Facebook Twitter Instagram
    TecAdmin
    • Home
    • Ubuntu 20.04
      • Upgrade Ubuntu
      • Install Java
      • Install Node.js
      • Install Docker
      • Install LAMP Stack
    • Tutorials
      • AWS
      • Shell Scripting
      • Docker
      • Git
      • MongoDB
    • FeedBack
    • Submit Article
    • About Us
    Facebook Twitter Instagram
    TecAdmin
    Home»Security»How to Secure GitLab Server with Let’s Encrypt SSL

    How to Secure GitLab Server with Let’s Encrypt SSL

    RahulBy RahulDecember 26, 20202 Mins Read

    We always say, Security first. It should be the first priority to keep your hard work safe from the hackers. This tutorial will take few minutes to secure Gitlab server using Let’s Encrypt SSL certificates. Let’s Encrypt provides free SSL certificates to secure your domains and an easy way to auto updates.

    This tutorial will help you to secure Gitlab service with Let’s Encrypt SSL certificate with enabling the auto renew feature. If you are going with a fresh installation have a look at below guides.

    • Install and Configure Gitlab on Ubuntu 20.04
    • Install and Configure Gitlab on CentOS 8

    Prerequisites

    Login to your Gitlab system with a sudo privileged account.

    Also make sure to create an A Record points your domain/subdomain to the public IP address of your Gitab server. It is recommended to complete the let’s encrypt validation for issuing a new certification. For example, You need to configure your Gitlab server to access with https://gitlab.tecadmin.net. So make A record in DNS for gitlab.tecadmin.net pointing to server ip address.

    Configure Let’s Encrypt SSL with Gitlab

    Gitlab keeps the configuration files under /etc/gitlab directory. You can edit the main configuration file /etc/gitlab/gitlab.rb in a text editor of your choice.

    sudo vim /etc/gitlab/gitlab.rb 
    

    Make the following changes:

    • First change the external_url setting with domain start with https.

      Shell
      1
      external_url "https://gitlab.tecadmin.net"

    • Add or update the following entries to the configuration file. Set letsencrypt[‘enable’] to true, this will request a SSL certificate and configure to the Gitlab instance. You can also provide an optional contact email used by lets encrypt authority to send alerts for the ssl certificates.

      Shell
      1
      2
      3
      4
      5
      # Enable the Let's encrypt SSL
      letsencrypt['enable'] = true
       
      # This is optional to get SSL related alerts
      letsencrypt['contact_emails'] = ['[email protected]']

    • Also configure Gitlab to renew SSL certificate automatically on a regular interval.

      Shell
      1
      2
      3
      4
      5
      6
      7
      # Enable the auto renew feature
      letsencrypt['auto_renew'] = true
       
      # This example renews every 7th day at 12:30
      letsencrypt['auto_renew_hour'] = "12"
      letsencrypt['auto_renew_minute'] = "30"
      letsencrypt['auto_renew_day_of_month'] = "*/7"

    Save the configuration file and exit from editor.

    Next, run the reconfigure command to apply changes to Gitlab server.

    sudo gitlab-ctl reconfigure 
    

    This will take some time to complete the installation. At the end, you will see a message “gitlab Reconfigured!” on your screen.

    Reconfigure Gitlab on Linux

    Verify SSL

    Access the Gitlab web interface in a web browser. This will automatically redirects you to secure URL.

    Secure Gitlab with Let's Encrypt SSL

    That’s it. You have successfully configured let’s encrypt SSL on Gitlab.

    Conclusion

    In this tutorial, you have learned to configure Let’s Encrypt SSL certificate on Gitlab instance. Also enable to auto renew certificate on a regular interval.

    git Gitlab Let's Encrypt security
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email WhatsApp
    Previous ArticleHow To Install and Configure GitLab on Ubuntu 20.04
    Next Article How to Install and Configure GitLab in Debian 10

    Related Posts

    How To Add a Git Remote Repository

    3 Mins Read

    How to Git Reset to Head

    Updated:November 3, 20213 Mins Read

    How to Delete a File on Git

    3 Mins Read

    How to Install and Configure Fail2ban on Debian 11

    3 Mins Read

    How to Git Stash Changes

    Updated:October 29, 20213 Mins Read

    How to delete Git tags

    Updated:October 25, 20211 Min Read

    Leave A Reply Cancel Reply

    Recent Posts
    • How to Enable / disable Firewall in Windows
    • How to Install JAVA on Ubuntu 22.04
    • Switching Display Manager in Ubuntu – GDM, LightDM & SDDM
    • Changing the Login Screen Background in Ubuntu 22.04 & 20.04
    • How To Install PHP (8.1, 7.4 or 5.6) on Ubuntu 22.04
    Facebook Twitter Instagram Pinterest
    © 2022 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.