diff options
Diffstat (limited to 'doc/administration')
-rw-r--r-- | doc/administration/auth/ldap/ldap-troubleshooting.md | 2 | ||||
-rw-r--r-- | doc/administration/integration/terminal.md | 2 | ||||
-rw-r--r-- | doc/administration/license_file.md | 252 | ||||
-rw-r--r-- | doc/administration/operations/index.md | 2 | ||||
-rw-r--r-- | doc/administration/raketasks/maintenance.md | 13 | ||||
-rw-r--r-- | doc/administration/settings/index.md | 215 | ||||
-rw-r--r-- | doc/administration/settings/package_registry_rate_limits.md | 57 | ||||
-rw-r--r-- | doc/administration/settings/project_integration_management.md | 138 | ||||
-rw-r--r-- | doc/administration/snippets/index.md | 2 | ||||
-rw-r--r-- | doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md | 2 | ||||
-rw-r--r-- | doc/administration/wikis/index.md | 2 |
11 files changed, 681 insertions, 6 deletions
diff --git a/doc/administration/auth/ldap/ldap-troubleshooting.md b/doc/administration/auth/ldap/ldap-troubleshooting.md index 219808c1007..bbe0b02c5a7 100644 --- a/doc/administration/auth/ldap/ldap-troubleshooting.md +++ b/doc/administration/auth/ldap/ldap-troubleshooting.md @@ -737,7 +737,7 @@ To resolve this error, you must apply a new license to the GitLab instance witho 1. Remove or comment out the GitLab configuration lines for all non-primary LDAP servers. 1. [Reconfigure GitLab](../../restart_gitlab.md#reconfigure-a-linux-package-installation) so that it temporarily uses only one LDAP server. -1. Enter the [Rails console and add the license key](../../../user/admin_area/license_file.md#add-a-license-through-the-console). +1. Enter the [Rails console and add the license key](../../../administration/license_file.md#add-a-license-through-the-console). 1. Re-enable the additional LDAP servers in the GitLab configuration and reconfigure GitLab again. ## Users are being removed from group and re-added again diff --git a/doc/administration/integration/terminal.md b/doc/administration/integration/terminal.md index e5920520be7..0440c2ce4f3 100644 --- a/doc/administration/integration/terminal.md +++ b/doc/administration/integration/terminal.md @@ -114,5 +114,5 @@ lifetime in your GitLab instance: 1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). 1. Select **Admin Area**. -1. Select [**Settings > Web terminal**](../../user/admin_area/settings/index.md#general). +1. Select [**Settings > Web terminal**](../../administration/settings/index.md#general). 1. Set a `max session time`. diff --git a/doc/administration/license_file.md b/doc/administration/license_file.md new file mode 100644 index 00000000000..00359d13253 --- /dev/null +++ b/doc/administration/license_file.md @@ -0,0 +1,252 @@ +--- +stage: Fulfillment +group: Provision +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments +--- + +<!-- To promote the workflow described in license.md, this page is not included in global left nav. --> + +# Activate GitLab EE with a license file or key + +If you receive a license file from GitLab (for example, for a trial), you can +upload it to your instance or add it during installation. The license file is +a base64-encoded ASCII text file with a `.gitlab-license` extension. + +The first time you sign in to your GitLab instance, a note with a +link to the **Add license** page should be displayed. + +Otherwise, to add your license: + +1. Sign in to GitLab as an administrator. +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Settings > General**. +1. In the **Add License** area, add a license by either uploading the file or entering the key. +1. Select the **Terms of Service** checkbox. +1. Select **Add license**. + +NOTE: +In GitLab 14.7.x to 14.9.x, you can add the license file with the UI. +In GitLab 14.1.x to 14.7, if you have already activated your subscription with an activation code, you cannot access **Add License** from the Admin Area. You must access **Add License** directly from the URL, `<YourGitLabURL>/admin/license/new`. + +## Activate subscription during installation + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/114572) in GitLab 16.0. + +To activate your subscription during installation, set the `GITLAB_ACTIVATION_CODE` environment variable with the activation code: + +```shell +export GITLAB_ACTIVATION_CODE=your_activation_code +``` + +## Add license file during installation + +If you have a license, you can also import it when you install GitLab. + +- For self-compiled installations: + - Place the `Gitlab.gitlab-license` file in the `config/` directory. + - To specify a custom location and filename for the license, set the + `GITLAB_LICENSE_FILE` environment variable with the path to the file: + + ```shell + export