The Directory team have requested that we allow token login to the
Directory, where a user uses LSAAI credentials to obtain a token from
the Directory, and then uses this to authenticate Directory sync. This
has been implemented via an environment variable, in an analogous way to
the already existing username/password method.
The default start time for the Directory sync has been shifted to 22:30,
to prevent conflicts with the Bridgehead auto-update.
Relevant changes have been made to the documentation.
Co-authored-by: Torben Brenner <76154651+torbrenner@users.noreply.github.com>
Co-authored-by: Jan <59206115+Threated@users.noreply.github.com>
Co-authored-by: Martin Lablans <6804500+lablans@users.noreply.github.com>
Directory sync needs to be able to launch at specific times of day, and in order to do this in a predictable way, the timezone used inside the Docker container should be the same as the host. To do this, two files need to be mounted from the host. One file contains information about the time zone, the other file contains the file zone name.
@@ -73,7 +73,7 @@ We recommend to install Docker(-compose) from its official sources as described
A Bridgehead communicates to all central components via outgoing HTTPS connections.
Your site might require an outgoing proxy (i.e. HTTPS forward proxy) to connect to external servers; you should discuss this with your local systems administration. In that case, you will need to note down the URL of the proxy. If the proxy requires authentication, you will also need to make a note of its username and password. This information will be used later on during the installation process. TLS terminating proxies are also supported, see [here](#tls-terminating-proxies). Apart from the Bridgehead itself, you may also need to configure the proxy server in [git](https://gist.github.com/evantoli/f8c23a37eb3558ab8765) and [docker](https://docs.docker.com/network/proxy/).
Your site might require an outgoing proxy (i.e. HTTPS forward proxy) to connect to external servers; you should discuss this with your local systems administration. In that case, you will need to note down the URL of the proxy. If the proxy requires authentication, you will also need to make a note of its username and password. This information will be used later on during the installation process. Special characters in the proxy values, e.g. in the access credentials, must be [URL-encoded](https://en.wikipedia.org/wiki/Percent-encoding), e.g. by replacing `@` with `%40`, `/` with `%2F` and so on. TLS terminating proxies are also supported, see [here](#tls-terminating-proxies). Apart from the Bridgehead itself, you may also need to configure the proxy server in [git](https://gist.github.com/evantoli/f8c23a37eb3558ab8765) and [docker](https://docs.docker.com/network/proxy/).
The following URLs need to be accessible (prefix with `https://`):
* To fetch code and configuration from git repositories
@@ -536,6 +536,8 @@ and restart the docker daemon:
sudo systemctl restart docker
```
Please note that special characters in the proxy value, such as `#?!()[]{}`, must be double escaped using `%%`.
For more information, please consult the [official documentation](https://docs.docker.com/config/daemon/systemd/#httphttps-proxy).
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
