Quick note, the existing Let's Encrypt integration does not support Pages. We are working on it, but it's worth noting Pages has multiple modes it can run in.
One is by setting up wildcard domains at the server level, like we have on GitLab.com with gitlab.io. We have an issue open for this, but the primary challenge is that Let's Encrypt requires DNS-01 validation for wildcard certificates, with a new challenge each renewal. That is difficult to automate through our Omnibus package. The issue tracking this work is here: https://gitlab.com/gitlab-org/omnibus-gitlab/issues/3342
The issue thread/request for this had been open for something like 2 years and I waited patiently for someone braver than me to implement it.
Now my custom domain on GitLab Pages automatically redirects to HTTPS. I'm happy.
Next up is to add an option to automatically renew Let's Encrypt certs for GitLab Pages.