diff options
| author | Rémy Coutable <remy@rymai.me> | 2017-03-20 08:40:02 +0100 |
|---|---|---|
| committer | Rémy Coutable <remy@rymai.me> | 2017-03-20 08:40:02 +0100 |
| commit | 691402fb2b361ba19db3b8bdf77b75e513883423 (patch) | |
| tree | a0b4729f50355cec755f51269eb6622f88414400 /lib | |
| parent | 8f67a2604775b32b76fd2bec8e7a920be6429be3 (diff) | |
| parent | 79c3ace80b690c9ccc2d6190fcf1f14f735f566c (diff) | |
| download | gitlab-ce-691402fb2b361ba19db3b8bdf77b75e513883423.tar.gz | |
Merge branch '3kami3/gitlab-ce-real_ip'
See merge request !9623.
Signed-off-by: Rémy Coutable <remy@rymai.me>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/support/nginx/gitlab | 7 | ||||
| -rw-r--r-- | lib/support/nginx/gitlab-ssl | 7 |
2 files changed, 14 insertions, 0 deletions
diff --git a/lib/support/nginx/gitlab b/lib/support/nginx/gitlab index 2f7c34a3f31..f25e66d54c8 100644 --- a/lib/support/nginx/gitlab +++ b/lib/support/nginx/gitlab @@ -38,6 +38,13 @@ server { ## See app/controllers/application_controller.rb for headers set + ## Real IP Module Config + ## http://nginx.org/en/docs/http/ngx_http_realip_module.html + real_ip_header X-Real-IP; ## X-Real-IP or X-Forwarded-For or proxy_protocol + real_ip_recursive off; ## If you enable 'on' + ## If you have a trusted IP address, uncomment it and set it + # set_real_ip_from YOUR_TRUSTED_ADDRESS; ## Replace this with something like 192.168.1.0/24 + ## Individual nginx logs for this GitLab vhost access_log /var/log/nginx/gitlab_access.log; error_log /var/log/nginx/gitlab_error.log; diff --git a/lib/support/nginx/gitlab-ssl b/lib/support/nginx/gitlab-ssl index 330031aaddc..2b40da18bab 100644 --- a/lib/support/nginx/gitlab-ssl +++ b/lib/support/nginx/gitlab-ssl @@ -85,6 +85,13 @@ server { ## [Optional] Enable HTTP Strict Transport Security # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains"; + ## Real IP Module Config + ## http://nginx.org/en/docs/http/ngx_http_realip_module.html + real_ip_header X-Real-IP; ## X-Real-IP or X-Forwarded-For or proxy_protocol + real_ip_recursive off; ## If you enable 'on' + ## If you have a trusted IP address, uncomment it and set it + # set_real_ip_from YOUR_TRUSTED_ADDRESS; ## Replace this with something like 192.168.1.0/24 + ## Individual nginx logs for this GitLab vhost access_log /var/log/nginx/gitlab_access.log; error_log /var/log/nginx/gitlab_error.log; |