GITLAB_LICENSE_FILE="/path/to/license/file" + ``` + +- For Linux package installations: + - Place the `Gitlab.gitlab-license` file in the `/etc/gitlab/` directory. + - To specify a custom location and filename for the license, add this entry to `gitlab.rb`: + + ```ruby + gitlab_rails['initial_license_file'] = "/path/to/license/file" + ``` + +WARNING: +These methods only add a license at the time of installation. To renew or upgrade +a license, add the license in the **Admin Area** in the web user interface. + +## Submit license usage data + +If you use a license file or key to activate your instance in an offline environment, you must submit your license +usage data monthly. +To submit the data, [export your license usage](../subscriptions/self_managed/index.md#export-your-license-usage) +and send it by email to the renewals service, `renewals-service@customers.gitlab.com`. + +If you don't submit your data each month after your subscription start date, an email is sent to the address +associated with your subscription and a banner displays to remind you to submit your data. The banner displays +in the **Admin Area** on the **Dashboard** and on the **Subscription** pages. You can only dismiss it until the +following month after you submit your license usage data. + +## What happens when your license expires + +Fifteen days before the license expires, a notification banner with the upcoming expiration +date displays to GitLab administrators. + +When your license expires, GitLab locks features, like Git pushes +and issue creation. Your instance becomes read-only and +an expiration message displays to all administrators. You have a 14-day grace period +before this occurs. + +To resume functionality, [renew your subscription](../subscriptions/self_managed/index.md#renew-subscription-manually). + +If the license has been expired for more than 30 days, you must purchase a [new subscription](../subscriptions/self_managed/index.md) to resume functionality. + +To go back to Free features, [delete all expired licenses](#remove-a-license). + +## Remove a license + +To remove a license from a self-managed instance: + +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Subscription**. +1. Select **Remove license**. + +Repeat these steps to remove all licenses, including those applied in the past. + +## View license details and history + +To view your license details: + +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Subscription**. + +You can add and view more than one license, but only the latest license in +the current date range is the active license. + +When you add a future-dated license, it doesn't take effect until its applicable date. +You can view all active subscriptions in the **Subscription history** table. + +You can also [export](../subscriptions/self_managed/index.md) your license usage information to a CSV file. + +NOTE: +In GitLab 13.6 and earlier, a banner about an expiring license may continue to display +when you add a new license. This happens when the start date of the new license +is in the future and the expiring one is still active. +The banner disappears after the new license becomes active. + +## Troubleshooting + +### No Subscription area in the Admin Area + +You cannot add your license because there is no **Subscription** area. +This issue might occur if: + +- You're running GitLab Community Edition. Before you add your license, you + must [upgrade to Enterprise Edition](../update/index.md#community-to-enterprise-edition). +- You're using GitLab.com. You cannot add a self-managed license to GitLab.com. + To use paid features on GitLab.com, [purchase a separate subscription](../subscriptions/gitlab_com/index.md). + +### Users exceed license limit upon renewal + +GitLab displays a message prompting you to purchase +additional users. This issue occurs if you add a license that does not have enough +users to cover the number of users in your instance. + +To fix this issue, purchase additional seats to cover those users. +For more information, read the [licensing FAQ](https://about.gitlab.com/pricing/licensing-faq/). + +In GitLab 14.2 and later, for instances that use a license file, the following +rules apply: + +- If the users over license are less than or equal to 10% of the users in the license + file, the license is applied and you pay the overage in the next renewal. +- If the users over license are more than 10% of the users in the license file, + you cannot apply the license without purchasing more users. + +For example, if you purchase a license for 100 users, you can have 110 users when you add +your license. However, if you have 111 users, you must purchase more