Added configuration for Gitlab 8.x and Apache Httpd 2.2.x.

web-server/apache/gitlab-8.0-apache2.2.conf

@@ -0,0 +1,66 @@
+#This configuration has been tested on GitLab 8.0.0
+#Note this config assumes unicorn is listening on default port 8080 and gitlab-git-http-server is listening on port 8181.
+#To allow gitlab-git-http-server to listen on port 8181, edit or create /etc/default/gitlab and change or add the following:
+#gitlab_git_http_server_options="-listenUmask 0 -listenNetwork tcp -listenAddr localhost:8181 -authBackend http://127.0.0.1:8080"
+
+#Module dependencies
+#  mod_rewrite
+#  mod_proxy
+#  mod_proxy_http
+# HTTP Configuration
+<VirtualHost *:80>
+  ServerName gitlab.example.com
+  ServerSignature Off
+
+  ProxyPreserveHost On
+
+  # Ensure that encoded slashes are not decoded but left in their encoded state.
+  # http://doc.gitlab.com/ce/api/projects.html#get-single-project
+  AllowEncodedSlashes NoDecode
+
+    # Ensure that encoded slashes are not decoded but left in their encoded state.
+    # http://doc.gitlab.com/ce/api/projects.html#get-single-project
+    #AllowEncodedSlashes NoDecode
+    <Location />
+        # New authorization commands for apache 2.4 and up
+        # http://httpd.apache.org/docs/2.4/upgrading.html#access
+        #Require all granted
+        Order deny,allow
+        Allow from all
+
+        #Allow forwarding to gitlab-git-http-server
+        ProxyPassReverse http://127.0.0.1:8181
+        #Allow forwarding to GitLab Rails app (Unicorn)
+        ProxyPassReverse http://127.0.0.1:8080
+        ProxyPassReverse http://gitlab.example.com/
+    </Location>
+
+  #apache equivalent of nginx try files
+  # http://serverfault.com/questions/290784/what-is-apaches-equivalent-of-nginxs-try-files
+  # http://stackoverflow.com/questions/10954516/apache2-proxypass-for-rails-app-gitlab
+  RewriteEngine on
+  #Forward requests ending with .git to gitlab-git-http-server
+  RewriteCond %{REQUEST_URI} [-\/\w\.]+\.git\/
+  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
+
+  #Forward any other requests to GitLab Rails app (Unicorn)
+  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
+  RewriteCond %{REQUEST_URI} ^/uploads
+  RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA,NE]
+
+  # needed for downloading attachments
+  DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
+
+  #Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
+  ErrorDocument 404 /404.html
+  ErrorDocument 422 /422.html
+  ErrorDocument 500 /500.html
+  ErrorDocument 503 /deploy.html
+
+  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
+  ErrorLog  /var/log/httpd/logs/gitlab.example.com_error.log
+  CustomLog /var/log/httpd/logs/gitlab.example.com_forwarded.log common_forwarded
+  CustomLog /var/log/httpd/logs/gitlab.example.com_access.log combined env=!dontlog
+  CustomLog /var/log/httpd/logs/gitlab.example.com.log combined
+
+</VirtualHost>

web-server/apache/gitlab-8.0-ssl-apache2.2.conf

@@ -0,0 +1,80 @@
+#This configuration has been tested on GitLab 6.0.0 and GitLab 6.0.1
+#Note this config assumes unicorn is listening on default port 8080.
+#Module dependencies
+#  mod_rewrite
+#  mod_proxy
+#  mod_proxy_http
+
+# HTTP Configuration
+<VirtualHost *:80>
+
+    ServerName gitlab.example.com
+    ServerSignature Off
+
+    RewriteEngine on
+    RewriteCond %{HTTPS} !=on
+    RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [NE,R,L]
+
+</VirtualHost>
+
+
+# HTTPS Configuration
+<VirtualHost *:443>
+    SSLEngine on
+
+    #strong encryption ciphers only
+    #see ciphers(1) http://www.openssl.org/docs/apps/ciphers.html
+    SSLProtocol all -SSLv2
+    SSLCertificateFile    /etc/pki/tls/certs/gitlab.example.com.crt
+    SSLCertificateKeyFile /etc/pki/tls/private/gitlab.example.com.key
+    SSLCACertificateFile  /etc/pki/tls/certs/gitlab.example.com.ca-bundle.crt
+
+    ServerName gitlab.example.com
+    ServerSignature Off
+    ProxyPreserveHost On
+
+    # Ensure that encoded slashes are not decoded but left in their encoded state.
+    # http://doc.gitlab.com/ce/api/projects.html#get-single-project
+    #AllowEncodedSlashes NoDecode
+    <Location />
+        # New authorization commands for apache 2.4 and up
+        # http://httpd.apache.org/docs/2.4/upgrading.html#access
+        #Require all granted
+        Order deny,allow
+        Allow from all
+        
+        #Allow forwarding to gitlab-git-http-server
+        ProxyPassReverse http://127.0.0.1:8181
+        #Allow forwarding to GitLab Rails app (Unicorn)
+        ProxyPassReverse http://127.0.0.1:8080
+        ProxyPassReverse http://gitlab.example.com/
+    </Location>
+
+    #Forward requests ending with .git to gitlab-git-http-server
+    RewriteCond %{REQUEST_URI} [-\/\w\.]+\.git\/
+    RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]
+
+    #Forward any other requests to GitLab Rails app (Unicorn)
+    RewriteEngine on
+    RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
+    RewriteCond %{REQUEST_URI} ^/uploads
+    RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA,NE]
+    RequestHeader set X_FORWARDED_PROTO 'https'
+    RequestHeader set X-Forwarded-Ssl on
+
+    # needed for downloading attachments
+    DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
+
+    #Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
+    ErrorDocument 404 /404.html
+    ErrorDocument 422 /422.html
+    ErrorDocument 500 /500.html
+    ErrorDocument 503 /deploy.html
+
+    LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
+    ErrorLog  /data/www/gitlab/log/gitlab.example.com_error.log
+    CustomLog /data/www/gitlab/log/gitlab.example.com_forwarded.log common_forwarded
+    CustomLog /data/www/gitlab/log/gitlab.example.com_access.log combined env=!dontlog
+    CustomLog /data/www/gitlab/log/gitlab.example.com.log combined
+
+</VirtualHost>