3 avatar="http://cdn.libravatar.org/avatar/a76f89f70fffde5fbdacaa2a0438d8d9"
5 date="2021-05-06T13:31:21Z"
7 I've managed to make it work with the method described [here](https://ikiwiki.info/plugins/httpauth/).
9 I did not understand at first that an LDAP authentication on the webserver was enough and that ikiwiki would just trust what the webserver returns. Anyway, I replaced nginx with apache2, loaded the modules `authnz_ldap` and `ldap`, and used a configuration like this oneĀ :
12 <Location /~ikiwiki/wiki_name/auth>
15 AuthName \"AuthRequired\"
17 AuthBasicProvider ldap
19 AuthLDAPURL \"ldap://<ldap_fqdn>:389/<searchbase>?uid?sub?<searchfilter>\"
20 AuthLDAPBindDN \"<binddn>\"
21 AuthLDAPBindPassword \"<password>\"
26 As you can see I chose the second option of [the documentation](https://ikiwiki.info/plugins/httpauth/) (separate cgiauthurl), as gitlab must be able to ping the wiki without authentication (as mentioned at the end of [this doc](https://ikiwiki.info/tips/Hosting_Ikiwiki_and_master_git_repository_on_different_machines/)). Unfortunately gitlab doesn't seem to provide a way to set complex post-receive hook (the interface just provides something called \"webhooks\" which just takes an url and not a complete shell command), so I need to investigate further.