VladPolskiy/gitlab-foss
1
0
Fork 0
mirror of https://gitlab.com/gitlab-org/gitlab-foss.git synced 2025-08-15 21:39:00 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity
Files
ada857ee6205e507d26278fb0332c1430a555224
gitlab-foss/doc/administration/monitoring/ip_allowlist.md
GitLab Bot 5d3c4834af Add latest changes from gitlab-org/gitlab@master
2024-02-28 00:10:33 +00:00

1.5 KiB
Raw Blame History

stage, group, info
stage group info
Systems Cloud Connector To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments

IP allowlist

DETAILS: Tier: Free, Premium, Ultimate Offering: Self-managed

GitLab provides some monitoring endpoints that provide health check information when probed.

To control access to those endpoints through IP allowlisting, you can add single hosts or use IP ranges:

::Tabs

:::TabTitle Linux package (Omnibus)

  1. Open /etc/gitlab/gitlab.rb and add or uncomment the following:

    gitlab_rails['monitoring_whitelist'] = ['127.0.0.0/8', '192.168.0.1']

  2. Save the file and reconfigure GitLab for the changes to take effect.

:::TabTitle Helm chart (Kubernetes)

You can set the required IPs under the gitlab.webservice.monitoring.ipWhitelist key. For example:

gitlab:
   webservice:
      monitoring:
         # Monitoring IP allowlist
         ipWhitelist:
         - 0.0.0.0/0 # Default

:::TabTitle Self-compiled (source)

  1. Edit config/gitlab.yml:

    monitoring:
  # by default only local IPs are allowed to access monitoring resources
  ip_whitelist:
    - 127.0.0.0/8
    - 192.168.0.1

  2. Save the file and restart GitLab for the changes to take effect.

::EndTabs