dd

roles/mgrote_gitea_setup/tasks/main.yml

@@ -23,12 +23,28 @@
   failed_when: 'not "Command error: login source already exists [name: lldap]" in configured.stderr'
   become_user: gitea
 
-- name: debug
+#- name: debug
-  ansible.builtin.debug:
+#  ansible.builtin.debug:
-    msg: "{{ configured }}"
+#    msg: "{{ configured }}"
 
 - name: Modify LDAP config
-  ansible.builtin.command: cat /etc/motd
+  ansible.builtin.command: |
+    forgejo admin auth update-ldap \
+      --config "/etc/gitea/gitea.ini" \
+      --id "1" \
+      --security-protocol "unencrypted" \
+      --host "ldap.mgrote.net" \
+      --port "3890" \
+      --bind-dn "uid=ladmin,ou=people,dc=mgrote,dc=net" \
+      --bind-password GEHEIM \
+      --user-search-base "ou=people,dc=mgrote,dc=net" \
+      --user-filter "(&(memberof=cn=gitea,ou=groups,dc=mgrote,dc=net)(|(uid=%[1]s)(mail=%[1]s)))" \
+      --username-attribute "uid" \
+      --email-attribute "mail" \
+      --firstname-attribute "givenName" \
+      --surname-attribute "sn" \
+      --avatar-attribute "jpegPhoto" \
+      --synchronize-users
   when: '"Command error: login source already exists [name: lldap]" in configured.stderr'
   become_user: gitea