Ldap setup jellyfin

2026-05-14 17:18:39 +02:00
parent c23ad28f85
commit 143ea35dc1
3 changed files with 31 additions and 40 deletions
--- a/modules/server/containers/apps/gitea.nix
+++ b/modules/server/containers/apps/gitea.nix
@@ -129,10 +129,11 @@ in {


      ${lib.optionalString (serverCfg.containers ? authentik) ''
-      $GT admin auth delete --id 1
-      $GT admin auth add-ldap --name Authentik --host ${builder.host} --port 636 --security-protocol ldaps \
+      $GT admin auth add-ldap --name Authentik --host authentik-ldap --port 6636 --security-protocol ldaps --skip-tls-verify \
          --bind-dn "cn=ldap-service,ou=users,${LDAP_DC_DOMAIN}" --bind-password $DEFAULT_LDAP_PASSWORD \
-          --user-search-base "ou=users,${LDAP_DC_DOMAIN}" --user-filter "(|(username=%s)(email=%s))" \
+          --user-search-base "ou=users,${LDAP_DC_DOMAIN}" \
+          --user-filter "(&(objectClass=user)(|(uid=%[1]s)(mail=%[1]s)))" \
+          --admin-filter "(memberOf=cn=admin,ou=groups,${LDAP_DC_DOMAIN})" \
          --username-attribute "username" --firstname-attribute "givenName" --surname-attribute "sn" --email-attribute "mail" \
          --synchronize-users
      ''}