Add client_cert_key_pairs, ca_certs parameters in gitlab.rb for GitLab Pages
Related: https://gitlab.com/gitlab-org/gitlab-pages/-/issues/548+ Changelog: added
This commit is contained in:
parent
6f0f625f4e
commit
73f0475025
|
@ -2072,6 +2072,11 @@ external_url 'GENERATED_EXTERNAL_URL'
|
|||
# Experimental - Enable namespace in path
|
||||
# gitlab_pages['namespace_in_path'] = false
|
||||
|
||||
##! Configure GitLab Pages client cert and key pairs seperated by commas which will be used as mutual TLS with GitLab API
|
||||
# gitlab_pages['client_cert_key_pairs'] = "/path/to/client.crt:/path/to/client.key"
|
||||
##! Configure root CA certs used to sign client certs which will be used with GitLab API
|
||||
# gitlab_pages['ca_certs'] = "/path/to/ca.crt"
|
||||
|
||||
################################################################################
|
||||
## GitLab Pages NGINX
|
||||
################################################################################
|
||||
|
|
|
@ -84,6 +84,9 @@ default['gitlab_pages']['redirects_max_rule_count'] = nil
|
|||
default['gitlab_pages']['register_as_oauth_app'] = true
|
||||
# Experimental - Enable namespace in path
|
||||
default['gitlab_pages']['namespace_in_path'] = false
|
||||
# Mutual TLS used with GitLab API
|
||||
default['gitlab_pages']['client_cert_key_pairs'] = nil
|
||||
default['gitlab_pages']['ca_certs'] = nil
|
||||
|
||||
# Temporarily retain support for `node['gitlab-pages'][*]` usage in
|
||||
# `/etc/gitlab/gitlab.rb`
|
||||
|
|
|
@ -194,3 +194,9 @@ header=<%= @headers.join(';;') %>
|
|||
<%- if @namespace_in_path -%>
|
||||
namespace-in-path=<%= @namespace_in_path %>
|
||||
<%-end -%>
|
||||
<%- if @client_cert_key_pairs -%>
|
||||
client-cert-key-pairs=<%= @client_cert_key_pairs %>
|
||||
<%-end -%>
|
||||
<%- if @ca_certs -%>
|
||||
ca-certs=<%= @ca_certs %>
|
||||
<%-end -%>
|
||||
|
|
|
@ -294,6 +294,8 @@ RSpec.describe 'gitlab::gitlab-pages' do
|
|||
redirects_max_rule_count: 2000,
|
||||
enable_disk: true,
|
||||
namespace_in_path: true,
|
||||
client_cert_key_pairs: "/path/to/client.crt:/path/to/client.key",
|
||||
ca_certs: "/path/to/ca.crt",
|
||||
env: {
|
||||
GITLAB_CONTINUOUS_PROFILING: "stackdriver?service=gitlab-pages",
|
||||
},
|
||||
|
@ -369,6 +371,8 @@ RSpec.describe 'gitlab::gitlab-pages' do
|
|||
redirects-max-rule-count=2000
|
||||
header=X-XSS-Protection: 1; mode=block;;X-Content-Type-Options: nosniff;;Test: Header
|
||||
namespace-in-path=true
|
||||
client-cert-key-pairs=/path/to/client.crt:/path/to/client.key
|
||||
ca-certs=/path/to/ca.crt
|
||||
EOS
|
||||
|
||||
expect(chef_run).to render_file("/var/opt/gitlab/pages/gitlab-pages-config").with_content(expected_content)
|
||||
|
|
Loading…
Reference in New Issue