From e920a10a5c15b53683ee5caff122ec9378032cd5 Mon Sep 17 00:00:00 2001
From: Jonas Gunz <himself@jonasgunz.de>
Date: Sat, 9 Oct 2021 19:04:39 +0200
Subject: gitea: WIP

---
 roles/gitea/tasks/ldap.yml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 roles/gitea/tasks/ldap.yml

(limited to 'roles/gitea/tasks/ldap.yml')

diff --git a/roles/gitea/tasks/ldap.yml b/roles/gitea/tasks/ldap.yml
new file mode 100644
index 0000000..75a561f
--- /dev/null
+++ b/roles/gitea/tasks/ldap.yml
@@ -0,0 +1,28 @@
+---
+- name: Check if LDAP is installed
+  command: gitea --config /etc/gitea/app.ini --work-path /var/lib/gitea admin auth list
+  become_user: git
+  become: yes
+  register: check_ldap
+
+- name: Configure LDAP Login provider
+  command:
+    cmd: >-
+      gitea --config /etc/gitea/app.ini --work-path /var/lib/gitea admin auth add-ldap
+      --name ldap-prod
+      --security-protocol "{{ gitea.ldap.security }}"
+      --host "{{ gitea.ldap.host }}"
+      --port "{{ gitea.ldap.port }}"
+      --bind-dn "{{ gitea.ldap.base_dn }}"
+      --bind-password "{{ gitea.ldap.bind_pw }}"
+      --user-search-base "{{ gitea.ldap.user_search_base }}"
+      --user-filter "{{ gitea.ldap.user_filter }}"
+      --admin-filter "{{ gitea.ldap.admin_filter }}"
+      --username-attribute "{{ gitea.ldap.username_attribute }}"
+      --firstname-attribute "{{ gitea.ldap.firstname_attribute }}"
+      --surname-attribute "{{ gitea.ldap.surname_attribute }}"
+      --email-attribute "{{ gitea.ldap.email_attribute }}"
+      --synchronize-users
+  become_user: git
+  become: yes
+  when: not check_ldap.stdout | regex_search("ldap-prod")
-- 
cgit v1.2.3