diff --git a/ansible/playbooks/templates/etc/gitlab/rocky_gitlab.rb b/ansible/playbooks/templates/etc/gitlab/rocky_gitlab.rb
index 270ee6e..e72c4b8 100644
--- a/ansible/playbooks/templates/etc/gitlab/rocky_gitlab.rb
+++ b/ansible/playbooks/templates/etc/gitlab/rocky_gitlab.rb
@@ -137,5 +137,6 @@ gitlab_rails['db_password'] = '{{ gitlab_external_db_password }}'
 gitlab_rails['trusted_proxies'] = '{{ gitlab_trusted_proxies | map("to_json") | join(", ") }}'
 {% endif %}
 
+gitlab_rails['gitlab_shell_ssh_port'] = "22220"
 gitlab_rails['gravatar_enabled'] = true
 gitlab_rails['gravatar_ssl_url'] = "https://seccdn.libravatar.org/avatar/%{hash}?s=%{size}&d=retro"
diff --git a/ansible/playbooks/vars/gitlab.yml b/ansible/playbooks/vars/gitlab.yml
index c2ca6a2..18e0722 100644
--- a/ansible/playbooks/vars/gitlab.yml
+++ b/ansible/playbooks/vars/gitlab.yml
@@ -68,5 +68,18 @@ gitlab_external_db_host: db.rockylinux.org
 gitlab_external_db_user: gitlab
 gitlab_external_db_password: "{{ gitlab_db_pass }}"
 
+gitlab_registry_enable: true
+gitlab_registry_external_url: "https://git.rockylinux.org:5050"
+gitlab_registry_nginx_ssl_certificate: "{{ gitlab_ssl_certificate }}"
+gitlab_registry_nginx_ssl_certificate_key: "{{ gitlab_registry_nginx_ssl_certificate_key }}"
 gitlab_trusted_proxies:
   - 10.100.20.20/32
+
+ipa_getcert_requested_hostnames:
+  - name: "{{ ansible_fqdn }}"
+    owner: nginx
+    key_location: "{{ gitlab_ssl_key }}"
+    cert_location: "{{ gitlab_ssl_cert }}"
+    postcmd: "/bin/systemctl restart nginx"
+    cnames:
+      - "git.rockylinux.org"