反向代理背后的 Gerrit Code Review
Gerrit Code Review behind reverse proxy
我有一个在反向代理后面设置的 Gerrit Code Review 实例。这个的配置文件是:
[gerrit]
basePath = git
canonicalWebUrl = http://my-host:8090/
[database]
type = postgresql
hostname = db-host
database = reviewdb
username = gerrit2
[index]
type = LUCENE
[auth]
type = HTTP
[receive]
enableSignedPush = false
[sendemail]
smtpServer = localhost
[container]
user = gerrit2
javaHome = /usr/lib/jvm/java-7-openjdk-amd64/jre
[sshd]
listenAddress = *:29418
[httpd]
listenUrl = proxy-http://my-host:9090/
[cache]
directory = cache
然后,我尝试使用我拥有的现有摘要配置一个具有身份验证的 Apache VirtualHost 以传递给 gerrit。以下是 VirtualHost 的 conf 文件:
<VirtualHost *:9090>
ServerName my-host
ProxyRequests Off
ProxyVia Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location /login/>
AuthType Digest
AuthName "bloodhound"
AuthDigestDomain /bloodhound
AuthUserFile /opt/bloodhound/environments/main/bloodhound.htdigest
Require valid-user
</Location>
AllowEncodedSlashes On
ProxyPass / http://my-host:8090/
</VirtualHost>
问题是,当我尝试访问 http://my-host:9090/login 时,我从 Gerrit Code Review 收到一个错误页面:
Configuration Error
Check the HTTP server's authentication settings.
The HTTP server did not provide the username in the Authorization header when it forwarded the request to Gerrit Code Review.
If the HTTP server is Apache HTTPd, check the proxy configuration includes an authorization directive with the proper location, ensuring it ends with '/':
我不清楚为什么没有发送身份验证信息(实际上,登录 window 甚至没有出现用于凭据输入)。有什么想法吗?
您混淆了 gerrit.config 中的端口号。如下更改它们以匹配您的代理配置:
[gerrit]
canonicalWebUrl = http://my-host:9090/
[httpd]
listenUrl = proxy-http://my-host:8090/
还应使用 localhost 指定 listenUrl 以防止身份验证绕过。
我有一个在反向代理后面设置的 Gerrit Code Review 实例。这个的配置文件是:
[gerrit]
basePath = git
canonicalWebUrl = http://my-host:8090/
[database]
type = postgresql
hostname = db-host
database = reviewdb
username = gerrit2
[index]
type = LUCENE
[auth]
type = HTTP
[receive]
enableSignedPush = false
[sendemail]
smtpServer = localhost
[container]
user = gerrit2
javaHome = /usr/lib/jvm/java-7-openjdk-amd64/jre
[sshd]
listenAddress = *:29418
[httpd]
listenUrl = proxy-http://my-host:9090/
[cache]
directory = cache
然后,我尝试使用我拥有的现有摘要配置一个具有身份验证的 Apache VirtualHost 以传递给 gerrit。以下是 VirtualHost 的 conf 文件:
<VirtualHost *:9090>
ServerName my-host
ProxyRequests Off
ProxyVia Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location /login/>
AuthType Digest
AuthName "bloodhound"
AuthDigestDomain /bloodhound
AuthUserFile /opt/bloodhound/environments/main/bloodhound.htdigest
Require valid-user
</Location>
AllowEncodedSlashes On
ProxyPass / http://my-host:8090/
</VirtualHost>
问题是,当我尝试访问 http://my-host:9090/login 时,我从 Gerrit Code Review 收到一个错误页面:
Configuration Error
Check the HTTP server's authentication settings.
The HTTP server did not provide the username in the Authorization header when it forwarded the request to Gerrit Code Review.
If the HTTP server is Apache HTTPd, check the proxy configuration includes an authorization directive with the proper location, ensuring it ends with '/':
我不清楚为什么没有发送身份验证信息(实际上,登录 window 甚至没有出现用于凭据输入)。有什么想法吗?
您混淆了 gerrit.config 中的端口号。如下更改它们以匹配您的代理配置:
[gerrit]
canonicalWebUrl = http://my-host:9090/
[httpd]
listenUrl = proxy-http://my-host:8090/
还应使用 localhost 指定 listenUrl 以防止身份验证绕过。