users before you can add +the license. + +### `Start GitLab Ultimate trial` still displays after adding license + +To fix this issue, restart [Puma or your entire GitLab instance](../administration/restart_gitlab.md). + +### License commands in the rails console + +The following commands can be run in the [rails console](../administration/operations/rails_console.md#starting-a-rails-console-session). + +WARNING: +Any command that changes data directly could be damaging if not run correctly, or under the right conditions. +We highly recommend running them in a test environment with a backup of the instance ready to be restored, just in case. + +#### See current license information + +```ruby +# License information (name, company, email address) +License.current.licensee + +# Plan: +License.current.plan + +# Uploaded: +License.current.created_at + +# Started: +License.current.starts_at + +# Expires at: +License.current.expires_at + +# Is this a trial license? +License.current.trial? + +# License ID for lookup on CustomersDot +License.current.license_id + +# License data in Base64-encoded ASCII format +License.current.data + +# Confirm the current billable seat count excluding guest users. This is useful for customers who use an Ultimate subscription tier where Guest seats are not counted. +User.active.without_bots.excluding_guests.count + +``` + +#### Interaction with licenses that start in the future + +```ruby +# Future license data follows the same format as current license data it just uses a different modifier for the License prefix +License.future_dated +``` + +#### Check if a project feature is available on the instance + +Features listed in [`features.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/models/gitlab_subscriptions/features.rb). + +```ruby +License.current.feature_available?(:jira_dev_panel_integration) +``` + +#### Check if a project feature is available in a project + +Features listed in [`features.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/models/gitlab_subscriptions/features.rb). + +```ruby +p = Project.find_by_full_path('<group>/<project>') +p.feature_available?(:jira_dev_panel_integration) +``` + +#### Add a license through the console + +```ruby +key = "<key>" +license = License.new(data: key) +license.save +License.current # check to make sure it applied +``` + +This is needed for example in a known edge-case with +[expired license and multiple LDAP servers](../administration/auth/ldap/ldap-troubleshooting.md#expired-license-causes-errors-with-multiple-ldap-servers). + +#### Remove licenses + +To clean up the [License History table](../administration/license_file.md#view-license-details-and-history): + +```ruby +TYPE = :trial? +# or :expired? + +License.select(&TYPE).each(&:destroy!) + +# or even License.all.each(&:destroy!) +``` diff --git a/doc/administration/operations/index.md b/doc/administration/operations/index.md index 8870c4769ab..be90b0a073f 100644 --- a/doc/administration/operations/index.md +++ b/doc/administration/operations/index.md @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w Keep your GitLab instance up and running. - [Housekeeping](../../administration/housekeeping.md) -- [Activate GitLab EE with license](../../user/admin_area/license_file.md) +- [Activate GitLab EE with license](../../administration/license_file.md) - [Fast SSH key lookup](../../administration/operations/fast_ssh_key_lookup.md) - [File system benchmarking](../../administration/operations/filesystem_benchmarking.md) - [`gitlab-sshd`](../../administration/operations/gitlab_sshd.md) diff --git a/doc/administration/raketasks/maintenance.md b/doc/administration/raketasks/maintenance.md index 50c4b004f9c..d3ea98c13a5 100644 --- a/doc/administration/raketasks/maintenance.md +++ b/doc/administration/raketasks/maintenance.md @@ -410,3 +410,16 @@ To re-import the metrics you can run: ```shell sudo gitlab-rake metrics:setup_common_metrics ``` + +## Troubleshooting + +### Advisory lock connection information + +After running the `db:migrate` Rake task, you may see output like the following: + +```shell +main: == [advisory_lock_connection] object_id: 173580, pg_backend_pid: 5532 +main: == [advisory_lock_connection] object_id: 173580, pg_backend_pid: 5532 +``` + +The messages returned are informational and can be ignored. diff --git a/doc/administration/settings/index.md b/doc/administration/settings/index.md new file mode 100644 index 00000000000..8bc15e6b6b7 --- /dev/null +++ b/doc/administration/settings/index.md @@ -0,0 +1,215 @@ +--- +stage: Create +group: Source Code +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments +type: index +--- + +# Admin Area settings **(FREE SELF)** + +As an administrator of a GitLab self-managed instance, you can manage the behavior of your +deployment. + +The **Admin Area** is not accessible on GitLab.com, and settings can only be changed by the +GitLab.com administrators. For the settings and limits on the GitLab.com instance, +read [GitLab.com settings](../../user/gitlab_com/index.md). + +## Access the Admin Area + +To access the **Admin Area**: + +1. Sign in to your GitLab instance as an administrator. +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Settings**, and the group of settings to view: + - [General](#general) + - [Geo](#geo) + - [CI/CD](#cicd) + - [Integrations](#integrations) + - [Metrics and profiling](#metrics-and-profiling) + - [Network](#network) + - [Preferences](#preferences) + - [Reporting](#reporting) + - [Repository](#repository) + - [Templates](#templates) + +### General + +The **General** settings contain: + +- [Visibility and access controls](../../user/admin_area/settings/visibility_and_access_controls.md) - Set default and + restrict visibility levels. Configure import sources and Git access protocol. +- [Account and limit](../../user/admin_area/settings/account_and_limit_settings.md) - Set projects and maximum size limits, + session duration, user options, and check feature availability for namespace plan. +- [Diff limits](../../user/admin_area/diff_limits.md) - Diff content limits. +- [Sign-up restrictions](../../user/admin_area/settings/sign_up_restrictions.md) - Configure the way a user creates a new account. +- [Sign in restrictions](../../user/admin_area/settings/sign_in_restrictions.md) - Set requirements for a user to sign in. + Enable mandatory two-factor authentication. +- [Terms of Service and Privacy Policy](../../user/admin_area/settings/terms.md) - Include a Terms of Service agreement + and Privacy Policy that all users must accept. +- [External Authentication](../../user/admin_area/settings/external_authorization.md#configuration) - External Classification Policy Authorization. +- [Web terminal](../integration/terminal.md#limiting-websocket-connection-time) - + Set max session time for web terminal. +- [FLoC](floc.md) - Enable or disable + [Federated Learning of Cohorts (FLoC)](https://en.wikipedia.org/wiki/Federated_Learning_of_Cohorts) tracking. +- [GitLab for Slack app](../../user/admin_area/settings/slack_app.md) - Enable and configure the GitLab for Slack app. + +### CI/CD + +The **CI/CD** settings contain: + +- [Continuous Integration and Deployment](../../user/admin_area/settings/continuous_integration.md) - + Auto DevOps, runners and job artifacts. +- [Required pipeline configuration](../../user/admin_area/settings/continuous_integration.md#required-pipeline-configuration) - + Set an instance-wide auto included [pipeline configuration](../../ci/yaml/index.md). + This pipeline configuration is run after the project's own configuration. +- [Package Registry](../../user/admin_area/settings/continuous_integration.md#package-registry-configuration) - + Settings related to the use and experience of using the GitLab Package Registry. Some + [risks are involved](../../user/packages/container_registry/reduce_container_registry_storage.md#use-with-external-container-registries) + in enabling some of these settings. + +## Security and Compliance settings + +- [License compliance settings](../../user/admin_area/settings/security_and_compliance.md#choose-package-registry-metadata-to-sync): Enable or disable synchronization of package metadata by a registry type. + +### Geo **(PREMIUM SELF)** + +The **Geo** setting contains: + +- [Geo](../geo/index.md) - Replicate your GitLab instance to other + geographical locations. Redirects to **Admin Area > Geo > Settings** are no + longer available at **Admin Area > Settings > Geo** in [GitLab 13.0](https://gitlab.com/gitlab-org/gitlab/-/issues/36896). + +### Integrations + +The **Integrations** settings contain: + +- [Elasticsearch](../../integration/advanced_search/elasticsearch.md#enable-advanced-search) - + Elasticsearch integration. Elasticsearch AWS IAM. +- [Kroki](../integration/kroki.md#enable-kroki-in-gitlab) - + Allow rendering of diagrams in AsciiDoc and Markdown documents using [kroki.io](https://kroki.io). +- [Mailgun](../integration/mailgun.md) - Enable your GitLab instance + to receive invite email bounce events from Mailgun, if it is your email provider. +- [PlantUML](../integration/plantuml.md) - Allow rendering of PlantUML + diagrams in documents. +- [Customer experience improvement and third-party offers](../../user/admin_area/settings/third_party_offers.md) - + Control the display of customer experience improvement