A wrapper to obtain letsencrypt certificate for Gitlab and Gitlab Pages
Needed tools:
It is needed to add a custom configuration in gitlab.rb:
nginx['custom_gitlab_server_config'] = "location ^~ /.well-known { root /var/www/letsencrypt; }" nginx['ssl_certificate'] = "/etc/letsencrypt/live/git.example.cz/fullchain.pem" nginx['ssl_certificate_key'] = "/etc/letsencrypt/live/git.example.cz/privkey.pem" It is needed to add a custom configuration in gitlab.rb:
nginx['listen_addresses'] = ['1.2.3.4'] pages_external_url 'https://pages.example.cz' pages_nginx['enable'] = false gitlab_pages['external_http'] = '2.3.4.5:80' gitlab_pages['external_https'] = '2.3.4.5:443' gitlab_pages['cert'] = "/etc/letsencrypt/live/pages.example.cz/fullchain.pem" gitlab_pages['cert_key'] = "/etc/letsencrypt/live/pages.example.cz/privkey.pem" A suitable cron job for renewing certificate is
0 5 * * * root /opt/letsencrypt-gitlab/letsencrypt_wrapper.sh warn