blob: e754d4cbd9642e710119e9d49e4d0ec95a0c0f79 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
|
# GitLab Pages Administration
_**Note:** This feature was [introduced][ee-80] in GitLab EE 8.3_
If you are looking for ways to upload your static content in GitLab Pages, you
probably want to read the [user documentation](README.md).
## Configuration
There are a couple of things to consider before enabling GitLab pages in your
GitLab EE instance.
1. You need to properly configure your DNS to point to the domain that pages
will be served
1. Pages use a separate nginx configuration file which needs to be explicitly
added in the server under which GitLab EE runs
Both of these settings are described in detail in the sections below.
### DNS configuration
GitLab Pages expect to run on their own virtual host. In your DNS you need to
add a [wildcard DNS A record][wiki-wildcard-dns] pointing to the host that
GitLab runs. For example, an entry would look like this:
```
*.gitlabpages.com. 60 IN A 1.2.3.4
```
where `gitlabpages.com` is the domain under which GitLab Pages will be served
and `1.2.3.4` is the IP address of your GitLab instance.
It is strongly advised to **not** use the GitLab domain to serve user pages.
See [security](#security).
### Omnibus package installations
See the relevant documentation at <http://doc.gitlab.com/omnibus/settings/pages.html>.
### Installations from source
1. Go to the GitLab installation directory:
```bash
cd /home/git/gitlab
```
1. Edit `gitlab.yml` and under the `pages` setting, set `enabled` to `true` in
order to enable the pages feature:
```bash
## GitLab Pages
pages:
enabled: true
# The location where pages are stored (default: shared/pages).
# path: shared/pages
# The domain under which the pages are served:
# http://group.example.com/project
# or project path can be a group page: group.example.com
host: example.com
port: 80 # Set to 443 if you serve the pages with HTTPS
https: false # Set to true if you serve the pages with HTTPS
```
1. Make sure you have copied the new `gitlab-pages` Nginx configuration file:
```bash
sudo cp lib/support/nginx/gitlab-pages /etc/nginx/sites-available/gitlab-pages.conf
sudo ln -sf /etc/nginx/sites-{available,enabled}/gitlab-pages.conf
```
Don't forget to add your domain name in the Nginx config. For example if your
GitLab pages domain is `gitlabpages.com`, replace
```bash
server_name ~^(?<group>.*)\.YOUR_GITLAB_PAGES\.DOMAIN$;
```
with
```
server_name ~^(?<group>.*)\.gitlabpages\.com$;
```
You must be extra careful to not remove the backslashes.
1. Restart Nginx and GitLab:
```bash
sudo service nginx restart
sudo service gitlab restart
```
### Running GitLab pages with HTTPS
If you want the pages to be served under HTTPS, a wildcard SSL certificate is
required.
1. In `gitlab.yml`, set the port to `443` and https to `true`:
```bash
## GitLab Pages
pages:
enabled: true
# The location where pages are stored (default: shared/pages).
# path: shared/pages
# The domain under which the pages are served:
# http://group.example.com/project
# or project path can be a group page: group.example.com
host: gitlabpages.com
port: 443 # Set to 443 if you serve the pages with HTTPS
https: true # Set to true if you serve the pages with HTTPS
```
1. Use the `gitlab-pages-ssl` Nginx configuration file
```bash
sudo cp lib/support/nginx/gitlab-pages-ssl /etc/nginx/sites-available/gitlab-pages-ssl.conf
sudo ln -sf /etc/nginx/sites-{available,enabled}/gitlab-pages.conf
```
Make sure to edit the config and add your domain as well as correctly point
to the right location where the SSL certificates reside.
## Set maximum pages size
The maximum size of the unpacked archive can be configured in the Admin area
under the Application settings in the **Maximum size of pages (MB)**.
The default is 100MB.
## Security
You should strongly consider running GitLab pages under a different hostname
than GitLab to prevent XSS.
## How it works
- The public/ is extracted from artifacts and content is served as static pages
- Pages asynchronous worker use `dd` to limit the unpacked tar size
- Pages are part of backups
- Pages notify the deployment status using Commit Status API
- Pages use a new sidekiq queue: pages
[ee-80]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/80
[wiki-wildcard-dns]: https://en.wikipedia.org/wiki/Wildcard_DNS_record
|
