tynet-lichat/stevenchan - IRC Chatlog
Search
Friday, 10th of August 2018, 15:56:18 UTC
21:30:45
shinmera
Idk why this is being a pain in the ass
21:30:52
shinmera
I also don't see why it wouldn't allow you to log in
21:31:05
shinmera
as far as I understand gitlab's LDAP thingy it should automatically create an account if it doesn't exist
21:31:07
mood
Maybe there's a hidden password length limit there as well?
21:31:35
shinmera
Anyway I didn't change the gitlab config but now logging in gives me a 500
21:31:45
shinmera
so clearly gitlab's a stable, mature, and well programmed piece of software
21:33:01
shinmera
ERROR -- omniauth: (ldapmain) Authentication failure! ldap_error: NoMethodError, undefined method `id' for nil:NilClass
21:35:20
shinmera
what the fuck does that even mena
21:35:40
mood
It's essentially a null pointer exception
21:35:56
mood
And a nicely hidden one at that
21:36:44
shinmera
gonna try upgrading, doubt that'll help, but w/e
21:37:33
mood
Looks like it's thrown from here: https://github.com/omniauth/omniauth-ldap/blob/master/lib/omniauth/strategies/ldap.rb#L48
21:37:34
Colleen
github.com/omniauth/omniaut... Website (HTML), Title: omniauth-ldap/ldap.rb at master · omniauth/omniauth-ldap · GitHub
21:37:34
Colleen
github.com/omniauth/omniaut... Website (HTML), Title: omniauth-ldap/ldap.rb at master · omniauth/omniauth-ldap · GitHub
21:37:46
mood
But that doesn't tell us where the error above it happens
21:44:17
shinmera
Still waitin' for that update
21:50:14
shinmera
gitlab-rake gitlab:ldap:check --trace succeeds
21:50:54
mood
If I try now I get a "normal" 500
21:51:04
shinmera
also I think the way I handled it was that I need to grant people membership in ldap to access gitlab
21:52:17
mood
Well the errors are gone, I just land back on the login page
21:53:11
shinmera
I changed the config urls to https too
21:53:41
shinmera
lemme undo that I guess
21:53:54
mood
Hmm, mine redirects to https properly
21:54:29
shinmera
I did not want to do this before going to bed
21:55:51
shinmera
Ah- I think it doesn't like it when the internal_api url is https, rather than http
21:56:01
shinmera
Good that it shows this with such easily comprehensible errors tho
21:57:32
shinmera
the external url being https fucks the login
21:57:41
mood
Cloudflare is so good: "because the site uses Cloudflare's Always Online™ technology you can continue to surf a snapshot of the site." followed by a full Error 502 page
21:57:53
mood
I suppose GitLab is behind nginx?
21:58:11
shinmera
but I guess we ain't doin' http for it fuck gitlab
21:58:20
mood
nginx['listen_port'] = 80
nginx['listen_https'] = false
nginx['proxy_set_headers'] = {
"X-Forwarded-Proto" => "https",
"X-Forwarded-Ssl" => "on"
} ?
21:58:49
shinmera
I don't use the bundled nginx
21:59:12
mood
Not at all? I have an external nginx forwarding to the bundled one
21:59:14
shinmera
But no, the login breaks if external_url in gitlab.rb is https://gitlab.tymoon.eu
21:59:26
shinmera
nginx['enable'] = false
22:00:03
shinmera
I already have a double-whammy going on with nginx
22:00:35
shinmera
the primary nginx sits on string, and there's another nginx on fermion for local things, which is where gitlab's at
22:01:03
shinmera
fermion's nginx is just 80, string's nginx takes care of the https
22:02:27
shinmera
I'll add the forwarded proto header, maybe that'll help who knows
22:10:14
shinmera
aight no https for gitlab, I'm done wasting time
22:11:12
shinmera
anyhoo if you actually want gitlab on tynet, let me know and I'll throw you in on ldap
22:11:30
shinmera
imma take a shower now
22:11:35
mood
I don't really need it. There's gitlab.joram.io :)
22:12:22
mood
It's finally raining properly here, I feel like going outside to get a different shower experience
22:25:34
shinmera
Anyway, yeah, good night!
Saturday, 11th of August 2018, 3:56:18 UTC