DevOps

Let’s Encrypt SSL for GitLab

Prabath ThalangamaComment(0)

To enable Let’s Encrypt SSL for GitLab, follow these steps. Ensure that GitLab is configured properly and you have root access to your GitLab instance. The steps apply to GitLab’s Omnibus installation.

1. Ensure Prerequisites

  • A publicly accessible domain name pointing to your GitLab server.
  • Port 80 (HTTP) and port 443 (HTTPS) open on your server’s firewall.
  • Root or sudo privileges on the GitLab server.

2. Edit GitLab Configuration

Open the GitLab configuration file for editing:

sudo nano /etc/gitlab/gitlab.rb

Locate and set the following configurations:

  • Enable HTTPS: 
    external_url 'https://yourdomain.com'
  • Enable Let’s Encrypt integration: 
    letsencrypt['enable'] = true
letsencrypt['contact_emails'] = ['your-email@example.com'] # Optional, but recommended
letsencrypt['auto_renew'] = true # Optional, renews automatically
  • If you are behind a reverse proxy, you may need to configure nginx['listen_port'] or proxy settings accordingly.

3. Reconfigure GitLab

Apply the changes by running:

sudo gitlab-ctl reconfigure

During this process:

  • GitLab will automatically request and configure a Let’s Encrypt certificate.
  • If successful, HTTPS will be enabled on your GitLab instance.

4. Check the SSL Certificate

Access your GitLab instance in a browser at https://yourdomain.com and verify that the SSL certificate is properly issued by Let’s Encrypt.

5. Optional: Test Auto-Renewal

To test auto-renewal:

sudo gitlab-rake gitlab:lets_encrypt:renew

Monitor the logs to confirm renewal:

sudo gitlab-ctl tail nginx/gitlab_error.log


Loading

Prabath Thalangama
Web: sysadmin.lk
Email: inbox [at] sysadmin.lk
LinkedIn: https://www.linkedin.com/in/prabatht
Facebook: https://www.facebook.com/prabath.hinoize

Related Articles
DevOps Red hat linux

How to Update Third-Party SSL Certificates on GitLab

Prabath Thalangama

Updating third-party SSL certificates on GitLab involves replacing the existing certificate files with the new ones and reconfiguring GitLab. Here’s how to do it 1. Obtain New SSL Certificates You can use my CSR Generator to generate a CSR and acquire the SSL certificate. – Acquire the updated SSL certificate and private key from your […]

Loading
DevOps

Getting Started with Git: 25 Essential Commands for Beginners

Prabath Thalangama

Git is a powerful version control system that every developer should know. Whether you’re collaborating with others or managing your own projects, these 25 Git commands will help you navigate and control your codebase efficiently. 1. git init Initializes a new Git repository in your project directory. git init 2. git clone Clones an existing […]

Loading
DevOps Docker Kubernetes Red hat linux

Kubectl Cheat Sheet

Prabath Thalangama

Introduction​ Kubernetes is a famous container orchestration tool that is very popular in modern software development. If you are using Kubernetes, you must have used Kubectl, which is the command line tool to manage your Kubernetes applications. This guide will walk you through the most frequently used commands for Kubectl. Not only will we discuss […]

Loading

Leave a Reply

Your email address will not be published. Required fields are marked *