Rewrite init script (#178)

These changes rewrite the init script to be error aware, informative and have a bit more security awareness. During rewrite several hidden bugs could be identified and fixed, such as: - LDAP configuration options interpreted by the shell before passed to command - Finding multiple ldap ids instead of one during lookup when their names are almost identical e.g. `_my-ldap-auth` and `my-ldap-auth` - Properly filter auth sources by their types to prevent unintended type converting attempts that fail In addition to that the script is a bit cleaner. Some commands do not exist anymore and would cause false-positive errors during script execution. Helps for: #149 Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/178 Reviewed-by: luhahn <luhahn@noreply.gitea.io> Reviewed-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io> Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-06-30 04:09:16 +08:00
parent 6a6eb35106
commit 9059229acb
4 changed files with 130 additions and 41 deletions
--- a/README.md
+++ b/README.md
@ -356,6 +356,14 @@ gitea:
      existingSecret: gitea-ldap-secret
 ```

+:warning: Some options are just flags and therefore don't any values. If they are defined in `gitea.ldap` configuration, they will be passed to the gitea cli without any value. Affected options:
+
+- notActive | not-active
+- skipTlsVerify | skip-tls-verify
+- allowDeactivateAll | allow-deactivate-all
+- synchronizeUsers | synchronize-users
+- attributesInBind | attributes-in-bind
+
 ### OAuth2 Settings

 Like the admin user, OAuth2 settings can be updated and disabled but not deleted. Deleting OAuth2 settings has to be done in the ui.