diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-20 00:08:20 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-20 00:08:20 +0000 |
| commit | 59accb4c4780f194554b86c7be3c4a916fb70737 (patch) | |
| tree | dac53b413bbac9ba1bc2a523ec64bed2c94d6f7a /doc/administration/pages | |
| parent | 680d18802596089dc407b7011bcf682d24846aec (diff) | |
| download | gitlab-ce-59accb4c4780f194554b86c7be3c4a916fb70737.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/administration/pages')
| -rw-r--r-- | doc/administration/pages/index.md | 93 |
1 files changed, 37 insertions, 56 deletions
diff --git a/doc/administration/pages/index.md b/doc/administration/pages/index.md index 15d7567ad5c..21d13be47bd 100644 --- a/doc/administration/pages/index.md +++ b/doc/administration/pages/index.md @@ -455,9 +455,36 @@ You can run the GitLab Pages daemon on a separate server in order to decrease th To configure GitLab Pages on a separate server: +DANGER: **Danger:** +The following procedure includes steps to back up and edit the +`gitlab-secrets.json` file. This file contains secrets that control +database encryption. Proceed with caution. + +1. On the **GitLab server**, to enable Pages, add the following to `/etc/gitlab/gitlab.rb`: + + ```ruby + gitlab_pages['enable'] = true + ``` + +1. Optionally, to enable [access control](#access-control), add the following to `/etc/gitlab/gitlab.rb`: + + ```ruby + gitlab_pages['access_control'] = true + ``` + +1. [Reconfigure the **GitLab server**](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the + changes to take effect. The `gitlab-secrets.json` file is now updated with the + new configuration. + +1. Create a backup of the secrets file on the **GitLab server**: + + ```shell + cp /etc/gitlab/gitlab-secrets.json /etc/gitlab/gitlab-secrets.json.bak + ``` + 1. Set up a new server. This will become the **Pages server**. -1. Create an NFS share on the new server and configure this share to +1. Create an [NFS share](../high_availability/nfs_host_client_setup.md) on the new server and configure this share to allow access from your main **GitLab server**. For this example, we use the default GitLab Pages folder `/var/opt/gitlab/gitlab-rails/shared/pages` as the shared folder on the new server and we will mount it to `/mnt/pages` @@ -481,6 +508,15 @@ To configure GitLab Pages on a separate server: gitlab_rails['auto_migrate'] = false ``` +1. Create a backup of the secrets file on the **Pages server**: + + ```shell + cp /etc/gitlab/gitlab-secrets.json /etc/gitlab/gitlab-secrets.json.bak + ``` + +1. Copy the `/etc/gitlab/gitlab-secrets.json` file from the **GitLab server** + to the **Pages server**. + 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. 1. On the **GitLab server**, make the following changes to `/etc/gitlab/gitlab.rb`: @@ -500,61 +536,6 @@ configuring a load balancer to work at the IP level, and so on. If you wish to set up GitLab Pages on multiple servers, perform the above procedure for each Pages server. -### Access control when running GitLab Pages on a separate server - -If you are [running GitLab Pages on a separate server](#running-gitlab-pages-on-a-separate-server), -then you must use the following procedure to configure [access control](#access-control): - -1. On the **GitLab server**, add the following to `/etc/gitlab/gitlab.rb`: - - ```ruby - gitlab_pages['enable'] = true - gitlab_pages['access_control'] = true - ``` - -1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the - changes to take effect. The `gitlab-secrets.json` file is now updated with the - new configuration. - - DANGER: **Danger:** - The `gitlab-secrets.json` file contains secrets that control database encryption. - Do not edit or replace this file on the **GitLab server** or you might - experience permanent data loss. Make a backup copy of this file before proceeding, - as explained in the following steps. - -1. Create a backup of the secrets file on the **GitLab server**: - - ```shell - cp /etc/gitlab/gitlab-secrets.json /etc/gitlab/gitlab-secrets.json.bak - ``` - -1. Create a backup of the secrets file on the **Pages server**: - - ```shell - cp /etc/gitlab/gitlab-secrets.json /etc/gitlab/gitlab-secrets.json.bak - ``` - -1. Disable Pages on the **GitLab server** by setting the following in - `/etc/gitlab/gitlab.rb`: - - ```ruby - gitlab_pages['enable'] = false - ``` - -1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. - -1. Copy the `/etc/gitlab/gitlab-secrets.json` file from the **GitLab server** - to the **Pages server**. - -1. On your **Pages server**, add the following to `/etc/gitlab/gitlab.rb`: - - ```ruby - gitlab_pages['gitlab_server'] = "https://<your-gitlab-server-URL>" - gitlab_pages['access_control'] = true - ``` - -1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. - ## Backup GitLab Pages are part of the [regular backup](../../raketasks/backup_restore.md), so there is no separate backup to configure. |