I'm new to setting up Gitlab.
I have used the VSHN puppet module to install Gitlab in AWS.
The Gitlab server is running fine but the email invite is not working for anyone.
I have used the following configuration in site.pp file.
node 'client-ip-address' {
class { 'gitlab':
external_url => 'http://client-ip-address',
}
}
Could anyone please tell me what configuration is required to set up email notification?
Depending on your method of email, it will be configured with the gitlab rails option configuration documented here: https://github.com/vshn/puppet-gitlab/blob/master/README.md#usage
Documentation on examples for various email providers here: https://docs.gitlab.com/omnibus/settings/smtp.html#example-configuration
For example, the most basic one:
class { 'gitlab':
external_url => 'http://gitlab.mydomain.tld',
gitlab_rails => {
'smtp_enable' => true,
},
}
For gmail:
class { 'gitlab':
external_url => 'http://gitlab.mydomain.tld',
gitlab_rails => {
'smtp_address' => "smtp.gmail.com"
'smtp_port' => 587
'smtp_user_name' => "my.email#gmail.com"
'smtp_password' => "my-gmail-password"
'smtp_domain' => "smtp.gmail.com"
'smtp_authentication' => "login"
'smtp_enable_starttls_auto' => true
'smtp_tls' => false
'smtp_openssl_verify_mode' => 'peer'
},
}
Related
I am trying to set up a application that will use PHPMailer with Gmail API functionality.
I have written my program and tested it and it worked great. The last step for me was to see if I could make the system a bit more secure and follow best practices by only requesting the scope that is needed.
This version of the code works.
$params = [
'clientId' => $clientKeys['clientID'],
'clientSecret' => $clientKeys['secretKey'],
'redirectUri' => $oauth2redirectURI,
'accessType' => 'offline'
];
$provider = new Google($params);
$options = [
'scope' => [
'https://mail.google.com/'
]
];
However, when I reduce the scope to this:
$params = [
'clientId' => $clientKeys['clientID'],
'clientSecret' => $clientKeys['secretKey'],
'redirectUri' => $oauth2redirectURI,
'accessType' => 'offline'
];
$provider = new Google($params);
$options = [
'scope' => [
'https://www.googleapis.com/auth/gmail.send'
]
];
The initial authorization works to get the refresh token and such.
However, PHPMailer no longer is able to send any messages as that user. Instead when attempting to send email messages, PHPMailer throws the following error:
SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting1
I am a linux server administrator so I don't have nodejs programming experience.
The problem is that I installed nodejs for a specific laravel script for a mobile chat.
Now that I've configured everything and nodejs is running and web socket is also opened the script works but when new users signup they do it successfully while when trying to login an error (cat error) comes up.
I have verified that new signed up users added to db and that web socket is opened but I don't know why when users try to login it throws an error.
As server administrator I have checked all log files but I get nothing related to the problem.
Also enabled mysql query log and found that a sql query is already sent to mysql when trying to sign in with new created account
But I don't know why users can't sign in, that's why I suspect the backend server is not working.
Here are the lines of codes in "server.js" that is related to the problem
this.handleDisconnection(), this.store.revealNames.register(this.user).catch(e => {}), this.handler(o.enc({
publicMessageId: s,
error: !1,
grantedSettings: this.user.grantedSettings(),
posts: this.store.wall.all(),
rooms: this.store.rooms.all().map(e => e.parse(this.user, this.store.users)),
users: this.store.users.filter(e => e.canBeSeenBy(this.user)).map(e => e.parse()),
gifts: this.store.gifts.all(),
faces: this.store.faces.all(),
user: this.user.parse()
})), this.store.radio.startListening(this.user)
}).catch(e => {
this.user.isLogged = !1;
const t = {
error: !0,
message: "Øدث خطأ أثناء تسجيل الدخول, الرجاء إعادة المØاولة"
};
try {
if (e.response.data.name) return t.message = e.response.data.name, this.handler(o.enc(t));
if (e.response.data.is_friendly_message && e.response.data.message) return t.message = e.response.data.message, this.handler(o.enc(t))
} catch (e) {
return this.user.isLogged = !1, this.handler(o.enc(t))
}
t.data.user.adminToken && this.store.adminTokens.push(t.data.user.adminToken), this.handleDisconnection(), this.user.isVirtual ? (this.store.virtualUserIds.push(this.user.reg_id), this.handler(t.data.user.defaultRoom)) : (this.store.revealNames.register(this.user).catch(e => {}), this.handler(o.enc({
publicMessageId: r,
error: !1,
cookie: e,
grantedSettings: this.user.grantedSettings(),
posts: this.store.wall.all(),
rooms: this.store.rooms.all().map(e => e.parse(this.user, this.store.users)),
users: this.store.users.filter(e => e.canBeSeenBy(this.user)).map(e => e.parse()),
gifts: this.store.gifts.all(),
faces: this.store.faces.all(),
user: this.user.parse()
})), this.store.radio.startListening(this.user))
}).catch(e => {
this.user.isLogged = !1;
const t = {
error: !0,
message: "Øدث خطأ أثناء تسجيل الدخول, الرجاء إعادة المØاولة"
};
try {
if (e.response.data.name) return t.message = e.response.data.name, this.handler(o.enc(t));
if (e.response.data.password) return t.message = e.response.data.password, this.handler(o.enc(t));
if (e.response.data.is_friendly_message && e.response.data.message) return t.message = e.response.data.message, this.handler(o.enc(t))
} catch (e) {
return this.user.isLogged = !1, this.handler(o.enc(t))
}
})
I get the following error
Øدث خطأ أثناء تسجيل الدخول, الرجاء إعادة المØاولة
In the above code there are two blocks, I get the error when trying to log in with the registered user.
