Self managed Gitlab ee server domain

Hi all :slightly_smiling_face:
I’ve decided to set up my own server (Ubuntu server) with Gitlab ee self managed.

I will use in a private network, is there a way to use a domain like gitlab.mrprop.com?
In case it is possible to use gitlab.mrprop.com, where can I get it or what is the procedure to use it on the Gitlab server?

When trying to set up I had various problem with le because not having a DNS so is there a workaround (eg using selfsigned ce)?

Is it possible to do this without purchasing a domain?

I’m rather new to this so sorry in advance if it is a strange request :blush:

The following is not actionable, but I hope it helps drive you towards your goal of achieving this.

Is it possible to do this without purchasing a domain?

Within a private network, yes, this is possible. You are free to name things in any manner you like, but try to use a top level domain that does not exist, so they don’t cause conflicts with domains that do exist over the internet (and you will someday need to use them).

For example, if someday mrprop.com becomes a valid, vital domain that serves a business need, having a local name overriding its destination address may prove inconvenient.

When trying to set up I had various problem with le because not having a DNS so is there a workaround (eg using selfsigned ce)?

DNS is key to properly naming things, and having them work effectively. I’d recommend spending some time learning to setup a DNS for your network - while it may feel overwhelming at first, it mostly is a run-and-forget piece of infrastructure for small networks. Here’s an example guide, and you can search for similar ones: https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-a-private-network-dns-server-on-ubuntu-18-04

Without a DNS for your private network, you’ll need to configure the /etc/hosts file on all your machines, server(s) and client(s). This is difficult to enforce unless you have full control over all the accessing machines, but may be practical if you only have limited clients/users to worry about.

For self-signed certificates (TLS/HTTPS), adding the server’s public certificates to each client’s trust store (or equivalent) could be sufficient. Instructions to do this varies with each operating system and flavors, here’s an example guide: https://medium.com/@tbusser/creating-a-browser-trusted-self-signed-ssl-certificate-2709ce43fd15

1 Like

Thank you a lot @hchouraria! I will try everything asap and reach you back! :slight_smile: