+[[!comment format=mdwn
+ username="ac_w"
+ avatar="http://cdn.libravatar.org/avatar/a76f89f70fffde5fbdacaa2a0438d8d9"
+ subject="Solution"
+ date="2021-05-06T13:31:21Z"
+ content="""
+I've managed to make it work with the method described [here](https://ikiwiki.info/plugins/httpauth/).
+
+I did not understand at first that an LDAP authentication on the webserver was enough and that ikiwiki would just trust what the webserver returns. Anyway, I replaced nginx with apache2, loaded the modules `authnz_ldap` and `ldap`, and used a configuration like this oneĀ :
+
+```
+<Location /~ikiwiki/wiki_name/auth>
+ order allow,deny
+ allow from all
+ AuthName \"AuthRequired\"
+ AuthType Basic
+ AuthBasicProvider ldap
+
+ AuthLDAPURL \"ldap://<ldap_fqdn>:389/<searchbase>?uid?sub?<searchfilter>\"
+ AuthLDAPBindDN \"<binddn>\"
+ AuthLDAPBindPassword \"<password>\"
+ require valid-user
+</Location>
+```
+
+As you can see I chose the second option of [the documentation](https://ikiwiki.info/plugins/httpauth/) (separate cgiauthurl), as gitlab must be able to ping the wiki without authentication (as mentioned at the end of [this doc](https://ikiwiki.info/tips/Hosting_Ikiwiki_and_master_git_repository_on_different_machines/)). Unfortunately gitlab doesn't seem to provide a way to set complex post-receive hook (the interface just provides something called \"webhooks\" which just takes an url and not a complete shell command), so I need to investigate further.
+"""]]