YunoHost-Apps/jellyfin_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/jellyfin_ynh.git synced 2024-09-03 19:26:29 +02:00
Code Issues Activity Actions

Adding LDAP plugin and permissions

Browse source
This commit is contained in:
tituspijean 2020-11-11 20:14:48 +01:00
parent bd4932c472
commit e0cd3c711b
5 changed files with 76 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
conf/LDAP-Auth.xml Normal file
View file

@ -0,0 +1,16 @@
<?xml version="1.0"?>
<PluginConfiguration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<LdapServer>127.0.0.1</LdapServer>
<LdapBaseDn>ou=users,dc=yunohost,dc=org</LdapBaseDn>
<LdapPort>389</LdapPort>
<LdapSearchAttributes>uid, mail</LdapSearchAttributes>
<LdapUsernameAttribute>uid</LdapUsernameAttribute>
<LdapSearchFilter>(permission=cn=jellyfin.main,ou=permission,dc=yunohost,dc=org)</LdapSearchFilter>
<LdapAdminFilter>(permission=cn=jellyfin.admin,ou=permission,dc=yunohost,dc=org)</LdapAdminFilter>
<LdapBindUser>cn=admin,ou=users,dc=yunohost,dc=org</LdapBindUser>
<LdapBindPassword />
<CreateUsersFromLdap>true</CreateUsersFromLdap>
<UseSsl>true</UseSsl>
<UseStartTls>false</UseStartTls>
<SkipSslVerify>false</SkipSslVerify>
</PluginConfiguration>

7
conf/ldap.src Normal file
View file

@ -0,0 +1,7 @@
SOURCE_URL=https://repo.jellyfin.org/releases/plugin/ldap-authentication/ldap-authentication_9.0.0.0.zip
SOURCE_SUM=1EAE1099E30CB3C42FDC2B0ACE50601A8881EBFD9151526F39C8E2B61D7B3EF1
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=false
SOURCE_FILENAME=
SOURCE_EXTRACT=true

9
manifest.json
View file

@ -40,6 +40,15 @@
"example": "/jellyfin", "example": "/jellyfin",
"default": "/jellyfin" "default": "/jellyfin"
}, },
{
"name": "admin",
"type": "user",
"ask": {
"en": "Choose an admin user",
"fr": "Choisissez l'administrateur"
},
"example": "johndoe"
},
{ {
"name": "is_public", "name": "is_public",
"type": "boolean", "type": "boolean",

21
scripts/install
View file

@ -26,6 +26,7 @@ ynh_abort_if_errors
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC is_public=$YNH_APP_ARG_IS_PUBLIC
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -89,6 +90,7 @@ ynh_system_user_create --username=$app
#================================================= #=================================================
# MODIFY A CONFIG FILE # MODIFY A CONFIG FILE
#================================================= #=================================================
ynh_script_progression --message="Configuring the settings..." --weight=1
# Load services once to generate system.xml # Load services once to generate system.xml
systemctl enable jellyfin systemctl enable jellyfin
@ -102,6 +104,18 @@ ynh_replace_string --match_string="<HttpServerPortNumber>8096</HttpServerPortNum
# BaseUrl config # BaseUrl config
ynh_replace_string --match_string="<BaseUrl />" --replace_string="<BaseUrl>$path_url</BaseUrl>" --target_file="/etc/jellyfin/system.xml" ynh_replace_string --match_string="<BaseUrl />" --replace_string="<BaseUrl>$path_url</BaseUrl>" --target_file="/etc/jellyfin/system.xml"
# Disable Setup Wizard
ynh_replace_string --match_string="<IsStartupWizardCompleted>false</IsStartupWizardCompleted>" --replace_string="<IsStartupWizardCompleted>true</IsStartupWizardCompleted>" --target_file="/etc/jellyfin/system.xml"
#=================================================
# INSTALL LDAP PLUGIN
#=================================================
ynh_script_progression --message="Installing LDAP plugin..." --weight=2
ynh_setup_source --dest_dir="/var/lib/jellyfin/plugins/LDAP Authentication" --source_id=ldap
mkdir -p /var/lib/jellyfin/plugins/configurations/
cp ../conf/LDAP-Auth.xml /var/lib/jellyfin/plugins/configurations/LDAP-Auth.xml
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
@ -138,9 +152,9 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --l
#================================================= #=================================================
# SETUP SSOWAT # SETUP SSOWAT
#================================================= #=================================================
ynh_script_progression --message="Configuring SSOwat..." --weight=2 ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary or protect it # Make app public if necessary
if [ $is_public -eq 1 ] if [ $is_public -eq 1 ]
then then
# Everyone can access the app. # Everyone can access the app.
@ -148,6 +162,9 @@ then
ynh_permission_update --permission "main" --add "visitors" ynh_permission_update --permission "main" --add "visitors"
fi fi
# Only the admin can access the admin panel of the app (if the app has an admin panel)
ynh_permission_create --permission "admin" --allowed $admin
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================

24
scripts/upgrade
View file

@ -17,6 +17,7 @@ ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain) domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path) path_url=$(ynh_app_setting_get --app=$app --key=path)
admin=$(ynh_app_setting_get --app=$app --key=admin)
is_public=$(ynh_app_setting_get --app=$app --key=is_public) is_public=$(ynh_app_setting_get --app=$app --key=is_public)
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port) port=$(ynh_app_setting_get --app=$app --key=port)
@ -73,6 +74,19 @@ ynh_script_progression --message="Making sure dedicated system user exists..." -
# Create a dedicated user (if not existing) # Create a dedicated user (if not existing)
ynh_system_user_create --username=$app ynh_system_user_create --username=$app
#=================================================
# INSTALL LDAP PLUGIN
#=================================================
# Install it only if the plugin directory does not exist
if [ ! -e "/var/lib/jellyfin/plugins/LDAP Authentication" ]; then
ynh_script_progression --message="Installing LDAP plugin..." --weight=2
ynh_setup_source --dest_dir="/var/lib/jellyfin/plugins/LDAP Authentication" --source_id=ldap
mkdir -p /var/lib/jellyfin/plugins/configurations/
cp ../conf/LDAP-Auth.xml /var/lib/jellyfin/plugins/configurations/LDAP-Auth.xml
fi
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
@ -91,6 +105,16 @@ ynh_script_progression --message="Upgrading logrotate configuration..." --weight
# Use logrotate to manage app-specific logfile(s) # Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append ynh_use_logrotate --non-append
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Upgrading permissions configuration..." --weight=1
# Create the admin permission if needed
if ! ynh_permission_exists --permission "admin"; then
ynh_permission_create --permission "admin" --allowed $admin
fi
#================================================= #=================================================
# INTEGRATE SERVICE IN YUNOHOST # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================