Support custom ACME server for Let's Encrypt integration

Summary

We run a GitLab instance that is only accessible from LAN, so we can't use regular Let's Encrypt. Instead we run our own ACME server (via step-ca) that creates certs derived from our company's root cert. We got it running with our other services but omnibus-gitlab does not support configuring which server to use.

Proposal

Add an option letsencrypt['dir'] (to match the name that the acme_certificate resource uses), letsencrypt['directory'], letsencrypt['server'] or letsencrypt['acme_server'], whichever name you prefer. Use that option in files/gitlab-cookbooks/letsencrypt/resources/certificate.rb around line 55. The default value should be the regular Let's Encrypt production server.

References

step-ca blog post on how to setup a private ACME server, includes instructions on how to configure most client libraries.

Edited Jul 02, 2020 by dfyx