Update gitea logs for better request tracing

In gitea 1.14.0 they dropped the macaron http router for go-chi. This
seems to have changed how the request context's RemoteAddr is parsed in
logging. Importantly instead of a valid source port we get :0 which
makes it difficult to trace a connection from apache to gitea.

The origin of this behavior seems to be handling of X-Forwarded-For
headers that apache is setting. To address this we drop those headers
in hopes that gitea will log raw details for the apacher -> gitea
connection in that case. Due to not using x-forwarded-for anymore we
need to log the source port that apache is using for the proxy pass
connection which is done by modifying the apache log format.

Change-Id: I1e69431bf703947dc5c223df2a9e1b55bd0d841c
Clark Boylan 2 months ago
parent fbb55cd9ec
commit 2fb310972c
  1. 5

@ -17,7 +17,7 @@ Listen 3081
LogLevel warn
LogFormat "%h:%{remote}p %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combinedport
LogFormat "%h:%{remote}p %A:%{proxy-source-port}n %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combinedport
CustomLog ${APACHE_LOG_DIR}/gitea-ssl-access.log combinedport
SSLEngine on
@ -37,6 +37,9 @@ Listen 3081
Use UserAgentFilter
# Disable x-forwarded- headers because gitea logging can't
# parse them properly
ProxyAddHeaders Off
ProxyPass /.well-known/ !
ProxyPass / https://{{ inventory_hostname }}:3000/ retry=0
ProxyPassReverse / https://{{ inventory_hostname }}:3000/