diff options
author | Achilleas Pipinellis <axil@gitlab.com> | 2018-11-21 03:49:51 +0300 |
---|---|---|
committer | Evan Read <eread@gitlab.com> | 2018-11-21 03:49:51 +0300 |
commit | a019c9c7ce3a8f1861cf2a7c06dd8d28fbc55374 (patch) | |
tree | db509e7ad2c6a943b50cecb1491f34879a8b59f6 /doc/administration/pages | |
parent | 547952b4a99dd0dad8876ccec56f92e4f4c96b69 (diff) |
Add user docs for Pages access control
Diffstat (limited to 'doc/administration/pages')
-rw-r--r-- | doc/administration/pages/index.md | 12 | ||||
-rw-r--r-- | doc/administration/pages/source.md | 15 |
2 files changed, 17 insertions, 10 deletions
diff --git a/doc/administration/pages/index.md b/doc/administration/pages/index.md index d8345f2d6bd..cbd3032bd4e 100644 --- a/doc/administration/pages/index.md +++ b/doc/administration/pages/index.md @@ -244,8 +244,9 @@ This setting is enabled by default. ### Access control -Access control was [introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/33422) -in GitLab 11.5. It can be configured per-project, and allows access to a Pages +> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/33422) in GitLab 11.5. + +GitLab Pages access control can be configured per-project, and allows access to a Pages site to be controlled based on a user's membership to that project. Access control works by registering the Pages daemon as an OAuth application @@ -259,15 +260,16 @@ Each request to view a resource in a private site is authenticated by Pages using that token. For each request it receives, it makes a request to the GitLab API to check that the user is authorized to read that site. -Pages access control is currently disabled by default. To enable it, you must: +Pages access control is disabled by default. To enable it: -1. Enable it in `/etc/gitlab/gitlab.rb` +1. Enable it in `/etc/gitlab/gitlab.rb`: ```ruby gitlab_pages['access_control'] = true ``` -1. [Reconfigure GitLab][reconfigure] +1. [Reconfigure GitLab][reconfigure]. +1. Users can now configure it in their [projects' settings](../../user/project/pages/introduction.md#gitlab-pages-access-control-core-only). ## Activate verbose logging for daemon diff --git a/doc/administration/pages/source.md b/doc/administration/pages/source.md index ddff54be575..9f2b4d9075a 100644 --- a/doc/administration/pages/source.md +++ b/doc/administration/pages/source.md @@ -393,8 +393,9 @@ server_name ~^.*\.pages\.example\.io$; ## Access control -Access control was [introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/33422) -in GitLab 11.5. It can be configured per-project, and allows access to a Pages +> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/33422) in GitLab 11.5. + +GitLab Pages access control can be configured per-project, and allows access to a Pages site to be controlled based on a user's membership to that project. Access control works by registering the Pages daemon as an OAuth application @@ -408,15 +409,17 @@ Each request to view a resource in a private site is authenticated by Pages using that token. For each request it receives, it makes a request to the GitLab API to check that the user is authorized to read that site. -Pages access control is currently disabled by default. To enable it, you must: +Pages access control is disabled by default. To enable it: 1. Modify your `config/gitlab.yml` file: + ```yaml pages: access_control: true ``` -1. [Restart GitLab][restart] -1. Create a new [system OAuth application](../../integration/oauth_provider.md#adding-an-application-through-the-profile) + +1. [Restart GitLab][restart]. +1. Create a new [system OAuth application](../../integration/oauth_provider.md#adding-an-application-through-the-profile). This should be called `GitLab Pages` and have a `Redirect URL` of `https://projects.example.io/auth`. It does not need to be a "trusted" application, but it does need the "api" scope. @@ -429,6 +432,8 @@ Pages access control is currently disabled by default. To enable it, you must: -auth-server <URL of the GitLab instance> ``` +1. Users can now configure it in their [projects' settings](../../user/project/pages/introduction.md#gitlab-pages-access-control-core-only). + ## Change storage path Follow the steps below to change the default path where GitLab Pages' contents |