--- /dev/null
+## GitLab
+##
+## Lines starting with two hashes (##) are comments with information.
+## Lines starting with one hash (#) are configuration parameters that can be uncommented.
+##
+###################################
+## configuration ##
+###################################
+
+upstream gitlab-workhorse {
+ server unix:/run/gitlab/gitlab-workhorse.socket;
+}
+
+server {
+ listen *:80;
+
+ server_name gitlab.example.org;
+
+ ## Don't show the nginx version number, a security best practice
+ server_tokens off;
+
+ ## Increase this if you want to upload large attachments
+ ## Or if you want to accept large git objects over http
+ client_max_body_size 0;
+
+ ## Individual nginx logs for this GitLab vhost
+ access_log /var/log/nginx/gitlab_access.log gitlab_access;
+ error_log /var/log/nginx/gitlab_error.log;
+
+ location / {
+ ## If you use HTTPS make sure you disable gzip compression
+ ## to be safe against BREACH attack.
+
+ ## https://github.com/gitlabhq/gitlabhq/issues/694
+ ## Some requests take more than 30 seconds.
+ proxy_read_timeout 300;
+ proxy_connect_timeout 300;
+ proxy_redirect off;
+
+ proxy_http_version 1.1;
+
+ proxy_set_header Host $http_host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto http;
+
+ proxy_pass http://gitlab-workhorse;
+ }
+
+ error_page 404 /404.html;
+ error_page 422 /422.html;
+ error_page 500 /500.html;
+ error_page 502 /502.html;
+
+ location ~ ^/(404|422|500|502)\.html$ {
+ root /var/lib/gitlab/public;
+ internal;
+ }
+}