]>
git.immae.eu Git - perso/Immae/Config/Nix.git/blob - systems/eldiron/gitolite/ldap_gitolite.sh
1 ### This snippet is not standalone and must be integrated in the global ldap_authorized_keys.sh
2 LDAP_GITOLITE_MEMBER
= "@gitolite_ldap_group@"
3 GITOLITE_SHELL
= "@gitolite_shell_path@"
5 if [[ $user == gitolite
]]; then
6 allowed_logins
= $
( LDAP_BASE
= $USER_LDAP_BASE \
7 ldap_search
'(memberOf=' $LDAP_GITOLITE_MEMBER ')' '' \
9 | sed -e "s/^dn: uid=\([^,]*\),.* $USER_LDAP_BASE $/'\1'/" \
12 psql_search
"SELECT login, key FROM ldap_users_ssh_keys WHERE realm = 'immae' AND 'git' = ANY(usage) AND login IN ( $allowed_logins );" | while IFS
= '|' read user key
; do
13 if [[ $user == "immae" ]] || [[ $user == "denise" ]]; then
14 # Capitalize first letter (backward compatibility)
15 user
= $(sed -r 's/^([a-z]) / \U\
1 / ' <<< " $user ")
17 if [ ! -z " $key " ]; then
18 if [[ $key != *$' \n '* ]] && [[ $key == ssh-* ]]; then
19 echo -n ' command = "' $GITOLITE_SHELL ' ' $user '" , no
-port-forwarding , no
-X11-forwarding , no
-agent-forwarding , no
-pty '