From 8da634475d921723f2b7868e512fdec32623e6ce Mon Sep 17 00:00:00 2001
From: Alexander <alexander0derevianko@gmail.com>
Date: Sat, 16 Aug 2025 20:24:26 +0200
Subject: [PATCH] Fix gitlab runner + nginx

---
 machines/amaterasu/main/default.nix |  2 +-
 modules/gitlab/default.nix          | 60 +++++++++++++++++++++++++++++
 2 files changed, 61 insertions(+), 1 deletion(-)

diff --git a/machines/amaterasu/main/default.nix b/machines/amaterasu/main/default.nix
index 4e83a79..0fde826 100644
--- a/machines/amaterasu/main/default.nix
+++ b/machines/amaterasu/main/default.nix
@@ -126,7 +126,7 @@ in {
   ###
   dov = {
     gitlab.enable = true;
-    jenkins.enable = false; # will migrate to gitlab runner
+    jenkins.enable = true; # will migrate to gitlab runner
   };
 
   # DO NOT CHANGE AT ANY POINT!
diff --git a/modules/gitlab/default.nix b/modules/gitlab/default.nix
index 6899ade..3d22569 100644
--- a/modules/gitlab/default.nix
+++ b/modules/gitlab/default.nix
@@ -106,6 +106,66 @@ in {
         localhost = {
           locations."/" = {
             proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";
+            extraConfig = ''
+              # Remove max size to allow gitlab transfer and accept big files from runners
+              client_max_body_size 0;
+
+              # Disable proxy buffering for GitLab real-time features
+              proxy_buffering off;
+              proxy_request_buffering off;
+
+              # Additional timeout settings
+              proxy_read_timeout 300;
+              proxy_connect_timeout 300;
+              proxy_send_timeout 300;
+
+              # GitLab-specific headers
+              proxy_set_header X-GitLab-External-Url https://gitlab.susano-lab.duckdns.org;
+
+              # WebSocket support
+              proxy_http_version 1.1;
+              proxy_set_header Upgrade $http_upgrade;
+              proxy_set_header Connection $connection_upgrade;
+
+              # Workhorse acceleration
+              proxy_set_header X-Sendfile-Type X-Accel-Redirect;
+              proxy_set_header X-Accel-Mapping /var/opt/gitlab/=/gitlab-accel/;
+            '';
+          };
+          # Git HTTP endpoints
+          locations."~ ^/[\\w\\.-]+/[\\w\\.-]+/git-(receive|upload)-pack$" = {
+            proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";
+            extraConfig = ''
+              client_max_body_size 0;
+              proxy_buffering off;
+              proxy_request_buffering off;
+            '';
+          };
+
+          # API large file support
+          locations."~ ^/api/v\\d+/projects/.*/repository/files" = {
+            proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";
+            extraConfig = ''
+              client_max_body_size 0;
+            '';
+          };
+
+          # LFS support
+          locations."~ ^/[\\w\\.-]+/[\\w\\.-]+/gitlab-lfs/objects" = {
+            proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";
+            extraConfig = ''
+              client_max_body_size 0;
+            '';
+          };
+
+          # CI artifacts
+          locations."~ ^/[\\w\\.-]+/[\\w\\.-]+/-/jobs/\\d+/artifacts" = {
+            proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";
+            extraConfig = ''
+              client_max_body_size 0;
+              proxy_buffering off;
+              proxy_request_buffering off;
+            '';
           };
         };
       };