diff --git a/files/gitlab-cookbooks/gitlab/attributes/default.rb b/files/gitlab-cookbooks/gitlab/attributes/default.rb index 247648c..a98acd7 100644 --- a/files/gitlab-cookbooks/gitlab/attributes/default.rb +++ b/files/gitlab-cookbooks/gitlab/attributes/default.rb @@ -78,16 +78,16 @@ default['gitlab']['gitlab-rails']['gravatar_enabled'] = true default['gitlab']['gitlab-rails']['gravatar_plain_url'] = nil default['gitlab']['gitlab-rails']['gravatar_ssl_url'] = nil default['gitlab']['gitlab-rails']['ldap_enabled'] = false -default['gitlab']['gitlab-rails']['ldap_host'] = "_your_ldap_server" -default['gitlab']['gitlab-rails']['ldap_base'] = "_the_base_where_you_search_for_users" -default['gitlab']['gitlab-rails']['ldap_port'] = 636 -default['gitlab']['gitlab-rails']['ldap_uid'] = "sAMAccountName" -default['gitlab']['gitlab-rails']['ldap_method'] = "ssl" -default['gitlab']['gitlab-rails']['ldap_bind_dn'] = "_the_full_dn_of_the_user_you_will_bind_with" -default['gitlab']['gitlab-rails']['ldap_password'] = "_the_password_of_the_bind_user" -default['gitlab']['gitlab-rails']['ldap_allow_username_or_email_login'] = true -default['gitlab']['gitlab-rails']['ldap_user_filter'] = "" -default['gitlab']['gitlab-rails']['ldap_group_base'] = "" +default['gitlab']['gitlab-rails']['ldap_host'] = nil +default['gitlab']['gitlab-rails']['ldap_base'] = nil +default['gitlab']['gitlab-rails']['ldap_port'] = nil +default['gitlab']['gitlab-rails']['ldap_uid'] = nil +default['gitlab']['gitlab-rails']['ldap_method'] = nil +default['gitlab']['gitlab-rails']['ldap_bind_dn'] = nil +default['gitlab']['gitlab-rails']['ldap_password'] = nil +default['gitlab']['gitlab-rails']['ldap_allow_username_or_email_login'] = nil +default['gitlab']['gitlab-rails']['ldap_user_filter'] = nil +default['gitlab']['gitlab-rails']['ldap_group_base'] = nil default['gitlab']['gitlab-rails']['satellites_path'] = "/var/opt/gitlab/git-data/gitlab-satellites" default['gitlab']['gitlab-rails']['backup_path'] = "/var/opt/gitlab/backups" default['gitlab']['gitlab-rails']['backup_keep_time'] = nil diff --git a/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb b/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb index 7f77985..44b61e3 100644 --- a/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb +++ b/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb @@ -119,12 +119,12 @@ production: &base # bundle exec rake gitlab:ldap:check RAILS_ENV=production ldap: enabled: <%= @ldap_enabled %> - host: '<%= @ldap_host %>' + host: <%= single_quote(@ldap_host) %> port: <%= @ldap_port %> - uid: '<%= @ldap_uid %>' - method: '<%= @ldap_method %>' # "tls" or "ssl" or "plain" - bind_dn: '<%= @ldap_bind_dn %>' - password: '<%= @ldap_password %>' + uid: <%= single_quote(@ldap_uid) %> + method: <%= single_quote(@ldap_method) %> # "tls" or "ssl" or "plain" + bind_dn: <%= single_quote(@ldap_bind_dn) %> + password: <%= single_quote(@ldap_password) %> # If allow_username_or_email_login is enabled, GitLab will ignore everything # after the first '@' in the LDAP username submitted by the user on login. # @@ -140,20 +140,20 @@ production: &base # # Ex. ou=People,dc=gitlab,dc=example # - base: '<%= @ldap_base %>' + base: <%= single_quote(@ldap_base) %> # Filter LDAP users # # Format: RFC 4515 # Ex. (employeeType=developer) # - user_filter: '<%= @ldap_user_filter %>' + user_filter: <%= single_quote(@ldap_user_filter) %> # Base where we can search for groups # # Ex. ou=Groups,dc=gitlab,dc=example # - group_base: '<%= @ldap_group_base %>' + group_base: <%= single_quote(@ldap_group_base) %> ## OmniAuth settings omniauth: -- libgit2 0.21.2