diff options
author | Kassio Borges <kborges@gitlab.com> | 2022-11-03 11:29:35 +0300 |
---|---|---|
committer | Alessio Caiazza <acaiazza@gitlab.com> | 2022-11-03 11:29:35 +0300 |
commit | 5f51016111a64f54272eb40383467c8a45876fae (patch) | |
tree | f8b30898d4d58f1d23da501163b7f15e9acd3c0f /internal/config | |
parent | 9759fdf494816a1a42b8b3590dde9f74b0aec76e (diff) |
Add auth-cookie-session-timeout flag
Related to: https://gitlab.com/gitlab-org/gitlab-pages/-/issues/806
Changelog: added
Diffstat (limited to 'internal/config')
-rw-r--r-- | internal/config/config.go | 27 | ||||
-rw-r--r-- | internal/config/flags.go | 12 |
2 files changed, 22 insertions, 17 deletions
diff --git a/internal/config/config.go b/internal/config/config.go index 50146011..5a1736ec 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -88,12 +88,13 @@ type ArtifactsServer struct { // Auth groups settings related to configuring Authentication with // GitLab type Auth struct { - Secret string - ClientID string - ClientSecret string - RedirectURI string - Scope string - Timeout time.Duration + Secret string + ClientID string + ClientSecret string + RedirectURI string + Scope string + Timeout time.Duration + CookieSessionTimeout time.Duration } // Cache configuration for GitLab API @@ -318,12 +319,13 @@ func loadConfig() (*Config, error) { URL: *artifactsServer, }, Authentication: Auth{ - Secret: *secret, - ClientID: *clientID, - ClientSecret: *clientSecret, - RedirectURI: *redirectURI, - Scope: *authScope, - Timeout: *authTimeout, + Secret: *secret, + ClientID: *clientID, + ClientSecret: *clientSecret, + RedirectURI: *redirectURI, + Scope: *authScope, + Timeout: *authTimeout, + CookieSessionTimeout: *authCookieSessionTimeout, }, Log: Log{ Format: *logFormat, @@ -440,6 +442,7 @@ func LogConfig(config *Config) { "enable-disk": config.GitLab.EnableDisk, "auth-redirect-uri": config.Authentication.RedirectURI, "auth-scope": config.Authentication.Scope, + "auth-cookie-session-timeout": config.Authentication.CookieSessionTimeout, "max-conns": config.General.MaxConns, "max-uri-length": config.General.MaxURILength, "zip-cache-expiration": config.Zip.ExpirationInterval, diff --git a/internal/config/flags.go b/internal/config/flags.go index 9d79f0bc..4b8ee7a0 100644 --- a/internal/config/flags.go +++ b/internal/config/flags.go @@ -68,11 +68,13 @@ var ( enableDisk = flag.Bool("enable-disk", true, "Enable disk access, shall be disabled in environments where shared disk storage isn't available") - clientID = flag.String("auth-client-id", "", "GitLab application Client ID") - clientSecret = flag.String("auth-client-secret", "", "GitLab application Client Secret") - redirectURI = flag.String("auth-redirect-uri", "", "GitLab application redirect URI") - authScope = flag.String("auth-scope", "api", "Scope to be used for authentication (must match GitLab Pages OAuth application settings)") - authTimeout = flag.Duration("auth-timeout", 5*time.Second, "GitLab application client timeout for authentication") + clientID = flag.String("auth-client-id", "", "GitLab application Client ID") + clientSecret = flag.String("auth-client-secret", "", "GitLab application Client Secret") + redirectURI = flag.String("auth-redirect-uri", "", "GitLab application redirect URI") + authScope = flag.String("auth-scope", "api", "Scope to be used for authentication (must match GitLab Pages OAuth application settings)") + authTimeout = flag.Duration("auth-timeout", 5*time.Second, "GitLab application client timeout for authentication") + authCookieSessionTimeout = flag.Duration("auth-cookie-session-timeout", 10*time.Minute, "Authentication cookie session timeout (truncated to seconds). A zero value means the cookie will be deleted after the browser session ends") + maxConns = flag.Int("max-conns", 0, "Limit on the number of concurrent connections to the HTTP, HTTPS or proxy listeners, 0 for no limit") maxURILength = flag.Int("max-uri-length", 1024, "Limit the length of URI, 0 for unlimited.") insecureCiphers = flag.Bool("insecure-ciphers", false, "Use default list of cipher suites, may contain insecure ones like 3DES and RC4") |