diff options
author | Patricio Cano <suprnova32@gmail.com> | 2016-06-23 18:43:36 -0500 |
---|---|---|
committer | Patricio Cano <suprnova32@gmail.com> | 2016-07-05 16:54:22 -0500 |
commit | 5841851551db6b9aa682b17a075535cd431c2c2a (patch) | |
tree | 9819a49dbd9cd872c3ac4596e0a6e3385f4ee8fb | |
parent | 41c87b9a23d7ebf24c3c100a4c261b8d2a68d0ff (diff) | |
download | gitlab-ce-5841851551db6b9aa682b17a075535cd431c2c2a.tar.gz |
Added documentation on the access restrictions.
-rw-r--r-- | doc/README.md | 1 | ||||
-rw-r--r-- | doc/administration/access_restrictions.md | 38 | ||||
-rw-r--r-- | doc/administration/img/access_restrictions.png | bin | 0 -> 317529 bytes | |||
-rw-r--r-- | doc/administration/img/restricted_url.png | bin | 0 -> 188210 bytes |
4 files changed, 39 insertions, 0 deletions
diff --git a/doc/README.md b/doc/README.md index 53a12d2a455..cf7a828d91e 100644 --- a/doc/README.md +++ b/doc/README.md @@ -21,6 +21,7 @@ ## Administrator documentation +- [Access restrictions](administration/access_restrictions.md) Define which Git access protocols can be used to talk to GitLab - [Authentication/Authorization](administration/auth/README.md) Configure external authentication with LDAP, SAML, CAS and additional Omniauth providers. - [Custom Git hooks](administration/custom_hooks.md) Custom Git hooks (on the filesystem) for when webhooks aren't enough. diff --git a/doc/administration/access_restrictions.md b/doc/administration/access_restrictions.md new file mode 100644 index 00000000000..d3a58b8c144 --- /dev/null +++ b/doc/administration/access_restrictions.md @@ -0,0 +1,38 @@ +# Access Restrictions + +> **Note:** This feature is only available on versions 8.10 and above. + +With GitLab's Access restrictions you can choose which Git access protocols you +want your users to use to communicate with GitLab. This feature can be enabled +via the `Application Settings` in the Admin interface. + +The setting is called `Enabled Git access protocols`, and it gives you the option +to choose between: + +- Both SSH and HTTP(S) +- Only SSH +- Only HTTP(s) + +![](img/access_restrictions.png) + +## Enabled Protocol + +When both SSH and HTTP(S) are enabled, GitLab will behave as usual, it will give +your users the option to choose which protocol they would like to use. + +When you choose to allow only one of the protocols, a couple of things will happen: + +- The project page will only show the allowed protocol's URL, with no option to + change it. +- A tooltip will be shown when you hover over the URL's protocol, if an action + on the user's part is required, e.g. adding an SSH key, or setting a password. + +![](img/restricted_url.png) + +On top of these UI restrictions, GitLab will deny all Git actions on the protocol +not selected. + +> **Note:** Please keep in mind that disabling an access protocol does not actually + block access to the server itself. The ports used for the protocol, be it SSH or + HTTP, will still be accessible. What GitLab does is restrict access on the + application level.
\ No newline at end of file diff --git a/doc/administration/img/access_restrictions.png b/doc/administration/img/access_restrictions.png Binary files differnew file mode 100644 index 00000000000..66fd9491e85 --- /dev/null +++ b/doc/administration/img/access_restrictions.png diff --git a/doc/administration/img/restricted_url.png b/doc/administration/img/restricted_url.png Binary files differnew file mode 100644 index 00000000000..0a677433dcf --- /dev/null +++ b/doc/administration/img/restricted_url.png |