Sunday, May 17, 2020

How To Run Secure GitLab with Self-Signed SSL Certificate On Ubuntu 18

Video Tutorial - https://youtu.be/LH7sXWhLr2M

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

GitLab is a self-hosted git repository management system. Offcial Website -https://docs.gitlab.com/
Gitlab SSL Configuration Doc - https://docs.gitlab.com/omnibus/settings/ssl.html
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Testing Environment:
Ubuntu 18.04.LTS Bionic              Hostname - www.yourdomain.com  - ip Address - 192.168.1.40
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Gitlab Version - GitLab CE 12.10.3

cd /etc/gitlab/ ; openssl genrsa -aes128 -out server.key 2048
openssl rsa -in server.key -out server.key
openssl req -new -days 3650 -key server.key -out server.csr
openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650
chmod 400 server.*

sudo gedit /etc/gitlab/gitlab.rb &>/dev/null
external_url 'https://www.example.com'

nginx['enable'] = true
nginx['client_max_body_size'] = '250m'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/server.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/server.key"
nginx['ssl_protocols'] = "TLSv1.2 TLSv1.3"
gitlab-ctl reconfigure

updatedb
locate gitlab.yml
sudo gedit /var/opt/gitlab/gitlab-rails/etc/gitlab.yml &>/dev/null
https://www.example.com
gitlab-rake gitlab:check  

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)