| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| |
|
|
|
| |
Update the `/internal/pages` endpoint to return virtual domain
configuration for custom domains.
|
| |
|
|
| |
Just replace RSA.new with PKey.read
|
| | |
|
| |
|
|
|
| |
This validation prevents the domain from being saved from the UI
e.g. when user tries to enable Let's Encrypt integration
|
| | |
|
| |
|
|
|
|
|
|
| |
Add index for pages domain ssl auto renewal
Add PagesDomain.needs_ssl_renewal scope
Add cron worker for ssl renewal
Add worker for ssl renewal
Add pages ssl renewal worker queues settings
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds enum certificate_source to pages_domains table
with default manually_uploaded
Mark certificates as 'gitlab_provided'
if the were obtained through Let's Encrypt
Mark certificates as 'user_provided' if they were uploaded through
controller or api
Only show private key in domain edit form if it is 'user_provided'
Only show LetsEncrypt option if is enabled by application settings
(and feature flag)
Refactor and fix some specs to match new logic
Don't show Let's Encrypt certificates as well
|
| |
|
|
|
| |
Save certificate validity time for pages domains on save
Fill validity time for existing pages domains in background migration
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Extract acme double to helper
Create ACME challanges for pages domains
* Create order & challange through API
* save them to database
* request challenge validation
We're saving order and challenge as one entity,
that wouldn't be correct if we would order certificates for
several domains simultaneously, but we always order certificate
per domain
Add controller for processing acme challenges redirected from pages
Don't save acme challenge url - we don't use it
Validate acme challenge attributes
Encrypt private_key in acme orders
|
| |
|
| |
This reverts merge request !28743
|
| |
|
|
|
| |
Save certificate validity time for pages domains on save
Fill validity time for existing pages domains in background migration
|
| |\
| |
| |
| |
| | |
[CE] Remove deprecated usage of `attribute_changed?`
See merge request gitlab-org/gitlab-ce!27577
|
| | |
| |
| |
| | |
Prepares us for upgrade to Rails 5.2
|
| |/
|
|
|
| |
Domain will be removed by verification worker after 1 week
of being disabled
|
| |
|
|
| |
Model.new.attributes now also returns encrypted attributes.
|
| | |
|
| |
|
|
|
| |
This whitelists all existing offenses for the various CodeReuse cops, of
which most are triggered by the CodeReuse/ActiveRecord cop.
|
| |
|
|
| |
Partially addresses #47424.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes that make this work:
* A change in Ruby (https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1)
requires passing in the exact required length for OpenSSL keys and IVs.
* Ensure the secrets.yml is generated before any prepended modules are
loaded. This is done by renaming the `secret_token.rb` initializer to
`01_secret_token.rb`, which is a bit ugly but involves the least impact on
other files.
|
| |
|
|
| |
Closes #28857
|
| | |
|
| | |
|
| |
|
|
| |
Adds a rubocop rule (with autocorrect) to ensure line break after guard clauses.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Previously, `PagesDomain` would not allow a domain such as
123.example.com. With this change, this is now allowed, because
it is a perfectly valid domain.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
encrypted attributes for forward compatibility with attr_encrypted 3.0.0.
aes-256-cbc is the default algorithm for attr_encrypted 1.x, but the default is changed in 3.0 and thus must be declared explicitly.
See https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4216/ for more information. This will prevent OpenSSL errors once the code from that MR is merged into EE.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
