diff --git a/.env.sample b/.env.sample
index 22477aa..7c35fdb 100644
--- a/.env.sample
+++ b/.env.sample
@@ -2,8 +2,11 @@ TYPE=gitlab
 
 DOMAIN=gitlab.example.com
 
+REGISTRY_DOMAIN=registry.gitlab.example.com
+PAGES_DOMAIN=pages.gitlab.example.com
+
 ## Domain aliases
-#EXTRA_DOMAINS=', `www.gitlab.example.com`'
+EXTRA_DOMAINS=", `$REGISTRY_DOMAIN`, `$PAGES_DOMAIN`"
 
 LETS_ENCRYPT_ENV=production
 
diff --git a/gitlab.rb.tmpl b/gitlab.rb.tmpl
index 6ac828b..de94dc7 100644
--- a/gitlab.rb.tmpl
+++ b/gitlab.rb.tmpl
@@ -810,6 +810,7 @@ gitlab_rails['store_initial_root_password'] = false
 ################################################################################
 
 # registry_external_url 'https://registry.example.com'
+registry_external_url 'https://{{ env "REGISTRY_DOMAIN" }}'
 
 ### Settings used by GitLab application
 # gitlab_rails['registry_enabled'] = true
@@ -1661,7 +1662,9 @@ nginx['listen_https'] = false
 
 ##! Define to enable GitLab Pages
 # pages_external_url "http://pages.example.com/"
+pages_external_url 'https://{{ env "PAGES_DOMAIN" }}'
 # gitlab_pages['enable'] = false
+gitlab_pages['enable'] = true
 
 ##! Configure to expose GitLab Pages on external IP address, serving the HTTP
 # gitlab_pages['external_http'] = []
@@ -1847,6 +1850,9 @@ nginx['listen_https'] = false
 
 # Below you can find settings that are exclusive to "GitLab Pages NGINX"
 # pages_nginx['enable'] = true
+pages_nginx['enable'] = true
+pages_nginx['listen_port'] = 80
+pages_nginx['listen_https'] = false
 
 # gitlab_rails['pages_path'] = "/var/opt/gitlab/gitlab-rails/shared/pages"
 
@@ -2004,18 +2010,21 @@ nginx['listen_https'] = false
 
 # Below you can find settings that are exclusive to "Registry NGINX"
 # registry_nginx['enable'] = false
+registry_nginx['enable'] = true
 
-# registry_nginx['proxy_set_headers'] = {
-#  "Host" => "$http_host",
-#  "X-Real-IP" => "$remote_addr",
-#  "X-Forwarded-For" => "$proxy_add_x_forwarded_for",
-#  "X-Forwarded-Proto" => "https",
-#  "X-Forwarded-Ssl" => "on"
-# }
+registry_nginx['proxy_set_headers'] = {
+  "Host" => "$http_host",
+  "X-Real-IP" => "$remote_addr",
+  "X-Forwarded-For" => "$proxy_add_x_forwarded_for",
+  "X-Forwarded-Proto" => "https",
+  "X-Forwarded-Ssl" => "on"
+}
 
 # When the registry is automatically enabled using the same domain as `external_url`,
 # it listens on this port
 # registry_nginx['listen_port'] = 5050
+registry_nginx['listen_port'] = 80
+registry_nginx['listen_https'] = false
 
 ################################################################################
 ## Prometheus