Automated LetsEncrypt on GitLab Pages

Edit 2020-03-17: This has been obsolete for a while now. GitLab has baked-in LetsEncrypt infrastructure, so go use that!

• https://andrewsempere.org/blog/2018/11/01/Gitlab-LetsEncrypt.html
• https://github.com/tezcatlipoca/gitlab-letsencrypt

The two links above describe how to set up an auto-renewing LetsEncrypt SSL Certificate on gitlab pages. The instructions were easy to follow, and worked without any major fuss.

Since we’re using Hugo here, make sure the .gitlab-ci.yml file references the output path static/.well-known/acme-challenge.

The CI environment variables where you will configure CERT_DOMAINS, CERT_OPTIONS, and CERT_TOKEN is located in the project settings, under “CI / CD”. Make sure to set CERT_TOKEN as Protected!

Create a “Scheduling Pipeline”. In theory if I ever had multiple scheduled jobs, then each should have a JOBNAME variable to check against in the job configuration?

Lastly, create the “User Access Token”, with api scope. Make sure to save the token somewhere safe in case you accidentally lose it.