I am installing GitLab Omnibus. I want to use my own wildcard certs. I have installed them in /etc/gitlab/ssl. When I restart Nginx alone: <pre class="prettyprint"><code> sudo gitlab-ctl hup nginx </code></pre> my certs are used and I can see them in the browser. However, when I then run reconfigure: <pre class="prettyprint"><code> sudo gitlab-ctl reconfigure </code></pre> it goes and overwrites my certs with new Lets Encrypt ones. I am guessing there is an option to switch off Lets Encrypt completely. I have found this in /etc/gitlab/gitlab.rb <pre class="prettyprint"><code> # letsencrypt['enable'] = nil </code></pre> but it is commented out - so I am assuming it is just enabled by default? How can I completely disable Lets Encrypt for ever, even when doing a full "reconfigure". Thanks

ok, I figured it out. It appears that Lets Encrypt is enabled by default. To turn it off you need to modify /etc/gitlab/gitlab.rb: find this line: <pre class="prettyprint"><code># letsencrypt['enable'] = nil </code></pre> and change to: <pre class="prettyprint"><code>letsencrypt['enable'] = false </code></pre> note the comment # has been removed. Then when you run: <pre class="prettyprint"><code>sudo gitlab-ctl reconfigure </code></pre> your certs will not be overwritten and lets encrypt will not happen :)

GitLab config turn off Let's Encrypt

Tags:

gitlab-omnibus

I am installing GitLab Omnibus. I want to use my own wildcard certs. I have installed them in /etc/gitlab/ssl. When I restart Nginx alone:

 sudo gitlab-ctl hup nginx

my certs are used and I can see them in the browser. However, when I then run reconfigure:

 sudo gitlab-ctl reconfigure

it goes and overwrites my certs with new Lets Encrypt ones. I am guessing there is an option to switch off Lets Encrypt completely. I have found this in /etc/gitlab/gitlab.rb

 # letsencrypt['enable'] = nil

but it is commented out - so I am assuming it is just enabled by default? How can I completely disable Lets Encrypt for ever, even when doing a full "reconfigure". Thanks