In our previous guide you have learned to Install and Configure GitLab on CetnOS 8. Today we are going to learn that How we can configure FreeIPA LDAP Authentication.
What is FreeIPA ?
FreeIPA is an Open source Identity management system sponsored by RedHat. GitLab is fully-featured platform for the development of different types of software’s providing features like integrated CI/CD, Auto DevOps, Kubernetes integration, GitLab Container Registry e.t.c. By leveraging FreeIPA advanced user management features, it becomes easy to manage user access to your GitLab server. You don’t have to create users manually on GitLab Server, which can be tedious for large companies.
Configuring GitLab FreeIPA Authentication
- GitLab Server (running)
- FreeIPA Server (running)
Move toward the configuration of GitLab FreeIPA authentication. Simply follow the given steps
Step 1: Create LDAP Bind user on FreeIPA
First of all you will require a user for binding to FreeIPA Server. Go to the FreeIPA Server and create a user called gitlab.
Navigate to Identity>Users>Add to add a new user.
Provide details as required and then click on “Add” button. If you want to add another user or want to edit user specification click on the associated buttons.
Step 2: Configuring GitLab Server
For users who don’t have a domain name for FreeIPA Server Configured on DNS, can add the line to /etc/hosts file.
echo "192.168.3.10 ipa.example.com" | sudo tee -a /etc/hosts
Now, edit /etc/gitlab/gitlab.rb & enable LDAP
gitlab_rails['ldap_enabled'] = true
At the end, create the YAML file to hold the IPA connection settings.
sudo vim /etc/gitlab/freeipa_settings.yml
Do similar configuration like below:
Note: Replace the mentions with your’s
ipa.example.com = FreeIPA Server hostname
All appearances of example & com with with your FreeIPA Server domain components.
gitlabuserpassword with your GitLab user password.
Save the file then reconfigure GitLab.
sudo gitlab-ctl reconfigure.
Step 3: Login to GitLab via FreeIPA
As you finished configuring, it’s time to login to GitLab server. Provide the credentials as on FreeIPA server to login.
Click Sign in to continue to the Dashboard.