summaryrefslogtreecommitdiff
path: root/doc/administration/operations
diff options
context:
space:
mode:
Diffstat (limited to 'doc/administration/operations')
-rw-r--r--doc/administration/operations/gitlab_sshd.md19
-rw-r--r--doc/administration/operations/index.md40
-rw-r--r--doc/administration/operations/moving_repositories.md16
-rw-r--r--doc/administration/operations/puma.md4
-rw-r--r--doc/administration/operations/rails_console.md2
5 files changed, 37 insertions, 44 deletions
diff --git a/doc/administration/operations/gitlab_sshd.md b/doc/administration/operations/gitlab_sshd.md
index 7b61631fe3a..249d6232616 100644
--- a/doc/administration/operations/gitlab_sshd.md
+++ b/doc/administration/operations/gitlab_sshd.md
@@ -6,13 +6,13 @@ info: To determine the technical writer assigned to the Stage/Group associated w
# `gitlab-sshd` **(FREE SELF)**
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299109) in GitLab 14.5 as an **Alpha** release for self-managed customers.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299109) in GitLab 14.5 as an Experiment for self-managed customers.
> - Ready for production use with [Cloud Native GitLab in GitLab 15.1](https://gitlab.com/gitlab-org/charts/gitlab/-/issues/2540) and [Omnibus GitLab in GitLab 15.9](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/5937).
`gitlab-sshd` is [a standalone SSH server](https://gitlab.com/gitlab-org/gitlab-shell/-/tree/main/internal/sshd)
written in Go. It is provided as a part of the `gitlab-shell` package. It has a lower memory
use as a OpenSSH alternative, and supports
-[group access restriction by IP address](../../user/group/index.md) for applications
+[group access restriction by IP address](../../user/group/access_and_permissions.md#restrict-group-access-by-ip-address) for applications
running behind the proxy.
`gitlab-sshd` is a lightweight alternative to OpenSSH for providing
@@ -27,8 +27,9 @@ If you are considering switching from OpenSSH to `gitlab-sshd`, consider these c
- `gitlab-sshd` supports the PROXY protocol. It can run behind proxy servers that rely
on it, such as HAProxy. The PROXY protocol is not enabled by default, but [it can be enabled](#proxy-protocol-support).
-- `gitlab-sshd` **does not** support SSH certificates. For more details, read
- [issue #495](https://gitlab.com/gitlab-org/gitlab-shell/-/issues/495).
+- `gitlab-sshd` **does not** support SSH certificates. For more details, see the
+ [confidential issue](../../user/project/issues/confidential_issues.md)
+ `https://gitlab.com/gitlab-org/gitlab-shell/-/issues/495`.
## Enable `gitlab-sshd`
@@ -110,11 +111,11 @@ To enable the PROXY protocol:
1. Edit `/etc/gitlab/gitlab.rb`:
- ```ruby
- gitlab_sshd['proxy_protocol'] = true
- # # Proxy protocol policy ("use", "require", "reject", "ignore"), "use" is the default value
- gitlab_sshd['proxy_policy'] = "use"
- ```
+ ```ruby
+ gitlab_sshd['proxy_protocol'] = true
+ # # Proxy protocol policy ("use", "require", "reject", "ignore"), "use" is the default value
+ gitlab_sshd['proxy_policy'] = "use"
+ ```
1. Save the file and reconfigure GitLab:
diff --git a/doc/administration/operations/index.md b/doc/administration/operations/index.md
index f6ab46b9fbf..867ef3236ee 100644
--- a/doc/administration/operations/index.md
+++ b/doc/administration/operations/index.md
@@ -4,29 +4,21 @@ group: Distribution
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
-# Performing operations in GitLab **(FREE SELF)**
+# Maintain your GitLab installation **(FREE SELF)**
-Keep your GitLab instance up and running smoothly.
+Keep your GitLab instance up and running.
-- [Rake tasks](../../raketasks/index.md): Tasks for common administration and operational processes such as
- [cleaning up unneeded items from GitLab instance](../../raketasks/cleanup.md), integrity checks,
- and more.
-- [Moving repositories](moving_repositories.md): Moving all repositories managed
- by GitLab to another file system or another server.
-- [Sidekiq MemoryKiller](../sidekiq/sidekiq_memory_killer.md): Configure Sidekiq MemoryKiller
- to restart Sidekiq.
-- [Multiple Sidekiq processes](../sidekiq/extra_sidekiq_processes.md): Configure multiple Sidekiq processes to ensure certain queues always have dedicated workers, no matter the number of jobs that must be processed. **(FREE SELF)**
-- [Puma](puma.md): Understand Puma and puma-worker-killer.
-- [`gitlab-sshd`](gitlab_sshd.md): Use GitLab SSH daemon instead of OpenSSH.
-- Speed up SSH operations by
- [Authorizing SSH users via a fast, indexed lookup to the GitLab database](fast_ssh_key_lookup.md), and/or
- by [doing away with user SSH keys stored on GitLab entirely in favor of SSH certificates](ssh_certificates.md).
