deuill/coreos-home-server
1
0
Fork 0
mirror of https://github.com/deuill/coreos-home-server.git synced 2024-09-21 13:40:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

gitea: Use LDAP authentication by default

Browse Source 
New Gitea installations will now use LDAP authentication, typically
provided by the included `lldap` service, over SMTP authentication, as
this is is more flexible.
This commit is contained in:
Alex Palaistras 2022-09-19 14:57:11 +01:00
parent 0c5a483853
commit 096d51ecb4
2 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
service/gitea/container/run-gitea
View File

@ -17,9 +17,15 @@ if ! test -f /var/lib/gitea/gitea.db; then
# Set up database. # Set up database.
gosu git /usr/bin/gitea -c /etc/gitea/config.ini migrate gosu git /usr/bin/gitea -c /etc/gitea/config.ini migrate
# Set up SMTP authentication via local service. # Set up LDAP authentication via local service.
gosu git /usr/bin/gitea -c /etc/gitea/config.ini admin auth add-smtp --name postfix --active \ gosu git /usr/bin/gitea -c /etc/gitea/config.ini admin auth add-ldap --name "LDAP" \
--host "${GITEA_AUTH_SMTP_HOST}" --port "${GITEA_AUTH_SMTP_PORT}" --host "${GITEA_AUTH_LDAP_HOST}" --port "${GITEA_AUTH_LDAP_PORT}" \
--synchronize-users --security-protocol unencrypted \
--bind-dn "uid=${GITEA_AUTH_LDAP_BIND_UID},ou=people,dc=ldap,dc=local" --bind-password "${GITEA_AUTH_LDAP_BIND_PASSWORD}" \
--user-search-base "ou=people,dc=ldap,dc=local" --user-filter "(&(memberof=cn=gitea_user,ou=groups,dc=ldap,dc=local)(|(uid=%[1]s)(mail=%[1]s)))" \
--admin-filter "(memberof=cn=gitea_admin,ou=groups,dc=ldap,dc=local)" \
--username-attribute "uid" --email-attribute "mail" \
--firstname-attribute "givenName" --surname-attribute "sn" --avatar-attribute "jpegPhoto"
fi fi
# Run entrypoint under specific user. # Run entrypoint under specific user.

8
service/gitea/gitea.env.template
View File

@ -9,9 +9,11 @@ GITEA_DOMAIN=${GITEA_DOMAIN}
GITEA_SSH_DOMAIN=${GITEA_SSH_DOMAIN} GITEA_SSH_DOMAIN=${GITEA_SSH_DOMAIN}
GITEA_SSH_PORT=${GITEA_SSH_PORT} GITEA_SSH_PORT=${GITEA_SSH_PORT}
# SMTP authentication settings. # LDAP authentication settings.
GITEA_AUTH_SMTP_HOST=${POSTFIX_HOST} GITEA_AUTH_LDAP_HOST=lldap
GITEA_AUTH_SMTP_PORT=587 GITEA_AUTH_LDAP_PORT=3890
GITEA_AUTH_LDAP_BIND_UID=${LLDAP_ADMIN_USERNAME}
GITEA_AUTH_LDAP_BIND_PASSWORD=${LLDAP_ADMIN_PASSWORD}
# SMTP mailer settings. # SMTP mailer settings.
GITEA_MAILER_FROM=${GITEA_MAILER_FROM} GITEA_MAILER_FROM=${GITEA_MAILER_FROM}