From 7d14559765de128120ad35d8aada68b6afa58018 Mon Sep 17 00:00:00 2001
From: shodan <thrawn235@gmail.com>
Date: Sun, 22 Mar 2026 13:14:51 +0000
Subject: [PATCH] .

---
 gitea/gitea.yaml   | 2 +-
 gitea/secrets.yaml | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/gitea/gitea.yaml b/gitea/gitea.yaml
index 9f98beb..a3db19b 100644
--- a/gitea/gitea.yaml
+++ b/gitea/gitea.yaml
@@ -138,7 +138,7 @@ data:
       su git -c 'echo $ARGOCD_PW' 
       su git -c 'SHODAN_PW=`cat /data/shodan.pw` && gitea admin user create --username shodan --admin --password $SHODAN_PW --email thrawn235@gmail.com'
       su git -c 'ARGOCD_PW=`cat /data/argocd.pw` && gitea admin user create --username argocd --password $ARGOCD_PW --email argocd@undercloud.local --must-change-password=false'
-      su git -c 'GITEA_PW=`cat /data/gitea.pw` && gitea admin auth add-ldap --name ldap --security-protocol StartTLS --host ldap.undercloud.local. --port 389 --user-search-base "ou=users,dc=undercloud,dc=local" --user-filter "(&(objectClass=person)(uid=%s))" --admin-filter "(&(memberOf=cn=gitea-admins,ou=groups,dc=undercloud,dc=local))" --email-attribute mail --avatar-attribute jpegPhoto --synchronize-users --skip-tls-verify --username-attribute uid --bind-dn "cn=gitea,ou=serviceaccounts,ou=users,dc=undercloud,dc=cf" --bind-password $GITEA_PW --attributes-in-bind --firstname-attribute cn --surname-attribute sn'
+      su git -c 'GITEA_PW=`cat /data/gitea.pw` && gitea admin auth add-ldap --name ldap --security-protocol LDAPS--host dc.undercloud.local --port 636 --user-search-base "OU=users,OU=Undercloud,DC=undercloud,DC=local" --user-filter "(&(objectCategory=Person)(memberOf=CN=undercloud-users,OU=groups,OU=Undercloud,DC=undercloud,DC=local)(sAMAccountName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))" --admin-filter "(&(objectCategory=Person)(memberOf=CN=gitea-admins,OU=groups,OU=Undercloud,DC=undercloud,DC=local)(sAMAccountName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))" --email-attribute mail --avatar-attribute thumbnailPhoto --synchronize-users --skip-tls-verify --username-attribute sAMAccountName --bind-dn "CN=gitea,OU=serviceaccounts,OU=users,OU=Undercloud,DC=undercloud,DC=local" --bind-password $GITEA_PW --attributes-in-bind --firstname-attribute cn --surname-attribute sn'
 
       sleep 30s
       echo "wget tea..."
diff --git a/gitea/secrets.yaml b/gitea/secrets.yaml
index c5f078f..a9a162e 100644
--- a/gitea/secrets.yaml
+++ b/gitea/secrets.yaml
@@ -33,5 +33,5 @@ metadata:
   name: gitea-user
   namespace: gitea
 type: Opaque
-data:
-  pw: Z2l0ZWFzZWN1cmVQVw==
\ No newline at end of file
+stringData:
+  pw: "1thisismySECURELDAPPWgitea"
\ No newline at end of file