Skip to content

G
gitlab-ce
Commit 62af0236 authored by Justin Farmiloe's avatar Justin Farmiloe Committed by Evan Read
Browse files
Options

Environment variables required for sub-commands on TLS-enabled Gitaly

parent fd83d464
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 0 deletions
doc/administration/gitaly/configure_gitaly.md
View file @ 62af0236
......@@ -565,6 +565,12 @@ Note the following:
- You can configure Gitaly servers with both an unencrypted listening address `listen_addr` and an
encrypted listening address `tls_listen_addr` at the same time. This allows you to gradually
transition from unencrypted to encrypted traffic if necessary.
- When running Praefect sub-commands such as `dial-nodes` and `list-untracked-repositories` from the command line with Gitaly TLS enabled, you must set
the `SSL_CERT_DIR` or `SSL_CERT_FILE` environment variable so that the Gitaly certificate is trusted. For example:
```shell
sudo SSL_CERT_DIR=/etc/gitlab/trusted_certs /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml dial-nodes
```
To configure Gitaly with TLS:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7