[SOLVED] Strong DH parameters for nginx

How to Use GitLab
1

Hi,

to prevent from logjam, I generated a strong dh group that shall get used by nginx.
From my /etc/gitlab/gitlab.rb:

nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem"

But it never gets written to /var/opt/gitlab/nginx/conf/gitlab-http.conf after gitlab-ctl reconfigure.
Gitlab CE 7.10.4 from omnibus package.
Any help is appreciated,

Rainer

2

If you read the blog post, it says that

is only valid for packages version 7.11.0 and up.

So either upgrade to 7.11 or you can use the inserting-custom-nginx-settings-into-the-gitlab-server-block like so

nginx['custom_gitlab_server_config'] = "ssl_dhparam /etc/gitlab/ssl/dhparams.pem;\n"
1 Like
3

Thanks man. You saved my life!