content and third-party offers. +- [Snowplow](../../development/internal_analytics/snowplow/index.md) - Configure the Snowplow integration. +- [Google GKE](../../user/project/clusters/add_gke_clusters.md) - Google GKE integration enables + you to provision GKE clusters from GitLab. +- [Amazon EKS](../../user/project/clusters/add_eks_clusters.md) - Amazon EKS integration enables + you to provision EKS clusters from GitLab. + +### Metrics and profiling + +The **Metrics and profiling** settings contain: + +- [Metrics - Prometheus](../monitoring/prometheus/gitlab_metrics.md) - + Enable and configure Prometheus metrics. +- [Metrics - Grafana](../monitoring/performance/grafana_configuration.md#integrate-with-gitlab-ui) - + Enable and configure Grafana. +- [Profiling - Performance bar](../monitoring/performance/performance_bar.md#enable-the-performance-bar-for-non-administrators) - + Enable access to the Performance Bar for non-administrator users in a given group. +- [Usage statistics](../../user/admin_area/settings/usage_statistics.md) - Enable or disable version check and Service Ping. + +### Network + +The **Network** settings contain: + +- Performance optimization - Various settings that affect GitLab performance, including: + - [Write to `authorized_keys` file](../operations/fast_ssh_key_lookup.md#set-up-fast-lookup). + - [Push event activities limit and bulk push events](../../user/admin_area/settings/push_event_activities_limit.md). +- [User and IP rate limits](../../user/admin_area/settings/user_and_ip_rate_limits.md) - Configure limits for web and API requests. + These rate limits can be overridden: + - [Package Registry Rate Limits](../../user/admin_area/settings/package_registry_rate_limits.md) - Configure specific + limits for Packages API requests that supersede the user and IP rate limits. + - [Git LFS Rate Limits](../../user/admin_area/settings/git_lfs_rate_limits.md) - Configure specific limits for + Git LFS requests that supersede the user and IP rate limits. + - [Files API Rate Limits](../../user/admin_area/settings/files_api_rate_limits.md) - Configure specific limits for + Files API requests that supersede the user and IP rate limits. + - [Search rate limits](../instance_limits.md#search-rate-limit) - Configure global search request rate limits for authenticated and unauthenticated users. + - [Deprecated API Rate Limits](../../user/admin_area/settings/deprecated_api_rate_limits.md) - Configure specific limits + for deprecated API requests that supersede the user and IP rate limits. +- [Outbound requests](../../security/webhooks.md) - Allow requests to the local network from webhooks and integrations, or deny all outbound requests. +- [Protected Paths](../../user/admin_area/settings/protected_paths.md) - Configure paths to be protected by Rack Attack. +- [Incident Management Limits](../../operations/incident_management/index.md) - Limit the + number of inbound alerts that can be sent to a project. +- [Notes creation limit](../../user/admin_area/settings/rate_limit_on_notes_creation.md) - Set a rate limit on the note creation requests. +- [Get single user limit](../../user/admin_area/settings/rate_limit_on_users_api.md) - Set a rate limit on users API endpoint to get a user by ID. +- [Projects API rate limits for unauthenticated requests](../../user/admin_area/settings/rate_limit_on_projects_api.md) - Set a rate limit on Projects list API endpoint for unauthenticated requests. + +### Preferences + +The **Preferences** settings contain: + +- [Email](../../user/admin_area/settings/email.md) - Various email settings. +- [What's new](../whats-new.md) - Configure **What's new** drawer and content. +- [Help page](help_page.md) - Help page text and support page URL. +- [Pages](../pages/index.md#custom-domain-verification) - + Size and domain settings for static websites. +- [Polling interval multiplier](../polling.md) - + Configure how frequently the GitLab UI polls for updates. +- [Gitaly timeouts](gitaly_timeouts.md) - Configure Gitaly timeouts. +- Localization: + - [Default first day of the week](../../user/profile/preferences.md). + - [Time tracking](../../user/project/time_tracking.md#limit-displayed-units-to-hours). +- [Sidekiq Job Limits](../../user/admin_area/settings/sidekiq_job_limits.md) - Limit the size of Sidekiq jobs stored in Redis. + +### Reporting + +The **Reporting** settings contain: + +- Spam and Anti-bot protection: + - Anti-spam services, such as [reCAPTCHA](../../integration/recaptcha.md), + [Akismet](../../integration/akismet.md), or [Spamcheck](../../user/admin_area/reporting/spamcheck.md). + - [IP address restrictions](../../user/admin_area/reporting/ip_addr_restrictions.md). +- [Abuse