You can secure your Gitea installation with an SSL certificate by following the instructions below.
- Login into your domain registrar.
- Update your domain
AorCNAMErecord to point to the EC2 Instance IP Address. - Access your Gitea admin panel at
http://your-instance-ip:3000and update the Server Domain and Gitea Base URL settings under Configuration > Server. For example, change fromhttp://your-instance-ip:3000tohttps://mydomainname.com - Wait for 15-20 minutes so DNS can propagate.
- Login into the EC2 instance via the terminal.
- Run these commands:
sudo su -
dnf update -y
amazon-linux-extras install epel -y
dnf install certbot python3-certbot-nginx -y
sudo certbot --nginx
## Answer all the questions (this is a comment)
## Then, specify your domain name (this is a comment)
sudo certbot renew --dry-run- Update Gitea configuration to use HTTPS:
sudo nano /etc/gitea/app.iniFind and update these settings:
[server]
PROTOCOL = https
DOMAIN = mydomainname.com
ROOT_URL = https://mydomainname.com/- Restart Gitea:
sudo systemctl restart gitea- Access your domain name (
https://mydomainname.com) in the browser.
If you prefer to configure SSL directly through Gitea without nginx:
- Ensure your domain points to your EC2 instance
- Install certbot:
sudo dnf install certbot -y
- Stop Gitea temporarily:
sudo systemctl stop gitea
- Obtain certificate:
sudo certbot certonly --standalone -d mydomainname.com
- Update Gitea configuration:
Add or update:
sudo nano /etc/gitea/app.ini
[server] PROTOCOL = https DOMAIN = mydomainname.com ROOT_URL = https://mydomainname.com/ CERT_FILE = /etc/letsencrypt/live/mydomainname.com/fullchain.pem KEY_FILE = /etc/letsencrypt/live/mydomainname.com/privkey.pem
- Restart Gitea:
sudo systemctl start gitea
Email support is available to Amazon Web Services Marketplace Customers. We do not offer refunds, but you may terminate your Gitea Engineered by OCTOPODAMI (GEBO) Stack at any time.
The documentation is published under BSD 3-Clause License.
(c) 2020 - 2025 Cloudeya Limited.