Can GitLab be locked down to just local server?

Our use case is the company security policy requires that the source code not have the ability to leave the Windows remote development machine where a single developer is working. Can this be achieved with GitLab? Is there a way to configure it to only work with source code on the local machine?

Well, you can always configure a firewall on the Gitlab server to make sure all ports are blocked. Then it’s only accessible from the server it is installed on.

However, to be honest, that doesn’t stop anyone using copy/paste, or finding another way around getting the files off of the remote machine. There are specialist solutions available for this, known as DLP - Data Loss Prevention - that can monitor and send alerts when someone does a git pull, or other commands that you don’t want them to do. Or block them from copying/pasting, or copying to USB sticks, and so on.

Gitlab runs on Linux and not on Windows, so you will have to allow the Windows Remote Development machine to be the only machine that can access the Gitlab installation - so block all traffic to the Gitlab server, other than the traffic from the Windows Remote Development machine. But this won’t stop them from copying/pasting text, or copying files from the Windows Remote Development machine, unless you have some kind of DLP solution to protect against that kind of thing.

1 Like