添加gitlab IP白名单及删除IP黑名单

添加白名单

root@3eecbb6b6e14:/# vim /etc/gitlab/gitlab.rb

 gitlab_rails['rack_attack_git_basic_auth'] = {
   'enabled' => true,
   'ip_whitelist' => ["127.0.0.1","192.168.0.223","192.168.0.141","192.168.100.68","192.168.100.94"],
   'maxretry' => 10,
   'findtime' => 60,
   'bantime' => 3600
 }

删除黑名单

1、找出socket文件

root@3eecbb6b6e14:/# cat /var/opt/gitlab/redis/redis.conf |grep -Eiw unixsocket
unixsocket /var/opt/gitlab/redis/redis.socket

2、删除其中的IP

root@3eecbb6b6e14:/# redis-cli -s /var/opt/gitlab/redis/redis.socket
redis /var/opt/gitlab/redis/redis.socket> keys *attack*
1) "cache:gitlab:rack::attack:26759909:allow2ban:count:192.168.100.74"
redis /var/opt/gitlab/redis/redis.socket> del cache:gitlab:rack::attack:26759909:allow2ban:count:192.168.100.74 [key ...]
redis /var/opt/gitlab/redis/redis.socket> exit

注：
也可能通过以下找出socket文件

root@3eecbb6b6e14:/# cat /var/log/gitlab/gitlab-rails/production.log|grep -Ei Rack_Attack|grep -vE '^Rack_Attack'
root@3eecbb6b6e14:/# cat  /var/log/gitlab/gitlab-rails/auth.log|grep -Evi Rack_Attack

----------------------------------end