I am struggling to figure out how to set up Gitlab correctly, so people can access it through the ssl encrypted domain. Here’s where I am at:
We recently purchased a Synology DS918+ that is currently connected to my home network. Since I wanted a more current Version of Gitlab I didn’t go for the one in the package manager (that also uses Docker), but rather installed Docker and the gitlab-ce:latest image. By now I have both installed it from the GUI and through SSH.
I registered a dynDNS hostname with noip. And as a first try I configured the dynDNS in the synology control panel and created Gitlab without specifying an external_url. This way I could access Gitlab through domain name:port. No https, though.
Second try, I deactivated the dynDNS in the NAS’s settings and created the Container with external_url=‘domain name:port’. This allowed me to access Gitlab through domain name:port. Again, no https.
Third try, with the configuration from try 2 I started playing around a bit, because according to https://docs.gitlab.com/omnibus/docker/#expose-gitlab-on-different-ports I just need to add https to the external_url.
- Ports: 32766:443, 32767:22, 32765:32765, external_url=‘https:// domain name:32765’ --> 400 Bad request
- Ports: 32766:443, 32767:22, 32765:80, external_url=‘https:// domain name:32765’ --> No response from gitlab, I doubt it was at the location domain name:32765 pointed to.
- Ports: 32766:443, 32767:22, 32765:32765, external_url=‘https:// domain name’ --> No response
- Ports: 32766:443, 32767:22, 32765:80, external_url=‘https:// domain name’ --> No response
What I find strange about the example is, that they configure Port 8929:80 and then configure the https port to 8929 as well. The way I understand it, they’d have to assign 8930:443 and then use that for the external_url.
Also, in another example (https://docs.gitlab.com/omnibus/settings/nginx.html#enable-https) they didn’t add the port to the end of the external_url. This adds to my confusion.
I currently have a work around in place, where people can VPN into my network and access all applications by IP-Address:Port. This works fine for most users, except for one, who happens to be the boss. He can’t clone anything over 5 MB or it exits with Error 128. Because of this, I wanted to explore the other possibility.
Can someone please tell me, where I went wrong? As you can probably see, from the amount of trial and error I did, I am pretty new to this topic. Any tips are appreciated!