I’m hosting this mini-blog on GitLab Pages, but using my own domain, so I need Let’s Encrypt for a secure page. I needed certbot for creating a certificate, and an Ubuntu virtual machine since certbot throws compatibility warnings on mac OS.
I created an Ubuntu 16.04 virtual machine, did git clone https://github.com/certbot/certbot
and then ran the ./certbot-auto certonly --manual -d devlog.cemkesemen.com
command.
At one point, certbot warned me that my IP would be publicly logged, so I wanted to use one of my web hosts IP for the request. I installed sshuttle to quickly ssh/proxy from one of my web servers on RamNode(affiliate link).
git clone https://github.com/sshuttle/sshuttle.git
sudo apt-get install python3-setuptools
cd sshuttle
sudo python3 ./setup.py install
Then I tmux’ed a new session, sshuttle
‘ed from one window, and ran certbot
again from another.
At one point, Let’s Encrypt asks to see a key at a certain page. Since I’m using Hugo, I created the directory and page in the static
directory, pushed the page and told certbot
to continue.
Once done, certbot
gives a location for the keys.
sudo su
cd /etc/letsencrypt/live/devlog.cemkesemen.com
There are two files that are needed for GitLab; fullchain.pem
goes to the Certificate (PEM) area, and privkey.pem
goes to Key (PEM) are on New Pages Domain page.
After this, run the latest pipeline again, and you should have your page secured. Or, if you are running Hugo, change your baseURL to your new domain and do a git push
.