1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/ergo_ynh.git synced 2024-09-03 18:26:31 +02:00

added ldap option + operator password

This commit is contained in:
navanchauhan 2022-07-06 21:28:27 +05:30
parent b52652ebf9
commit 28e9706b1a
3 changed files with 38 additions and 7 deletions

View file

@ -396,7 +396,7 @@ accounts:
# options for email verification of account registrations # options for email verification of account registrations
email-verification: email-verification:
enabled: false enabled: true
sender: "ergoadmin@__DOMAIN__" sender: "ergoadmin@__DOMAIN__"
require-tls: true require-tls: true
helo-domain: "__DOMAIN__" # defaults to server name if unset helo-domain: "__DOMAIN__" # defaults to server name if unset
@ -417,9 +417,9 @@ accounts:
timeout: 60s timeout: 60s
# email-based password reset: # email-based password reset:
password-reset: password-reset:
enabled: false enabled: true
# time before we allow resending the email # time before we allow resending the email
cooldown: 1h cooldown: 4h
# time for which a password reset code is valid # time for which a password reset code is valid
timeout: 1d timeout: 1d
@ -429,10 +429,10 @@ accounts:
enabled: true enabled: true
# window # window
duration: 1m duration: 10m
# number of attempts allowed within the window # number of attempts allowed within the window
max-attempts: 3 max-attempts: 5
# some clients (notably Pidgin and Hexchat) offer only a single password field, # some clients (notably Pidgin and Hexchat) offer only a single password field,
# which makes it impossible to specify a separate server password (for the PASS # which makes it impossible to specify a separate server password (for the PASS
@ -556,7 +556,7 @@ accounts:
# pluggable authentication mechanism, via subprocess invocation # pluggable authentication mechanism, via subprocess invocation
# see the manual for details on how to write an authentication plugin script # see the manual for details on how to write an authentication plugin script
auth-script: auth-script:
enabled: false enabled: __LDAPOPTION__
command: "__FINALPATH__/ergo-ldap" command: "__FINALPATH__/ergo-ldap"
# constant list of args to pass to the command; the actual authentication # constant list of args to pass to the command; the actual authentication
# data is transmitted over stdin/stdout: # data is transmitted over stdin/stdout:
@ -674,7 +674,7 @@ opers:
# or by certificate fingerprint, or both. if a password hash is set, then a # or by certificate fingerprint, or both. if a password hash is set, then a
# password is required to oper up (e.g., /OPER dan mypassword). to generate # password is required to oper up (e.g., /OPER dan mypassword). to generate
# the hash, use `ergo genpasswd`. # the hash, use `ergo genpasswd`.
password: "$2a$04$HR0neg/TjG015DvtvTo0He9t5H3iBeAfqKURnJ9iLs5FpETBhXS1K" #ergo@YunoHost password: "__PASSWORDHASH__" #ergo@YunoHost
# if a SHA-256 certificate fingerprint is configured here, then it will be # if a SHA-256 certificate fingerprint is configured here, then it will be
# required to /OPER. if you comment out the password hash above, then you can # required to /OPER. if you comment out the password hash above, then you can

View file

@ -65,6 +65,22 @@
"name": "server_name", "name": "server_name",
"type": "string", "type": "string",
"default": "ergo.yunohost" "default": "ergo.yunohost"
},
{
"name": "password",
"type": "password",
"help": {
"en": "Server admin password for using /OPER",
"fr": "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question."
}
},
{
"name": "enable_ldap",
"type": "boolean",
"default": false,
"help": {
"en": "Enable ldap authentication script"
}
} }
] ]
} }

View file

@ -27,10 +27,12 @@ ynh_abort_if_errors
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC is_public=$YNH_APP_ARG_IS_PUBLIC
enable_ldap=$YNH_APP_ARG_ENABLE_LDAP
language=$YNH_APP_ARG_LANGUAGE language=$YNH_APP_ARG_LANGUAGE
architecture=$YNH_ARCH architecture=$YNH_ARCH
network_name=$YNH_APP_ARG_NETWORK_NAME network_name=$YNH_APP_ARG_NETWORK_NAME
server_name=$YNH_APP_ARG_SERVER_NAME server_name=$YNH_APP_ARG_SERVER_NAME
password=$YNH_APP_ARG_PASSWORD
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -125,8 +127,21 @@ ynh_add_nginx_config
#================================================= #=================================================
# ADD A CONFIGURATION # ADD A CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Adding a configuration file..." --time --weight=1 ynh_script_progression --message="Adding a configuration file..." --time --weight=1
# Get Password Hash
passwordhash=$((echo "$password"; echo "$password") | $final_path/ergo genpasswd)
# Enable ldap authentication if necessary
ldapoption=false
if [ $enable_ldap -eq 1 ]
then
ldapoption=true
fi
server=$domain server=$domain
ynh_add_config --template="../conf/default.yaml" --destination="$final_path/ircd.yaml" ynh_add_config --template="../conf/default.yaml" --destination="$final_path/ircd.yaml"
ynh_add_config --template="../conf/ldap-config.yaml" --destination="$final_path/ldap-config.yaml" ynh_add_config --template="../conf/ldap-config.yaml" --destination="$final_path/ldap-config.yaml"