自託管的gitlab使用Google帳號註冊

2024-6-26 • tag-icon

我正在設定一個 GitLab EE 實例，我想只使用 Google 帳戶啟用註冊程序。我按照這裡的文檔進行操作：https://docs.gitlab.com/ce/integration/google.html和這裡：https://docs.gitlab.com/ce/integration/omniauth.html。

當我嘗試將現有帳戶與 Google 帳戶綁定時，與 Google 的整合工作得很好，它是完美的。

問題是當我嘗試在沒有現有帳戶的情況下使用 Google 進行註冊時，就會拋出錯誤：

不允許在沒有預先存在的 GitLab 帳戶的情況下使用 Google 帳戶登入。

我目前的/etc/gitlab/gitlab.rb配置如下：

### OmniAuth Settings
###! Docs: https://docs.gitlab.com/ce/integration/omniauth.html
gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['google_oauth2']
gitlab_rails['omniauth_sync_email_from_provider'] = 'google_oauth2'
gitlab_rails['omniauth_sync_profile_from_provider'] = ['google_oauth2']
gitlab_rails['omniauth_sync_profile_attributes'] = ['email', 'name', 'location']
gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'google_oauth2'
gitlab_rails['omniauth_block_auto_created_users'] = false
# gitlab_rails['omniauth_auto_link_ldap_user'] = false
# gitlab_rails['omniauth_auto_link_saml_user'] = false
# gitlab_rails['omniauth_external_providers'] = ['google_oauth2']
gitlab_rails['omniauth_providers'] = [
   {
     "name" => "google_oauth2",
     "app_id" => "my-app-id",
     "app_secret" => "my-app-secret",
     "args" => { "access_type" => "offline", "approval_prompt" => "" }
   }
]

我究竟做錯了什麼？ GitLab 甚至可以使用 Google 註冊嗎？

答案1

經過一些配置調整後，我設法找到了一個有效的設定：

### OmniAuth Settings
###! Docs: https://docs.gitlab.com/ce/integration/omniauth.html
gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['google_oauth2']
# gitlab_rails['omniauth_sync_email_from_provider'] = 'google_oauth2'
gitlab_rails['omniauth_sync_profile_from_provider'] = ['google_oauth2']
# gitlab_rails['omniauth_sync_profile_attributes'] = ['email']
# gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'google_oauth2'
gitlab_rails['omniauth_block_auto_created_users'] = false
gitlab_rails['omniauth_auto_link_ldap_user'] = true
# gitlab_rails['omniauth_auto_link_saml_user'] = false
# gitlab_rails['omniauth_external_providers'] = ['google_oauth2']
gitlab_rails['omniauth_providers'] = [
   {
     "name" => "google_oauth2",
     "app_id" => "<APP_ID>",
     "app_secret" => "<APP_SECRET>",
     "args" => { "access_type" => "offline", "approval_prompt" => "" }
   }
]

答案2

我對設定有疑問，現有使用者會成為問題嗎？

我需要取消註解嗎：

gitlab_rails['omniauth_sync_email_from_provider'] = 'google_oauth2'

我沒有這條線，這是個問題嗎：

gitlab_rails['omniauth_sync_profile_from_provider'] = ['google_oauth2']

我這麼問是因為我不想弄亂所有現有的評論、用戶等！

此致

答案1

答案2

相關內容