Change to pages_external_url breaks access control app authorisation/secrets config
While setting up pages to run on a wildcard domain with TLS as per the following guide: https://docs.gitlab.com/ce/administration/pages/#wildcard-domains-with-tls-support
A change to pages_external_url
in /etc/gitlab/gitlab.rb
(for example if changing the url for pages content) appears to break the application authorisation when access control is enabled for gitlab pages with no clear way to fix/recreate it.
On attempting to access controlled pages, the auth redirect responds with the following error due to a mismatch (or missing app) in the client-id/secret.
An error has occurred
Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.
After trying several different things including manually adding a new gitlab-pages application and many reconfigures, the only way to get a working configuration was to delete the "gitlab_pages"
entry in /etc/gitlab/gitlab-secrets.json
which forces the reconfiguration to create a new application and set the secrets configuration to match it. (╯°□°)╯︵ ┻━┻
Maybe I missed something in the documentation about how to handle a change to the url?