Connecting a self-hosted GitLab repository as your source

Connecting to your self-hosted GitLab allows you to work on your websites locally and have the changes sync to CloudCannon. File changes made on CloudCannon also get synced back to your self-hosted GitLab repository.

Connecting to an instance#

Before syncing with a repository in your self-hosted GitLab, you need to connect CloudCannon to your self-hosted instance. You only need to do this once per account.

To connect to your self-hosted GitLab instance:

1. Go to Settings / Self Hosted GitLab
2. Enter the details for your self-hosted instance of GitLab
3. Click Configure Self Hosted GitLab

The details for this page come from the GitLab server under User Settings / Applications.

The Redirect URI is https://app.cloudcannon.com/self_hosted_gitlab/authorize/ The minimal scopes required are:

1. api
2. read_user
3. read_repository
4. write_repository
5. openid

Once completed, the key and secret will be available for use in CloudCannon. The URLs should match the form placeholders.

Syncing with a repository#

To connect a self-hosted GitLab repository and start syncing files, follow these instructions:

1. Go to Site Settings / Source Syncing
2. Select Self Hosted GitLab repository
3. Click Authenticate

This will open a menu where you can connect to GitLab, via one of two methods.

Connecting with your user account#

You can connect to GitLab by authenticating with your user account. This will give your CloudCannon organization access to the same GitLab repositories you have access to.

This redirects you to your self-hosted GitLab repository. Log in and authorize CloudCannon access to your self-hosted GitLab account, after which you will be redirected back to CloudCannon to pick a repository to connect.

Authenticating with a group access token#

Alternatively, you can create a group access token in GitLab and save that token in CloudCannon. This will give your CloudCannon organization access to all the resources scoped to your token. See GitLab's Group access tokens documentation for how to create and configure a token.

Copy the token into the Group Access Token field. You will also need to provide the expiry date of the token. CloudCannon will send a warning email to all owners of your organization when the token is about to expire.

Click Save and authenticate to finish.

Once you've authenticated, you can choose a GitLab repository, and a branch to connect to the site. If you don't have an appropriate branch ready, create a new one in GitLab and refresh this page.

Your self-hosted GitLab is now connected. Changes you push to the Git repository are pulled in by CloudCannon. Any changes made on CloudCannon are automatically committed and pushed.

Configuring your GitLab connection#

Once you've connected your GitLab server, you can configure CloudCannon to support your particular infrastructure. You can find these configuration options under the Server tab of your Self Hosted GitLab settings. The options you have for configuring CloudCannon are:

• Minimum Access Level,
• Custom Headers, and
• Custom CA Certificate.

The Minimum Access Level setting allows you to change the minimum access CloudCannon requires to a GitLab repo to connect to it. By default CloudCannon requires Maintainer access to a repo before syncing to it. Self Hosted GitLab allows custom access level permissions so a lower access level may be sufficient, depending on your setup.

The Custom Headers setting allows you to configure additional headers for CloudCannon to use when connecting to your GitLab server. Custom headers are passed using Git's http.extraHeader configuration option and in the form key:value.

The Custom CA Certificate allows you to upload a PEM encoded certificate or certificate chain for CloudCannon to trust during Git operations. The certificate is passed using Git's http.sslCAInfo configuration option.