From a67128338d5fa46657203b066591ae3efdc5b0a7 Mon Sep 17 00:00:00 2001
From: publicdesert <publicdesert@mailbox.org>
Date: Wed, 15 Jun 2022 18:14:00 +0200
Subject: [PATCH] Add examples for Gitea and Seafile

---
 README.md                  |  2 ++
 example_configs/gitea.md   | 20 ++++++++++++++++++++
 example_configs/seafile.md | 26 ++++++++++++++++++++++++++
 3 files changed, 48 insertions(+)
 create mode 100644 example_configs/gitea.md
 create mode 100644 example_configs/seafile.md

diff --git a/README.md b/README.md
index 3564077..a29b6a9 100644
--- a/README.md
+++ b/README.md
@@ -199,11 +199,13 @@ folder for help with:
   - [Authelia](example_configs/authelia_config.yml)
   - [Bookstack](example_configs/bookstack.env.example)
   - [Dolibarr](example_configs/dolibarr.md)
+  - [Gitea](example_configs/gitea.md)
   - [Jellyfin](example_configs/jellyfin.md)
   - [Jisti Meet](example_configs/jitsi_meet.conf)
   - [KeyCloak](example_configs/keycloak.md)
   - [Matrix](example_configs/matrix_synapse.yml)
   - [Organizr](example_configs/Organizr.md)
+  - [Seafile](example_configs/seafile.md)
 
 ## Comparisons with other services
 
diff --git a/example_configs/gitea.md b/example_configs/gitea.md
new file mode 100644
index 0000000..422d21a
--- /dev/null
+++ b/example_configs/gitea.md
@@ -0,0 +1,20 @@
+# Configuration for Gitea
+In Gitea, go to `Site Administration > Authentication Sources` and click `Add Authentication Source`
+Select `LDAP (via BindDN)`
+
+* Host: Your lldap server's ip/hostname
+* Port: Your lldap server's port (3890 by default)
+* Bind DN: `uid=admin,ou=people,dc=example,dc=com`
+* Bind Password: Your bind user's password
+* User Search Base: `ou=people,dc=example,dc=com`
+* User Filter: In this example only members of the group `git_user` can log in. To log in they can either use their email address or user name:<br>
+`(&(memberof=cn=git_user,ou=groups,dc=example,dc=com)(|(uid=%[1]s)(mail=%[1]s)))`<br>
+For more info on the user filter, see: https://docs.gitea.io/en-us/authentication/#ldap-via-binddn
+* Admin Filter: Use similar string as above or leave it empty if you don't want LDAP users to be admins.
+* Username Attribute: `uid`
+* Email Attribute: `mail`
+* Check `Enable User Synchronization`
+
+Replace every instance of `dc=example,dc=com` with your configured domain.
+
+After applying the above settings, users should be able to log in with either their user name or email address.
\ No newline at end of file
diff --git a/example_configs/seafile.md b/example_configs/seafile.md
new file mode 100644
index 0000000..2ae4030
--- /dev/null
+++ b/example_configs/seafile.md
@@ -0,0 +1,26 @@
+# Configuration for Seafile
+
+## Basic configuration
+Add the following to your `seafile/conf/ccnet.conf` file:
+```
+[LDAP]
+HOST = ldap://192.168.1.100:3890
+BASE = ou=people,dc=example,dc=com
+USER_DN = uid=admin,ou=people,dc=example,dc=com
+PASSWORD = YOURPASSWORDHERE
+LOGIN_ATTR = mail
+```
+* Replace `192.168.1.100:3890` with your lldap server's ip/hostname and port.
+* Replace every instance of `dc=example,dc=com` with your configured domain.
+* Replace `YOURPASSWORDHERE` with your bind user's password.
+
+__IMPORTANT__: Seafile requires the LOGIN_ATTR to be in an email-like format. You cannot use the uid as LOGIN_ATTR!
+
+After restarting the Seafile server, users should be able to log in with their email address and password.
+
+## Filtering by group membership
+If you only want members of a specific group to be able to log in, add the following line:
+```
+FILTER = memberOf=cn=seafile_user,ou=groups,dc=example,dc=com
+```
+* Replace `seafile_user` with the name of your group.