Skip to content

G
gitlab-ce
Commit f8d107e7 authored by Suzanne Selhorn's avatar Suzanne Selhorn
Browse files
Options

Merge branch 'update-gitlab-pages-sync-secrets-doc' into 'master' 

Update GitLab Pages Documentation

See merge request gitlab-org/gitlab!32283
parents 70f34060 69429073
Hide whitespace changes
Inline Side-by-side
Showing with 37 additions and 56 deletions
doc/administration/pages/index.md
View file @ f8d107e7
...@@ -455,9 +455,36 @@ You can run the GitLab Pages daemon on a separate server in order to decrease th ...@@ -455,9 +455,36 @@ You can run the GitLab Pages daemon on a separate server in order to decrease th
To configure GitLab Pages on a separate server: To configure GitLab Pages on a separate server:
DANGER: **Danger:**
The following procedure includes steps to back up and edit the
`gitlab-secrets.json` file. This file contains secrets that control
database encryption. Proceed with caution.
1. On the **GitLab server**, to enable Pages, add the following to `/etc/gitlab/gitlab.rb`:
```ruby
gitlab_pages['enable'] = true
```
1. Optionally, to enable [access control](#access-control), add the following to `/etc/gitlab/gitlab.rb`:
```ruby
gitlab_pages['access_control'] = true
```
1. [Reconfigure the **GitLab server**](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the
changes to take effect. The `gitlab-secrets.json` file is now updated with the
new configuration.
1. Create a backup of the secrets file on the **GitLab server**:
```shell
cp /etc/gitlab/gitlab-secrets.json /etc/gitlab/gitlab-secrets.json.bak
```
1. Set up a new server. This will become the **Pages server**. 1. Set up a new server. This will become the **Pages server**.
1. Create an NFS share on the new server and configure this share to 1. Create an [NFS share](../high_availability/nfs_host_client_setup.md) on the new server and configure this share to
allow access from your main **GitLab server**. For this example, we use the allow access from your main **GitLab server**. For this example, we use the
default GitLab Pages folder `/var/opt/gitlab/gitlab-rails/shared/pages` default GitLab Pages folder `/var/opt/gitlab/gitlab-rails/shared/pages`
as the shared folder on the new server and we will mount it to `/mnt/pages` as the shared folder on the new server and we will mount it to `/mnt/pages`
...@@ -481,6 +508,15 @@ To configure GitLab Pages on a separate server: ...@@ -481,6 +508,15 @@ To configure GitLab Pages on a separate server:
gitlab_rails['auto_migrate'] = false gitlab_rails['auto_migrate'] = false
``` ```
1. Create a backup of the secrets file on the **Pages server**:
```shell
cp /etc/gitlab/gitlab-secrets.json /etc/gitlab/gitlab-secrets.json.bak
```
1. Copy the `/etc/gitlab/gitlab-secrets.json` file from the **GitLab server**
to the **Pages server**.
1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect.
1. On the **GitLab server**, make the following changes to `/etc/gitlab/gitlab.rb`: 1. On the **GitLab server**, make the following changes to `/etc/gitlab/gitlab.rb`:
...@@ -500,61 +536,6 @@ configuring a load balancer to work at the IP level, and so on. If you wish to ...@@ -500,61 +536,6 @@ configuring a load balancer to work at the IP level, and so on. If you wish to
set up GitLab Pages on multiple servers, perform the above procedure for each set up GitLab Pages on multiple servers, perform the above procedure for each
Pages server. Pages server.
### Access control when running GitLab Pages on a separate server
If you are [running GitLab Pages on a separate server](#running-gitlab-pages-on-a-separate-server),
then you must use the following procedure to configure [access control](#access-control):
1. On the **GitLab server**, add the following to `/etc/gitlab/gitlab.rb`:
```ruby
gitlab_pages['enable'] = true
gitlab_pages['access_control'] = true
```
1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the
changes to take effect. The `gitlab-secrets.json` file is now updated with the
new configuration.
DANGER: **Danger:**
The `gitlab-secrets.json` file contains secrets that control database encryption.
Do not edit or replace this file on the **GitLab server** or you might
experience permanent data loss. Make a backup copy of this file before proceeding,
as explained in the following steps.
1. Create a backup of the secrets file on the **GitLab server**:
```shell
cp /etc/gitlab/gitlab-secrets.json /etc/gitlab/gitlab-secrets.json.bak
```
1. Create a backup of the secrets file on the **Pages server**:
```shell
cp /etc/gitlab/gitlab-secrets.json /etc/gitlab/gitlab-secrets.json.bak
```
1. Disable Pages on the **GitLab server** by setting the following in
`/etc/gitlab/gitlab.rb`:
```ruby
gitlab_pages['enable'] = false
```
1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect.
1. Copy the `/etc/gitlab/gitlab-secrets.json` file from the **GitLab server**
to the **Pages server**.
1. On your **Pages server**, add the following to `/etc/gitlab/gitlab.rb`:
```ruby
gitlab_pages['gitlab_server'] = "https://<your-gitlab-server-URL>"
gitlab_pages['access_control'] = true
```
1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect.
## Backup ## Backup
GitLab Pages are part of the [regular backup](../../raketasks/backup_restore.md), so there is no separate backup to configure. GitLab Pages are part of the [regular backup](../../raketasks/backup_restore.md), so there is no separate backup to configure.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7