reports](../../user/admin_area/review_abuse_reports.md) - Set notification email for abuse reports. +- [Git abuse rate limit](../../user/admin_area/reporting/git_abuse_rate_limit.md) - Configure Git abuse rate limit settings. **(ULTIMATE SELF)** + +### Repository + +The **Repository** settings contain: + +- [Repository's custom initial branch name](../../user/project/repository/branches/default.md#instance-level-custom-initial-branch-name) - + Set a custom branch name for new repositories created in your instance. +- [Repository's initial default branch protection](../../user/project/repository/branches/default.md#instance-level-default-branch-protection) - + Configure the branch protections to apply to every repository's default branch. +- [Repository mirror](../../user/admin_area/settings/visibility_and_access_controls.md#enable-project-mirroring) - + Configure repository mirroring. +- [Repository storage](../repository_storage_types.md) - Configure storage path settings. +- Repository maintenance: + - [Repository checks](../repository_checks.md) - Configure + automatic Git checks on repositories. + - [Housekeeping](../housekeeping.md). Configure automatic + Git housekeeping on repositories. + - [Inactive project deletion](../inactive_project_deletion.md). Configure inactive + project deletion. +- [Repository static objects](../static_objects_external_storage.md) - + Serve repository static objects (for example, archives and blobs) from an external storage (for example, a CDN). + +### Templates **(PREMIUM SELF)** + +The **Templates** settings contain: + +- [Templates](../../user/admin_area/settings/instance_template_repository.md#configuration) - Set instance-wide template repository. +- [Custom project templates](../../user/admin_area/custom_project_templates.md) - Select the custom project template source group. + +## Default first day of the week + +You can change the [Default first day of the week](../../user/profile/preferences.md) +for the entire GitLab instance: + +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Settings > Preferences**. +1. Scroll to the **Localization** section, and select your desired first day of the week. + +## Default language + +You can change the [Default language](../../user/profile/preferences.md) +for the entire GitLab instance: + +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Settings > Preferences**. +1. Scroll to the **Localization** section, and select your desired default language. diff --git a/doc/administration/settings/package_registry_rate_limits.md b/doc/administration/settings/package_registry_rate_limits.md new file mode 100644 index 00000000000..369b55c8087 --- /dev/null +++ b/doc/administration/settings/package_registry_rate_limits.md @@ -0,0 +1,57 @@ +--- +stage: Package +group: Package Registry +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments +type: reference +--- + +# Package Registry Rate Limits **(FREE SELF)** + +With the [GitLab Package Registry](../../user/packages/package_registry/index.md), +you can use GitLab as a private or public registry for a variety of common package managers. You can +publish and share packages, which others can consume as a dependency in downstream projects through +the [Packages API](../../api/packages.md). + +If downstream projects frequently download such dependencies, many requests are made through the +Packages API. You may therefore reach enforced [user and IP rate limits](../../user/admin_area/settings/user_and_ip_rate_limits.md). +To address this issue, you can define specific rate limits for the Packages API: + +- [Unauthenticated requests (per IP)](#enable-unauthenticated-request-rate-limit-for-packages-api). +- [Authenticated API requests (per user)](#enable-authenticated-api-request-rate-limit-for-packages-api). + +These limits are disabled by default. + +When enabled, they supersede the general user and IP rate limits for requests to +the Packages API. You can therefore keep the general user and IP rate limits, and +increase the rate limits for the Packages API. Besides this precedence, there is +no difference in functionality compared to the general user and IP rate limits. + +## Enable unauthenticated request rate limit for packages API + +To enable the unauthenticated request rate limit: + +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Settings > Network**. +1. Expand **Package registry rate limits**. +1. Select **Enable unauthenticated request rate limit**. + + - Optional. Update the **Maximum unauthenticated requests per rate limit period per IP** value. + Defaults to `800`. + - Optional. Update the **Unauthenticated rate limit period in