-- [File System Performance Benchmarking](filesystem_benchmarking.md): File system
- performance can have a big impact on GitLab performance, especially for actions
- that read or write Git repositories. This information helps benchmark
- file system performance against known good and bad real-world systems.
-- [The Rails Console](rails_console.md): Provides a way to interact with your GitLab instance from the command line.
- Used for troubleshooting a problem or retrieving some data that can only be done through direct access to GitLab.
-- [ChatOps Scripts](https://gitlab.com/gitlab-com/chatops): The GitLab.com Infrastructure team uses this repository to house
- common ChatOps scripts they use to troubleshoot and maintain the production instance of GitLab.com.
- These scripts can be used by administrators of GitLab instances of all sizes.
+- [Housekeeping](../../administration/housekeeping.md)
+- [Activate GitLab EE with license](../../user/admin_area/license_file.md)
+- [Fast SSH key lookup](../../administration/operations/fast_ssh_key_lookup.md)
+- [File system benchmarking](../../administration/operations/filesystem_benchmarking.md)
+- [`gitlab-sshd`](../../administration/operations/gitlab_sshd.md)
+- [Rails console](../../administration/operations/rails_console.md)
+- [Use SSH certificates](../../administration/operations/ssh_certificates.md)
+- [Enable encrypted configuration](../../administration/encrypted_configuration.md)
+- [Rake tasks](../../raketasks/index.md)
+- [Backup and restore](../../raketasks/backup_restore.md)
+- [Inactive project deletion](../../administration/inactive_project_deletion.md)
+- [Move repositories](../../administration/operations/moving_repositories.md)
+- [Read-only state](../../administration/read_only_gitlab.md)
+- [Restart GitLab](../../administration/restart_gitlab.md)
diff --git a/doc/administration/operations/moving_repositories.md b/doc/administration/operations/moving_repositories.md
index aa0477be788..e9d829f3f08 100644
--- a/doc/administration/operations/moving_repositories.md
+++ b/doc/administration/operations/moving_repositories.md
@@ -139,14 +139,14 @@ To move all snippets by using the API:
To move all groups by using the API:
1. [Schedule repository storage moves for all groups on a storage shard](../../api/group_repository_storage_moves.md#schedule-repository-storage-moves-for-all-groups-on-a-storage-shard).
- For example:
-
- ```shell
- curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \
- --header "Content-Type: application/json" \
- --data '{"source_storage_name":"<original_storage_name>","destination_storage_name":"<cluster_storage_name>"}' \
- "https://gitlab.example.com/api/v4/group_repository_storage_moves"
- ```
+ For example:
+
+ ```shell
+ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \
+ --header "Content-Type: application/json" \
+ --data '{"source_storage_name":"<original_storage_name>","destination_storage_name":"<cluster_storage_name>"}' \
+ "https://gitlab.example.com/api/v4/group_repository_storage_moves"
+ ```
1. [Query the most recent repository moves](../../api/group_repository_storage_moves.md#retrieve-all-group-repository-storage-moves).
The response indicates either:
diff --git a/doc/administration/operations/puma.md b/doc/administration/operations/puma.md
index f2f9f1cdcda..efc55a5fbc3 100644
--- a/doc/administration/operations/puma.md
+++ b/doc/administration/operations/puma.md
@@ -99,7 +99,7 @@ To change the worker timeout to 600 seconds:
## Disable Puma clustered mode in memory-constrained environments
WARNING:
-This is an experimental [Alpha feature](../../policy/alpha-beta-support.md#alpha-features) and subject to change without notice. The feature
+This feature is an [Experiment](../../policy/alpha-beta-support.md#experiment) and subject to change without notice. The feature
is not ready for production use. If you want to use this feature, you should test
outside of production first. See the [known issues](#puma-single-mode-known-issues)
for additional details.
@@ -182,7 +182,7 @@ steps below:
NOTE:
If using a self-signed certificate from a custom Certificate Authority (CA),
- follow [the documentation](https://docs.gitlab.com/omnibus/settings/ssl.html#install-custom-public-certificates)
+ follow [the documentation](https://docs.gitlab.com/omnibus/settings/ssl/index.html#install-custom-public-certificates)
to make them trusted by other GitLab components.
1. Edit `/etc/gitlab/gitlab.rb`:
diff --git a/doc/administration/operations/rails_console.md b/doc/administration/operations/rails_console.md
index 652a4fa5497..ac550d30566 100644
--- a/doc/administration/operations/rails_console.md
+++ b/doc/administration/operations/rails_console.md
@@ -569,7 +569,7 @@ def disable_two_factor!
end
def two_factor_enabled?
- two_factor_otp_enabled? || two_factor_u2f_enabled?
+ two_factor_otp_enabled? || two_factor_webauthn_enabled?
end
```
View Lorry Controller Status