2022-03-23 11:03:13 +01:00
|
|
|
# LDAP connector + Yunohost setup + staticClient as per manifest.json
|
2024-01-09 09:37:02 +01:00
|
|
|
issuer: https://__DOMAIN____PATH__
|
2022-03-23 11:03:13 +01:00
|
|
|
storage:
|
|
|
|
|
type: sqlite3
|
|
|
|
|
config:
|
|
|
|
|
file: dex.db
|
|
|
|
|
web:
|
|
|
|
|
http: 127.0.0.1:__PORT__
|
|
|
|
|
|
2022-03-23 11:09:33 +01:00
|
|
|
frontend:
|
|
|
|
|
issuer: dex
|
2022-03-24 07:52:08 +01:00
|
|
|
logoURL: theme/logo.png
|
2022-03-23 11:09:33 +01:00
|
|
|
dir: web/
|
|
|
|
|
theme: light
|
|
|
|
|
|
2022-03-23 11:03:13 +01:00
|
|
|
connectors:
|
|
|
|
|
- type: ldap
|
|
|
|
|
name: OpenLDAP
|
|
|
|
|
id: ldap
|
|
|
|
|
config:
|
|
|
|
|
host: localhost:389
|
|
|
|
|
|
|
|
|
|
# No TLS for this setup.
|
|
|
|
|
insecureNoSSL: true
|
|
|
|
|
insecureSkipVerify: true
|
|
|
|
|
|
|
|
|
|
usernamePrompt: Username
|
|
|
|
|
|
|
|
|
|
userSearch:
|
|
|
|
|
baseDN: ou=users,dc=yunohost,dc=org
|
|
|
|
|
filter: "(objectClass=InetOrgPerson)"
|
|
|
|
|
username: uid
|
|
|
|
|
idAttr: uid
|
|
|
|
|
emailAttr: mail
|
|
|
|
|
nameAttr: displayName
|
|
|
|
|
|
|
|
|
|
groupSearch:
|
|
|
|
|
baseDN: ou=groups,dc=yunohost,dc=org
|
|
|
|
|
filter: "(objectClass=posixGroup)"
|
|
|
|
|
|
|
|
|
|
userMatchers:
|
|
|
|
|
- userAttr: uid
|
|
|
|
|
groupAttr: memberUid
|
|
|
|
|
|
|
|
|
|
nameAttr: cn
|
|
|
|
|
|
|
|
|
|
# Unfortunately the api is too complex to be used here
|
|
|
|
|
# As a consequence we have to setup client as staticClient, which means we will need one Dex instance per client app
|
|
|
|
|
staticClients:
|
2024-02-04 20:53:59 +01:00
|
|
|
- id: __OIDC_APP__
|
2022-03-23 11:03:13 +01:00
|
|
|
redirectURIs:
|
2024-02-04 20:53:59 +01:00
|
|
|
- https://__OIDC_CALLBACK__
|
|
|
|
|
name: __OIDC_APP__
|
|
|
|
|
secret: __OIDC_SECRET__
|
