YunoHost-Apps/gogs_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/gogs_ynh.git synced 2024-09-03 20:36:23 +02:00
Code Issues Activity Actions

Use config file for LDAP auth

Browse source
This commit is contained in:
Josué Tille 2018-06-07 22:18:45 +02:00
parent 5c26596df6
commit 24c6276744
5 changed files with 44 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
conf/ldap.conf Normal file
View file

@ -0,0 +1,28 @@
# This is an example of LDAP (BindDN) authentication
#
id = 1
type = ldap_bind_dn
name = Yunohost LDAP
is_activated = true
[config]
host = localhost
port = 389
# 0 - Unencrypted, 1 - LDAPS, 2 - StartTLS
security_protocol = 0
skip_verify = false
bind_dn =
bind_password =
user_base = ou=users,dc=yunohost,dc=org
attribute_username = uid
attribute_name = givenName
attribute_surname = sn
attribute_mail = mail
attributes_in_bind = false
filter = (&(objectClass=posixAccount)(uid=%s))
admin_filter = (uid=__ADMIN__)
group_enabled = false
group_dn =
group_filter =
group_member_uid =
user_uid = uid

3
conf/login_source.sql
View file

@ -1,3 +0,0 @@
INSERT INTO `__APP__`.`login_source` (`id`, `type`, `name`, `is_actived`, `cfg`, `created_unix`, `updated_unix`) VALUES
('1', '2', 'Yunohost LDAP', '1', '{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(uid=%s)","AdminFilter":"(uid=__ADMIN__)","Enabled":true}', '1464014433', '1464015955')
ON DUPLICATE KEY UPDATE cfg='{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(uid=%s)","AdminFilter":"(uid=__ADMIN__)","Enabled":true}'

8
scripts/_common.sh
View file

@ -30,8 +30,7 @@ fi
create_dir() { create_dir() {
mkdir -p "$final_path/data" mkdir -p "$final_path/data"
mkdir -p "$final_path/custom/conf" mkdir -p "$final_path/custom/conf/auth.d"
mkdir -p "$REPO_PATH"
mkdir -p "$DATA_PATH/avatars" mkdir -p "$DATA_PATH/avatars"
mkdir -p "$DATA_PATH/attachments" mkdir -p "$DATA_PATH/attachments"
mkdir -p "/var/log/$app" mkdir -p "/var/log/$app"
@ -47,8 +46,10 @@ config_nginx() {
config_gogs() { config_gogs() {
ynh_backup_if_checksum_is_different "$final_path/custom/conf/app.ini" ynh_backup_if_checksum_is_different "$final_path/custom/conf/app.ini"
ynh_backup_if_checksum_is_different "$final_path/custom/conf/auth.d/ldap.conf"
cp ../conf/app.ini "$final_path/custom/conf" cp ../conf/app.ini "$final_path/custom/conf"
cp ../conf/ldap.conf "$final_path/custom/conf/auth.d/ldap.conf"
if [ "$path_url" = "/" ] if [ "$path_url" = "/" ]
then then
@ -73,7 +74,10 @@ config_gogs() {
ynh_replace_string "__PRIVATE_MODE__" "true" "$final_path/custom/conf/app.ini" ynh_replace_string "__PRIVATE_MODE__" "true" "$final_path/custom/conf/app.ini"
fi fi
ynh_replace_string "__ADMIN__" "$admin" "$final_path/custom/conf/auth.d/ldap.conf"
ynh_store_file_checksum "$final_path/custom/conf/app.ini" ynh_store_file_checksum "$final_path/custom/conf/app.ini"
ynh_store_file_checksum "$final_path/custom/conf/auth.d/ldap.conf"
} }
set_permission() { set_permission() {

20
scripts/install
View file

@ -73,27 +73,13 @@ ynh_add_systemd_config
# Modify Nginx configuration file and copy it to Nginx conf directory # Modify Nginx configuration file and copy it to Nginx conf directory
config_nginx config_nginx
# Start gogs for building mysql tables
systemctl start "$app".service
# Set permissions
set_permission
# Wait till login_source mysql table is created
while ! $(ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
do
sleep 2
done
# Add ldap config
ynh_replace_string "__ADMIN__" "$admin" ../conf/login_source.sql
ynh_replace_string "__APP__" "$app" ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# Set permissions
set_permission
# Unprotect root from SSO if public # Unprotect root from SSO if public
set_access_settings set_access_settings

7
scripts/upgrade
View file

@ -80,6 +80,13 @@ then
usermod -p '*' "$app" usermod -p '*' "$app"
fi fi
# Remove old authentification mecanisme, actually the registry in the database has been replaced by a config file
if [[ ! -e "$final_path/custom/conf/auth.d/ldap.conf" ]]
then
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "DELETE FROM login_source WHERE name = 'Yunohost LDAP';"
mkdir -p "$final_path/custom/conf/auth.d"
fi
#================================================= #=================================================
# STANDARD UPGRADE STEPS # STANDARD UPGRADE STEPS
#================================================= #=================================================