crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity

[gitlab] remove CAS

main
bleizi 2023-05-25 19:14:25 +02:00
parent d0bac2ba40
commit e6537c233c
2 changed files with 15 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
group_vars/gitlab.yml
View File

@ -13,9 +13,6 @@ glob_gitlab:
bind_password: "{{ vault.gitlab.ldap.bind_password }}" bind_password: "{{ vault.gitlab.ldap.bind_password }}"
base: 'cn=Utilisateurs,dc=crans,dc=org' base: 'cn=Utilisateurs,dc=crans,dc=org'
user_filter: '(&(!(shadowExpire=0))(uid=*))' user_filter: '(&(!(shadowExpire=0))(uid=*))'
cas_name: 'cas3'
cas_label: 'CAS Cr@ns'
cas_url: 'https://cas.crans.org'
smtp: smtp:
address: "{{ query('ldap', 'ip', 'redisdead', 'adm') | first }}" address: "{{ query('ldap', 'ip', 'redisdead', 'adm') | first }}"
port: 25 port: 25

30
roles/gitlab/templates/gitlab.rb.j2
View File

@ -505,36 +505,36 @@ EOS
### OmniAuth Settings ### OmniAuth Settings
###! Docs: https://docs.gitlab.com/ee/integration/omniauth.html ###! Docs: https://docs.gitlab.com/ee/integration/omniauth.html
gitlab_rails['omniauth_enabled'] = true #gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['saml'] #gitlab_rails['omniauth_allow_single_sign_on'] = ['saml']
# gitlab_rails['omniauth_sync_email_from_provider'] = 'saml' # gitlab_rails['omniauth_sync_email_from_provider'] = 'saml'
# gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml'] # gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml']
# gitlab_rails['omniauth_sync_profile_attributes'] = ['email'] # gitlab_rails['omniauth_sync_profile_attributes'] = ['email']
# gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml' # gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'
# gitlab_rails['omniauth_block_auto_created_users'] = true # gitlab_rails['omniauth_block_auto_created_users'] = true
gitlab_rails['omniauth_auto_link_ldap_user'] = true #gitlab_rails['omniauth_auto_link_ldap_user'] = true
# gitlab_rails['omniauth_auto_link_saml_user'] = false # gitlab_rails['omniauth_auto_link_saml_user'] = false
# gitlab_rails['omniauth_auto_link_user'] = ['saml'] # gitlab_rails['omniauth_auto_link_user'] = ['saml']
# gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2'] # gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2']
# gitlab_rails['omniauth_allow_bypass_two_factor'] = ['google_oauth2'] # gitlab_rails['omniauth_allow_bypass_two_factor'] = ['google_oauth2']
gitlab_rails['omniauth_providers'] = [ #gitlab_rails['omniauth_providers'] = [
# { # {
# "name" => "google_oauth2", # "name" => "google_oauth2",
# "app_id" => "YOUR APP ID", # "app_id" => "YOUR APP ID",
# "app_secret" => "YOUR APP SECRET", # "app_secret" => "YOUR APP SECRET",
# "args" => { "access_type" => "offline", "approval_prompt" => "" } # "args" => { "access_type" => "offline", "approval_prompt" => "" }
# }, # },
{ # {
"name" => "{{ gitlab.cas_name }}", # "name" => "{{ gitlab.cas_name }}",
"label" => "{{ gitlab.cas_label }}", # "label" => "{{ gitlab.cas_label }}",
"args" => { # "args" => {
"url" => "{{ gitlab.cas_url }}", # "url" => "{{ gitlab.cas_url }}",
"login_url" => "/login", # "login_url" => "/login",
"service_validate_url" => "/p3/serviceValidate", # "service_validate_url" => "/p3/serviceValidate",
"logout_url" => "/logout" # "logout_url" => "/logout"
} # }
} # }
] #]
### FortiAuthenticator authentication settings ### FortiAuthenticator authentication settings
# gitlab_rails['forti_authenticator_enabled'] = false # gitlab_rails['forti_authenticator_enabled'] = false