Gitlab开启https
原创
©著作权归作者所有:来自51CTO博客作者哭泣的馒头的原创作品,请联系作者获取转载授权,否则将追究法律责任
一、签发证书
mkdir /etc/gitlab/ssl
chmod 700 /etc/gitlab/ssl/ -R
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/gitlab/ssl/server.key -out /etc/gitlab/ssl/server.crt
二、更改配置
vim /etc/gitlab/gitlab.rb
external_url 'https://192.168.137.129'
nginx['enable'] = true
nginx['client_max_body_size'] = '250m'
nginx['redirect_http_to_https'] = false
nginx['redirect_http_to_https_port'] = 80
nginx['ssl_certificate'] = "/etc/gitlab/ssl/server.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/server.key"
nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256"
nginx['ssl_prefer_server_ciphers'] = "on"
nginx['ssl_protocols'] = "TLSv1.2 TLSv1.3"
nginx['ssl_session_cache'] = "builtin:1000 shared:SSL:10m"
nginx['ssl_session_timeout'] = "1500m"
修改的配置
三、启动检测
gitlab-ctl reconfigure
使用http访问会自动跳转到https
使用https可以正常访问