github-starred/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-17 21:52:42 -05:00
Code Issues 2.6k Packages Projects Releases 100 Wiki Activity

Using Nginx with a sub-path as a reverse proxy does not work #3329

New Issue
Closed
opened 2025-11-02 05:08:43 -06:00 by GiteaMirror · 7 comments
GiteaMirror commented 2025-11-02 05:08:43 -06:00
Owner
Copy Link

Originally created by @nomandera on GitHub (May 14, 2019).

The documentation for nginx https://docs.gitea.io/en-us/reverse-proxies/ is very clear and whist it works perfectly for Nginx as a reverse proxy none of us can make it work for Nginx with a sub-path as a reverse proxy.

Much like https://github.com/go-gitea/gitea/issues/5425 the output of the site is mostly garbage and it appears that it is returning the same 4kB of html for / but also for every asset called from /.

As a side note the following form of config is superior when running within a docker environment as it does not require the container to be up when the reverse proxy starts and ultimately will allow the use of the gitea container without the need to expose the web UI to the host (the port listens on the docker network alone and the reverse proxy truely controls all web traffic).

location ^~ /gitea {
        include /config/nginx/proxy.conf;
        resolver 127.0.0.11 valid=30s;
        set $upstream_gitea gitea;
        proxy_pass http://$upstream_gitea:3000/;
}

To be clear this doesnt currently work but i have similar deployed for many (all) other projects.

I have run out of things to try and would very much appreciate if someone can confirm this actually works as documented or any other advice.

Originally created by @nomandera on GitHub (May 14, 2019). The documentation for nginx https://docs.gitea.io/en-us/reverse-proxies/ is very clear and whist it works perfectly for `Nginx as a reverse proxy` none of us can make it work for `Nginx with a sub-path as a reverse proxy`. Much like https://github.com/go-gitea/gitea/issues/5425 the output of the site is mostly garbage and it appears that it is returning the same 4kB of html for / but also for every asset called from /. As a side note the following form of config is superior when running within a docker environment as it does not require the container to be up when the reverse proxy starts and ultimately will allow the use of the gitea container without the need to expose the web UI to the host (the port listens on the docker network alone and the reverse proxy truely controls all web traffic). ``` location ^~ /gitea { include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_gitea gitea; proxy_pass http://$upstream_gitea:3000/; } ``` To be clear this doesnt currently work but i have similar deployed for many (all) other [projects](https://github.com/linuxserver/reverse-proxy-confs). I have run out of things to try and would very much appreciate if someone can confirm this actually works as documented or any other advice.
GiteaMirror added the type/question label 2025-11-02 05:08:43 -06:00
GiteaMirror commented 2025-11-02 05:08:44 -06:00
Author
Owner
Copy Link

@zeripath commented on GitHub (May 23, 2019):

	location /git {
		client_max_body_size 100M;
		proxy_pass http://localhost:3000/;
	}

works for me.

What's your app.ini (suitably anonymised)?

@zeripath commented on GitHub (May 23, 2019): ``` location /git { client_max_body_size 100M; proxy_pass http://localhost:3000/; } ``` works for me. What's your app.ini (suitably anonymised)?
GiteaMirror commented 2025-11-02 05:08:44 -06:00
Author
Owner
Copy Link

@nomandera commented on GitHub (May 25, 2019):

I will reply ASAP with proper details but a follow on question based on your reply. Is binding to host i.e. localhost:3000 necessary. In the context of the docker container it is better to bind directly to the containerised IP and add the extra bridged port to the host machine.

@nomandera commented on GitHub (May 25, 2019): I will reply ASAP with proper details but a follow on question based on your reply. Is binding to host i.e. `localhost:3000` necessary. In the context of the docker container it is better to bind directly to the containerised IP and add the extra bridged port to the host machine.
GiteaMirror commented 2025-11-02 05:08:44 -06:00
Author
Owner
Copy Link

@techknowlogick commented on GitHub (May 25, 2019):

Instead of location ^~ /gitea { could you try location /gitea { ?

@techknowlogick commented on GitHub (May 25, 2019): Instead of `location ^~ /gitea {` could you try `location /gitea {` ?
GiteaMirror commented 2025-11-02 05:08:45 -06:00
Author
Owner
Copy Link

@nomandera commented on GitHub (May 25, 2019):

Using the three suggestions so far (note I cannot use localhost as it it not relevant in docker where reverse proxy and gitea are both containers. however using the hostname gitea resolves correctly to the docker ip):

    location ~/gitea {
    client_max_body_size 100M;
           proxy_pass http://gitea:3000/;
    }

Causes an error

nginx: [emerg] "proxy_pass" cannot have URI part in location given by regular expression, or inside named location, or inside "if" statement, or inside "limit_except" block in /config/nginx/includes/gitea.subfolder.conf:13

The remaining two suggestions:

    location ^~ /gitea {
            client_max_body_size 100M;
            proxy_pass http://gitea:3000/;
    }

and

    location /gitea {
            client_max_body_size 100M;
            proxy_pass http://gitea:3000/;
    }

both produce the normal broken view

Screen

which is not surprising since as you can see every asset is identical in size i.e. / is being sent for every asset

Screen

Redacted config.

APP_NAME = Gitea: Git with a cup of tea
RUN_MODE = prod
RUN_USER = git

[repository]
ROOT = /data/git/repositories
FORCE_PRIVATE = true

[repository.local]
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo

[repository.upload]
TEMP_PATH = /data/gitea/uploads

[server]
APP_DATA_PATH    = /data/gitea
SSH_DOMAIN       = example.com:222
HTTP_PORT        = 3000
ROOT_URL         = http://example.com/
DISABLE_SSH      = false
SSH_PORT         = 22
LFS_CONTENT_PATH = /data/git/lfs
DOMAIN           = example.com
LFS_START_SERVER = true
LFS_JWT_SECRET   = ****
OFFLINE_MODE     = false

[database]
PATH     = /data/gitea/gitea.db
DB_TYPE  = sqlite3
HOST     = localhost:3306
NAME     = gitea
USER     = root
PASSWD   =
SSL_MODE = disable

[indexer]
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve

[session]
PROVIDER_CONFIG = /data/gitea/sessions
PROVIDER        = file

[picture]
AVATAR_UPLOAD_PATH      = /data/gitea/avatars
DISABLE_GRAVATAR        = false
ENABLE_FEDERATED_AVATAR = true

[attachment]
PATH = /data/gitea/attachments

[log]
ROOT_PATH = /data/gitea/log
MODE      = file
LEVEL     = Info

[security]
INSTALL_LOCK   = true
SECRET_KEY     = ***
INTERNAL_TOKEN = ***

[mailer]
ENABLED = false

[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false

[oauth2]
JWT_SECRET = ***
@nomandera commented on GitHub (May 25, 2019): Using the three suggestions so far (note I cannot use localhost as it it not relevant in docker where reverse proxy and gitea are both containers. however using the hostname gitea resolves correctly to the docker ip): location ~/gitea { client_max_body_size 100M; proxy_pass http://gitea:3000/; } Causes an error `nginx: [emerg] "proxy_pass" cannot have URI part in location given by regular expression, or inside named location, or inside "if" statement, or inside "limit_except" block in /config/nginx/includes/gitea.subfolder.conf:13` The remaining two suggestions: location ^~ /gitea { client_max_body_size 100M; proxy_pass http://gitea:3000/; } and location /gitea { client_max_body_size 100M; proxy_pass http://gitea:3000/; } both produce the normal broken view ![Screen](https://i.imgur.com/rverztK.jpg) which is not surprising since as you can see every asset is identical in size i.e. / is being sent for every asset ![Screen](https://i.imgur.com/bNfY8yD.jpg) Redacted config. ``` APP_NAME = Gitea: Git with a cup of tea RUN_MODE = prod RUN_USER = git [repository] ROOT = /data/git/repositories FORCE_PRIVATE = true [repository.local] LOCAL_COPY_PATH = /data/gitea/tmp/local-repo [repository.upload] TEMP_PATH = /data/gitea/uploads [server] APP_DATA_PATH = /data/gitea SSH_DOMAIN = example.com:222 HTTP_PORT = 3000 ROOT_URL = http://example.com/ DISABLE_SSH = false SSH_PORT = 22 LFS_CONTENT_PATH = /data/git/lfs DOMAIN = example.com LFS_START_SERVER = true LFS_JWT_SECRET = **** OFFLINE_MODE = false [database] PATH = /data/gitea/gitea.db DB_TYPE = sqlite3 HOST = localhost:3306 NAME = gitea USER = root PASSWD = SSL_MODE = disable [indexer] ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve [session] PROVIDER_CONFIG = /data/gitea/sessions PROVIDER = file [picture] AVATAR_UPLOAD_PATH = /data/gitea/avatars DISABLE_GRAVATAR = false ENABLE_FEDERATED_AVATAR = true [attachment] PATH = /data/gitea/attachments [log] ROOT_PATH = /data/gitea/log MODE = file LEVEL = Info [security] INSTALL_LOCK = true SECRET_KEY = *** INTERNAL_TOKEN = *** [mailer] ENABLED = false [openid] ENABLE_OPENID_SIGNIN = false ENABLE_OPENID_SIGNUP = false [oauth2] JWT_SECRET = *** ```
GiteaMirror commented 2025-11-02 05:08:45 -06:00
Author
Owner
Copy Link

@lafriks commented on GitHub (May 25, 2019):

You need to set ROOT_URL = http://example.com/gitea/

@lafriks commented on GitHub (May 25, 2019): You need to set `ROOT_URL = http://example.com/gitea/`
GiteaMirror commented 2025-11-02 05:08:45 -06:00
Author
Owner
Copy Link

@nomandera commented on GitHub (May 25, 2019):

That was the magic bullet. I started with this config as it is in the docs but somewhere along the line (likely debugging it was lost).

For what it is worth none of the examples in this thread to date work. The good news is the the solution as documented works. I have no clue why I couldnt get it to work right away as the manual was the very first place I started but for clarity, both location and proxy_pass needs the closing /

location /gitea/ {
       client_max_body_size 100M;
       proxy_pass http://gitea:3000/;
}

I will leave this ticket open for a bit to try and pay back my shame with a working version of:

location /gitea/ {
       auth_basic "off";
       include /config/nginx/proxy.conf;
       resolver 127.0.0.11 valid=30s;
       set $upstream_gitea gitea;
       proxy_pass http://$upstream_gitea:3000/;
}

This form doesn't quite work as-is for me (probably the auth) but once it does it is superior as it ensures nginx can come up even if gitea is not available.

@nomandera commented on GitHub (May 25, 2019): That was the magic bullet. I started with this config as it is in the docs but somewhere along the line (likely debugging it was lost). For what it is worth none of the examples in this thread to date work. The good news is the the solution as documented works. I have no clue why I couldnt get it to work right away as the manual was the very first place I started but for clarity, both location and proxy_pass needs the closing `/` ``` location /gitea/ { client_max_body_size 100M; proxy_pass http://gitea:3000/; } ``` I will leave this ticket open for a bit to try and pay back my shame with a working version of: ``` location /gitea/ { auth_basic "off"; include /config/nginx/proxy.conf; resolver 127.0.0.11 valid=30s; set $upstream_gitea gitea; proxy_pass http://$upstream_gitea:3000/; } ``` This form doesn't quite work as-is for me (probably the auth) but once it does it is superior as it ensures nginx can come up even if gitea is not available.
GiteaMirror commented 2025-11-02 05:08:45 -06:00
Author
Owner
Copy Link

@nomandera commented on GitHub (May 26, 2019):

Working docker friendly nginx reverse proxy as promised.

https://github.com/linuxserver/reverse-proxy-confs/blob/master/gitea.subfolder.conf.sample

Thanks for all the support.

@nomandera commented on GitHub (May 26, 2019): Working `docker friendly` nginx reverse proxy as promised. https://github.com/linuxserver/reverse-proxy-confs/blob/master/gitea.subfolder.conf.sample Thanks for all the support.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
Mirrored from GitHub Pull Request
 reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
No Label type/question
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#3329
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?