===== Gitlab ===== ==== Configure gitlab docker container on apache2 subdomain with ssl ====


# Install everything:
apt-get install docker docker-compose python-certbot python-certbot-apache

web: image: 'gitlab/gitlab-ce:latest' restart: always hostname: 'gitlab.hostname.de' environment: GITLAB_OMNIBUS_CONFIG: | external_url 'https://gitlab.hostname.de:8443' # Add any other gitlab.rb configuration here, each on its own line ports: - '8443:8443' - '22:22' volumes: - '/srv/gitlab/config:/etc/gitlab' - '/srv/gitlab/logs:/var/log/gitlab' - '/srv/gitlab/data:/var/opt/gitlab'


# launch container:
docker-compose up

# install certificate and add subdomain
certbot --apache
certbot certonly --apache --expand -d hostname.de -d gitlab.hostname.de

# rework and copy certificate into gitlab data storage:
cd /etc/letsencrypt/live/hostname.de
cat cert.pem fullchain.crt > gitlab.hostname.de.crt  
cp privkey.pem gitlab.hostname.de.key  
mv gitlab.* /srv/gitlab/config/ssl

ServerName unknown Redirect 200 / ErrorDocument 200 "No such site." ServerName hostname.de ServerAdmin webmaster@hostname.de # whatever you want apache to do #Include conf-available/serve-cgi-bin.conf SSLCertificateFile /etc/letsencrypt/live/lieblichknuffeltal.de/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/lieblichknuffeltal.de/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf # force ssl ServerName hostname.de ServerAdmin webmaster@hostname.de RewriteEngine on RewriteCond %{SERVER_NAME} =hostname.de RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent] # this is probably redundant ServerName gitlab.hostname.de RewriteEngine On RewriteCond %{HTTP_HOST} ^(.+)\.hostname\.de$ RewriteRule ^(.*)$ https://%1.hostname.de/$1 [R=302,L] ServerName gitlab.hostname.de redirect / https://gitlab.hostname.de:8443/ SSLCertificateFile /etc/letsencrypt/live/hostname.de/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/hostname.de/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf