Gitlab OAuth2 with Google

gitlab.rb

### OmniAuth Settings
###! Docs: https://docs.gitlab.com/ce/integration/omniauth.html
gitlab_rails['omniauth_enabled'] = true                                # Show "Signin with..." button in Login page
gitlab_rails['omniauth_allow_single_sign_on'] = ['google_oauth2']      # Create account automatically
# gitlab_rails['omniauth_sync_email_from_provider'] = 'saml'
gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'google_oauth2'  # Redirect to provider login page when enter gitlab login page
# gitlab_rails['omniauth_block_auto_created_users'] = true             # true: auto-created user must be admin approved
# gitlab_rails['omniauth_auto_link_ldap_user'] = false
# gitlab_rails['omniauth_auto_link_saml_user'] = false
# gitlab_rails['omniauth_external_providers'] = ['twitter', 'google_oauth2']

# Google OAuth2 provider. See https://docs.gitlab.com/ce/integration/google.html
# Authentication URI parameters:
#   https://developers.google.com/identity/protocols/OpenIDConnect#authenticationuriparameters
gitlab_rails['omniauth_providers'] = [
   {
     "name" => "google_oauth2",
     "app_id" => "YOUR_APP_ID",
     "app_secret" => "YOUR_APP_SECRET",
     "args" => {
       "access_type" => "offline", 
       "approval_prompt" => "",
       "hd" => "teko.vn"      # Restrict login domain in "teko.vn"
     }
   }
]


##### COMMANDS
# sudo gitlab-ctl reconfigure
# sudo service gitlab-runsvdir restart