Commit c889d06b52692ae55a8926f69a13bd3b8834ae28
1 parent
2dee7e19
Exists in
master
and in
9 other branches
Enable omniauth setting in gitlab.yml
Showing
3 changed files
with
30 additions
and
3 deletions
Show diff stats
README.md
| ... | ... | @@ -328,6 +328,26 @@ gitlab_rails['smtp_authentication'] = "login" |
| 328 | 328 | gitlab_rails['smtp_enable_starttls_auto'] = true |
| 329 | 329 | ``` |
| 330 | 330 | |
| 331 | +### Omniauth (Google, Twitter, GitHub login) | |
| 332 | + | |
| 333 | +Omniauth configuration is documented on | |
| 334 | +[doc.gitlab.com](http://doc.gitlab.com/ce/integration/omniauth.html). To effect | |
| 335 | +the necessary changes in `gitlab.yml`, use the following syntax in | |
| 336 | +`/etc/gitlab/gitlab.rb`. Note that the providers are specified as an array of | |
| 337 | +Ruby hashes. | |
| 338 | + | |
| 339 | +```ruby | |
| 340 | +gitlab_rails['omniauth_enabled'] = true | |
| 341 | +gitlab_rails['omniauth_providers'] = [ | |
| 342 | + { | |
| 343 | + "name" => "google_oauth2", | |
| 344 | + "app_id" => "YOUR APP ID", | |
| 345 | + "app_secret" => "YOUR APP SECRET", | |
| 346 | + "args" => { "access_type" => "offline", "approval_prompt" => "" } | |
| 347 | + } | |
| 348 | +] | |
| 349 | +``` | |
| 350 | + | |
| 331 | 351 | ## Backups |
| 332 | 352 | |
| 333 | 353 | ### Creating an application backup | ... | ... |
files/gitlab-cookbooks/gitlab/attributes/default.rb
| ... | ... | @@ -90,6 +90,10 @@ default['gitlab']['gitlab-rails']['ldap_password'] = nil |
| 90 | 90 | default['gitlab']['gitlab-rails']['ldap_allow_username_or_email_login'] = nil |
| 91 | 91 | default['gitlab']['gitlab-rails']['ldap_user_filter'] = nil |
| 92 | 92 | default['gitlab']['gitlab-rails']['ldap_group_base'] = nil |
| 93 | +default['gitlab']['gitlab-rails']['omniauth_enabled'] = false | |
| 94 | +default['gitlab']['gitlab-rails']['omniauth_allow_single_sign_on'] = nil | |
| 95 | +default['gitlab']['gitlab-rails']['omniauth_block_auto_created_users'] = nil | |
| 96 | +default['gitlab']['gitlab-rails']['omniauth_providers'] = [] | |
| 93 | 97 | default['gitlab']['gitlab-rails']['satellites_path'] = "/var/opt/gitlab/git-data/gitlab-satellites" |
| 94 | 98 | default['gitlab']['gitlab-rails']['backup_path'] = "/var/opt/gitlab/backups" |
| 95 | 99 | default['gitlab']['gitlab-rails']['backup_keep_time'] = nil | ... | ... |
files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb
| ... | ... | @@ -167,14 +167,14 @@ production: &base |
| 167 | 167 | ## OmniAuth settings |
| 168 | 168 | omniauth: |
| 169 | 169 | # Allow login via Twitter, Google, etc. using OmniAuth providers |
| 170 | - enabled: false | |
| 170 | + enabled: <%= @omniauth_enabled %> | |
| 171 | 171 | |
| 172 | 172 | # CAUTION! |
| 173 | 173 | # This allows users to login without having a user account first (default: false). |
| 174 | 174 | # User accounts will be created automatically when authentication was successful. |
| 175 | - allow_single_sign_on: false | |
| 175 | + allow_single_sign_on: <%= @omniauth_allow_single_sign_on %> | |
| 176 | 176 | # Locks down those users until they have been cleared by the admin (default: true). |
| 177 | - block_auto_created_users: true | |
| 177 | + block_auto_created_users: <%= @omniauth_block_auto_created_users %> | |
| 178 | 178 | |
| 179 | 179 | ## Auth providers |
| 180 | 180 | # Uncomment the following lines and fill in the data of the auth provider you want to use |
| ... | ... | @@ -192,6 +192,9 @@ production: &base |
| 192 | 192 | # - { name: 'github', app_id: 'YOUR APP ID', |
| 193 | 193 | # app_secret: 'YOUR APP SECRET', |
| 194 | 194 | # args: { scope: 'user:email' } } |
| 195 | +<% @omniauth_providers.each do |provider| %> | |
| 196 | + - <%= provider.to_json %> | |
| 197 | +<% end %> | |
| 195 | 198 | |
| 196 | 199 | |
| 197 | 200 | ... | ... |