1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/kimai2_ynh.git synced 2024-09-03 19:26:26 +02:00
kimai2_ynh/conf/local.yaml
eric_G 5f7818fc00
fix (#78)
* fix

* fix

* Update install

* Update _common.sh

* Update upgrade

* Update upgrade

* Update upgrade

* Update upgrade

* Update upgrade

* Update _common.sh

* Revert "Update _common.sh"

This reverts commit 26b1b8c618.

* Update upgrade

* Update .env

* Update _common.sh

* Update nginx.conf

* Update manifest.json

* Update install

* Update upgrade

* Update .env

* Update check_process

* Update upgrade

* Update upgrade

* Update upgrade

* Update scripts/install

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Update scripts/upgrade

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>

* Fix upgrading (#80)

* Auto-update README

* Update local.yaml

Remove duplicate security block

* Update upgrade

Doing a hard cache flush for major upgrade

* Update upgrade

Fix syntax

* Update upgrade

Use ynh_secure_remove

* Update upgrade

Remove local.yaml for major version upgrade

* Update upgrade

No loading from cache for major upgrade

* Update upgrade

Do full replace for setup sources when major upgrade

* Update upgrade

Fix full_replace arg

* Update upgrade

cleaning

* Update upgrade

Remove obsolete source_id

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>

---------

Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>
Co-authored-by: CodeShakingSheep <19874562+CodeShakingSheep@users.noreply.github.com>
Co-authored-by: yunohost-bot <yunohost@yunohost.org>
2024-01-16 22:59:57 +01:00

156 lines
7.7 KiB
YAML

kimai:
user:
registration: __REGISTRATION__
ldap:
activate: true
# more infos about the connection params can be found at:
# https://docs.laminas.dev/laminas-ldap/api/
connection:
# The default hostname of the LDAP server (mandatory setting).
# You can connect to multiple servers by setting their URLs like this:
# host: "ldap://ldap.example.local ldap://ldap2.example.local"
# host: "ldaps://ldap.example.local ldaps://ldap2.example.local"
host: "ldap://127.0.0.1"
# Default port for your LDAP port server
# default: 389
port: 389
# Whether or not the LDAP client should use SSL encrypted transport.
# The useSsl and useStartTls options are mutually exclusive.
# default: false
#useSsl: false
# Enable TLS negotiation (should be favoured over useSsl).
# The useSsl and useStartTls options are mutually exclusive.
# default: false
#useStartTls: false
# The default credentials username (your service account). Some servers
# require that this is given in DN form.
# It must be given in DN form if the LDAP server requires
# a DN to bind and binding should be possible with simple usernames.
# default: empty
#username:
# Password for the username (service-account) above
# default: empty
#password:
# LDAP search filter to find the user (%s will be replaced by the username).
# Should be set, to be compatible with your object structure.
# You don not need to set this filter, unless you have a very special setup
# or use Microsofts Active directory.
#
# Defaults:
# - if bindRequiresDn is false: (&(objectClass=user)(sAMAccountName=%s))
# - if bindRequiresDn is true: (&%filter%(uid=%s))
# - %filter% = empty
# accountFilterFormat = (&(usernameAttribute=%s))
# - %filter% = (&(objectClass=posixAccount))
# accountFilterFormat = (&(objectClass=posixAccount))(&(usernameAttribute=%s))
#
# %filter% is the "filter" configuration defined below in the "user" section
#accountFilterFormat: (&(objectClass=inetOrgPerson)(uid=%s))
# If true, this instructs Kimai to retrieve the DN for the account,
# used to bind if the username is not already in DN form.
# default: true
#bindRequiresDn: true
# If set to true, this option indicates to the LDAP client that
# referrals should be followed, default: false
#optReferrals: false
# for the next options please refer to:
# https://docs.laminas.dev/laminas-ldap/api/
#allowEmptyPassword: false
#tryUsernameSplit:
#networkTimeout:
#accountCanonicalForm: 3
#accountDomainName: HOST
#accountDomainNameShort: HOST
user:
# baseDn to query for users (mandatory setting).
baseDn: "ou=users, dc=yunohost, dc=org"
# Field used to match the login username in your LDAP.
# If "bindRequiresDn: false" is set, the username is used in "bind".
# Otherwise a search is executed to find the users "dn" by finding the user
# via this attribute with his "baseDn" and the "filter" below.
# default: uid
usernameAttribute: "uid"
# LDAP search base filter to find the user / the users DN.
# Do NOT include the rule (&(usernameAttribute=%s)), it will be appended
# automatically. The result of the search filter must return 1 result only.
# default: empty (results in (&(uid=%s)) with default usernameAttribute)
filter: "(&(objectClass=inetOrgPerson))"
# LDAP search base filter to find the user attributes.
# This is used for a slightly different query than the one above, which is
# used to query the users DN only.
# AD users might have too many results (Exchange activesync devices
# attributes) and therefor an incompatible result structure if not changed.
# See https://github.com/kevinpapst/kimai2/issues/875
# default: (objectClass=*)
#attributesFilter: (objectClass=Person)
# Configure the mapping between LDAP attributes and user entity
# The ldap_attr must be given in lowercase!
attributes:
# The following 2 rules are automatically prepended and can be overwritten.
# Username is set to the value of the configured "usernameAttribute" field
- { ldap_attr: "uid", user_method: setUsername }
# Only applied if you don't configure a mapping for setEmail()
- { ldap_attr: "mail", user_method: setEmail }
# An example which will set the display name in Kimai from the
# value of the "common name" field in your LDAP
- { ldap_attr: "cn", user_method: setAlias }
# You can comment the following section, if you don't want to manage
# user roles in Kimai via LDAP groups. If you want to use the group
# sync, you have to set at least the "role.baseDn" config.
# default: deactivated as "role.baseDn" is empty by default
role:
# baseDn to query for groups, MUST be set to activate the "group import"
# default: empty (deactivated)
baseDn: "ou=permission, dc=yunohost, dc=org"
# Filter to query user groups, all results will be matched against
# the configured "groups" mapping below.
# The full search filter will ALWAYS be generated like this:
# (&%filter(userDnAttribute=valueOfUsernameAttribute))
# The following example rule will be expanded to (for user "foo"):
# (&(&(objectClass=groupOfNames))(member=foo))
# default: empty
filter: "(&(objectClass=posixGroup)(cn=__APP__*))"
# The following field is taken from the LDAP user entry and its
# value is used in the filter above as "valueOfUsernameAttribute".
# The attribute must be given in lowercase!
# The example below uses "posix group style memberUid".
# default: dn
usernameAttribute: "dn"
# Field that holds the group name, which will be used to map the
# LDAP groups with Kimai roles (see groups mapping below).
# default: cn
nameAttribute: "cn"
# Field that holds the users dn in your LDAP group definition.
# Value of this configuration is used in the filter (see above).
# default: member
userDnAttribute: "inheritPermission"
# Convert LDAP group name (nameAttribute) to Kimai role
# You will very likely have to define mappings, unless your groups
# are called "teamlead", "admin" or "super_admin"
groups:
# - { ldap_value: group1, role: ROLE_TEAMLEAD }
# - { ldap_value: kimai_admin, role: ROLE_ADMIN }
- { ldap_value: "__APP__.teamlead", role: ROLE_TEAMLEAD }
- { ldap_value: "__APP__.admin", role: ROLE_ADMIN }
- { ldap_value: "__APP__.super_admin", role: ROLE_SUPER_ADMIN }