forgejo: add extra ldap bind user #4

Merged
mg merged 5 commits from lbu into master 2024-04-04 19:11:52 +02:00
2 changed files with 4 additions and 3 deletions
Showing only changes of commit 802c339aaf - Show all commits

View file

@ -138,5 +138,6 @@ gitea_fail2ban_jail_action: "iptables-allports"
### mgrote_gitea_setup ### mgrote_gitea_setup
gitea_ldap_host: "ldap.mgrote.net" gitea_ldap_host: "ldap.mgrote.net"
gitea_ldap_bind_pass: "{{ lookup('keepass', 'lldap_ldap_user_pass', 'password') }}" gitea_ldap_bind_pass: "{{ lookup('keepass', 'lldap_ldap_user_pass', 'password') }}"
gitea_admin_user: "forgejo_bind_user" gitea_admin_user: "fadmin"
gitea_admin_user_pass: "{{ lookup('keepass', 'lldap_forgejo_bind_user', 'password') }}" gitea_admin_user_pass: "{{ lookup('keepass', 'lldap_forgejo_bind_user', 'password') }}"
gitea_ldap_bind_user: "forgejo_bind_user"

View file

@ -15,7 +15,7 @@
--security-protocol "unencrypted" \ --security-protocol "unencrypted" \
--host "{{ gitea_ldap_host }}" \ --host "{{ gitea_ldap_host }}" \
--port "3890" \ --port "3890" \
--bind-dn "uid=ladmin,ou=people,dc=mgrote,dc=net" \ --bind-dn "uid={{ gitea_ldap_bind_user }},ou=people,dc=mgrote,dc=net" \
--bind-password "{{ gitea_ldap_bind_pass }}" \ --bind-password "{{ gitea_ldap_bind_pass }}" \
--user-search-base "ou=people,dc=mgrote,dc=net" \ --user-search-base "ou=people,dc=mgrote,dc=net" \
--user-filter "(&(memberof=cn=gitea,ou=groups,dc=mgrote,dc=net)(|(uid=%[1]s)(mail=%[1]s)))" \ --user-filter "(&(memberof=cn=gitea,ou=groups,dc=mgrote,dc=net)(|(uid=%[1]s)(mail=%[1]s)))" \
@ -41,7 +41,7 @@
--security-protocol "unencrypted" \ --security-protocol "unencrypted" \
--host "{{ gitea_ldap_host }}" \ --host "{{ gitea_ldap_host }}" \
--port "3890" \ --port "3890" \
--bind-dn "uid=ladmin,ou=people,dc=mgrote,dc=net" \ --bind-dn "uid={{ gitea_ldap_bind_user }},ou=people,dc=mgrote,dc=net" \
--bind-password "{{ gitea_ldap_bind_pass }}" \ --bind-password "{{ gitea_ldap_bind_pass }}" \
--user-search-base "ou=people,dc=mgrote,dc=net" \ --user-search-base "ou=people,dc=mgrote,dc=net" \
--user-filter "(&(memberof=cn=gitea,ou=groups,dc=mgrote,dc=net)(|(uid=%[1]s)(mail=%[1]s)))" \ --user-filter "(&(memberof=cn=gitea,ou=groups,dc=mgrote,dc=net)(|(uid=%[1]s)(mail=%[1]s)))" \