Omniauth authentication for gollum
Switch branches/tags
Clone or download
Latest commit 08e0429 Jul 21, 2016

omnigollum - omniauth meets gollum

Quick Installation/Configuration

$ git clone
$ cd omnigollum
$ gem build omnigollum.gemspec
$ gem install omnigollum*.gem
$ cp config.rb.example config.rb

Customize config.rb to use your preferred omniauth strategy.

Execute via Gollum

$ gollum --config config.rb


$ gem install omnigollum


Omnigollum executes an OmniAuth::Builder proc/block to figure out which providers you've configured, then passes it on to omniauth to create the actual omniauth configuration.

To configure both omniauth and omnigollum you should add the following to your file.

Load omnigollum library

require 'omnigollum'

Load individual provider libraries

require 'omniauth/strategies/twitter'
require 'omniauth/strategies/open_id'

Set configuration

options = {
  # OmniAuth::Builder block is passed as a proc
  :providers => do
    provider :twitter, 'CONSUMER_KEY', 'CONSUMER_SECRET'
    provider :open_id,'/tmp')
  :dummy_auth => false

# :omnigollum options *must* be set before the Omnigollum extension is registered
Precious::App.set(:omnigollum, options)

Access control

By default, any authenticated user will be able to access the protected routes. Restrict this by setting the authorized_users option.

authorized_users accepts an array of emails. Users must authenticate with one of these authorized emails in order to be allowed access.

options[:authorized_users] = ["", "", ""]

Instead of setting these directly, you can use an env var, maybe like this:

# in .env, or other

options[:authorized_users] = ENV["OMNIGOLLUM_AUTHORIZED_USERS"].split(",")

Register omnigollum extension with sinatra

Precious::App.register Omnigollum::Sinatra

Required patches


You can (optionally) apply the patches here, to get a neat little auth status widget in the top right corner of the page