Configure https for gitlab and all gitlab cloning url on apache server

From an earlier article, we learnt how to setup and configure gitlab server and other projects on apache server in a VPS (virtual private server).

Install and Configure Gitlab and Website on Apache Server in your VPS

In this tutorial, we will be going us through the process of configuring https for our gitlab server.

First, let’s log into our server:

ssh user@your_server_ip

Step 1

Create a new apache config file in sites-available folder

#navigate to apache config folder
cd /etc/apache2/sites-available

# create new conf file
touch new_gitlab_ssl.conf

# open file for editing
sudo vi new_gitlab_ssl.conf

paste the code below inside, modifying the domain or sub domain where necessary and save the file

<IfModule mod_ssl.c>
<VirtualHost *:443>
  ServerName <your_domain_or_sub_domain>
  ServerSignature Off  

  ProxyPreserveHost On  

  SSLCertificateFile <path to certificate crt file>
  SSLCertificateKeyFile <path to certificate pem file>  

   AllowEncodedSlashes NoDecode  
  <Location />
      Require all granted    

      ProxyPassReverse http://127.0.0.1:8080
      ProxyPassReverse <your_domain_or_sub_domain>
  </Location>  

  RewriteEngine on
  RewriteRule /[-\/\w\.]+\.git\/ http://127.0.0.1:8282%{REQUEST_URI} [P,QSA,L]
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
  RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA] 

  DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public  

  ErrorDocument 404 /404.html
  ErrorDocument 422 /422.html
  ErrorDocument 500 /500.html
  ErrorDocument 503 /deploy.html

  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
  ErrorLog  /var/log/httpd/logs/your_domain_or_sub_domain_error.log
  CustomLog /var/log/httpd/logs/your_domain_or_sub_domain_forwarded.log common_forwarded
  CustomLog /var/log/httpd/logs/your_domain_or_sub_domain_access.log combined env=!dontlog
  CustomLog /var/log/httpd/logs/your_domain_or_sub_domain.log combined
</VirtualHost>
</IfModule>

After saving our new gitlab-ssl config file, We can then enable our new gitlab config and restart apache to reflect the changes:

# activate new config file
sudo a2ensite new_gitlab_ssl.conf

# restart apache server
sudo service apache2 restart

We have successfully configured our gitlab server to be served over https.

Step 2

Let’s configure our gitlab server to use https in our external url.

Note: The external url is the url used for cloning repositories on the server.

open the gitlab config file

sudo vi /etc/gitlab/gitlab.rb

modify the external url in your gitlab server configuration file:

external_url "<yourdomain>" // new url with https

save the config file and reconfigure the Gitlab server using:

sudo gitlab-ctl reconfigure

Reload your gitlab url, log in and try cloning a repository to confirm that repositories are cloned over https.

Our gitlab server has been configured successfully to use https and also all cloning url for repositories.

No Comments Yet