From 0bd981e7780fc6851dcb3f071751b6c4dec18e03 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Thu, 7 Mar 2019 00:49:05 +0100 Subject: [PATCH] Provide LDAP variables --- conf/.env | 43 +++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 41 insertions(+), 2 deletions(-) diff --git a/conf/.env b/conf/.env index 17d1c80..73d8daa 100644 --- a/conf/.env +++ b/conf/.env @@ -14,7 +14,7 @@ MONGO_URL=mongodb://127.0.0.1:27017/__DB_NAME__ ROOT_URL=https://__DOMAIN_URI__ # Mail URL -MAIL_URL='smtp://user:pass@mailserver.example.com:25/' +MAIL_URL='smtp://localhost:25/' # This is local port where Wekan Node.js runs PORT=__PORT__ @@ -145,42 +145,52 @@ WEBHOOKS_ATTRIBUTES='' # LDAP_ENABLE : Enable or not the connection by the LDAP # example : LDAP_ENABLE=true #LDAP_ENABLE=false +LDAP_ENABLE=true # LDAP_PORT : The port of the LDAP server # example : LDAP_PORT=389 #LDAP_PORT=389 +LDAP_PORT=389 # LDAP_HOST : The host server for the LDAP server # example : LDAP_HOST=localhost #LDAP_HOST= +LDAP_HOST=localhost # LDAP_BASEDN : The base DN for the LDAP Tree # example : LDAP_BASEDN=ou=user,dc=example,dc=org #LDAP_BASEDN= +LDAP_BASEDN=dc=yunohost,dc=org # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method # example : LDAP_LOGIN_FALLBACK=true #LDAP_LOGIN_FALLBACK=false +LDAP_LOGIN_FALLBACK=false # LDAP_RECONNECT : Reconnect to the server if the connection is lost # example : LDAP_RECONNECT=false #LDAP_RECONNECT=true +LDAP_RECONNECT=true # LDAP_TIMEOUT : Overall timeout, in milliseconds # example : LDAP_TIMEOUT=12345 #LDAP_TIMEOUT=10000 +LDAP_TIMEOUT=10000 # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds # example : LDAP_IDLE_TIMEOUT=12345 #LDAP_IDLE_TIMEOUT=10000 +LDAP_IDLE_TIMEOUT=10000 # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds # example : LDAP_CONNECT_TIMEOUT=12345 #LDAP_CONNECT_TIMEOUT=10000 +LDAP_CONNECT_TIMEOUT=10000 # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search # example : LDAP_AUTHENTIFICATION=true #LDAP_AUTHENTIFICATION=false +LDAP_AUTHENTIFICATION=false # LDAP_AUTHENTIFICATION_USERDN : The search user DN # example : LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org @@ -193,22 +203,27 @@ WEBHOOKS_ATTRIBUTES='' # LDAP_LOG_ENABLED : Enable logs for the module # example : LDAP_LOG_ENABLED=true #LDAP_LOG_ENABLED=false +LDAP_LOG_ENABLED=true # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background # example : LDAP_BACKGROUND_SYNC=true #LDAP_BACKGROUND_SYNC=false +LDAP_BACKGROUND_SYNC=true # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds # example : LDAP_BACKGROUND_SYNC_INTERVAL=12345 #LDAP_BACKGROUND_SYNC_INTERVAL=100 +LDAP_BACKGROUND_SYNC_INTERVAL=100 # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED : # example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true #LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false +LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS : # example : LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true #LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false +LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true # LDAP_ENCRYPTION : If using LDAPS # example : LDAP_ENCRYPTION=ssl @@ -225,90 +240,112 @@ WEBHOOKS_ATTRIBUTES='' # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed # example : LDAP_USER_SEARCH_FILTER= #LDAP_USER_SEARCH_FILTER= +LDAP_USER_SEARCH_FILTER="(&(|(objectclass=posixAccount))(uid=%uid))" # LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree) # example : LDAP_USER_SEARCH_SCOPE=one #LDAP_USER_SEARCH_SCOPE= +LDAP_USER_SEARCH_SCOPE=sub # LDAP_USER_SEARCH_FIELD : Which field is used to find the user # example : LDAP_USER_SEARCH_FIELD=uid #LDAP_USER_SEARCH_FIELD= +LDAP_USER_SEARCH_FIELD=uid # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited) # example : LDAP_SEARCH_PAGE_SIZE=12345 #LDAP_SEARCH_PAGE_SIZE=0 +LDAP_SEARCH_PAGE_SIZE=0 # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited) # example : LDAP_SEARCH_SIZE_LIMIT=12345 #LDAP_SEARCH_SIZE_LIMIT=0 +LDAP_SEARCH_SIZE_LIMIT=0 # LDAP_GROUP_FILTER_ENABLE : Enable group filtering # example : LDAP_GROUP_FILTER_ENABLE=true #LDAP_GROUP_FILTER_ENABLE=false +LDAP_GROUP_FILTER_ENABLE=true # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering # example : LDAP_GROUP_FILTER_OBJECTCLASS=group #LDAP_GROUP_FILTER_OBJECTCLASS= +LDAP_GROUP_FILTER_OBJECTCLASS=posixGroup # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE : # example : #LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE= +LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=gidNumber # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE : # example : #LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE= +LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=memberUid # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT : # example : #LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT= +LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=dn # LDAP_GROUP_FILTER_GROUP_NAME : -# example : +# example : LDAP_GROUP_FILTER_GROUP_NAME=yourwekangroup #LDAP_GROUP_FILTER_GROUP_NAME= + # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier) # example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid #LDAP_UNIQUE_IDENTIFIER_FIELD= +LDAP_UNIQUE_IDENTIFIER_FIELD=entryUUID # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8 # example : LDAP_UTF8_NAMES_SLUGIFY=false #LDAP_UTF8_NAMES_SLUGIFY=true +LDAP_UTF8_NAMES_SLUGIFY=true # LDAP_USERNAME_FIELD : Which field contains the ldap username # example : LDAP_USERNAME_FIELD=username #LDAP_USERNAME_FIELD= +LDAP_USERNAME_FIELD=uid # LDAP_FULLNAME_FIELD : Which field contains the ldap fullname # example : LDAP_FULLNAME_FIELD=fullname #LDAP_FULLNAME_FIELD= +LDAP_FULLNAME_FIELD=cn # LDAP_MERGE_EXISTING_USERS : # example : LDAP_MERGE_EXISTING_USERS=true #LDAP_MERGE_EXISTING_USERS=false +LDAP_MERGE_EXISTING_USERS=true # LDAP_EMAIL_MATCH_ENABLE : allow existing account matching by e-mail address when username does not match # example: LDAP_EMAIL_MATCH_ENABLE=true #LDAP_EMAIL_MATCH_ENABLE=false +LDAP_EMAIL_MATCH_ENABLE=true # LDAP_EMAIL_MATCH_REQUIRE : require existing account matching by e-mail address when username does match # example: LDAP_EMAIL_MATCH_REQUIRE=true #LDAP_EMAIL_MATCH_REQUIRE=false +LDAP_EMAIL_MATCH_REQUIRE=true # LDAP_EMAIL_MATCH_VERIFIED : require existing account email address to be verified for matching # example: LDAP_EMAIL_MATCH_VERIFIED=true #LDAP_EMAIL_MATCH_VERIFIED=false +LDAP_EMAIL_MATCH_VERIFIED=true # LDAP_EMAIL_FIELD : which field contains the LDAP e-mail address # example: LDAP_EMAIL_FIELD=mail #LDAP_EMAIL_FIELD= +LDAP_EMAIL_FIELD=mail # LDAP_SYNC_USER_DATA : # example : LDAP_SYNC_USER_DATA=true #LDAP_SYNC_USER_DATA=false +LDAP_SYNC_USER_DATA=true # LDAP_SYNC_USER_DATA_FIELDMAP : # example : LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"} #LDAP_SYNC_USER_DATA_FIELDMAP= +LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name","displayName":"Full name"} # LDAP_SYNC_GROUP_ROLES : # example : @@ -320,9 +357,11 @@ WEBHOOKS_ATTRIBUTES='' # Enable/Disable syncing of admin status based on ldap groups: #LDAP_SYNC_ADMIN_STATUS=true +LDAP_SYNC_ADMIN_STATUS=true # Comma separated list of admin group names to sync. #LDAP_SYNC_ADMIN_GROUPS=group1,group2 +LDAP_SYNC_ADMIN_GROUPS=admins # LOGOUT_WITH_TIMER : Enables or not the option logout with timer # example : LOGOUT_WITH_TIMER=true