CCCHH Wiki

User Tools

Site Tools

You are here: start » infrastructure » services » git
infrastructure:services:git

Table of Contents

Git

service-urls:
https://git.hamburg.ccc.de/
host-fqdn:
git.hamburg.ccc.de
netbox-link:
https://netbox.hamburg.ccc.de/virtualization/virtual-machines/46/
server:
Chaosknoten
maintainer:
june
ccchh-id-integration:
true
config-management:
nix-infra

Description

Git server running on Forgejo.

SSH Public Key Fingerprints

  • ssh-ed25519 fingerprint: SHA256:YjC9WtAL5wwgAhK6vLEKbkxB5/TKVaAxlWgG7UXgyvc
  • ssh-rsa fingerprint: SHA256:mw5OR16hA+bAGSdhnQMTdH3QN1wFFSBFTle4zzRukxE

Configuration

The Forgejo is mostly configured using our nix-infra repo.

However some parts need to be configured via the Web UI. This includes: Settings for organizations and users as well as the CCCHH ID integration.

CCCHH ID (Keycloak) Integration

For the Keycloak integration we do the usual mapping of client roles into a groups claim, which then gets read by Forgejo. Forgejo then maps the value of the groups claim of a user to organization and teams and also uses it to determine whether or not the user should be an administrator. What exactly gets mapped is defined here.

Issues: Password login can not be disabled currently (see https://codeberg.org/forgejo/forgejo/issues/732), so off-boarded users probably need to be removed from Forgejo manually.

infrastructure/services/git.txt · Last modified: 2024-03-30 20:50 UTC by jtbx
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki