Excerpt from documentation for setting up GitLab Pages with wildcard DNS entry: https://docs.gitlab.com/ee/administration/pages/#wildcard-domains
external_url "http://gitlab.example.com" # external_url here is only for reference
pages_external_url "http://pages.example.com" # not a subdomain of external_url
pages_external_url should not be a subdomain of external_url. But why is that, since there are no problems doing it that way.
Check if GitLab 17.4 (September 2024) could help in your case:
GitLab Pages without wildcard DNS is generally available
Previously, to create a GitLab Pages project, you needed a domain formatted like
name.example.ioorname.pages.example.io.
This requirement meant you had to set up wildcard DNS records and TLS certificate.In this release, setting up a GitLab Pages project without a DNS wildcard has moved from beta to generally available.
Removing the requirement for wildcard certificates eases administrative overhead associated with GitLab Pages.
Some customers can’t use GitLab Pages because of organizational restrictions on wildcard DNS records or certificates.See Documentation and Epic.
pages_nginx['redirect_http_to_https'] = truewith certificate/key path configured throughpages_nginx['ssl_certificate']andpages_nginx['ssl_certificate']results in thegitlab.example.comcertificate being used for test-repo.pages.example.com. Effectivly preventing usage of HTTPS for Pages, except you have the appropiate SANs in the gitlab.example.com certificate. At least these are my findings so far.