summaryrefslogtreecommitdiff
path: root/doc/api/settings.md
diff options
context:
space:
mode:
authorBrett Walker <bwalker@gitlab.com>2019-02-20 17:51:55 -0600
committerBrett Walker <bwalker@gitlab.com>2019-08-23 23:44:53 -0500
commitad05e488636ebe05b4985dbf3c7d912fd8d56f49 (patch)
tree427b631b34fa8ed7511f3ed789185cd82a1a6da9 /doc/api/settings.md
parent892e4c0da818006159cc26bc79f1fa48b76c9b3f (diff)
downloadgitlab-ce-ad05e488636ebe05b4985dbf3c7d912fd8d56f49.tar.gz
Add support for using a Camo proxy server
User images and videos will get proxied through the Camo server in order to keep malicious sites from collecting the IP address of users.
Diffstat (limited to 'doc/api/settings.md')
-rw-r--r--doc/api/settings.md10
1 files changed, 10 insertions, 0 deletions
diff --git a/doc/api/settings.md b/doc/api/settings.md
index 710b63c9a2f..e3d8fe68e08 100644
--- a/doc/api/settings.md
+++ b/doc/api/settings.md
@@ -68,6 +68,9 @@ Example response:
"allow_local_requests_from_hooks_and_services": true,
"allow_local_requests_from_web_hooks_and_services": true,
"allow_local_requests_from_system_hooks": false
+ "asset_proxy_enabled": true,
+ "asset_proxy_url": "https://assets.example.com",
+ "asset_proxy_whitelist": ["example.com", "*.example.com", "your-instance.com"]
}
```
@@ -141,6 +144,9 @@ Example response:
"user_show_add_ssh_key_message": true,
"file_template_project_id": 1,
"local_markdown_version": 0,
+ "asset_proxy_enabled": true,
+ "asset_proxy_url": "https://assets.example.com",
+ "asset_proxy_whitelist": ["example.com", "*.example.com", "your-instance.com"],
"geo_node_allowed_ips": "0.0.0.0/0, ::/0",
"allow_local_requests_from_hooks_and_services": true,
"allow_local_requests_from_web_hooks_and_services": true,
@@ -186,6 +192,10 @@ are listed in the descriptions of the relevant settings.
| `allow_local_requests_from_hooks_and_services` | boolean | no | (Deprecated: Use `allow_local_requests_from_web_hooks_and_services` instead) Allow requests to the local network from hooks and services. |
| `allow_local_requests_from_web_hooks_and_services` | boolean | no | Allow requests to the local network from web hooks and services. |
| `allow_local_requests_from_system_hooks` | boolean | no | Allow requests to the local network from system hooks. |
+| `asset_proxy_enabled` | boolean | no | (**If enabled, requires:** `asset_proxy_url`) Enable proxying of assets. GitLab restart is required to apply changes. |
+| `asset_proxy_secret_key` | string | no | Shared secret with the asset proxy server. GitLab restart is required to apply changes. |
+| `asset_proxy_url` | string | no | URL of the asset proxy server. GitLab restart is required to apply changes. |
+| `asset_proxy_whitelist` | string or array of strings | no | Assets that match these domain(s) will NOT be proxied. Wildcards allowed. Your GitLab installation URL is automatically whitelisted. GitLab restart is required to apply changes. |
| `authorized_keys_enabled` | boolean | no | By default, we write to the `authorized_keys` file to support Git over SSH without additional configuration. GitLab can be optimized to authenticate SSH keys via the database file. Only disable this if you have configured your OpenSSH server to use the AuthorizedKeysCommand. |
| `auto_devops_domain` | string | no | Specify a domain to use by default for every project's Auto Review Apps and Auto Deploy stages. |
| `auto_devops_enabled` | boolean | no | Enable Auto DevOps for projects by default. It will automatically build, test, and deploy applications based on a predefined CI/CD configuration. |