From c889d06b52692ae55a8926f69a13bd3b8834ae28 Mon Sep 17 00:00:00 2001 From: Jacob Vosmaer Date: Fri, 23 May 2014 19:12:12 +0200 Subject: [PATCH] Enable omniauth setting in gitlab.yml --- README.md | 20 ++++++++++++++++++++ files/gitlab-cookbooks/gitlab/attributes/default.rb | 4 ++++ files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb | 9 ++++++--- 3 files changed, 30 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index b34b448..992f8eb 100644 --- a/README.md +++ b/README.md @@ -328,6 +328,26 @@ gitlab_rails['smtp_authentication'] = "login" gitlab_rails['smtp_enable_starttls_auto'] = true ``` +### Omniauth (Google, Twitter, GitHub login) + +Omniauth configuration is documented on +[doc.gitlab.com](http://doc.gitlab.com/ce/integration/omniauth.html). To effect +the necessary changes in `gitlab.yml`, use the following syntax in +`/etc/gitlab/gitlab.rb`. Note that the providers are specified as an array of +Ruby hashes. + +```ruby +gitlab_rails['omniauth_enabled'] = true +gitlab_rails['omniauth_providers'] = [ + { + "name" => "google_oauth2", + "app_id" => "YOUR APP ID", + "app_secret" => "YOUR APP SECRET", + "args" => { "access_type" => "offline", "approval_prompt" => "" } + } +] +``` + ## Backups ### Creating an application backup diff --git a/files/gitlab-cookbooks/gitlab/attributes/default.rb b/files/gitlab-cookbooks/gitlab/attributes/default.rb index 514cf8c..e107ff8 100644 --- a/files/gitlab-cookbooks/gitlab/attributes/default.rb +++ b/files/gitlab-cookbooks/gitlab/attributes/default.rb @@ -90,6 +90,10 @@ default['gitlab']['gitlab-rails']['ldap_password'] = nil default['gitlab']['gitlab-rails']['ldap_allow_username_or_email_login'] = nil default['gitlab']['gitlab-rails']['ldap_user_filter'] = nil default['gitlab']['gitlab-rails']['ldap_group_base'] = nil +default['gitlab']['gitlab-rails']['omniauth_enabled'] = false +default['gitlab']['gitlab-rails']['omniauth_allow_single_sign_on'] = nil +default['gitlab']['gitlab-rails']['omniauth_block_auto_created_users'] = nil +default['gitlab']['gitlab-rails']['omniauth_providers'] = [] default['gitlab']['gitlab-rails']['satellites_path'] = "/var/opt/gitlab/git-data/gitlab-satellites" default['gitlab']['gitlab-rails']['backup_path'] = "/var/opt/gitlab/backups" default['gitlab']['gitlab-rails']['backup_keep_time'] = nil diff --git a/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb b/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb index b3cac9e..3749374 100644 --- a/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb +++ b/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb @@ -167,14 +167,14 @@ production: &base ## OmniAuth settings omniauth: # Allow login via Twitter, Google, etc. using OmniAuth providers - enabled: false + enabled: <%= @omniauth_enabled %> # CAUTION! # This allows users to login without having a user account first (default: false). # User accounts will be created automatically when authentication was successful. - allow_single_sign_on: false + allow_single_sign_on: <%= @omniauth_allow_single_sign_on %> # Locks down those users until they have been cleared by the admin (default: true). - block_auto_created_users: true + block_auto_created_users: <%= @omniauth_block_auto_created_users %> ## Auth providers # Uncomment the following lines and fill in the data of the auth provider you want to use @@ -192,6 +192,9 @@ production: &base # - { name: 'github', app_id: 'YOUR APP ID', # app_secret: 'YOUR APP SECRET', # args: { scope: 'user:email' } } +<% @omniauth_providers.each do |provider| %> + - <%= provider.to_json %> +<% end %> -- libgit2 0.21.2