lldap/example_configs/gitea.md
2022-06-17 16:11:50 +02:00

1.3 KiB

Configuration for Gitea

In Gitea, go to Site Administration > Authentication Sources and click Add Authentication Source Select LDAP (via BindDN)

  • Host: Your lldap server's ip/hostname
  • Port: Your lldap server's port (3890 by default)
  • Bind DN: uid=admin,ou=people,dc=example,dc=com
  • Bind Password: Your bind user's password
  • User Search Base: ou=people,dc=example,dc=com
  • User Filter: If you want all users to be able to log in, use
    (&(objectClass=person)(|(uid=%[1]s)(mail=%[1]s))).
    To log in they can either use their email address or user name. If you only want members a specific group to be able to log in, in this case the group git_user, use
    (&(memberof=cn=git_user,ou=groups,dc=example,dc=com)(|(uid=%[1]s)(mail=%[1]s)))
    For more info on the user filter, see: https://docs.gitea.io/en-us/authentication/#ldap-via-binddn
  • Admin Filter: Use (memberof=cn=lldap_admin,ou=groups,dc=example,dc=com) if you want lldap admins to become Gitea admins. Leave empty otherwise.
  • Username Attribute: uid
  • Email Attribute: mail
  • Check Enable User Synchronization

Replace every instance of dc=example,dc=com with your configured domain.

After applying the above settings, users should be able to log in with either their user name or email address.