When you want to use an encryption certificate generated by the Synology DSM.
- My environment
- Stop gitlab package
- Environment variables setting
- Port setting
- Install Encryption Certificate
dhparam.pem
Setting- Other documents
- jboxberger/synology-gitlab(12.9.2-0055 version)
- Goto to package center
Installed
tab click- Select
GitLab
Stop
click
- Run docker package
Container
tab click- select
synology_gitlab
and edit click Environment
tab click- Add Environment variables
SSL_KEY_PATH=/home/git/data/certs/gitlab.key
SSL_DHPARAM_PATH=/home/git/data/certs/dhparam.pem
SSL_CERTIFICATES_PATH=/home/git/data/certs/gitlab.crt
SSL_SELF_SIGNED=false
GITLAB_HTTPS=true
GITLAB_HOST=domain.com
GITLAB_PORT=30000(your container port)
Port Settings
tab click- Change 80 to 433
- Open SSH
- Login
- Go to
/usr/syno/etc/certificate/_archive/
cd /usr/syno/etc/certificate/_archive/
There is a certificate in a directory of six digits directory.
4.4.1 cd six digits dicrectory
cd xxxxxx
4.4.2 Verify that this is the certificate you want
openssl x509 -text -noout -in fullchain.pem
Certificate:
Data:
Version: ...
Serial Number:
...
Signature Algorithm: ...
Issuer: ...
Validity
...
Subject: CN=your.domain.com
Subject Public Key Info:
...
- Create
certs
directory
mkdir /volume1/docker/gitlab/gitlab/certs
- Copy Encryption Certificate
sudo \cp -f privkey.pem /volume1/docker/gitlab/gitlab/certs/gitlab.key;
sudo \cp -f fullchain.pem /volume1/docker/gitlab/gitlab/certs/gitlab.crt;
Not a must, But I recommend it.
- Open SSL
- Login
- cd
/volume1/docker/gitlab/gitlab/certs
openssl dhparam -out dhparam.pem 4096
However, this takes a very long time to NAS, so I recommend you work on your PC.