[tor-project] TPA-RFC-50: private GitLab pages
Antoine Beaupré
anarcat at torproject.org
Mon Feb 27 21:08:33 UTC 2023
Summary: allow GitLab users to publish private GitLab pages
# Background
In our GitLab instance, all GitLab pages are public, that is sites
published by GitLab CI outside of the static-component system have no
access control whatsoever.
GitLab pages does support enabling authentication to hide pages under
GitLab authentication. This was not enabled in our instance.
# Proposal
Enable the GitLab access control mechanisms under the `read_api`
scope.
Note that this might make your GitLab pages inaccessible if your
project was configured to hide them. If that's not something you want,
head to `Settings` -> `General` -> `Visibility` -> `Pages` and make
them public.
# Deadline
This was implemented on 2023-02-16, and this proposal was written to
retroactively inform people of the change.
# Status
This proposal is currently in the `standard` state.
# References
Discussion in [tpo/tpa/team#41079][].
[tpo/tpa/team#41079]: https://gitlab.torproject.org/tpo/tpa/team/-/issues/41079
--
Antoine Beaupré
torproject.org system administration
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20230227/436dd762/attachment.sig>
More information about the tor-project
mailing list