip to content
Snippets Groups Projects

Bug: Dashboard link broken on SSL/HTTPS via Reverse Proxy

Problem

Clicking the GitLab logo in the upper left corner is broken, as some JavaScript captures the click and tries to load the link via XHR. This fails, as the link's URL scheme (https) is not respected and set to http. The browser (Chrome in this case) blocks the request due to mixed content policy. The link on the element itself is correct (https://gitlab.example.org).

image image

Configuration

We are serving GitLab via HTTPS on default port 443 via https://gitlab.example.org. As our Apache also serves other pages via HTTPS, we use the following directives to proxy it to the local GitLab instance:

ProxyPass / http://127.0.0.1:5381/
ProxyPassReverse / http://127.0.0.1:5381/

Our GitLab config looks this way. To avoid unnecessary overhead, the internal connection is not encrypted.

# necessary so all URLs are correct in frontend
external_url 'https://gitlab.example.org'

# only reachable locally
nginx['listen_addresses'] = ['127.0.0.1']  

# we do not want SSL (fix auto-ssl because of https in external_url)
nginx['listen_https']     = false  

# local nginx port
nginx['listen_port']      = 5381 
redis['port']             = 5379
unicorn['port']           = 5380