seconds** value. + Defaults to `15`. + +## Enable authenticated API request rate limit for packages API + +To enable the authenticated API request rate limit: + +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Settings > Network** +1. Expand **Package registry rate limits**. +1. Select **Enable authenticated API request rate limit**. + + - Optional. Update the **Maximum authenticated API requests per rate limit period per user** value. + Defaults to `1000`. + - Optional. Update the **Authenticated API rate limit period in seconds** value. + Defaults to `15`. diff --git a/doc/administration/settings/project_integration_management.md b/doc/administration/settings/project_integration_management.md new file mode 100644 index 00000000000..1bb4465020c --- /dev/null +++ b/doc/administration/settings/project_integration_management.md @@ -0,0 +1,138 @@ +--- +stage: Manage +group: Import and Integrate +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments +--- + +# Project integration management **(FREE)** + +Project integrations can be configured and enabled by project administrators. As a GitLab instance +administrator, you can set default configuration parameters for a given integration that all projects +can inherit and use, enabling the integration for all projects that are not already using custom +settings. + +You can update these default settings at any time, changing the settings used for all projects that +are set to use instance-level or group-level defaults. Updating the default settings also enables the integration +for all projects that didn't have it already enabled. + +Only the complete settings for an integration can be inherited. Per-field inheritance is [planned](https://gitlab.com/groups/gitlab-org/-/epics/2137). + +## Manage instance-level default settings for a project integration **(FREE SELF)** + +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2137) in GitLab 13.3 for project-level integrations. +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2543) in GitLab 13.6 for group-level integrations. + +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Settings > Integrations**. +1. Select an integration. +1. Enter configuration details and select **Save changes**. + +WARNING: +This may affect all or most of the groups and projects on your GitLab instance. Review the details +below. + +If this is the first time you are setting up instance-level settings for an integration: + +- The integration is enabled for all groups and projects that don't already have this integration configured, + if you have the **Enable integration** toggle turned on in the instance-level settings. +- Groups and projects that already have the integration configured are not affected, but can choose to use the + inherited settings at any time. + +When you make further changes to the instance defaults: + +- They are immediately applied to all groups and projects that have the integration set to use default settings. +- They are immediately applied to newer groups and projects, created after you last saved defaults for the + integration. If your instance-level default setting has the **Enable integration** toggle turned + on, the integration is automatically enabled for all such groups and projects. +- Groups and projects with custom settings selected for the integration are not immediately affected and may + choose to use the latest defaults at any time. + +Only the complete settings for an integration can be inherited. Per-field inheritance +is [planned](https://gitlab.com/groups/gitlab-org/-/epics/2137). This would allow +administrators to update settings inherited by groups and projects without enabling the +integration on all non-configured groups and projects by default. + +### Remove an instance-level default setting + +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Settings > Integrations**. +1. Select an integration. +1. Select **Reset** and confirm. + +Resetting an instance-level default setting removes the integration from all projects that have the integration set to use default settings. + +### View projects that override the default settings + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/218252) in GitLab 14.2. + +You can view which projects in your instance use custom settings that [override the instance-level default settings](#use-custom-settings-for-a-group-or-project-integration) +for an integration. + +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Settings > Integrations**. +1. Select an integration. +1. Select the **Projects using custom settings** tab. + +## Manage group-level default settings for a project integration + +> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2543) in