2015-10-07 15:46:18 -04:00
|
|
|
namespace :gitlab do
|
|
|
|
namespace :two_factor do
|
2020-01-23 01:08:32 -05:00
|
|
|
desc "GitLab | 2FA | Disable Two-factor authentication (2FA) for all users"
|
2018-04-03 10:55:32 -04:00
|
|
|
task disable_for_all_users: :gitlab_environment do
|
2015-10-08 23:19:56 -04:00
|
|
|
scope = User.with_two_factor
|
|
|
|
count = scope.count
|
|
|
|
|
|
|
|
if count > 0
|
2016-06-01 18:37:15 -04:00
|
|
|
puts "This will disable 2FA for #{count.to_s.color(:red)} users..."
|
2015-10-08 23:19:56 -04:00
|
|
|
|
|
|
|
begin
|
|
|
|
ask_to_continue
|
|
|
|
scope.find_each(&:disable_two_factor!)
|
2016-06-01 18:37:15 -04:00
|
|
|
puts "Successfully disabled 2FA for #{count} users.".color(:green)
|
2015-10-08 23:19:56 -04:00
|
|
|
rescue Gitlab::TaskAbortedByUserError
|
2016-06-01 18:37:15 -04:00
|
|
|
puts "Quitting...".color(:red)
|
2015-10-08 23:19:56 -04:00
|
|
|
end
|
|
|
|
else
|
2016-06-01 18:37:15 -04:00
|
|
|
puts "There are currently no users with 2FA enabled.".color(:yellow)
|
2015-10-07 15:46:18 -04:00
|
|
|
end
|
|
|
|
end
|
2017-06-02 12:28:54 -04:00
|
|
|
|
|
|
|
namespace :rotate_key do
|
|
|
|
def rotator
|
|
|
|
@rotator ||= Gitlab::OtpKeyRotator.new(ENV['filename'])
|
|
|
|
end
|
|
|
|
|
2020-01-23 01:08:32 -05:00
|
|
|
desc "GitLab | 2FA | Rotate Key | Encrypt user OTP secrets with a new encryption key"
|
2017-06-02 12:28:54 -04:00
|
|
|
task apply: :environment do |t, args|
|
|
|
|
rotator.rotate!(old_key: ENV['old_key'], new_key: ENV['new_key'])
|
|
|
|
end
|
|
|
|
|
2020-01-23 01:08:32 -05:00
|
|
|
desc "GitLab | 2FA | Rotate Key | Rollback to secrets encrypted with the old encryption key"
|
2017-06-02 12:28:54 -04:00
|
|
|
task rollback: :environment do
|
|
|
|
rotator.rollback!
|
|
|
|
end
|
|
|
|
end
|
2015-10-07 15:46:18 -04:00
|
|
|
end
|
|
|
|
end
|