How to configure https for gitlab and all gitlab cloning url on apache server
From an earlier article, we learnt how to setup and configure gitlab server and other projects on apache server in a VPS (virtual private server).
In this tutorial, we will be going us through the process of configuring https for our gitlab server.
First, let’s log into our server:
ssh user@your_server_ipStep 1
Create a new apache config file in sites-available folder
#navigate to apache config folder
cd /etc/apache2/sites-available# create new conf file
touch new_gitlab_ssl.conf# open file for editing
sudo vi new_gitlab_ssl.conf
paste the code below inside, modifying the domain or sub domain where necessary and save the file
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName <your_domain_or_sub_domain>
ServerSignature Off ProxyPreserveHost On SSLCertificateFile <path to certificate crt file>
SSLCertificateKeyFile <path to certificate pem file> AllowEncodedSlashes NoDecode <Location />
Require all granted ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse <your_domain_or_sub_domain>
</Location> RewriteEngine on
RewriteRule /[-\/\w\.]+\.git\/ http://127.0.0.1:8282%{REQUEST_URI} [P,QSA,L]
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA] DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 503 /deploy.html LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/your_domain_or_sub_domain_error.log
CustomLog /var/log/httpd/logs/your_domain_or_sub_domain_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/your_domain_or_sub_domain_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/your_domain_or_sub_domain.log combined</VirtualHost>
</IfModule>
After saving our new gitlab-ssl config file, We can then enable our new gitlab config and restart apache to reflect the changes:
# activate new config file
sudo a2ensite new_gitlab_ssl.conf# restart apache server
sudo service apache2 restart
We have successfully configured our gitlab server to be served over https.
Step 2
Let’s configure our gitlab server to use https in our external url.
Note: The external url is the url used for cloning repositories on the server.
open the gitlab config file
sudo vi /etc/gitlab/gitlab.rbmodify the external url in your gitlab server configuration file:
external_url "https://<yourdomain>" // new url with httpssave the config file and reconfigure the Gitlab server using:
sudo gitlab-ctl reconfigureReload your gitlab url, log in and try cloning a repository to confirm that repositories are cloned over https.
Our gitlab server has been configured successfully to use https and also all cloning url for repositories.
Follow me on twitter to stay updated