GitLab 13.6. + +1. Navigate to the group's **Settings > Integrations**. +1. Select an integration. +1. Enter configuration details and select **Save changes**. + +WARNING: +This may affect all or most of the subgroups and projects belonging to the group. Review the details below. + +If this is the first time you are setting up group-level settings for an integration: + +- The integration is enabled for all subgroups and projects belonging to the group that don't already have + this integration configured, if you have the **Enable integration** toggle turned on in the group-level + settings. +- Subgroups and projects that already have the integration configured are not affected, but can choose to use + the inherited settings at any time. + +When you make further changes to the group defaults: + +- They are immediately applied to all subgroups and projects belonging to the group that have the integration + set to use default settings. +- They are immediately applied to newer subgroups and projects, even those created after you last saved defaults for the + integration. If your group-level default setting has the **Enable integration** toggle turned on, + the integration is automatically enabled for all such subgroups and projects. + +- Subgroups and projects with custom settings selected for the integration are not immediately affected and + may choose to use the latest defaults at any time. + +Only the complete settings for an integration can be inherited. Per-field inheritance +is [planned](https://gitlab.com/groups/gitlab-org/-/epics/2137). This would allow +administrators to update settings inherited by subgroups and projects without enabling the +integration on all non-configured groups and projects by default. + +### Remove a group-level default setting + +1. Navigate to the group's **Settings > Integrations**. +1. Select an integration. +1. Select **Reset** and confirm. + +Resetting a group-level default setting removes integrations that use default settings and belong to a project or subgroup of the group. + +## Use instance-level or group-level default settings for a project integration + +> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2543) in GitLab 13.6 for group-level settings. + +1. Navigate to **Project > Settings > Integrations**. +1. Choose the integration you want to enable or update. +1. From the dropdown list, select **Use default settings**. +1. Ensure the toggle is set to **Enable integration**. +1. Select **Save changes**. + +## Use custom settings for a group or project integration + +1. Navigate to project or group's **Settings > Integrations**. +1. Choose the integration you want to enable or update. +1. From the dropdown list, select **Use custom settings**. +1. Ensure the toggle is set to **Enable integration** and enter all required settings. +1. Select **Save changes**. diff --git a/doc/administration/snippets/index.md b/doc/administration/snippets/index.md index 613d161a64c..9b485140070 100644 --- a/doc/administration/snippets/index.md +++ b/doc/administration/snippets/index.md @@ -25,7 +25,7 @@ content changes. ### Snippets size limit configuration -This setting is not available through the [Admin Area settings](../../user/admin_area/settings/index.md). +This setting is not available through the [Admin Area settings](../settings/index.md). To configure this setting, use either the Rails console or the [Application settings API](../../api/settings.md). diff --git a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md index fc319fad3e8..f164e8ccbad 100644 --- a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md +++ b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md @@ -50,7 +50,7 @@ This content has been moved to [Troubleshooting CI/CD](../../ci/troubleshooting. ## License -This content has been moved to [Activate GitLab EE with a license file or key](../../user/admin_area/license_file.md). +This content has been moved to [Activate GitLab EE with a license file or key](../../administration/license_file.md). ## Registry diff --git a/doc/administration/wikis/index.md b/doc/administration/wikis/index.md index 540e50d5c70..2850d546bce 100644 --- a/doc/administration/wikis/index.md +++ b/doc/administration/wikis/index.md @@ -26,7 +26,7 @@ is edited again and the content changes. ### Wiki page content size limit configuration -This setting is not available through the [Admin Area settings](../../user/admin_area/settings/index.md). +This setting is not available through the [Admin Area settings](../settings/index.md). To configure this setting, use either the Rails console or the [Application settings API](../../api/settings.md). |