Commit c889d06b52692ae55a8926f69a13bd3b8834ae28
1 parent
2dee7e19
Exists in
master
and in
9 other branches
Enable omniauth setting in gitlab.yml
Showing
3 changed files
with
30 additions
and
3 deletions
Show diff stats
README.md
... | ... | @@ -328,6 +328,26 @@ gitlab_rails['smtp_authentication'] = "login" |
328 | 328 | gitlab_rails['smtp_enable_starttls_auto'] = true |
329 | 329 | ``` |
330 | 330 | |
331 | +### Omniauth (Google, Twitter, GitHub login) | |
332 | + | |
333 | +Omniauth configuration is documented on | |
334 | +[doc.gitlab.com](http://doc.gitlab.com/ce/integration/omniauth.html). To effect | |
335 | +the necessary changes in `gitlab.yml`, use the following syntax in | |
336 | +`/etc/gitlab/gitlab.rb`. Note that the providers are specified as an array of | |
337 | +Ruby hashes. | |
338 | + | |
339 | +```ruby | |
340 | +gitlab_rails['omniauth_enabled'] = true | |
341 | +gitlab_rails['omniauth_providers'] = [ | |
342 | + { | |
343 | + "name" => "google_oauth2", | |
344 | + "app_id" => "YOUR APP ID", | |
345 | + "app_secret" => "YOUR APP SECRET", | |
346 | + "args" => { "access_type" => "offline", "approval_prompt" => "" } | |
347 | + } | |
348 | +] | |
349 | +``` | |
350 | + | |
331 | 351 | ## Backups |
332 | 352 | |
333 | 353 | ### Creating an application backup | ... | ... |
files/gitlab-cookbooks/gitlab/attributes/default.rb
... | ... | @@ -90,6 +90,10 @@ default['gitlab']['gitlab-rails']['ldap_password'] = nil |
90 | 90 | default['gitlab']['gitlab-rails']['ldap_allow_username_or_email_login'] = nil |
91 | 91 | default['gitlab']['gitlab-rails']['ldap_user_filter'] = nil |
92 | 92 | default['gitlab']['gitlab-rails']['ldap_group_base'] = nil |
93 | +default['gitlab']['gitlab-rails']['omniauth_enabled'] = false | |
94 | +default['gitlab']['gitlab-rails']['omniauth_allow_single_sign_on'] = nil | |
95 | +default['gitlab']['gitlab-rails']['omniauth_block_auto_created_users'] = nil | |
96 | +default['gitlab']['gitlab-rails']['omniauth_providers'] = [] | |
93 | 97 | default['gitlab']['gitlab-rails']['satellites_path'] = "/var/opt/gitlab/git-data/gitlab-satellites" |
94 | 98 | default['gitlab']['gitlab-rails']['backup_path'] = "/var/opt/gitlab/backups" |
95 | 99 | default['gitlab']['gitlab-rails']['backup_keep_time'] = nil | ... | ... |
files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb
... | ... | @@ -167,14 +167,14 @@ production: &base |
167 | 167 | ## OmniAuth settings |
168 | 168 | omniauth: |
169 | 169 | # Allow login via Twitter, Google, etc. using OmniAuth providers |
170 | - enabled: false | |
170 | + enabled: <%= @omniauth_enabled %> | |
171 | 171 | |
172 | 172 | # CAUTION! |
173 | 173 | # This allows users to login without having a user account first (default: false). |
174 | 174 | # User accounts will be created automatically when authentication was successful. |
175 | - allow_single_sign_on: false | |
175 | + allow_single_sign_on: <%= @omniauth_allow_single_sign_on %> | |
176 | 176 | # Locks down those users until they have been cleared by the admin (default: true). |
177 | - block_auto_created_users: true | |
177 | + block_auto_created_users: <%= @omniauth_block_auto_created_users %> | |
178 | 178 | |
179 | 179 | ## Auth providers |
180 | 180 | # Uncomment the following lines and fill in the data of the auth provider you want to use |
... | ... | @@ -192,6 +192,9 @@ production: &base |
192 | 192 | # - { name: 'github', app_id: 'YOUR APP ID', |
193 | 193 | # app_secret: 'YOUR APP SECRET', |
194 | 194 | # args: { scope: 'user:email' } } |
195 | +<% @omniauth_providers.each do |provider| %> | |
196 | + - <%= provider.to_json %> | |
197 | +<% end %> | |
195 | 198 | |
196 | 199 | |
197 | 200 | ... | ... |