Fatal编程技术网
  • gitlab/
  • Gitlab 无法使用LDAP在HTTPS中克隆,错误500

Gitlab 无法使用LDAP在HTTPS中克隆,错误500

gitlab

Gitlab 无法使用LDAP在HTTPS中克隆,错误500,gitlab,Gitlab,我已经在Docker中设置了一个Gitlab实例,它运行在一个NGINX反向代理之后。 到目前为止,一切都很顺利,除了我尝试使用LDAP进行身份验证以克隆repo时 当我尝试使用LDAP帐户进行克隆时,收到以下消息: $ git clone https://gitlab.mycompany.local/group/repo_name.git Cloning into 'repo_name'... fatal: unable to access 'https://gitlab.mycompany.

我已经在Docker中设置了一个Gitlab实例,它运行在一个NGINX反向代理之后。 到目前为止,一切都很顺利,除了我尝试使用LDAP进行身份验证以克隆repo时

当我尝试使用LDAP帐户进行克隆时,收到以下消息:

$ git clone https://gitlab.mycompany.local/group/repo_name.git
Cloning into 'repo_name'...
fatal: unable to access 'https://gitlab.mycompany.local/group/repo_name.git': The requested 
URL returned error: 500
通过一个固定的本地帐户,一切正常:

$ git clone https://gitlab.mycompany.local/group/repo_name.git
Cloning into 'repo_name'...
remote: Enumerating objects: 594, done.
remote: Counting objects: 100% (594/594), done.
remote: Compressing objects: 100% (281/281), done.
remote: Total 1915 (delta 534), reused 341 (delta 313), pack-reused 1321
Receiving objects: 100% (1915/1915), 2.98 MiB | 5.33 MiB/s, done.
Resolving deltas: 100% (1698/1698), done.
以下是我的Gitlab信息:

System information
System:
Current User:   git
Using RVM:      no
Ruby Version:   2.6.5p114
Gem Version:    2.7.10
Bundler Version:1.17.3
Rake Version:   12.3.3
Redis Version:  5.0.7
Git Version:    2.24.1
Sidekiq Version:5.2.7
Go Version:     unknown

GitLab information
Version:        12.7.0
Revision:       680a5284470
Directory:      /opt/gitlab/embedded/service/gitlab-rails
DB Adapter:     PostgreSQL
DB Version:     10.9
URL:            https://gitlab.mycompany.local
HTTP Clone URL: https://gitlab.mycompany.local/some-group/some-project.git
SSH Clone URL:  ssh://git@gitlab.mycompany.local:9022/some-group/some-project.git
Using LDAP:     yes
Using Omniauth: yes
Omniauth Providers:

GitLab Shell
Version:        11.0.0
Repository storage paths:
- default:      /var/opt/gitlab/git-data/repositories
GitLab Shell path:              /opt/gitlab/embedded/service/gitlab-shell
Git:            /opt/gitlab/embedded/bin/git
这是我的docker-compose.yml文件:

version: '3'

services:
    gitlab:
        image: gitlab/gitlab-ce:latest
        restart: always
        container_name: gitlab
        environment:
          GITLAB_OMNIBUS_CONFIG: |
            external_url 'https://gitlab.mycompany.local'
            nginx['listen_port'] = 80
            nginx['listen_https'] = false
            nginx['real_ip_trusted_addresses'] = [ 'REDACTED' ]
            nginx['real_ip_header'] = 'X-Forwarded-For'
            nginx['real_ip_recursive'] = 'on'
            gitlab_rails['gitlab_shell_ssh_port'] = 9022
            gitlab_rails['ldap_enabled'] = true
            gitlab_rails['ldap_servers'] = YAML.load <<-EOS
            main:
              label: 'LDAP'
              host: REDACTED
              port: 389
              uid: 'sAMAccountName'
              bind_dn: 'REDACTED'
              password: "REDACTED"
              active_directory: true
              base: 'DC=mycompany,DC=local'
            EOS

        ports:
            - '5802:80'
            - '5902:443'
            - '9022:22'
        volumes:
            - '/srv/gitlab/config:/etc/gitlab'
            - '/srv/gitlab/logs:/var/log/gitlab'
            - '/srv/gitlab/data:/var/opt/gitlab'
这真的很奇怪,因为在WebUI中,一切都很好,我可以用一个广告帐户登录,没有问题

任何帮助都将不胜感激:)。
谢谢

我认为您缺少LDAP配置中的
加密:“普通”

我认为您缺少LDAP配置中的
加密:“普通”

Completed 500 Internal Server Error in 85ms (ActiveRecord: 4.5ms | Elasticsearch: 0.0ms)

ArgumentError (encryption or method MUST be provided):

lib/gitlab/auth/ldap/authentication.rb:40:in `new'
lib/gitlab/auth/ldap/authentication.rb:40:in `adapter'
lib/gitlab/auth/ldap/authentication.rb:29:in `login'
lib/gitlab/auth.rb:98:in `block (2 levels) in find_with_user_password'
lib/gitlab/auth.rb:97:in `each'
lib/gitlab/auth.rb:97:in `find'
lib/gitlab/auth.rb:97:in `block in find_with_user_password'
lib/gitlab/auth/unique_ips_limiter.rb:19:in `limit_user!'
lib/gitlab/auth.rb:74:in `find_with_user_password'
lib/gitlab/auth.rb:159:in `user_with_password_for_git'
lib/gitlab/auth.rb:53:in `find_for_git_client'
app/controllers/projects/git_http_client_controller.rb:105:in `handle_basic_authentication'
app/controllers/projects/git_http_client_controller.rb:38:in `authenticate_user'
lib/gitlab/i18n.rb:55:in `with_locale'
lib/gitlab/i18n.rb:61:in `with_user_locale'
app/controllers/application_controller.rb:461:in `set_locale'
lib/gitlab/application_context.rb:18:in `with_context'
app/controllers/application_controller.rb:453:in `set_current_context'
lib/gitlab/error_tracking.rb:34:in `with_context'
app/controllers/application_controller.rb:545:in `sentry_context'
lib/gitlab/middleware/rails_queue_duration.rb:27:in `call'
lib/gitlab/metrics/rack_middleware.rb:17:in `block in call'
lib/gitlab/metrics/transaction.rb:62:in `run'
lib/gitlab/metrics/rack_middleware.rb:17:in `call'
lib/gitlab/request_profiler/middleware.rb:17:in `call'
lib/gitlab/middleware/go.rb:20:in `call'
lib/gitlab/etag_caching/middleware.rb:13:in `call'
lib/gitlab/middleware/multipart.rb:117:in `call'
lib/gitlab/middleware/read_only/controller.rb:48:in `call'
lib/gitlab/middleware/read_only.rb:18:in `call'
lib/gitlab/middleware/basic_health_check.rb:25:in `call'
lib/gitlab/middleware/request_context.rb:23:in `call'
config/initializers/fix_local_cache_middleware.rb:9:in `call'
lib/gitlab/metrics/requests_rack_middleware.rb:49:in `call'
lib/gitlab/middleware/release_env.rb:12:in `call'