Skip to content
Snippets Groups Projects
Commit 07595442 authored by André Anjos's avatar André Anjos :speech_balloon:
Browse files

[doc] Security updates

parent 63606a96
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
doc/linux.rst
+ 18
6
View file @ 07595442
...@@ -29,14 +29,26 @@ this to `/etc/hosts`: ...@@ -29,14 +29,26 @@ this to `/etc/hosts`:
$ echo "" >> /etc/hosts $ echo "" >> /etc/hosts
$ echo "#We fake www.idiap.ch to keep things internal" >> /etc/hosts $ echo "#We fake www.idiap.ch to keep things internal" >> /etc/hosts
$ echo "172.31.100.235 www.idiap.ch" >> /etc/hosts $ echo "What is the internal server IPv4 address?"
$ echo "2001:620:7a3:600:0:acff:fe1f:64eb www.idiap.ch" >> /etc/hosts $ read ipv4add
$ echo "${ipv4add} www.idiap.ch" >> /etc/hosts
$ echo "What is the internal server IPv6 address?"
$ read ipv6add
$ echo "${ipv6add} www.idiap.ch" >> /etc/hosts
.. note::
You should obtain the values of the internal IPv4 and IPv6 addresses from
inside the Idiap network. We cannot replicate them in this manual for
security reasons.
Gitlab runner configuration Gitlab runner configuration
=========================== ===========================
We are currently using this: We are currently using this (notice you need to replace the values of
``<internal.ipv4.address>`` and ``<token>`` on the template below):
.. code-block:: ini .. code-block:: ini
...@@ -47,7 +59,7 @@ We are currently using this: ...@@ -47,7 +59,7 @@ We are currently using this:
name = "docker" name = "docker"
output_limit = 102400 output_limit = 102400
url = "https://gitlab.idiap.ch/ci" url = "https://gitlab.idiap.ch/ci"
token = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" token = "<token>"
executor = "docker" executor = "docker"
limit = 4 limit = 4
builds_dir = "/local/builds" builds_dir = "/local/builds"
...@@ -58,7 +70,7 @@ We are currently using this: ...@@ -58,7 +70,7 @@ We are currently using this:
privileged = false privileged = false
disable_cache = false disable_cache = false
volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/local/cache"] volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/local/cache"]
extra_hosts = ["www.idiap.ch:172.31.100.235"] extra_hosts = ["www.idiap.ch:<internal.ipv4.address>"]
[runners.cache] [runners.cache]
Insecure = false Insecure = false
...@@ -68,7 +80,7 @@ We are currently using this: ...@@ -68,7 +80,7 @@ We are currently using this:
executor = "shell" executor = "shell"
shell = "bash" shell = "bash"
url = "https://gitlab.idiap.ch/ci" url = "https://gitlab.idiap.ch/ci"
token = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" token = "<token>"
limit = 4 limit = 4
builds_dir = "/local/builds" builds_dir = "/local/builds"
cache_dir = "/local/cache" cache_dir = "/local/cache"
......
doc/macos-ci-install/idiap-host.sh
+ 6
2
View file @ 07595442
...@@ -6,6 +6,10 @@ else ...@@ -6,6 +6,10 @@ else
echo "Updating /etc/hosts..." echo "Updating /etc/hosts..."
echo "" >> /etc/hosts echo "" >> /etc/hosts
echo "#We fake www.idiap.ch to keep things internal" >> /etc/hosts echo "#We fake www.idiap.ch to keep things internal" >> /etc/hosts
echo "172.31.100.235 www.idiap.ch" >> /etc/hosts echo "What is the internal server IPv4 address?"
echo "2001:620:7a3:600:0:acff:fe1f:64eb www.idiap.ch" >> /etc/hosts read ipv4add
echo "${ipv4add} www.idiap.ch" >> /etc/hosts
echo "What is the internal server IPv6 address?"
read ipv6add
echo "${ipv6add} www.idiap.ch" >> /etc/hosts
fi fi
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment