GitLab provides some monitoring endpoints that provide health check information when probed.
To control access to those endpoints via IP whitelisting, you can add single hosts or use IP ranges:
For Omnibus installations
/etc/gitlab/gitlab.rband add or uncomment the following:
gitlab_rails['monitoring_whitelist'] = ['127.0.0.0/8', '192.168.0.1']
Save the file and reconfigure GitLab for the changes to take effect.
For installations using cloud native Helm charts
You can set the required IPs under the
gitlab.webservice.monitoring.ipWhitelist key. For example:
gitlab: webservice: monitoring: # Monitoring IP whitelist ipWhitelist: - 0.0.0.0/0 # Default
For installations from source
monitoring: # by default only local IPs are allowed to access monitoring resources ip_whitelist: - 127.0.0.0/8 - 192.168.0.1
Save the file and restart GitLab for the changes to take effect.