why new signed up users cannot login?
The documentation of a swarm mode setup seems to be missing something important.
It looks like to manage swarm with puppet I need to provide a token.
But to get the token I need to go to the manager node and type docker swarm join-token -q, copy the output and paste it into puppet?
Am I missing something? Or there's some automated way to do that?
What I would expect is this:
if(host_has_label("my-swarm-manager")) {
docker::swarm {'cluster_manager':
init => true,
advertise_addr => current_host_ip(),
listen_addr => current_host_ip(),
swarm_name => 'my-swarm'
}
} else if (host_has_label("my-swarm-worker")) {
docker::swarm {'cluster_worker':
join => true,
advertise_addr => current_host_ip(),
listen_addr => current_host_ip(),
manager_ip => get_ip_by_swarm_name('my-swarm'),
token => get_token_by_swarm_name('my-swarm')
}
}
Swarm mode token
1) What is the differences between setting up with the two different packages? Is one more supported than the other?
I had a project using Nancy.Hosting.Self and didn't find any article about how to setup windows authentication, while I did find it for Nancy.Owin as middleware. I have now switched to Nancy.owin.
Here are a few different questions.
2) The jsonformatter can be configured in both the nancy bootstrapper as in the owin endpoint topshelf.
Where should I configure the formatter? If configured in the topshelf owin endpoint, will this be applied in the nancy bootstrapper as well?
3) With the nancy endpoint in topshelf there was an option to set firewall rules and url reservations. I can't find this in the owin endpoint.
private static void CreateHost(HostConfigurator host)
{
var logger = SetupLogging();
host.UseSerilog(logger);
host.UseLinuxIfAvailable();
//sc => serviceconfigurator, ls => licenseService
host.Service<WebService>(sc =>
{
sc.ConstructUsing(name => new WebService(_config));
sc.WhenStarted(ls => ls.Start());
sc.WhenStopped(ls => ls.Stop());
sc.OwinEndpoint(app =>
{
app.ConfigureHttp(configuration =>
{
//use json.net serializer
configuration.Formatters.Clear();
configuration.Formatters.Add(new JsonMediaTypeFormatter());
//configure json settings
var jsonSettings = configuration.Formatters.JsonFormatter.SerializerSettings;
jsonSettings.Formatting = Formatting.Indented;
jsonSettings.Converters.Add(new StringEnumConverter { CamelCaseText = false, AllowIntegerValues = true });
jsonSettings.ContractResolver = new CamelCasePropertyNamesContractResolver();
});
app.ConfigureAppBuilder(builder =>
{
builder.UseNancy(options =>
{
options.Bootstrapper = new Bootstrapper(_config);
//options.PerformPassThrough
});
});
app.ConfigureStartOptions(options =>
{
options.Port = _config.LicenseServicePort;
//options.Urls = new List<string>(){};
});
});
//add host reservation during service install, this is the only time, nancy will have admin rights, will be deleted when service is uninstalled as well.
