Controls/gitea-pages
0
2
Fork 0
Code Pull Requests Actions Activity
Files
2210e27cfded1bdb07674ca10c0ae394fcbff6e9
gitea-pages/admin-guide/configuration/access/bastion_hosts.md
Konrad Bucheli bd4c3bc017 rewrite access guides
2024-10-04 15:56:46 +02:00

803 B
Raw Blame History

Bastion Hosts

Access for the root user can be limited to be only allowed from certain bastion hosts.

By default this is enabled except for a few networks, see reponsible Puppet code for details.

You may alternatively control the use of bastion hosts yourself by setting in Hiera the boolean value aaa::user_bastions.

The bastion hosts can be listed in the Hiera key aaa:bastions:

aaa::bastions:
- 'x05la-gw.psi.ch'

which then will override the default value

aaa::bastions:
  - 'wmgt01.psi.ch'
  - '129.129.190.25' # IP of wmgt01.psi.ch
  - 'wmgt02.psi.ch'
  - '129.129.190.104' # IP of wmgt02.psi.ch

Caution: an empty list will allow unrestricted login again!

View Git Blame Copy Permalink