From 50bbc326a475f0cca8e63c7a8de96b3f5538cee0 Mon Sep 17 00:00:00 2001
From: Achilleas Pipinellis <axilleas@axilleas.me>
Date: Sat, 20 Feb 2016 23:32:46 +0200
Subject: [PATCH] Change NGINX pages configs to account for the Pages daemon

---
 lib/support/nginx/gitlab-pages     | 16 +++++++---------
 lib/support/nginx/gitlab-pages-ssl | 18 ++++++++----------
 2 files changed, 15 insertions(+), 19 deletions(-)

diff --git a/lib/support/nginx/gitlab-pages b/lib/support/nginx/gitlab-pages
index ed4f7e4316a..2e0eb2af4b1 100644
--- a/lib/support/nginx/gitlab-pages
+++ b/lib/support/nginx/gitlab-pages
@@ -8,20 +8,18 @@ server {
 
   ## Replace this with something like pages.gitlab.com
   server_name ~^(?<group>.*)\.YOUR_GITLAB_PAGES\.DOMAIN$;
-  root /home/git/gitlab/shared/pages/${group};
 
   ## Individual nginx logs for GitLab pages
   access_log  /var/log/nginx/gitlab_pages_access.log;
   error_log   /var/log/nginx/gitlab_pages_error.log;
 
-  # 1. Try to get /path/ from shared/pages/${group}/${path}/public/
-  # 2. Try to get / from shared/pages/${group}/${host}/public/
-  location ~ ^/([^/]*)(/.*)?$ {
-    try_files "/$1/public$2"
-              "/$1/public$2/index.html"
-              "/${host}/public/${uri}"
-              "/${host}/public/${uri}/index.html"
-              =404;
+  location / {
+    proxy_set_header    Host                $http_host;
+    proxy_set_header    X-Real-IP           $remote_addr;
+    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
+    proxy_set_header    X-Forwarded-Proto   $scheme;
+    # The same address as passed to GitLab Pages: `-listen-proxy`
+    proxy_pass          http://localhost:8282/;
   }
 
   # Define custom error pages
diff --git a/lib/support/nginx/gitlab-pages-ssl b/lib/support/nginx/gitlab-pages-ssl
index dcbbee4042a..1045cd42d2f 100644
--- a/lib/support/nginx/gitlab-pages-ssl
+++ b/lib/support/nginx/gitlab-pages-ssl
@@ -23,12 +23,11 @@ server {
 ## Pages serving host
 server {
   listen 0.0.0.0:443 ssl;
-  listen [::]:443 ipv6only=on ssl;
+  listen [::]:443 ipv6only=on ssl http2;
 
   ## Replace this with something like pages.gitlab.com
   server_name ~^(?<group>.*)\.YOUR_GITLAB_PAGES\.DOMAIN$;
   server_tokens off; ## Don't show the nginx version number, a security best practice
-  root /home/git/gitlab/shared/pages/${group};
 
   ## Strong SSL Security
   ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & https://cipherli.st/
@@ -63,14 +62,13 @@ server {
   access_log  /var/log/nginx/gitlab_pages_access.log;
   error_log   /var/log/nginx/gitlab_pages_error.log;
 
-  # 1. Try to get /path/ from shared/pages/${group}/${path}/public/
-  # 2. Try to get / from shared/pages/${group}/${host}/public/
-  location ~ ^/([^/]*)(/.*)?$ {
-    try_files "/$1/public$2"
-              "/$1/public$2/index.html"
-              "/${host}/public/${uri}"
-              "/${host}/public/${uri}/index.html"
-              =404;
+  location / {
+    proxy_set_header    Host                $http_host;
+    proxy_set_header    X-Real-IP           $remote_addr;
+    proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
+    proxy_set_header    X-Forwarded-Proto   $scheme;
+    # The same address as passed to GitLab Pages: `-listen-proxy`
+    proxy_pass          http://localhost:8282/;
   }
 
   # Define custom error pages