ip_whitelist.md 1.28 KB
Newer Older
1 2
---
stage: Monitor
3
group: Health
4
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
5 6
---

7 8 9 10
# IP whitelist

> Introduced in GitLab 9.4.

11 12 13
NOTE: **Note:**
We intend to [rename IP whitelist as `IP allowlist`](https://gitlab.com/gitlab-org/gitlab/-/issues/7554).

14 15
GitLab provides some [monitoring endpoints](../../user/admin_area/monitoring/health_check.md)
that provide health check information when probed.
16 17 18 19 20 21 22 23

To control access to those endpoints via IP whitelisting, you can add single
hosts or use IP ranges:

**For Omnibus installations**

1. Open `/etc/gitlab/gitlab.rb` and add or uncomment the following:

24 25 26
   ```ruby
   gitlab_rails['monitoring_whitelist'] = ['127.0.0.0/8', '192.168.0.1']
   ```
27

28
1. Save the file and [reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) GitLab for the changes to take effect.
29 30 31 32 33 34 35

---

**For installations from source**

1. Edit `config/gitlab.yml`:

36 37 38 39 40 41 42
   ```yaml
   monitoring:
     # by default only local IPs are allowed to access monitoring resources
     ip_whitelist:
       - 127.0.0.0/8
       - 192.168.0.1
   ```
43

44
1. Save the file and [restart](../restart_gitlab.md#installations-from-source) GitLab for the changes to take effect.