diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-19 09:08:42 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-19 09:08:42 +0000 |
commit | b76ae638462ab0f673e5915986070518dd3f9ad3 (patch) | |
tree | bdab0533383b52873be0ec0eb4d3c66598ff8b91 /doc/administration/raketasks | |
parent | 434373eabe7b4be9593d18a585fb763f1e5f1a6f (diff) | |
download | gitlab-ce-b76ae638462ab0f673e5915986070518dd3f9ad3.tar.gz |
Add latest changes from gitlab-org/gitlab@14-2-stable-eev14.2.0-rc42
Diffstat (limited to 'doc/administration/raketasks')
-rw-r--r-- | doc/administration/raketasks/check.md | 2 | ||||
-rw-r--r-- | doc/administration/raketasks/doctor.md | 2 | ||||
-rw-r--r-- | doc/administration/raketasks/smtp.md | 103 | ||||
-rw-r--r-- | doc/administration/raketasks/uploads/migrate.md | 6 |
4 files changed, 109 insertions, 4 deletions
diff --git a/doc/administration/raketasks/check.md b/doc/administration/raketasks/check.md index bcc2f838565..56bf711f187 100644 --- a/doc/administration/raketasks/check.md +++ b/doc/administration/raketasks/check.md @@ -21,7 +21,7 @@ There are 3 things that are checked to determine integrity. 1. Check for `config.lock` in the repository directory. 1. Check for any branch/references lock files in `refs/heads`. -It's important to note that the existence of `config.lock` or reference locks +The existence of `config.lock` or reference locks alone do not necessarily indicate a problem. Lock files are routinely created and removed as Git and GitLab perform operations on the repository. They serve to prevent data integrity issues. However, if a Git operation is interrupted these diff --git a/doc/administration/raketasks/doctor.md b/doc/administration/raketasks/doctor.md index ec3f7835b9c..02d1557b6a4 100644 --- a/doc/administration/raketasks/doctor.md +++ b/doc/administration/raketasks/doctor.md @@ -70,6 +70,7 @@ bundle exec rake gitlab:doctor:secrets RAILS_ENV=production VERBOSE=1 **Example verbose output** <!-- vale gitlab.SentenceSpacing = NO --> + ```plaintext I, [2020-06-11T17:17:54.951815 #27148] INFO -- : Checking encrypted values in the database I, [2020-06-11T17:18:12.677708 #27148] INFO -- : - ApplicationSetting failures: 0 @@ -83,4 +84,5 @@ I, [2020-06-11T17:18:15.575533 #27148] INFO -- : - ScimOauthAccessToken failure I, [2020-06-11T17:18:15.575678 #27148] INFO -- : Total: 1 row(s) affected I, [2020-06-11T17:18:15.575711 #27148] INFO -- : Done! ``` + <!-- vale gitlab.SentenceSpacing = YES --> diff --git a/doc/administration/raketasks/smtp.md b/doc/administration/raketasks/smtp.md new file mode 100644 index 00000000000..c738f1dcd00 --- /dev/null +++ b/doc/administration/raketasks/smtp.md @@ -0,0 +1,103 @@ +--- +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# SMTP Rake tasks **(FREE SELF)** + +[Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/67802) in GitLab 14.2. + +The following are SMTP-related Rake tasks. + +## Secrets + +GitLab can use SMTP configuration secrets to read from an encrypted file. The following Rake tasks are provided for updating the contents of the encrypted file. + +### Show secret + +Show the contents of the current SMTP secrets. + +**Omnibus Installation** + +```shell +sudo gitlab-rake gitlab:smtp:secret:show +``` + +**Source Installation** + +```shell +bundle exec rake gitlab:smtp:secret:show RAILS_ENV=production +``` + +**Example output:** + +```plaintext +password: '123' +user_name: 'gitlab-inst' +``` + +### Edit secret + +Opens the secret contents in your editor, and writes the resulting content to the encrypted secret file when you exit. + +**Omnibus Installation** + +```shell +sudo gitlab-rake gitlab:smtp:secret:edit EDITOR=vim +``` + +**Source Installation** + +```shell +bundle exec rake gitlab:smtp:secret:edit RAILS_ENV=production EDITOR=vim +``` + +### Write raw secret + +Write new secret content by providing it on STDIN. + +**Omnibus Installation** + +```shell +echo -e "password: '123'" | sudo gitlab-rake gitlab:smtp:secret:write +``` + +**Source Installation** + +```shell +echo -e "password: '123'" | bundle exec rake gitlab:smtp:secret:write RAILS_ENV=production +``` + +### Secrets examples + +**Editor example** + +The write task can be used in cases where the edit command does not work with your editor: + +```shell +# Write the existing secret to a plaintext file +sudo gitlab-rake gitlab:smtp:secret:show > smtp.yaml +# Edit the smtp file in your editor +... +# Re-encrypt the file +cat smtp.yaml | sudo gitlab-rake gitlab:smtp:secret:write +# Remove the plaintext file +rm smtp.yaml +``` + +**KMS integration example** + +It can also be used as a receiving application for content encrypted with a KMS: + +```shell +gcloud kms decrypt --key my-key --keyring my-test-kms --plaintext-file=- --ciphertext-file=my-file --location=us-west1 | sudo gitlab-rake gitlab:smtp:secret:write +``` + +**Google Cloud secret integration example** + +It can also be used as a receiving application for secrets out of Google Cloud: + +```shell +gcloud secrets versions access latest --secret="my-test-secret" > $1 | sudo gitlab-rake gitlab:smtp:secret:write +``` diff --git a/doc/administration/raketasks/uploads/migrate.md b/doc/administration/raketasks/uploads/migrate.md index ab0a51ba8d6..0628e351b63 100644 --- a/doc/administration/raketasks/uploads/migrate.md +++ b/doc/administration/raketasks/uploads/migrate.md @@ -133,9 +133,9 @@ migrate your data out of object storage and back into your local storage. WARNING: **Extended downtime is required** so no new files are created in object storage during -the migration. A configuration setting is planned to allow migrating -from object storage to local files with only a brief moment of downtime for configuration changes. -To follow progress, see the [relevant issue](https://gitlab.com/gitlab-org/gitlab/-/issues/30979). +the migration. A configuration setting to allow migrating +from object storage to local files with only a brief moment of downtime for configuration changes +is tracked [in this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/30979). ### All-in-one Rake task |