Skip to content

Gitea

It was required ot have a place that allow to keep source code and allow collaboration on it for …

  • software projects

  • service configuration

  • infrastructure definition

The target audience is developers and administrators.

Restrictions

Due to security concerns access to all infrastructure related projects is restricted to selected users of the IT Hubs operations team.

Authentication and authorization

The service is backed by LDAP. Users are eagerly fetched from the LDAP service.

Due to the fact that real names are used for the accounts it'll be impossible to open the service to the public. For that pupose a second instance would be required.

Admin permissions

To differentiate the roles (user / admin) Gitea is expecting the memberOf attribute, which ApacheDS doesn't support. Thus it's required to store a magic flag in an unsued LDAP attribute:

manager=uid=git,ou=bind,ou=ecg

All admin users can thus be listed with this command:

ldapsearch "(manager=uid=git,ou=bind,ou=ecg)"