YunoHost-Apps/kimai2_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/kimai2_ynh.git synced 2024-09-03 19:26:26 +02:00
Code Issues Activity Actions

Fix

Browse source
This commit is contained in:
ericgaspar 2022-03-12 16:16:27 +01:00
parent 30f5b2cdb5
commit e330d61649
No known key found for this signature in database
GPG key ID: 574F281483054D44
2 changed files with 15 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
conf/local.yaml
View file

@ -8,7 +8,7 @@ security:
kimai_ldap: ~ kimai_ldap: ~
kimai: kimai:
user: user:
registration: __REGISTRATION__ registration: "__REGISTRATION__"
ldap: ldap:
# more infos about the connection params can be found at: # more infos about the connection params can be found at:
# https://docs.laminas.dev/laminas-ldap/api/ # https://docs.laminas.dev/laminas-ldap/api/
@ -17,11 +17,11 @@ kimai:
# You can connect to multiple servers by setting their URLs like this: # You can connect to multiple servers by setting their URLs like this:
# host: "ldap://ldap.example.local ldap://ldap2.example.local" # host: "ldap://ldap.example.local ldap://ldap2.example.local"
# host: "ldaps://ldap.example.local ldaps://ldap2.example.local" # host: "ldaps://ldap.example.local ldaps://ldap2.example.local"
host: 127.0.0.1 host: "ldap://127.0.0.1"
# Default port for your LDAP port server # Default port for your LDAP port server
# default: 389 # default: 389
#port: 389 port: 389
# Whether or not the LDAP client should use SSL encrypted transport. # Whether or not the LDAP client should use SSL encrypted transport.
# The useSsl and useStartTls options are mutually exclusive. # The useSsl and useStartTls options are mutually exclusive.
@ -80,20 +80,20 @@ kimai:
user: user:
# baseDn to query for users (mandatory setting). # baseDn to query for users (mandatory setting).
baseDn: ou=users, dc=yunohost, dc=org baseDn: "ou=users, dc=yunohost, dc=org"
# Field used to match the login username in your LDAP. # Field used to match the login username in your LDAP.
# If "bindRequiresDn: false" is set, the username is used in "bind". # If "bindRequiresDn: false" is set, the username is used in "bind".
# Otherwise a search is executed to find the users "dn" by finding the user # Otherwise a search is executed to find the users "dn" by finding the user
# via this attribute with his "baseDn" and the "filter" below. # via this attribute with his "baseDn" and the "filter" below.
# default: uid # default: uid
usernameAttribute: uid usernameAttribute: "uid"
# LDAP search base filter to find the user / the users DN. # LDAP search base filter to find the user / the users DN.
# Do NOT include the rule (&(usernameAttribute=%s)), it will be appended # Do NOT include the rule (&(usernameAttribute=%s)), it will be appended
# automatically. The result of the search filter must return 1 result only. # automatically. The result of the search filter must return 1 result only.
# default: empty (results in (&(uid=%s)) with default usernameAttribute) # default: empty (results in (&(uid=%s)) with default usernameAttribute)
filter: (&(objectClass=inetOrgPerson)) filter: "(&(objectClass=inetOrgPerson))"
# LDAP search base filter to find the user attributes. # LDAP search base filter to find the user attributes.
# This is used for a slightly different query than the one above, which is # This is used for a slightly different query than the one above, which is
@ -109,12 +109,12 @@ kimai:
attributes: attributes:
# The following 2 rules are automatically prepended and can be overwritten. # The following 2 rules are automatically prepended and can be overwritten.
# Username is set to the value of the configured "usernameAttribute" field # Username is set to the value of the configured "usernameAttribute" field
- { ldap_attr: "usernameAttribute", user_method: setUsername } - { ldap_attr: "usernameAttribute", user_method: "setUsername" }
# Only applied if you don't configure a mapping for setEmail() # Only applied if you don't configure a mapping for setEmail()
- { ldap_attr: mail, user_method: setEmail } - { ldap_attr: "mail", user_method: "setEmail" }
# An example which will set the display name in Kimai from the # An example which will set the display name in Kimai from the
# value of the "common name" field in your LDAP # value of the "common name" field in your LDAP
- { ldap_attr: cn, user_method: setAlias } - { ldap_attr: "cn", user_method: "setAlias" }
# You can comment the following section, if you don't want to manage # You can comment the following section, if you don't want to manage
# user roles in Kimai via LDAP groups. If you want to use the group # user roles in Kimai via LDAP groups. If you want to use the group
@ -123,7 +123,7 @@ kimai:
role: role:
# baseDn to query for groups, MUST be set to activate the "group import" # baseDn to query for groups, MUST be set to activate the "group import"
# default: empty (deactivated) # default: empty (deactivated)
baseDn: ou=permission, dc=yunohost, dc=org baseDn: "ou=permission, dc=yunohost, dc=org"
# Filter to query user groups, all results will be matched against # Filter to query user groups, all results will be matched against
# the configured "groups" mapping below. # the configured "groups" mapping below.
@ -132,24 +132,24 @@ kimai:
# The following example rule will be expanded to (for user "foo"): # The following example rule will be expanded to (for user "foo"):
# (&(&(objectClass=groupOfNames))(member=foo)) # (&(&(objectClass=groupOfNames))(member=foo))
# default: empty # default: empty
filter: (&(objectClass=posixGroup)(cn=__APP__*)) filter: "(&(|(objectclass=posixAccount))(uid={{username}})(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))"
# The following field is taken from the LDAP user entry and its # The following field is taken from the LDAP user entry and its
# value is used in the filter above as "valueOfUsernameAttribute". # value is used in the filter above as "valueOfUsernameAttribute".
# The attribute must be given in lowercase! # The attribute must be given in lowercase!
# The example below uses "posix group style memberUid". # The example below uses "posix group style memberUid".
# default: dn # default: dn
usernameAttribute: dn usernameAttribute: "dn"
# Field that holds the group name, which will be used to map the # Field that holds the group name, which will be used to map the
# LDAP groups with Kimai roles (see groups mapping below). # LDAP groups with Kimai roles (see groups mapping below).
# default: cn # default: cn
nameAttribute: cn nameAttribute: "cn"
# Field that holds the users dn in your LDAP group definition. # Field that holds the users dn in your LDAP group definition.
# Value of this configuration is used in the filter (see above). # Value of this configuration is used in the filter (see above).
# default: member # default: member
userDnAttribute: inheritPermission userDnAttribute: "inheritPermission"
# Convert LDAP group name (nameAttribute) to Kimai role # Convert LDAP group name (nameAttribute) to Kimai role
# You will very likely have to define mappings, unless your groups # You will very likely have to define mappings, unless your groups

2
doc/DISCLAIMER.md
View file

@ -1,11 +1,11 @@
* Require dedicated domain like **kimai.domain.tld**. * Require dedicated domain like **kimai.domain.tld**.
* This app is multi-instance (you can have more then one Kimai instance running on a YunoHost server) * This app is multi-instance (you can have more then one Kimai instance running on a YunoHost server)
* As sqlite support ended on version 1.14, if you choosed an sqlite databse during installation, Kimai2 upgrade is blocked to version 1.13
#### Multi-user support #### Multi-user support
LDAP is supported LDAP is supported
HTTP auth is not supported HTTP auth is not supported
Defaul Kimai2 roles are: Defaul Kimai2 roles are:
* ROLE_USER * ROLE_USER
* ROLE_TEAMLEAD => Kimai2 (Teamlead) YunoHost permission * ROLE_TEAMLEAD => Kimai2 (Teamlead) YunoHost permission