mirror of
https://github.com/rocky-linux/infrastructure
synced 2024-12-22 19:08:30 +00:00
commit
16badc34c8
@ -58,6 +58,7 @@
|
|||||||
loop:
|
loop:
|
||||||
- httpd_can_network_connect
|
- httpd_can_network_connect
|
||||||
- httpd_can_network_relay
|
- httpd_can_network_relay
|
||||||
|
- httpd_can_connect_ldap
|
||||||
- httpd_read_user_content
|
- httpd_read_user_content
|
||||||
|
|
||||||
- name: Change fcontext to GitLab unix socket for nginx
|
- name: Change fcontext to GitLab unix socket for nginx
|
||||||
|
@ -5,5 +5,6 @@ rocky_ldap_group_basedn: "cn=groups,cn=accounts,dc=rockylinux,dc=org"
|
|||||||
rocky_ldap_account_basedn: "cn=accounts,dc=rockylinux,dc=org"
|
rocky_ldap_account_basedn: "cn=accounts,dc=rockylinux,dc=org"
|
||||||
# Requires jinja 2.9+
|
# Requires jinja 2.9+
|
||||||
rocky_ipaserver_list: "{{ groups['ipaserver'] + groups['ipareplicas'] }}"
|
rocky_ipaserver_list: "{{ groups['ipaserver'] + groups['ipareplicas'] }}"
|
||||||
|
rocky_ipaserver_lb: "ipa-lb.rockylinux.org"
|
||||||
# This will need to be vaulted
|
# This will need to be vaulted
|
||||||
rocky_ldap_bind_pw: "{{ ipa_binder_password }}"
|
rocky_ldap_bind_pw: "{{ ipa_binder_password }}"
|
||||||
|
@ -21,7 +21,7 @@ gitlab_ssl_key: "/etc/nginx/ssl/{{ gitlab_domain }}.key"
|
|||||||
|
|
||||||
# LDAP Configuration
|
# LDAP Configuration
|
||||||
gitlab_ldap_enabled: "true"
|
gitlab_ldap_enabled: "true"
|
||||||
gitlab_ldap_host: "{{ rocky_ipaserver_list[0] }}"
|
gitlab_ldap_host: "{{ rocky_ipaserver_lb }}"
|
||||||
gitlab_ldap_port: "389"
|
gitlab_ldap_port: "389"
|
||||||
gitlab_ldap_uid: "uid"
|
gitlab_ldap_uid: "uid"
|
||||||
gitlab_ldap_method: "start_tls"
|
gitlab_ldap_method: "start_tls"
|
||||||
|
Loading…
Reference in New Issue
Block a user