Open up account registrations to the public
This issue tracks requirements for what we need in order to feel confident to open Keycloak (and therefore GitLab up to the public).
- User registration security audit
- Sensible password restrictions
- Recaptcha for user registration (#35 (closed))
- Login flow audit
- GitLab security audit
- Keycloak monitoring (#23)
- GitLab monitoring (#14)
- Review secure Gitlab runner (#74 (closed))
- GitLab secure runner for our own projects with proper restrictions (#32 (closed))
- Audit security of public runners (#8 (closed))
- Add github.com as identity provider (#2 (closed))
-
Add gitlab.com as identity provider (#40) - Allow incoming mail on GitLab (#3 (closed))
- Enable Keycloak event logging (#68 (closed))
- Finish Arch theme of Keycloak (!28 (merged))
- Research fine grade permissions for externals (#9 (closed))
- Fix GitLab backups (#118 (closed))
- Validate GitLab backups
- Validate Keycloak backups
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information