0

Background to my server: I have everything put into docker container. There is a docker network. All of the docker container are on the same network. And I use aliases to address my container. My container aliases for gitlab is gitlab.docker. The interesting container for this question is my gitlab_runner container, my gitlab container and my nginx container.

I noticed my gitlab-runner container throw an error 18 when it was supposed to clone a project.

I am pretty sure this is a nginx issue. I know that because I went into a container on the same docker network and once tried to clone via my public dns address and once via the internal network circumnavigating my own nginx with this as a result (replaced my domain and my top level domain. Rest is untouched):

bash-5.0# git clone "http://gitlab.myHost.com/docker/sbt.git" Cloning into 'sbt'... Username for 'https://gitlab.myHost.com': root Password for 'https://[email protected]': warning: redirecting to https://gitlab.myHost.com/docker/sbt.git/ remote: Enumerating objects: 16, done. remote: Counting objects: 100% (16/16), done. remote: Compressing objects: 100% (12/12), done. error: RPC failed; curl 18 transfer closed with outstanding read data remaining fatal: the remote end hung up unexpectedly fatal: early EOF fatal: unpack-objects failed bash-5.0# git clone "http://gitlab.docker/docker/sbt.git" Cloning into 'sbt'... Username for 'http://gitlab.docker': root Password for 'http://[email protected]': remote: Enumerating objects: 16, done. remote: Counting objects: 100% (16/16), done. remote: Compressing objects: 100% (12/12), done. remote: Total 16 (delta 1), reused 0 (delta 0), pack-reused 0 Unpacking objects: 100% (16/16), done.

This is my nginx config:

server { server_name gitlab.myHost.com; listen 80; listen 443 ssl; ssl_certificate /etc/letsencrypt/live/gitlab.myHost.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/gitlab.myHost.com/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; if ($scheme != "https") { return 301 https://$host$request_uri; } location / { proxy_pass http://gitlab.docker; } }

Anyone any idea why this isn't working? I should mention that the website of gitlab works just fine. Except for the web IDE, which doesn't load. Just in case it is connected, but that's actually an issue very far down my todo.

Improve this question

1 Answer 1

Reset to default
0

Okay, I figured it out. There was a 55Mb binary file in my repo which was too big. Adding this to my config solved it:

client_max_body_size 4G;

The question is, is 4GB too big to allow. But since it is only for Gitlab, I guess it is fine for the moment.

Improve this answer
4
  • You will have a similar issue with pushes and POST body sizes. The good thing is, you can enforce SSH on users, while GL runner forces HTTP(S). Commented Feb 24, 2020 at 8:54
  • And in case you didn't know, nginx is perfectly capable of tunneling SSH traffic. Commented Feb 24, 2020 at 8:55
  • How is that working? Nginx gets an http request and forwards it further over ssh? Or does it get an ssh request and forward it further via ssh? And if it is the latter, how does it figure out the server name without the http protocol. Commented Feb 24, 2020 at 9:00
  • I would have to check the details, but as far as I can tell it's a simple TCP tunnel. The reverse proxy has it's own sshd on a different port Commented Feb 24, 2020 at 12:54

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.