store_uri = file:///srv/nix-cache?secret-key=/var/lib/hydra/priv.key include /var/lib/hydra/git.conf enable = 1 class = Password password_field = password password_type = self_check class = LDAP ldap_server = 10.10.0.1 timeout = 30 debug = 2 binddn = "cn=hydra,ou=users,dc=hydra,dc=vapor,dc=systems" include ldap-password.conf start_tls = 0 verify = none user_basedn = "ou=users,dc=hydra,dc=vapor,dc=systems" user_filter = "(&(objectClass=inetOrgPerson)(cn=%s))" user_scope = one user_field = cn deref = always # Important for role mappings to work: use_roles = 1 role_basedn = "ou=groups,dc=hydra,dc=vapor,dc=systems" role_filter = "(&(objectClass=groupOfNames)(member=%s))" role_scope = one role_field = cn role_value = dn deref = always # Make all users in the hydra_admin group Hydra admins admin = admin # Allow all users in the dev group to restart jobs and cancel builds dev = restart-jobs dev = cancel-build