setup-git-web-interface/apache-config.conf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70

# Configuration Apache pour GitLab
# À placer dans /etc/apache2/sites-available/gitlab.conf
# Puis activer avec: sudo a2ensite gitlab.conf

<VirtualHost *:80>
    ServerName chillka.example.com  # Remplacer par votre domaine ou IP
    
    # Redirection vers HTTPS (décommenter après configuration SSL)
    # Redirect permanent / https://chillka.example.com/
    
    ProxyPreserveHost On
    ProxyRequests off
    
    # Autoriser les requêtes proxy
    <Proxy *>
        Require all granted
    </Proxy>
    
    # Proxy vers GitLab
    ProxyPass / http://127.0.0.1:80/
    ProxyPassReverse / http://127.0.0.1:80/
    
    # Headers pour GitLab
    RequestHeader set X-Forwarded-Proto "http"
    RequestHeader set X-Forwarded-Ssl "off"
    
    # Headers supplémentaires pour GitLab
    RequestHeader set X-Real-IP %{REMOTE_ADDR}s
    RequestHeader set X-Forwarded-For %{REMOTE_ADDR}s
    
    # Logs
    ErrorLog ${APACHE_LOG_DIR}/gitlab_error.log
    CustomLog ${APACHE_LOG_DIR}/gitlab_access.log combined
</VirtualHost>

# Configuration HTTPS (décommenter après avoir configuré SSL avec certbot)
# <VirtualHost *:443>
#     ServerName chillka.example.com
#     
#     # SSL Configuration
#     SSLEngine on
#     SSLCertificateFile /etc/letsencrypt/live/chillka.example.com/fullchain.pem
#     SSLCertificateKeyFile /etc/letsencrypt/live/chillka.example.com/privkey.pem
#     SSLCertificateChainFile /etc/letsencrypt/live/chillka.example.com/chain.pem
#     
#     # Protocols et ciphers
#     SSLProtocol all -SSLv2 -SSLv3
#     SSLCipherSuite HIGH:!aNULL:!MD5
#     
#     ProxyPreserveHost On
#     ProxyRequests off
#     
#     <Proxy *>
#         Require all granted
#     </Proxy>
#     
#     ProxyPass / http://127.0.0.1:80/
#     ProxyPassReverse / http://127.0.0.1:80/
#     
#     # Headers pour GitLab avec HTTPS
#     RequestHeader set X-Forwarded-Proto "https"
#     RequestHeader set X-Forwarded-Ssl "on"
#     RequestHeader set X-Real-IP %{REMOTE_ADDR}s
#     RequestHeader set X-Forwarded-For %{REMOTE_ADDR}s
#     
#     # Logs
#     ErrorLog ${APACHE_LOG_DIR}/gitlab_ssl_error.log
#     CustomLog ${APACHE_LOG_DIR}/gitlab_ssl_access.log combined
# </VirtualHost>