diff options
| author | Kevin Lyda <kevin@ie.suberic.net> | 2017-01-22 23:25:20 +0000 |
|---|---|---|
| committer | Niall Sheridan <nsheridan@gmail.com> | 2017-01-25 00:52:02 +0000 |
| commit | 17d06d3003a796c76c7c5d8bfb0cab0aeb1bbf8f (patch) | |
| tree | def71020382848043027bd870cf6bf6fe86763d9 /README.md | |
| parent | f635033e3e953e74d67b76a520c9760786330af5 (diff) | |
Create a gitlab auth source.
Defaults to public gitlab.com, but easily redirected to self-hosted
installation.
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -186,7 +186,7 @@ server { ``` ## auth -- `provider` : string. Name of the oauth provider. Valid providers are currently "google" and "github". +- `provider` : string. Name of the oauth provider. Valid providers are currently "google", "github" and "gitlab". - `oauth_client_id` : string. Oauth Client ID. This can be a secret stored in a [vault](https://www.vaultproject.io/) using the form `/vault/path/key` e.g. `/vault/secret/cashier/oauth_client_id`. - `oauth_client_secret` : string. Oauth secret. This can be a secret stored in a [vault](https://www.vaultproject.io/) using the form `/vault/path/key` e.g. `/vault/secret/cashier/oauth_client_secret`. - `oauth_callback_url` : string. URL that the Oauth provider will redirect to after user authorisation. The path is hardcoded to `"/auth/callback"` in the source. @@ -216,6 +216,9 @@ Supported options: |---------:|-------------:|----------------------------------------------------------------------------------------------------------------------------------------| | Google | domain | If this is unset then you must whitelist individual email addresses using `users_whitelist`. | | Github | organization | If this is unset then you must whitelist individual users using `users_whitelist`. The oauth client and secrets should be issued by the specified organization. | +| Gitlab | siteurl | Optional. The url of the Gitlab site. Default: `https://gitlab.com/api/v3/` | +| Gitlab | allusers | Allow all valid users to get signed keys. Only allowed if siteurl set. | +| Gitlab | group | If `allusers` and this are unset then you must whitelist individual users using `users_whitelist`. Otherwise the user must be a member of this group. | ## ssh - `signing_key`: string. Path to the signing ssh private key you created earlier. See the [note](#a-note-on-files) on files above. |