summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--docs/guides/auth.md29
-rw-r--r--docs/guides/images/auth/gitlab-application-details.pngbin0 -> 30378 bytes
-rw-r--r--docs/guides/images/auth/gitlab-new-application.pngbin0 -> 45457 bytes
-rw-r--r--docs/guides/images/auth/gitlab-sign-in.pngbin0 -> 5590 bytes
-rw-r--r--lib/csp.js1
5 files changed, 30 insertions, 0 deletions
diff --git a/docs/guides/auth.md b/docs/guides/auth.md
index aa629489..e4261724 100644
--- a/docs/guides/auth.md
+++ b/docs/guides/auth.md
@@ -210,3 +210,32 @@ The basic procedure is the same as the case of OneLogin which is mentioned above
````
+### GitLab (self-hosted)
+
+1. Sign in to your GitLab
+2. Navigate to the application management page at `https://your.gitlab.domain/admin/applications` (admin permissions required)
+3. Click **New application** to create a new application and fill out the registration form:
+
+![New GitLab application](images/auth/gitlab-new-application.png)
+
+4. Click **Submit**
+5. In the list of applications select **HackMD**. Leave that site open to copy the application ID and secret in the next step.
+
+![Application: HackMD](images/auth/gitlab-application-details.png)
+
+
+6. In the `docker-compose.yml` add the following environment variables to `app:` `environment:`
+
+```
+- HMD_DOMAIN=your.hackmd.domain
+- HMD_URL_ADDPORT=443
+- HMD_PROTOCOL_USESSL=true
+- HMD_GITLAB_BASEURL=https://your.gitlab.domain
+- HMD_GITLAB_CLIENTID=23462a34example99fid0943c3fde97310fb7db47fab1112
+- HMD_GITLAB_CLIENTSECRET=5532e9dexample70432secret0c37dd20ce077e6073ea9f1d6
+```
+
+7. Run `docker-compose up -d` to apply your settings.
+8. Sign in to your HackMD using your GitLab ID:
+
+![Sign in via GitLab](images/auth/gitlab-sign-in.png)
diff --git a/docs/guides/images/auth/gitlab-application-details.png b/docs/guides/images/auth/gitlab-application-details.png
new file mode 100644
index 00000000..6e042886
--- /dev/null
+++ b/docs/guides/images/auth/gitlab-application-details.png
Binary files differ
diff --git a/docs/guides/images/auth/gitlab-new-application.png b/docs/guides/images/auth/gitlab-new-application.png
new file mode 100644
index 00000000..be9e4446
--- /dev/null
+++ b/docs/guides/images/auth/gitlab-new-application.png
Binary files differ
diff --git a/docs/guides/images/auth/gitlab-sign-in.png b/docs/guides/images/auth/gitlab-sign-in.png
new file mode 100644
index 00000000..27aaf6dd
--- /dev/null
+++ b/docs/guides/images/auth/gitlab-sign-in.png
Binary files differ
diff --git a/lib/csp.js b/lib/csp.js
index cef2e2f6..8a4aa088 100644
--- a/lib/csp.js
+++ b/lib/csp.js
@@ -11,6 +11,7 @@ var defaultDirectives = {
styleSrc: ['\'self\'', '\'unsafe-inline\'', 'https://assets-cdn.github.com'], // unsafe-inline is required for some libs, plus used in views
fontSrc: ['\'self\'', 'https://public.slidesharecdn.com'],
objectSrc: ['*'], // Chrome PDF viewer treats PDFs as objects :/
+ mediaSrc: ['*'],
childSrc: ['*'],
connectSrc: ['*']
}