Gitlab over internet

Hello everybody

I registered a new domain on register.it eg. gitlab-prova.space

Obviously this domain is accessible via the internet.

Now I want to install gitlab on debian 11 machine and connect the hostname of the machine to this domain.

In the register.it control panel there is the possibility to configure the dns for the various names with records A AAA mx cname etc. etc.

The problem is that gitlab is installed on a host in my local network 192.168.x.x.

How can I make the hostname of my local network’s gitlab host machine available for internet access within the gitlab-prova.space domain? example my hostname is currently debian I would like to make it available like this: debian.gitlab-prova.space.

I don’t know register.it’s systems, but there is nothing in the standards stopping you from making an A record so that debian.gitlab-prova.space resolved to the 192.168.x.x ip that you have GitLab installed on. GitLab will probably be accessible then, but you should probably set external_url in /etc/gitlab/gitlab.rb to https://debian.gitlab-prova.space.

If you (want to use) use pages and/or registry there are external urls for those services that you should probably set too.

1 Like

Hi thanks your answer

register.it is a site that allows you to create DNS domain names publicly. I explain what I want to do: On a virtual machine inside the 192.168.x.x network of my house I have installed gitlab. Here of is an unacceptable private network to the internet. It is clear that to be accessible from a client from the internet you need a reverse proxy like the one of nginx included in gitlab. From the control panel of register.it I created an A record that points debian.fantacalcio.space to my public ip. The ping works and is public but now I will have to configure nginx to act as a reverse proxy for the ip address of the virtual machine on which gitlab is installed that will receive requests from the proxy. Now I ask: By configuring nginx, this is able to convert requests from public ip 91.x.x.x (with DNS name debian.fantacalcio.space) and pass them to private ip 192.168.x.x.? if so how? just by setting the domain debian.fantscalcio.space (accessible from the internet) or something else?

An external nginx is not needed. Once the domain is pointed to your public ip all you need to do is configure your firewall to route it to the internal server for the relevant ports. This is known as port forwarding on some routers. On some firewalls you configure a vip and redirect it to your server and then create firewall rules.

In my firewall router of provider it is called port mapping; while router nat request in this case? reverse nat right?

Yeah, each router seems to have different terminology, but that reverse nat is pretty much the same as destination nat. Source nat, or normal nat, would be from internal to internet access. So you need that reverse nat/port forward to redirect traffic from your public IP to your internal gitlab server.

1 Like

Good thank you either.

However now I want configure nging in gitlab I want a proxy that protects before it reaches the gitlab server. One thing that is not clear to me if nginx is a proxy is located before gitlab right? so the question arises why is nging included in gitlab? Shouldn’t it be out on another separate server?

The docs explain how to configure external nginx NGINX settings | GitLab