Comments (6)
I've resorted to using the older format entries, since at least those will override a badly-formed ldap_servers entry.
from puppet-gitlab.
You're missing a level of definition. You need to have the configuration under the name of a specific server. (main
).
class {'gitlab':
gitlab_rails = > {
ldap_enabled => true,
ldap_servers => {
main => { <--you're missing this block in your definition based on your output
active_directory => true,
....
}
}
}
}
from puppet-gitlab.
This appears to have broken LDAP in 1.11.0... it worked fine in 1.10.0
Here is the change during the run... you can see it's adding extra EOS where it shouldn't:
-gitlab_rails['ldap_servers'] = YAML.load <<-'EOS' # remember to close this block with 'EOS' below
- main: # 'main' is the GitLab 'provider ID' of this LDAP server
- label: 'LDAP'
- host: 'ldap.domain.loc'
- port: 636
- uid: 'sAMAccountName'
- method: 'ssl' # "tls" or "ssl" or "plain"
- bind_dn: 'CN=gitlab,OU=Users,DC=domain,DC=loc'
- password: 'Password'
- active_directory: true
- allow_username_or_email_login: true
- block_auto_created_users: false
- base: 'DC=domain,DC=loc'
-# user_filter: ''
-# ## EE only
-# group_base: ''
-# admin_group: ''
-# sync_ssh_keys: false
+gitlab_rails['ldap_servers'] = YAML.load <<-EOS
+--- |
+ YAML.load <<-'EOS' # remember to close this block with 'EOS' below
+ main: # 'main' is the GitLab 'provider ID' of this LDAP server
+ label: 'LDAP'
+ host: 'ldap.domain.loc'
+ port: 636
+ uid: 'sAMAccountName'
+ method: 'ssl' # "tls" or "ssl" or "plain"
+ bind_dn: 'CN=gitlab,OU=Users,DC=domain,DC=loc'
+ password: 'Password'
+ active_directory: true
+ allow_username_or_email_login: true
+ block_auto_created_users: false
+ base: 'DC=domain,DC=loc'
+ # user_filter: ''
+ # ## EE only
+ # group_base: ''
+ # admin_group: ''
+ # sync_ssh_keys: false
+ EOS
EOS
-
Here was the working Hiera that worked in 1.10.0 just fine:
---
gitlab::gitlab_rails:
ldap_servers: |
YAML.load <<-'EOS' # remember to close this block with 'EOS' below
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'LDAP'
host: 'ldap.domain.loc'
port: 636
uid: 'sAMAccountName'
method: 'ssl' # "tls" or "ssl" or "plain"
bind_dn: 'CN=gitlab,OU=Users,DC=domain,DC=loc'
password: 'Password'
active_directory: true
allow_username_or_email_login: true
block_auto_created_users: false
base: 'DC=domain,DC=loc'
# user_filter: ''
# ## EE only
# group_base: ''
# admin_group: ''
# sync_ssh_keys: false
EOS
from puppet-gitlab.
problem is rolling back to 1.10.0 removes the gitlab_systemd.rb
which apparently is needed:
Info: Class[Gitlab::Service]: Scheduling refresh of Service[gitlab-runsvdir]
Notice: /Stage[main]/Gitlab::Service/File[/etc/init.d/gitlab-runsvdir]/ensure: created
Error: /Stage[main]/Gitlab::Service/Service[gitlab-runsvdir]: Failed to call refresh: Systemd restart for gitlab-runsvdir failed!
journalctl log for gitlab-runsvdir:
-- No entries --
Error: /Stage[main]/Gitlab::Service/Service[gitlab-runsvdir]: Systemd restart for gitlab-runsvdir failed!
journalctl log for gitlab-runsvdir:
-- No entries --
Is there anyway to roll back the 1.11.0 break for LDAP but fix the gitlab-runsvdir issue here? Maybe a 1.10.1 release? or 1.12.0?
from puppet-gitlab.
I can confirm that this is closed by 1.13.3 release.
from puppet-gitlab.
Thanks for confirming, we'll close this issue then.
from puppet-gitlab.
Related Issues (20)
- The GitLab config file resource should not show diffs
- Inconsistencies comparing with my local installation
- gitlab_rails['ldap_servers'] question HOT 1
- nginx still not documented HOT 3
- inspect escaping node variable HOT 3
- backup cron job should be purged if backup_cron_enable is false
- support global hook http(s) source.
- Create projects? HOT 5
- Discussion on adding custom resources types to manage tokens, users, groups, projects HOT 11
- gitlab.rb needs updating for deprecated geo options
- Update documentation to reflect gitlab_rails server name bug in Gitlab CE LDAP Configuration
- repo_gpgcheck fails HOT 1
- Gitab.rb sidekiq queue_groups array quoted.
- backup archive permissions are interpreted as octal value HOT 3
- no option to specify package repo proxy
- unable to specify listen_port and listen_https HOT 4
- gitlab_sshd support in the omnibus config HOT 1
- Is the store_git_keys_in_db parameter still required or functionality valid?
- puppetlabs-stdlib HOT 2
- Gitaly configuration uses keys
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from puppet-gitlab.