//nc => nancyConfig
//sc.WithNancyEndpoint(host, nc =>
//{
// nc.AddHost(port: _config.LicenseServicePort);
// nc.CreateUrlReservationsOnInstall();
// nc.DeleteReservationsOnUnInstall();
// nc.OpenFirewallPortsOnInstall(firewallRuleName: "mycustomservice");
// nc.Bootstrapper = new Bootstrapper(_config);
//});
});
host.SetDescription("Licensing service for my api.");
host.SetDisplayName("myservice");
host.SetServiceName("myservice);
host.RunAsNetworkService();
host.StartAutomatically();
}
Posted answer for codetoshare
private static void CreateHost(HostConfigurator host)
{
Log.Logger = SetupLogging();
host.SetStartTimeout(TimeSpan.FromSeconds(60));
//Plug serilog into host: log startup urls and start / stop
host.UseSerilog(Log.Logger);
//Allow to be run on linux as well
host.UseLinuxIfAvailable();
//sc => serviceconfigurator, ls => licenseService
host.Service<WebService>(sc =>
{
//basic topshelf configuration
sc.ConstructUsing(name => new WebService());
sc.WhenStarted(ls => ls.Start());
sc.WhenStopped(ls =>
{
ls.Stop();
DisposeLogging();
});
//I am using an extension here because I had converted the application from Nancy.Host.Self to Nancy.Owin
//if the extension will not get updated and this breaks the application, convert it to a normal app: see nearly every topshelf + owin example
//owin configuration
sc.OwinEndpoint(app =>
{
app.ConfigureHttp(configuration =>
{
//use json.net serializer
configuration.Formatters.Clear();
configuration.Formatters.Add(new JsonMediaTypeFormatter());
//configure json settings
var jsonSettings = configuration.Formatters.JsonFormatter.SerializerSettings;
jsonSettings.Formatting = Formatting.Indented;
jsonSettings.Converters.Add(new StringEnumConverter { CamelCaseText = false, AllowIntegerValues = true });
jsonSettings.ContractResolver = new CamelCasePropertyNamesContractResolver();
});
app.ConfigureAppBuilder(builder =>
{
//setup windows authentication
HttpListener listener = (HttpListener)builder.Properties["System.Net.HttpListener"];
listener.AuthenticationSchemes = AuthenticationSchemes.IntegratedWindowsAuthentication;
//setup nancy
builder.UseNancy(options =>
{
options.Bootstrapper = new Bootstrapper(_config);
});
});
//setup urls: always add localhost and 127.0.0.1 together with the host specified in the config file
app.ConfigureStartOptions(options =>
{
options.Port = _config.LicenseServicePort;
var localhost = $"http://localhost:{_config.LicenseServicePort}";
var localhost2 = $"http://127.0.0.1:{_config.LicenseServicePort}";
//todo: this should support https as well
//todo: allow multiple hosts to be specified on config
options.Urls.Add(localhost);
options.Urls.Add(localhost2);
var configuredHost = $"{_config.LicenseServiceUrl}:{_config.LicenseServicePort}";
if (!configuredHost.Equals(localhost) && !configuredHost.Equals(localhost2))
{
options.Urls.Add(configuredHost);
}
});
});
//old nancyhost config, keep this untill documented on confluence
//add host reservation during service install, this is the only time, nancy will have admin rights, will be deleted when service is uninstalled as well.
//nc => nancyConfig
//sc.WithNancyEndpoint(host, nc =>
//{
// nc.AddHost(port: _config.LicenseServicePort);
// nc.CreateUrlReservationsOnInstall();
// nc.DeleteReservationsOnUnInstall();
// nc.OpenFirewallPortsOnInstall(firewallRuleName: "SegreyLicensingService");
// nc.Bootstrapper = new Bootstrapper(_config);
//});
});
I have to connect my ldap with an existing ldap system with the following conditions:
Domain used is 12.14.4.38
Username 0000001 and password 123456.
I've opened this link , but I still don't understand how to use it. This is my adldap.php code
<?php
return [
'connections' => [
'default' => [
'auto_connect' => true,
'connection' => Adldap\Connections\Ldap::class,
'schema' => Adldap\Schemas\ActiveDirectory::class,
'connection_settings' => [
'account_prefix' => env('ADLDAP_ACCOUNT_PREFIX', ''),
'account_suffix' => env('ADLDAP_ACCOUNT_SUFFIX', ''),
'domain_controllers' => explode(' ', env('ADLDAP_CONTROLLERS', '12.14.4.38')),
'port' => env('ADLDAP_PORT', 389),
'timeout' => env('ADLDAP_TIMEOUT', 5),
'base_dn' => env('ADLDAP_BASEDN', 'dc=12.14.4.38'),
'admin_account_suffix' => env('ADLDAP_ADMIN_ACCOUNT_SUFFIX', ''),
'admin_username' => env('ADLDAP_ADMIN_USERNAME', '0000001'),
'admin_password' => env('ADLDAP_ADMIN_PASSWORD', '123456'),
'follow_referrals' => false,
'use_ssl' => false,
'use_tls' => false,
],
],
],
];
// Create a new Adldap Provider instance.
$provider = new \Adldap\Connections\Provider(connections);
$ad = new \Adldap\Adldap(connections);
try {
// Connect to the provider you specified in your configuration.
$provider = $ad->connect('default');
// Connection was successful.
// We can now perform operations on the connection.
$user = $provider->search()->users()->find('0000001');
} catch (\Adldap\Auth\BindException $e) {
die("Can't connect / bind to the LDAP server! Error: $e");
}
You didn't specify a dn/path nor did you enter a path for the admin
This is how it normally looks
Search host: 12.14.4.38
basedn: "ou=Users,dc=DRiski,dc=com" <- I use your username as an example
admin:"cn=admin,ou=admins,dc=DRiski,dc=com"
password: just the regular password
What is with the weird cn, dc, ou stuff... that is like a path/folder in wich it needs to look to find the user (or users/groups in the case of base dn)...
base dn: specifies where to look for the users, in this case: in the folder users, on the server Driski.com
That is also how you specify your admin (tell the server where to find the thing).
Solved?
If not, try connecting to your ldap using ldapadmin (or another administrative tool) such that you can see how it works, and what path to enter...