mirror of
https://github.com/YunoHost-Apps/jellyfin_ynh.git
synced 2024-09-03 19:26:29 +02:00
Adding LDAP plugin and permissions
This commit is contained in:
tituspijean
parent
bd4932c472
commit
e0cd3c711b
5 changed files with 76 additions and 3 deletions
16
conf/LDAP-Auth.xml
Normal file
16
conf/LDAP-Auth.xml
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
<?xml version="1.0"?>
|
||||
<PluginConfiguration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
|
||||
<LdapServer>127.0.0.1</LdapServer>
|
||||
<LdapBaseDn>ou=users,dc=yunohost,dc=org</LdapBaseDn>
|
||||
<LdapPort>389</LdapPort>
|
||||
<LdapSearchAttributes>uid, mail</LdapSearchAttributes>
|
||||
<LdapUsernameAttribute>uid</LdapUsernameAttribute>
|
||||
<LdapSearchFilter>(permission=cn=jellyfin.main,ou=permission,dc=yunohost,dc=org)</LdapSearchFilter>
|
||||
<LdapAdminFilter>(permission=cn=jellyfin.admin,ou=permission,dc=yunohost,dc=org)</LdapAdminFilter>
|
||||
<LdapBindUser>cn=admin,ou=users,dc=yunohost,dc=org</LdapBindUser>
|
||||
<LdapBindPassword />
|
||||
<CreateUsersFromLdap>true</CreateUsersFromLdap>
|
||||
<UseSsl>true</UseSsl>
|
||||
<UseStartTls>false</UseStartTls>
|
||||
<SkipSslVerify>false</SkipSslVerify>
|
||||
</PluginConfiguration>
|
||||
7
conf/ldap.src
Normal file
7
conf/ldap.src
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
SOURCE_URL=https://repo.jellyfin.org/releases/plugin/ldap-authentication/ldap-authentication_9.0.0.0.zip
|
||||
SOURCE_SUM=1EAE1099E30CB3C42FDC2B0ACE50601A8881EBFD9151526F39C8E2B61D7B3EF1
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=zip
|
||||
SOURCE_IN_SUBDIR=false
|
||||
SOURCE_FILENAME=
|
||||
SOURCE_EXTRACT=true
|
||||
|
|
@ -40,6 +40,15 @@
|
|||
"example": "/jellyfin",
|
||||
"default": "/jellyfin"
|
||||
},
|
||||
{
|
||||
"name": "admin",
|
||||
"type": "user",
|
||||
"ask": {
|
||||
"en": "Choose an admin user",
|
||||
"fr": "Choisissez l'administrateur"
|
||||
},
|
||||
"example": "johndoe"
|
||||
},
|
||||
{
|
||||
"name": "is_public",
|
||||
"type": "boolean",
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ ynh_abort_if_errors
|
|||
|
||||
domain=$YNH_APP_ARG_DOMAIN
|
||||
path_url=$YNH_APP_ARG_PATH
|
||||
admin=$YNH_APP_ARG_ADMIN
|
||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
|
@ -89,6 +90,7 @@ ynh_system_user_create --username=$app
|
|||
#=================================================
|
||||
# MODIFY A CONFIG FILE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring the settings..." --weight=1
|
||||
|
||||
# Load services once to generate system.xml
|
||||
systemctl enable jellyfin
|
||||
|
|
@ -102,6 +104,18 @@ ynh_replace_string --match_string="<HttpServerPortNumber>8096</HttpServerPortNum
|
|||
# BaseUrl config
|
||||
ynh_replace_string --match_string="<BaseUrl />" --replace_string="<BaseUrl>$path_url</BaseUrl>" --target_file="/etc/jellyfin/system.xml"
|
||||
|
||||
# Disable Setup Wizard
|
||||
ynh_replace_string --match_string="<IsStartupWizardCompleted>false</IsStartupWizardCompleted>" --replace_string="<IsStartupWizardCompleted>true</IsStartupWizardCompleted>" --target_file="/etc/jellyfin/system.xml"
|
||||
|
||||
#=================================================
|
||||
# INSTALL LDAP PLUGIN
|
||||
#=================================================
|
||||
ynh_script_progression --message="Installing LDAP plugin..." --weight=2
|
||||
|
||||
ynh_setup_source --dest_dir="/var/lib/jellyfin/plugins/LDAP Authentication" --source_id=ldap
|
||||
mkdir -p /var/lib/jellyfin/plugins/configurations/
|
||||
cp ../conf/LDAP-Auth.xml /var/lib/jellyfin/plugins/configurations/LDAP-Auth.xml
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
|
|
@ -138,9 +152,9 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --l
|
|||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring SSOwat..." --weight=2
|
||||
ynh_script_progression --message="Configuring permissions..." --weight=1
|
||||
|
||||
# Make app public if necessary or protect it
|
||||
# Make app public if necessary
|
||||
if [ $is_public -eq 1 ]
|
||||
then
|
||||
# Everyone can access the app.
|
||||
|
|
@ -148,6 +162,9 @@ then
|
|||
ynh_permission_update --permission "main" --add "visitors"
|
||||
fi
|
||||
|
||||
# Only the admin can access the admin panel of the app (if the app has an admin panel)
|
||||
ynh_permission_create --permission "admin" --allowed $admin
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@ ynh_script_progression --message="Loading installation settings..." --weight=1
|
|||
app=$YNH_APP_INSTANCE_NAME
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
||||
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
port=$(ynh_app_setting_get --app=$app --key=port)
|
||||
|
|
@ -73,6 +74,19 @@ ynh_script_progression --message="Making sure dedicated system user exists..." -
|
|||
# Create a dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app
|
||||
|
||||
#=================================================
|
||||
# INSTALL LDAP PLUGIN
|
||||
#=================================================
|
||||
|
||||
# Install it only if the plugin directory does not exist
|
||||
if [ ! -e "/var/lib/jellyfin/plugins/LDAP Authentication" ]; then
|
||||
ynh_script_progression --message="Installing LDAP plugin..." --weight=2
|
||||
|
||||
ynh_setup_source --dest_dir="/var/lib/jellyfin/plugins/LDAP Authentication" --source_id=ldap
|
||||
mkdir -p /var/lib/jellyfin/plugins/configurations/
|
||||
cp ../conf/LDAP-Auth.xml /var/lib/jellyfin/plugins/configurations/LDAP-Auth.xml
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
|
|
@ -91,6 +105,16 @@ ynh_script_progression --message="Upgrading logrotate configuration..." --weight
|
|||
# Use logrotate to manage app-specific logfile(s)
|
||||
ynh_use_logrotate --non-append
|
||||
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading permissions configuration..." --weight=1
|
||||
|
||||
# Create the admin permission if needed
|
||||
if ! ynh_permission_exists --permission "admin"; then
|
||||
ynh_permission_create --permission "admin" --allowed $admin
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# INTEGRATE SERVICE IN YUNOHOST
|
||||
#=================================================
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue