Adding LetsEncrypt SSL to GitLab on DigitalOcean

I keep a personal instance of GitLab for managing my source code. My GitLab instance runs on a small DigitalOcean droplet. I do this instead of using GitHub because I have a lot of personal projects that I do not want public and it is only $15 per month for essentially unlimited private projects. I still use GitHub for public projects, GitLab is just for my private stuff.

DigitalOcean has One-Click apps which is how I set up GitLab, but this leaves GitLab running over HTTP, not HTTPS. Since the entire point of this is to host private projects, as well as the security risks of sending my login information over HTTP, I needed to fix this.

SSL certificates can be expensive, especially when you have to renew them yearly. Luckily there is Let’s Encrypt. Let’s Encrypt is a free, automated, and open certificate authority that is currently in beta. Thanks to this article on Webnugget I was able to easily get an SSL certificate from Let’s Encrypt set up.

The only part of the article you need to change is to skip the “Install GitLab” section and the rest of the steps work cleanly. The article also covers setting up a cron task to renew your certificate every month.