Hi @johnpaz, welcome to the GitLab Community Forum!
@alhemicar is right about web root and letsencrypt, but I think you can achieve the same goal with less hassle if you use the GitLab LetsEncrypt Integration.
Basically, set A record in DNS to point to your EC2 Ubuntu Server’s public IP address, set your
external_url to use HTTPS, and GitLab will request, obtain, apply, and auto-renew a LetsEncrypt SSL certificate to secure your instance.
Followed by a
sudo gitlab-ctl reconfigure for those changes to take effect and to get your LetsEncrypt certificate set up.
Best of luck, let us know how it goes!