nginx with gitlab self host and cookie/session expired problems

Rejaine Da Silveira Monteiro rejaine at bhz.jamef.com.br
Tue Jan 28 11:48:49 UTC 2025 

"Nginx can't do much about it If the application behind deletes all the
cookies."

Yes, I am fully aware that this issue needs to be resolved at the
application level, and we should apply the merge request as soon as
possible. My final question about Nginx is more focused on the issue of
session expiration when accessing the application through Nginx. This
problem doesn't occur when accessing the application directly. Even when
using GitLab in isolation (without opening other sites on the same domain),
the session still expires after a very short time when accessed via Nginx.

  I’ve tried several timeout configurations in Nginx, but none of them have
resolved the issue. Currently, the configuration looks like this, but it
still hasn’t worked:

    proxy_connect_timeout 600;
    proxy_send_timeout 600;
    proxy_read_timeout 600;
    send_timeout 600;
    client_header_timeout 600;
    client_body_timeout 600;

  I’m still conducting additional tests to determine if the cookie issue is
also contributing to the problem of sessions expiring so frequently.

On Sat, Jan 25, 2025 at 9:45 AM Reinis Rozitis via nginx <nginx at nginx.org>
wrote:

> > Now, I’m wondering if the frequent logouts (session expiration) might be
> related to this cookie issue, and if there are any suggestions for
> addressing it via Nginx.
>
> Nginx can't do much about it If the application behind deletes all the
> cookies.
> So check what version of Gitlab you are running as the fix has been merged
> ~only 5 month ago
> https://gitlab.com/gitlab-org/gitlab/-/merge_requests/156213
>
> rr
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx
>

-- 
*Esta mensagem pode conter informações confidenciais ou privilegiadas, 
sendo seu sigilo protegido por lei. Se você não for o destinatário ou a 
pessoa autorizada a receber esta mensagem, não pode usar, copiar ou 
divulgar as informações nela contidas ou tomar qualquer ação baseada nessas 
informações. Se você recebeu esta mensagem por engano, por favor avise 
imediatamente ao remetente, respondendo o e-mail e em seguida apague-o. 
Agradecemos sua cooperação.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20250128/4fdbef65/attachment.htm>

More information about the nginx mailing list