From fce242c023c0ffc5b4ed4a87d237c30aaf0c0138 Mon Sep 17 00:00:00 2001
From: Jacob Vosmaer <contact@jacobvosmaer.nl>
Date: Fri, 28 Feb 2014 15:25:45 +0100
Subject: [PATCH] Add support for GitLab EE LDAP attributes

---
 files/gitlab-cookbooks/gitlab/attributes/default.rb            |  2 ++
 files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb | 13 +++++++++++++
 2 files changed, 15 insertions(+), 0 deletions(-)

diff --git a/files/gitlab-cookbooks/gitlab/attributes/default.rb b/files/gitlab-cookbooks/gitlab/attributes/default.rb
index d3f23ab..4d55f05 100644
--- a/files/gitlab-cookbooks/gitlab/attributes/default.rb
+++ b/files/gitlab-cookbooks/gitlab/attributes/default.rb
@@ -86,6 +86,8 @@ default['gitlab']['gitlab-rails']['ldap_method'] = "ssl"
 default['gitlab']['gitlab-rails']['ldap_bind_dn'] = "_the_full_dn_of_the_user_you_will_bind_with"
 default['gitlab']['gitlab-rails']['ldap_password'] = "_the_password_of_the_bind_user"
 default['gitlab']['gitlab-rails']['ldap_allow_username_or_email_login'] = true
+default['gitlab']['gitlab-rails']['ldap_user_filter'] = ""
+default['gitlab']['gitlab-rails']['ldap_group_base'] = ""
 default['gitlab']['gitlab-rails']['satellites_path'] = "/var/opt/gitlab/git-data/gitlab-satellites"
 default['gitlab']['gitlab-rails']['backup_path'] = "/var/opt/gitlab/backups"
 default['gitlab']['gitlab-rails']['gitlab_shell_path'] = "/opt/gitlab/embedded/service/gitlab-shell/"
diff --git a/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb b/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb
index 5b2f217..2d44082 100644
--- a/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb
+++ b/files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb
@@ -142,6 +142,19 @@ production: &base
     # disable this setting, because the userPrincipalName contains an '@'.
     allow_username_or_email_login: <%= @ldap_allow_username_or_email_login %>
 
+    # Filter LDAP users
+    #
+    #   Format: RFC 4515
+    #   Ex. (employeeType=developer)
+    #
+    user_filter: '<%= @ldap_user_filter %>'
+
+    # Base where we can search for groups
+    #
+    #   Ex. ou=Groups,dc=gitlab,dc=example
+    #
+    group_base: '<%= @ldap_group_base %>'
+
   ## OmniAuth settings
   omniauth:
     # Allow login via Twitter, Google, etc. using OmniAuth providers
--
libgit2 0.21.2