This is an old revision of the document!
1. Add following to your /etc/gitlab/gitlab.rb
external_url 'https://git.yourdomain.tld' nginx['listen_address'] = 'localhost' nginx['listen_port'] = 8888 nginx['listen_https'] = false
2. Reconfigure gitlab-ce
gitlab-ctl reconfigure
3. Create an apache2-configuration file to redirect http-requests to https in /etc/apache2/sites-availabe/git.yourdomain.tld.conf
<VirtualHost YOURIP:80> ServerName git.yourdomain.tld ServerAdmin [email protected] ErrorLog /var/log/apache2/git.yourdomain.tld/error.log Redirect 301 / https://git.yourdomain.tld/ </VirtualHost>
4. Enable vhost file
a2ensite git.yourdomain.tld
5. Create an apache2-configuration file to set a reverse proxy to the local gitlab instance in /etc/apache2/sites-availabe/git.yourdomain.tld_ssl.conf
<VirtualHost YOURIP:443> ServerName git.yourdomain.tld ServerAdmin [email protected] ErrorLog /var/log/apache2/git.yourdomain.tld/error.log RequestHeader set Host "git.yourdomain.tld" RequestHeader add X-Forwarded-Ssl on RequestHeader set X-Forwarded-For %{REMOTE_IP}e RequestHeader set X-Forwarded-Proto "https" ProxyPreserveHost On ProxyPass / http://localhost:8888/ ProxyPassReverse / http://localhost:8888/ SSLEngine On SSLCertificateFile /etc/gitlab/ssl/git.yourdomain.tld.pem SSLCertificateChainFile /etc/gitlab/ssl/git.yourdomain.tld.pem </VirtualHost>
6. Enable vhost file
a2ensite git.yourdomain.tld_ssl
7. Enable needed headers module
a2enmod headers
8. Create certificate and copy to /etc/gitlab/ssl/git.yourdomain.tld.pem (decrypted private, public, intermediate) 9. Reload apache2 service
apache2 reload