When you want to use an encryption certificate generated by the Synology DSM.
- My environment
- Stop gitlab package
- Environment variables setting
- Port setting
- Install Encryption Certificate
dhparam.pemSetting- Other documents
- jboxberger/synology-gitlab(12.9.2-0055 version)
- Goto to package center
Installedtab click- Select
GitLab Stopclick
- Run docker package
Containertab click- select
synology_gitlaband edit click Environmenttab click- Add Environment variables
SSL_KEY_PATH=/home/git/data/certs/gitlab.key
SSL_DHPARAM_PATH=/home/git/data/certs/dhparam.pem
SSL_CERTIFICATES_PATH=/home/git/data/certs/gitlab.crt
SSL_SELF_SIGNED=false
GITLAB_HTTPS=true
GITLAB_HOST=domain.com
GITLAB_PORT=30000(your container port)Port Settingstab click- Change 80 to 433
- Open SSH
- Login
- Go to
/usr/syno/etc/certificate/_archive/
cd /usr/syno/etc/certificate/_archive/There is a certificate in a directory of six digits directory.
4.4.1 cd six digits dicrectory
cd xxxxxx4.4.2 Verify that this is the certificate you want
openssl x509 -text -noout -in fullchain.pemCertificate:
Data:
Version: ...
Serial Number:
...
Signature Algorithm: ...
Issuer: ...
Validity
...
Subject: CN=your.domain.com
Subject Public Key Info:
...- Create
certsdirectory
mkdir /volume1/docker/gitlab/gitlab/certs- Copy Encryption Certificate
sudo \cp -f privkey.pem /volume1/docker/gitlab/gitlab/certs/gitlab.key;
sudo \cp -f fullchain.pem /volume1/docker/gitlab/gitlab/certs/gitlab.crt;Not a must, But I recommend it.
- Open SSL
- Login
- cd
/volume1/docker/gitlab/gitlab/certs openssl dhparam -out dhparam.pem 4096
However, this takes a very long time to NAS, so I recommend you work on your PC.