Making sphinx documentation private

Question

So this is a reoccurring issue and I'm not qualified to fix it but I need it fixed so I'm going to have to learn. See this question for an outdated / not feasible solution, and for a similar question without answer.

Basic problem, I need to provide documentation for a private python module. The Project is hosted on gitlab and I use the CI to generate the docs. They are visible to the world and that isn't ideal. This is a known issue and gitlab may eventually provide a solution. I can't wait that long. My plan was to use this project (crypto-js) code and include it in the docker runner. Unfortunately I have no clue as to how to go about it or if that is even possible.

My ci.yml is:

image: tsgkadot/sphinx-plantuml

stages:
  - build
pages:
  stage: build
  script:
    #- pip install -r requirements.txt -U
    - sphinx-build -b html ./doc public
  artifacts:
    paths:
      - public
  tags:
    - docker

As far as I can work out crypto-js is interfaced with like so:

var unencrypted = document.getElementById('unencrypted_html').value;
var passphrase = document.getElementById('passphrase').value;
var encrypted = CryptoJS.AES.encrypt(unencrypted, passphrase);
var hmac = CryptoJS.HmacSHA256(encrypted.toString(), CryptoJS.SHA256(passphrase)).toString();
var encryptedMsg = hmac + encrypted;

where the generated html file(s) from sphinx would have to be passed to the js and the output replace the files. Alternatively, i read on SO that it is possible to include js in sphinx, but I don't see how a file could encrypt itself. I don't mind using one password to encrypt all the documentation and then sharing the password with the relevant parties.

I've also posted these ideas on the relevant issue with gitlab but there seems to be little progress there as they are looking for a more complete solution.

If there is a git hosting service like gitlab that offers something like pages that are private for private repositories, I'd also be happy to switch to that. Any ideas or pointers as to how to implement this?

Answer 1

GitLab now supports access control for pages:

https://docs.gitlab.com/ce/administration/pages/#access-control

Pages access control is currently disabled by default. To enable it, you must:

1. Enable it in /etc/gitlab/gitlab.rb

   gitlab_pages['access_control'] = true

2. Reconfigure GitLab

Answer 2

Now GitLab Pages works with the same permissions as in the project. If the project is private, the Pages will also be private.

I've tried this tutorial: https://gitlab.com/pages/sphinx/tree/master