Commit 2bb08f55 authored by Sean Carroll's avatar Sean Carroll Committed by Marcia Ramos

Documentation for Pages configuration file

parent da0e5519
...@@ -388,6 +388,11 @@ Each request to view a resource in a private site is authenticated by Pages ...@@ -388,6 +388,11 @@ Each request to view a resource in a private site is authenticated by Pages
using that token. For each request it receives, it makes a request to the GitLab using that token. For each request it receives, it makes a request to the GitLab
API to check that the user is authorized to read that site. API to check that the user is authorized to read that site.
From [GitLab 12.8](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/3689) onwards,
Access Control parameters for Pages are set in a configuration file, which
by convention is named `gitlab-pages-config`. The configuration file is passed to
pages using the `-config flag` or CONFIG environment variable.
Pages access control is disabled by default. To enable it: Pages access control is disabled by default. To enable it:
1. Modify your `config/gitlab.yml` file: 1. Modify your `config/gitlab.yml` file:
...@@ -402,13 +407,14 @@ Pages access control is disabled by default. To enable it: ...@@ -402,13 +407,14 @@ Pages access control is disabled by default. To enable it:
This should be called `GitLab Pages` and have a `Redirect URL` of This should be called `GitLab Pages` and have a `Redirect URL` of
`https://projects.example.io/auth`. It does not need to be a "trusted" `https://projects.example.io/auth`. It does not need to be a "trusted"
application, but it does need the `api` scope. application, but it does need the `api` scope.
1. Start the Pages daemon with the following additional arguments: 1. Start the Pages daemon by passing a configuration file with the following arguments:
```shell ```shell
-auth-client-secret <OAuth code generated by GitLab> \ auth-client-id=<OAuth Application ID generated by GitLab>
-auth-redirect-uri http://projects.example.io/auth \ auth-client-secret=<OAuth code generated by GitLab>
-auth-secret <40 random hex characters> \ auth-redirect-uri='http://projects.example.io/auth'
-auth-server <URL of the GitLab instance> auth-secret=<40 random hex characters>
auth-server=<URL of the GitLab instance>
``` ```
1. Users can now configure it in their [projects' settings](../../user/project/pages/introduction.md#gitlab-pages-access-control-core). 1. Users can now configure it in their [projects' settings](../../user/project/pages/introduction.md#gitlab-pages-access-control-core).
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment