summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2019-11-19 18:06:27 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2019-11-19 18:06:27 +0000
commitd2801eda8464e5e9ce730caf30111c1190fe87a0 (patch)
tree9b2814ff0c6a61ac192b86afaa35fa2d1985277b /doc
parent88542a5e9613c8442a982e65ad5cf13eb33bc541 (diff)
downloadgitlab-ce-d2801eda8464e5e9ce730caf30111c1190fe87a0.tar.gz
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc')
-rw-r--r--doc/administration/auth/smartcard.md12
-rw-r--r--doc/administration/gitaly/praefect.md26
-rw-r--r--doc/administration/troubleshooting/elasticsearch.md4
-rw-r--r--doc/integration/sourcegraph.md7
4 files changed, 27 insertions, 22 deletions
diff --git a/doc/administration/auth/smartcard.md b/doc/administration/auth/smartcard.md
index eb63df6b482..85ed4355e80 100644
--- a/doc/administration/auth/smartcard.md
+++ b/doc/administration/auth/smartcard.md
@@ -51,10 +51,14 @@ This is an experimental feature. Smartcard authentication against local database
change or be removed completely in future releases.
To use a smartcard with an X.509 certificate to authenticate against a local
-database with GitLab, at least one of the `subjectAltName` (SAN) extensions
-need to define the user identity (`email`) within the GitLab instance (`URI`).
-
-`URI`: needs to match `Gitlab.config.host.gitlab`.
+database with GitLab, in:
+
+- GitLab 12.4 and later, at least one of the `subjectAltName` (SAN) extensions
+ need to define the user identity (`email`) within the GitLab instance (`URI`).
+ `URI`: needs to match `Gitlab.config.host.gitlab`.
+- From [GitLab 12.5](https://gitlab.com/gitlab-org/gitlab/issues/33907),
+ if your certificate contains only **one** SAN email entry, you don't need to
+ add or modify it to match the `email` with the `URI`.
For example:
diff --git a/doc/administration/gitaly/praefect.md b/doc/administration/gitaly/praefect.md
index f632a97bb32..667fd48a91c 100644
--- a/doc/administration/gitaly/praefect.md
+++ b/doc/administration/gitaly/praefect.md
@@ -26,9 +26,9 @@ For this document, the following network topology is assumed:
graph TB
GitLab --> Gitaly;
GitLab --> Praefect;
- Praefect --> Praefect-Gitaly-1;
- Praefect --> Praefect-Gitaly-2;
- Praefect --> Praefect-Gitaly-3;
+ Praefect --> Gitaly-1;
+ Praefect --> Gitaly-2;
+ Praefect --> Gitaly-3;
```
Where `GitLab` is the collection of clients that can request Git operations.
@@ -70,7 +70,7 @@ We need to manage the following secrets and make them match across hosts:
On the Praefect node we disable all other services, including Gitaly. We list each
Gitaly node that will be connected to Praefect under `praefect['storage_nodes']`.
-In the example below, the Gitaly nodes are named `praefect-gitaly-N`. Note that one
+In the example below, the Gitaly nodes are named `gitaly-N`. Note that one
node is designated as primary by setting the primary to `true`.
```ruby
@@ -89,7 +89,7 @@ gitaly['enable'] = false
##### Set up Praefect and its Gitaly nodes
-In the example below, the Gitaly nodes are named `praefect-git-X`. Note that one node is designated as
+In the example below, the Gitaly nodes are named `gitaly-X`. Note that one node is designated as
primary, by setting the primary to `true`:
```ruby
@@ -114,17 +114,17 @@ praefect['auth_token'] = 'PRAEFECT_EXTERNAL_TOKEN'
# Replace each instance of PRAEFECT_INTERNAL_TOKEN below with a real
# secret, distinct from PRAEFECT_EXTERNAL_TOKEN.
praefect['storage_nodes'] = {
- 'praefect-gitaly-1' => {
- 'address' => 'tcp://praefect-git-1.internal:8075',
+ 'gitaly-1' => {
+ 'address' => 'tcp://gitaly-1.internal:8075',
'token' => 'PRAEFECT_INTERNAL_TOKEN',
'primary' => true
},
- 'praefect-gitaly-2' => {
- 'address' => 'tcp://praefect-git-2.internal:8075',
+ 'gitaly-2' => {
+ 'address' => 'tcp://gitaly-2.internal:8075',
'token' => 'PRAEFECT_INTERNAL_TOKEN'
},
- 'praefect-gitaly-3' => {
- 'address' => 'tcp://praefect-git-3.internal:8075',
+ 'gitaly-3' => {
+ 'address' => 'tcp://gitaly-3.internal:8075',
'token' => 'PRAEFECT_INTERNAL_TOKEN'
}
}
@@ -138,7 +138,7 @@ Next we will configure each Gitaly server assigned to Praefect. Configuration f
is the same as a normal standalone Gitaly server, except that we use storage names and
auth tokens from Praefect instead of GitLab.
-Below is an example configuration for `praefect-gitaly-1`, the only difference for the
+Below is an example configuration for `gitaly-1`, the only difference for the
other Gitaly nodes is the storage name under `git_data_dirs`.
Note that `gitaly['auth_token']` matches the `token` value listed under `praefect['storage_nodes']`
@@ -177,7 +177,7 @@ gitaly['auth_token'] = 'PRAEFECT_INTERNAL_TOKEN'
gitaly['listen_addr'] = "0.0.0.0:8075"
git_data_dirs({
- "praefect-gitaly-1" => {
+ "gitaly-1" => {
"path" => "/var/opt/gitlab/git-data"
}
})
diff --git a/doc/administration/troubleshooting/elasticsearch.md b/doc/administration/troubleshooting/elasticsearch.md
index 37ec32413f8..5846514c574 100644
--- a/doc/administration/troubleshooting/elasticsearch.md
+++ b/doc/administration/troubleshooting/elasticsearch.md
@@ -171,7 +171,7 @@ To do this:
pp s.search_objects.class.name
```
-The ouput from the last command is the key here. If it shows:
+The output from the last command is the key here. If it shows:
- `ActiveRecord::Relation`, **it is not** using Elasticsearch.
- `Kaminari::PaginatableArray`, **it is** using Elasticsearch.
@@ -326,7 +326,7 @@ feel free to update that page with issues you encounter and solutions.
Setting up Elasticsearch isn't too bad, but it can be a bit finnicky and time consuming.
-The eastiest method is to spin up a docker container with the required version and
+The easiest method is to spin up a docker container with the required version and
bind ports 9200/9300 so it can be used.
The following is an example of running a docker container of Elasticsearch v7.2.0:
diff --git a/doc/integration/sourcegraph.md b/doc/integration/sourcegraph.md
index 5e7cbdfbac3..358657ca172 100644
--- a/doc/integration/sourcegraph.md
+++ b/doc/integration/sourcegraph.md
@@ -108,9 +108,10 @@ When visiting one of these views, you can now hover over a code reference to see
Sourcegraph powered code intelligence will be incrementally rolled out on GitLab.com.
It will eventually become available for all public projects, but for now, it is only
-available for some specific [`gitlab-org` projects](https://gitlab.com/gitlab-org/).
-This means that you can see it working and use it to dig into the code of these projects,
-but you cannot use it on your own project on GitLab.com yet.
+available for some specific projects within the [`gitlab-org`](https://gitlab.com/gitlab-org/)
+group, e.g., <https://gitlab.com/gitlab-org/gitlab>. This means that you can see
+it working and use it to dig into the code of these projects, but you cannot use
+it on your own project on GitLab.com yet.
If you would like to use it in your own projects as of GitLab 12.5, you can do so by
setting up a self-managed GitLab instance.