GitLab encapsulates at least two conceptually different https-services.
One for the graphical user interface and one for the git via https-functionality.
For instance, when i visit the page https://gitlab.com/gitlab-org/gitlab-ce i will be served the shiny and familar user-interface of GitLab. On the contrary, i would use the url https://gitlab.com/gitlab-org/gitlab-ce.git to clone a repository, pull it or push back changes. One service communicates with the user, the other one is rather technical and talks gitterish. In practice these two services are not seperated but run on single https-server.
Now, we operate our own private GitLab-server and want to make the graphical part inaccessible from the internet and restrict it to our company network. On the other hand we want to maintain the connectivity for the technical git-services with the internet. And here is the problem, i don’t know if this is possible or where i need to look at. Hopefully somebody can help here.
If you were wondering why anybody actually wants to do it, here is the short version: We made inglorious licensing-contracts with customers, which we didn’t fully understand. Now, we require a technical solution to juristic problem.