mirror of
https://github.com/deuill/coreos-home-server.git
synced 2024-09-21 13:40:45 +00:00
gitea: Use LDAP authentication by default
New Gitea installations will now use LDAP authentication, typically provided by the included `lldap` service, over SMTP authentication, as this is is more flexible.
This commit is contained in:
parent
0c5a483853
commit
096d51ecb4
@ -17,9 +17,15 @@ if ! test -f /var/lib/gitea/gitea.db; then
|
||||
# Set up database.
|
||||
gosu git /usr/bin/gitea -c /etc/gitea/config.ini migrate
|
||||
|
||||
# Set up SMTP authentication via local service.
|
||||
gosu git /usr/bin/gitea -c /etc/gitea/config.ini admin auth add-smtp --name postfix --active \
|
||||
--host "${GITEA_AUTH_SMTP_HOST}" --port "${GITEA_AUTH_SMTP_PORT}"
|
||||
# Set up LDAP authentication via local service.
|
||||
gosu git /usr/bin/gitea -c /etc/gitea/config.ini admin auth add-ldap --name "LDAP" \
|
||||
--host "${GITEA_AUTH_LDAP_HOST}" --port "${GITEA_AUTH_LDAP_PORT}" \
|
||||
--synchronize-users --security-protocol unencrypted \
|
||||
--bind-dn "uid=${GITEA_AUTH_LDAP_BIND_UID},ou=people,dc=ldap,dc=local" --bind-password "${GITEA_AUTH_LDAP_BIND_PASSWORD}" \
|
||||
--user-search-base "ou=people,dc=ldap,dc=local" --user-filter "(&(memberof=cn=gitea_user,ou=groups,dc=ldap,dc=local)(|(uid=%[1]s)(mail=%[1]s)))" \
|
||||
--admin-filter "(memberof=cn=gitea_admin,ou=groups,dc=ldap,dc=local)" \
|
||||
--username-attribute "uid" --email-attribute "mail" \
|
||||
--firstname-attribute "givenName" --surname-attribute "sn" --avatar-attribute "jpegPhoto"
|
||||
fi
|
||||
|
||||
# Run entrypoint under specific user.
|
||||
|
@ -9,9 +9,11 @@ GITEA_DOMAIN=${GITEA_DOMAIN}
|
||||
GITEA_SSH_DOMAIN=${GITEA_SSH_DOMAIN}
|
||||
GITEA_SSH_PORT=${GITEA_SSH_PORT}
|
||||
|
||||
# SMTP authentication settings.
|
||||
GITEA_AUTH_SMTP_HOST=${POSTFIX_HOST}
|
||||
GITEA_AUTH_SMTP_PORT=587
|
||||
# LDAP authentication settings.
|
||||
GITEA_AUTH_LDAP_HOST=lldap
|
||||
GITEA_AUTH_LDAP_PORT=3890
|
||||
GITEA_AUTH_LDAP_BIND_UID=${LLDAP_ADMIN_USERNAME}
|
||||
GITEA_AUTH_LDAP_BIND_PASSWORD=${LLDAP_ADMIN_PASSWORD}
|
||||
|
||||
# SMTP mailer settings.
|
||||
GITEA_MAILER_FROM=${GITEA_MAILER_FROM}
|
||||
|
Loading…
Reference in New Issue
Block a user