SSL/TLS redirect not correct for registry (embedded nginx)
Summary
SSL/TLS Redirection configuration for registry is incorrect.
Steps to reproduce
Using configuration :
registry_nginx['redirect_http_to_https'] = true
and then :
# gitlab-ctl reconfigure
What is the current bug behavior?
The nginx configuration generated in gitlab/nginx/conf/gitlab-registry.conf
## Redirects all HTTP traffic to the HTTPS host server { listen *:80; server_name registry.mydomain.net; server_tokens off; ## Don't show the nginx version number, a security best practice return 301 https://$http_host:$request_uri; access_log /var/log/gitlab/nginx/gitlab_registry_access.log gitlab_access; error_log /var/log/gitlab/nginx/gitlab_registry_error.log; }
the port is missing, but the ":" is present in the return line.
What is the expected correct behavior?
return 301 https://$http_host:443$request_uri;
Results of GitLab environment info
Expand for output related to GitLab environment info
oot@gitlab01:/data/gitlab/nginx/conf# gitlab-rake gitlab:env:info
System information System: Ubuntu 16.04 Current User: git Using RVM: no Ruby Version: 2.3.3p222 Gem Version: 2.6.6 Bundler Version:1.13.7 Rake Version: 10.5.0 Redis Version: 3.2.5 Git Version: 2.13.4 Sidekiq Version:5.0.0 Go Version: unknown
GitLab information Version: 9.4.5 Revision: 140292e Directory: /opt/gitlab/embedded/service/gitlab-rails DB Adapter: postgresql URL: https://gitlab.mydomain.net HTTP Clone URL: https://gitlab.mydomain.net/some-group/some-project.git SSH Clone URL: git@gitlab.mydomain.net:some-group/some-project.git Using LDAP: yes Using Omniauth: no
GitLab Shell Version: 5.3.1 Repository storage paths:
- default: /data/gitlab/git-data/repositories Hooks: /opt/gitlab/embedded/service/gitlab-shell/hooks Git: /opt/gitlab/embedded/bin/git