Gitlab

Setup HTTPS for Gitlab

Generate a new private key and a Certificate Signing Request

openssl req -new -newkey rsa:2048 -nodes -keyout example.com.key -out example.com.req

Generate a certificate signing request (CSR) for an existing private key

openssl req -new -key example.com.key -out example.com.req

Edit Gitlab configuration

sudo vim /etc/gitlab/gitlab.rb

Add the following statement:

external_url "https://gitlab.example.com"

Create the /etc/gitlab/ssl directory

sudo mkdir -p /etc/gitlab/ssl
sudo chmod 700 /etc/gitlab/ssl

Copy your key and certificate

sudo cp gitlab.example.com.key gitlab.example.com.crt /etc/gitlab/ssl/

Reconfigure your GitLab instance

sudo gitlab-ctl reconfigure

 

Optional

Change default port

To change the default port(443), just specify it as part of the external_url:

sudo vim /etc/gitlab/gitlab.rb
external_url "https://gitlab.example.com:8888"
sudo gitlab-ctl reconfigure

Change the default SSL certificate locations

Specify the following configuration:

sudo vim /etc/gitlab/gitlab.rb
nginx['ssl_certificate'] = "/etc/gitlab/ssl/#{node['fqdn']}.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/#{node['fqdn']}.key"
sudo gitlab-ctl reconfigure