Modifying gitolite usernames to not be redmine_username_int_int

[syphernl]

My setup is:

• Nginx (for git only + proxy to redmine's webserver)
• Puma webserver for Redmine

This plugin has been installed and configured. Repo's are being generated properly and I'm very close to getting this to work as it should.

The webserver authentication (trough pam => LDAP) works and the username is properly forwarded to gitolite. However, because the permissions in the gitolite configuration are "redmine_username_integer_integer" and not "username" the user does not have permission to do anything with it. I manually updated the gitolite.conf-compiled.pm file and the access list when requesting it via the browser shows all repo's.

Why is it using this format and can it be changed somehow? I don't see why stuff needs explicit redmine_.... tagged to it.

[n-rodriguez]

Actually I don't understand your configuration.
Who does the LDAP authentication? Nginx? Redmine?
Who serves Git repo? Nginx with git_smart_http ? SSH?

[syphernl]

Nginx does the validation of the credentials and lets gitolite deal with the validation.

Since there was a mention of smart http I assumed this would just work. How would smart http work otherwise in regards to serving and validating credentials?

I have made an adjustment to the file which generates the gitolite conf and adds in the account username (and the key if set) but its a bit hackish I guess...

[n-rodriguez]

Why not let Redmine deals with LDAP authentication?
Smart HTTP is provided by the plugin. All you have to do is to grab the repo HTTP url in Redmine and do git clone http://xxx.
Credentials used for Smart HTTP are the ones used by Redmine (login/password).
I store them in Redmine MySQL database, but I think this should work with LDAP.

[syphernl]

Because redmine is either a fcgi process or one running under something like puma as in my case.

Nicolas [email protected]:

Why not let Redmine deals with LDAP authentication?
Smart HTTP is provided by the plugin. All you have to do is to grab the repo HTTP url in Redmine and do git clone http://xxx

—
Reply to this email directly or view it on GitHub.

[n-rodriguez]

You mean you don't have Redmine LDAP authentication system?

[syphernl]

I do, but there is no link between gitolite and red mine?

Nicolas [email protected]:

You mean you don't have Redmine LDAP authentication system?

—
Reply to this email directly or view it on GitHub.

[n-rodriguez]

Of course there is a link! through this plugin ^^

Actually this plugin manages repos, ssh users keys, and users rights on repo.
To do this, it clones the gitolite admin repo in tmp dir, does modifications on gitolite file 'conf/gitolite.conf', add ssh keys in 'keydir' when necessary, then commits and pushes the modifications.

Everything is handled.
All you have to do is to create users in Redmine (or LDAP), assign them to projects, and create repositories.
I don't think you even need to assing ssh keys to users thanks to the Smart HTTP server embeded.