在Debian上搭建Gitlab,并禁用内嵌Nginx

最近需要为公司搭建git代码仓库,结束后决定将过程记录. 首先获取gitlab安装包 打开 https://about.gitlab.com/downloads/ 选择自己的系统,按照提示安装.当执行完 gitlab-ctl reconfigure 后其实已经可以在浏览器中打开了,但是默认的是运行在gitlab内嵌的Nginx中,对于强迫症来说还是挺难受的.(其实内嵌的Nginx是不会影响到独立安装的Nginx的) 于是决定使用独立安装的Nginx代替内嵌的来运行gitlab. 先禁用内嵌的Nginx 编辑/etc/gitlab/gitlab.rb在Nginx部分添加一行 nginx['enable'] = false 然后再执行 gitlab-ctl reconfigure # 每当修改了gitlab的配置文件都需要执行 现在已经禁用掉内嵌的Nginx了. 配置独立安装的Nginx 在Nginx配置目录中新建一个配置文件git.conf # gitlab socket 文件地址 upstream gitlab { server unix://var/opt/gitlab/gitlab-rails/sockets/gitlab.socket; } server { listen 80; server_name git.example.com; return 301 https://$host$request_uri; } server { listen 443 ssl http2; server_name git.example.com; ssl on; ssl_certificate path/to/ssl_certificate; #需要替换自己的证书 ssl_certificate_key path/to/ssl_certificate_key; #需要替换自己的证书 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_stapling on; ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:50m; ssl_session_timeout 10m; ssl_dhparam path/to/dhparam. »