Some hours ago decided to sit and secure my site. Also this is a requirement for HTTP/2.
So with Let’s Encrypt it has worked out like a charm. I have generated certificates over
Added certificates to available nginx sites. By default HTTP is redirected to HTTPS with
301 Moved Permanently.
HTTP/2 required a bit more moves but configuration itself was just:
listen 443 ssl http2;.
From this moment Gitlab also works over HTTPS.
Chrome browser can show if site works with HTTP/2 with HTTP/2 and SPDY indicator.
For now browser green lock badge is acquired.
Later I need to check how renewal works with cron job.