From an earlier article, we learnt how to setup and configure gitlab server and other projects on apache server in a VPS (virtual private server).
Install and Configure Gitlab and Website on Apache Server in your VPS
In this tutorial, we will be going us through the process of configuring https for our gitlab server.
First, let’s log into our server:
ssh user@your_server_ip
Step 1
Create a new apache config file in sites-available folder
#navigate to apache config folder
cd /etc/apache2/sites-available
# create new conf file
touch new_gitlab_ssl.conf
# open file for editing
sudo vi new_gitlab_ssl.conf
paste the code below inside, modifying the domain or sub domain where necessary and save the file
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName <your_domain_or_sub_domain>
ServerSignature Off
ProxyPreserveHost On
SSLCertificateFile <path to certificate crt file>
SSLCertificateKeyFile <path to certificate pem file>
AllowEncodedSlashes NoDecode
<Location />
Require all granted
ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse <your_domain_or_sub_domain>
</Location>
RewriteEngine on
RewriteRule /[-\/\w\.]+\.git\/ http://127.0.0.1:8282%{REQUEST_URI} [P,QSA,L]
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA]
DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/your_domain_or_sub_domain_error.log
CustomLog /var/log/httpd/logs/your_domain_or_sub_domain_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/your_domain_or_sub_domain_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/your_domain_or_sub_domain.log combined
</VirtualHost>
</IfModule>
After saving our new gitlab-ssl config file, We can then enable our new gitlab config and restart apache to reflect the changes:
# activate new config file
sudo a2ensite new_gitlab_ssl.conf
# restart apache server
sudo service apache2 restart
We have successfully configured our gitlab server to be served over https.
Step 2
Let’s configure our gitlab server to use https in our external url.
Note: The external url is the url used for cloning repositories on the server.
open the gitlab config file
sudo vi /etc/gitlab/gitlab.rb
modify the external url in your gitlab server configuration file:
external_url "<yourdomain>" // new url with https
save the config file and reconfigure the Gitlab server using:
sudo gitlab-ctl reconfigure
Reload your gitlab url, log in and try cloning a repository to confirm that repositories are cloned over https.
Our gitlab server has been configured successfully to use https and also all cloning url for repositories.