422 无法处理的实体，JS 文件，gitlab 8.17，apache ssl

Question

昨天在 ubuntu 16.04 安装上进行了新的 gitlab 8.17.0 安装，并像我记录的旧版本一样对其进行配置。我正在运行一个 apache2，它让加密作为代理。看起来好像一切运行良好，但是没有加载一些 JS 文件。我在

处得到“422 Unprocessable Entity”https

• 域/资产/webpack/application-XXX.js
• 域/资产/webpack/lib_dX.js
• 域/资产/webpack/users-X.js
• 域/资产/webpack/lib_d3-X.js
• 域/资产/webpack/users-X.js

/etc/gitlab/gitlab.rb

external_url 'https://gitlab.example.com'

nginx['listen_address'] = 'localhost'
nginx['listen_port'] = 8080
nginx['listen_https'] = false

web_server['external_users'] = ['www-data']
nginx['enable'] = false

/etc/apache2/sites-available/gitlab.example.com.conf

<VirtualHost *:80>
        ServerName gitlab.example.com
        ServerAdmin mail@gitlab.example.com

        ErrorLog /var/log/apache2/gitlab.example.com/error.log
        CustomLog /var/log/apache2/gitlab.example.com/access.log combined

        Redirect 301 / https://gitlab.example.com/
</VirtualHost>

<VirtualHost *:443>
        ServerName gitlab.example.com
        ServerAdmin mail@gitlab.example.com

        ErrorLog /var/log/apache2/gitlab.example.com/error.log
        CustomLog /var/log/apache2/gitlab.example.com/access.log combined

        RequestHeader set X-Forwarded-Proto "https"
        RequestHeader set X-Forwarded-Port "443"
        ProxyPreserveHost On
        ProxyPass / http://localhost:8080/
        ProxyPassReverse / http://localhost:8080/

        SSLEngine on
        SSLCertificateFile /etc/letsencrypt/live/gitlab.example.com/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/gitlab.example.com/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/gitlab.example.com/chain.pem

  <Proxy http://localhost:8080/>
    Order deny,allow
    Allow from all
  </Proxy>
</VirtualHost>

有人有解决问题的想法吗？

谢谢！祝你有个愉快的星期天。

Answer 1

这是 8.17 中的一个问题，尚未修复。

只需降级到 8.16 sudo apt-get install gitlab-ce=8.16.6-ce.0

Answer 2

我在提供提到的静态文件时遇到了同样的问题，但在 nginx 代理后面。在 /var/log/gitlab/gitlab-rails/production.log 文件中有错误：

Started GET "/assets/webpack/application-0b895f7016d93748393a-v2.js" for 127.0.0.1 at 2017-03-05 11:14:21 +0100
Processing by ApplicationController#route_not_found as JS
  Parameters: {"unmatched_route"=>"assets/webpack/application-0b895f7016d93748393a-v2"}
Security warning: an embedded <script> tag on another site requested protected JavaScript.
If you know what you're doing, go ahead and disable forgery protection on this action to
permit cross-origin JavaScript embedding.
Completed 422 Unprocessable Entity in 28ms (ActiveRecord: 1.8ms)

ActionController::InvalidCrossOriginRequest (Security warning: an embedded 
<script> tag on another site requested protected JavaScript. If you know 
what you're doing, go ahead and disable forgery protection on this action to 
permit cross-origin JavaScript embedding.):
  lib/gitlab/middleware/multipart.rb:93:in `call'
  lib/gitlab/request_profiler/middleware.rb:14:in `call'
  lib/gitlab/middleware/go.rb:16:in `call'

所以我在 /opt/gitlab/embedded/service/gitlab-rails/config/environments/production.rb 中进行了更改：

  config.action_controller.allow_forgery_protection = false

  # Disable Rails's static asset server (Apache or nginx will already do this)
  config.serve_static_files = true

并重新启动 gitlab (gitlab-ctl restart)。现在它可以工作了，但是我认为我的服务器的安全性被削弱了。