mirror of
https://github.com/YunoHost-Apps/wekan_ynh.git
synced 2024-09-03 20:36:09 +02:00
Configure LDAP for Yunohost
This commit is contained in:
parent
ca68f74e37
commit
a5378a6baf
1 changed files with 14 additions and 10 deletions
24
conf/.env
24
conf/.env
|
@ -165,7 +165,7 @@ LDAP_BASEDN=dc=yunohost,dc=org
|
||||||
# LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
|
# LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
|
||||||
# example : LDAP_LOGIN_FALLBACK=true
|
# example : LDAP_LOGIN_FALLBACK=true
|
||||||
#LDAP_LOGIN_FALLBACK=false
|
#LDAP_LOGIN_FALLBACK=false
|
||||||
LDAP_LOGIN_FALLBACK=false
|
LDAP_LOGIN_FALLBACK=true
|
||||||
|
|
||||||
# LDAP_RECONNECT : Reconnect to the server if the connection is lost
|
# LDAP_RECONNECT : Reconnect to the server if the connection is lost
|
||||||
# example : LDAP_RECONNECT=false
|
# example : LDAP_RECONNECT=false
|
||||||
|
@ -213,7 +213,7 @@ LDAP_BACKGROUND_SYNC=true
|
||||||
# LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
|
# LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
|
||||||
# example : LDAP_BACKGROUND_SYNC_INTERVAL=12345
|
# example : LDAP_BACKGROUND_SYNC_INTERVAL=12345
|
||||||
#LDAP_BACKGROUND_SYNC_INTERVAL=100
|
#LDAP_BACKGROUND_SYNC_INTERVAL=100
|
||||||
LDAP_BACKGROUND_SYNC_INTERVAL=600000
|
LDAP_BACKGROUND_SYNC_INTERVAL=100
|
||||||
|
|
||||||
# LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
|
# LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED :
|
||||||
# example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
|
# example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
|
||||||
|
@ -240,7 +240,7 @@ LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
|
||||||
# LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
|
# LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
|
||||||
# example : LDAP_USER_SEARCH_FILTER=
|
# example : LDAP_USER_SEARCH_FILTER=
|
||||||
#LDAP_USER_SEARCH_FILTER=
|
#LDAP_USER_SEARCH_FILTER=
|
||||||
LDAP_USER_SEARCH_FILTER=""
|
LDAP_USER_SEARCH_FILTER="(objectclass=posixAccount)"
|
||||||
|
|
||||||
# LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
|
# LDAP_USER_SEARCH_SCOPE : base (search only in the provided DN), one (search only in the provided DN and one level deep), or sub (search the whole subtree)
|
||||||
# example : LDAP_USER_SEARCH_SCOPE=one
|
# example : LDAP_USER_SEARCH_SCOPE=one
|
||||||
|
@ -265,7 +265,7 @@ LDAP_SEARCH_SIZE_LIMIT=0
|
||||||
# LDAP_GROUP_FILTER_ENABLE : Enable group filtering
|
# LDAP_GROUP_FILTER_ENABLE : Enable group filtering
|
||||||
# example : LDAP_GROUP_FILTER_ENABLE=true
|
# example : LDAP_GROUP_FILTER_ENABLE=true
|
||||||
#LDAP_GROUP_FILTER_ENABLE=false
|
#LDAP_GROUP_FILTER_ENABLE=false
|
||||||
LDAP_GROUP_FILTER_ENABLE=false
|
LDAP_GROUP_FILTER_ENABLE=true
|
||||||
|
|
||||||
# LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
|
# LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
|
||||||
# example : LDAP_GROUP_FILTER_OBJECTCLASS=group
|
# example : LDAP_GROUP_FILTER_OBJECTCLASS=group
|
||||||
|
@ -275,7 +275,7 @@ LDAP_GROUP_FILTER_OBJECTCLASS=posixGroup
|
||||||
# LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
|
# LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE :
|
||||||
# example :
|
# example :
|
||||||
#LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=
|
#LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=
|
||||||
LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=gidNumber
|
LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=cn
|
||||||
|
|
||||||
# LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
|
# LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE :
|
||||||
# example :
|
# example :
|
||||||
|
@ -285,12 +285,12 @@ LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=memberUid
|
||||||
# LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
|
# LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT :
|
||||||
# example :
|
# example :
|
||||||
#LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=
|
#LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=
|
||||||
LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=dn
|
LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=uid
|
||||||
|
|
||||||
# LDAP_GROUP_FILTER_GROUP_NAME :
|
# LDAP_GROUP_FILTER_GROUP_NAME :
|
||||||
# example :
|
# example : LDAP_GROUP_FILTER_GROUP_NAME=wekan_user
|
||||||
#LDAP_GROUP_FILTER_GROUP_NAME=
|
#LDAP_GROUP_FILTER_GROUP_NAME=
|
||||||
LDAP_GROUP_FILTER_GROUP_NAME=cn
|
LDAP_GROUP_FILTER_GROUP_NAME=sftpusers
|
||||||
|
|
||||||
# LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
|
# LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
|
||||||
# example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid
|
# example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid
|
||||||
|
@ -300,6 +300,7 @@ LDAP_UNIQUE_IDENTIFIER_FIELD=entryUUID
|
||||||
# LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
|
# LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
|
||||||
# example : LDAP_UTF8_NAMES_SLUGIFY=false
|
# example : LDAP_UTF8_NAMES_SLUGIFY=false
|
||||||
#LDAP_UTF8_NAMES_SLUGIFY=true
|
#LDAP_UTF8_NAMES_SLUGIFY=true
|
||||||
|
LDAP_UTF8_NAMES_SLUGIFY=true
|
||||||
|
|
||||||
# LDAP_USERNAME_FIELD : Which field contains the ldap username
|
# LDAP_USERNAME_FIELD : Which field contains the ldap username
|
||||||
# example : LDAP_USERNAME_FIELD=username
|
# example : LDAP_USERNAME_FIELD=username
|
||||||
|
@ -324,12 +325,12 @@ LDAP_EMAIL_MATCH_ENABLE=true
|
||||||
# LDAP_EMAIL_MATCH_REQUIRE : require existing account matching by e-mail address when username does match
|
# LDAP_EMAIL_MATCH_REQUIRE : require existing account matching by e-mail address when username does match
|
||||||
# example: LDAP_EMAIL_MATCH_REQUIRE=true
|
# example: LDAP_EMAIL_MATCH_REQUIRE=true
|
||||||
#LDAP_EMAIL_MATCH_REQUIRE=false
|
#LDAP_EMAIL_MATCH_REQUIRE=false
|
||||||
LDAP_EMAIL_MATCH_REQUIRE=true
|
LDAP_EMAIL_MATCH_REQUIRE=false
|
||||||
|
|
||||||
# LDAP_EMAIL_MATCH_VERIFIED : require existing account email address to be verified for matching
|
# LDAP_EMAIL_MATCH_VERIFIED : require existing account email address to be verified for matching
|
||||||
# example: LDAP_EMAIL_MATCH_VERIFIED=true
|
# example: LDAP_EMAIL_MATCH_VERIFIED=true
|
||||||
#LDAP_EMAIL_MATCH_VERIFIED=false
|
#LDAP_EMAIL_MATCH_VERIFIED=false
|
||||||
LDAP_EMAIL_MATCH_VERIFIED=true
|
LDAP_EMAIL_MATCH_VERIFIED=false
|
||||||
|
|
||||||
# LDAP_EMAIL_FIELD : which field contains the LDAP e-mail address
|
# LDAP_EMAIL_FIELD : which field contains the LDAP e-mail address
|
||||||
# example: LDAP_EMAIL_FIELD=mail
|
# example: LDAP_EMAIL_FIELD=mail
|
||||||
|
@ -349,6 +350,7 @@ LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name"}
|
||||||
# LDAP_SYNC_GROUP_ROLES :
|
# LDAP_SYNC_GROUP_ROLES :
|
||||||
# example :
|
# example :
|
||||||
#LDAP_SYNC_GROUP_ROLES=
|
#LDAP_SYNC_GROUP_ROLES=
|
||||||
|
LDAP_SYNC_GROUP_ROLES=admins
|
||||||
|
|
||||||
# LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
|
# LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
|
||||||
# example :
|
# example :
|
||||||
|
@ -357,9 +359,11 @@ LDAP_DEFAULT_DOMAIN=yh03.yh.yalh.net
|
||||||
|
|
||||||
# Enable/Disable syncing of admin status based on ldap groups:
|
# Enable/Disable syncing of admin status based on ldap groups:
|
||||||
#LDAP_SYNC_ADMIN_STATUS=true
|
#LDAP_SYNC_ADMIN_STATUS=true
|
||||||
|
LDAP_SYNC_ADMIN_STATUS=true
|
||||||
|
|
||||||
# Comma separated list of admin group names to sync.
|
# Comma separated list of admin group names to sync.
|
||||||
#LDAP_SYNC_ADMIN_GROUPS=group1,group2
|
#LDAP_SYNC_ADMIN_GROUPS=group1,group2
|
||||||
|
LDAP_SYNC_ADMIN_GROUPS=admins
|
||||||
|
|
||||||
# LOGOUT_WITH_TIMER : Enables or not the option logout with timer
|
# LOGOUT_WITH_TIMER : Enables or not the option logout with timer
|
||||||
# example : LOGOUT_WITH_TIMER=true
|
# example : LOGOUT_WITH_TIMER=true
|
||||||
|
|
Loading…
Reference in a new issue