aerogramme.deuxfleurs.fr/content/documentation/cookbook/static-user-management.md

2.1 KiB

+++ title = "User Management" weight = 20 +++

Aerogramme can externalize its user management through LDAP, but if you target a simple deployment, it has also an internal user management system that will be covered here.

As a pre-requisite, you must have your aerogramme.toml file configured for "Static" user management as described in Configuration file. You also need a configured Garage instance, either local or distributed.

Adding users

Once you have done all the previous pre-requisites, Aerogramme provides a command-line utility to add a user:

aerogramme provider account add --login alice --setup  <(cat <<EOF
email_addresses = [ "alice@example.tld", "alice.smith@example.tld" ]
clear_password = "hunter2"
storage_driver = "Garage"
s3_endpoint = "http://localhost:3900"
k2v_endpoint = "http://localhost:3904"
aws_region = "garage"
aws_access_key_id = "GKa8..."
aws_secret_access_key = "7ba95..."
bucket = "aerogramme-alice"
EOF
)

aerogramme provider account add --login bob --setup  # ...
# ...

aerogramme provider account add --login charlie --setup  # ...
# ...

You must run this command for all your users.

If you don't set the clear_password field, it will be interactively asked.

This command will edit your user_list file. If your Aerogramme daemon is already running, you must reload it in order to load the newly added users. To reload Aerogramme, run:

aerogramme provider reload

Change account password

You might need to change an account password, you can run:

aerogramme provider account change-password --login alice

You can pass the old and new password through environment variables:

AEROGRAMME_OLD_PASSWORD=x \
AEROGRAMME_NEW_PASSWORD=y \
aerogramme provider account change-password --login alice

Do not forget to reload

Delete account

aerogramme provider account delete --login alice

Do not forget to reload