From 48df2123cfba93b684832078d52d4813045eee35 Mon Sep 17 00:00:00 2001 From: Fabien Le Frapper Date: Thu, 20 Mar 2025 23:24:03 +0100 Subject: [PATCH 1/8] Improve developper experience - Add docker compose - Fix a few typo in README - Add steps to run project locally - Add a sample bottin config --- README.md | 26 ++++++++++++++++++++++++-- bottin.config.json | 13 +++++++++++++ docker-compose.yml | 24 ++++++++++++++++++++++++ 3 files changed, 61 insertions(+), 2 deletions(-) create mode 100644 bottin.config.json create mode 100644 docker-compose.yml diff --git a/README.md b/README.md index 483ea71..d8ddaef 100644 --- a/README.md +++ b/README.md @@ -8,10 +8,10 @@ Guichet is a simple LDAP web interface for the following tasks: - administration of the LDAP directory - inviting new users to create accounts -Guichet works well with the [Bottin](https://bottin.eu) LDAP server. +Guichet works well with the [Bottin](https://git.deuxfleurs.fr/deuxfleurs/bottin) LDAP server. Currently, Guichet's templates are only in French as it has been created for the [Deuxfleurs](https://deuxfleurs.fr) collective. -We would gladly merge a pull request with an English transaltion ! +We would gladly merge a pull request with an English translation ! A Docker image is provided on the [Docker hub](https://hub.docker.com/r/lxpz/guichet_amd64). An example for running Guichet on a Nomad cluster can be found in `guichet.hcl.example`. @@ -129,3 +129,25 @@ Here is an example of Bottin ACLs that may be used to support Guichet invitation Consult [this directory](https://git.deuxfleurs.fr/Deuxfleurs/infrastructure/src/branch/main/app/directory/config) to view the full configuration in use on Deuxfleurs. + +## Contribute + +Guichet needs a few components to work : +- A Bottin server +- that needs a consul server +A basic consul / bottin stack is available through the docker compose file + +``` +docker compose up -d +``` + +You can then run Guichet locally +```sh +# First, copy a sample config file +copy config.json.example config.json + +# Run the go development server +go run . +``` + +It will be available on http://localhost:9991 diff --git a/bottin.config.json b/bottin.config.json new file mode 100644 index 0000000..2592f8f --- /dev/null +++ b/bottin.config.json @@ -0,0 +1,13 @@ +{ + "suffix": "dc=bottin,dc=eu", + "bind": "127.0.0.1:1389", + "consul_host": "consul:8500", + "acl": [ + "ANONYMOUS::bind:*,ou=users,dc=bottin,dc=eu:", + "ANONYMOUS::bind:cn=admin,dc=bottin,dc=eu:", + "*,dc=bottin,dc=eu::read:*:* !userpassword", + "*::read modify:SELF:*", + "cn=admin,dc=bottin,dc=eu::read add modify delete:*:*", + "*:cn=admin,ou=groups,dc=bottin,dc=eu:read add modify delete:*:*" + ] +} diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..45675f2 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,24 @@ +services: + bottin: + image: lxpz/bottin_amd64 + platform: linux/amd64 + entrypoint: /bottin -config /config.json + depends_on: + consul: + condition: service_healthy + restart: true + ports: + - 389:389 + volumes: + - ./bottin.config.json:/config.json + consul: + image: consul:1.15 + command: agent -server -ui -node=server-1 -bootstrap-expect=1 -client=0.0.0.0 + healthcheck: + test: curl --fail http://localhost:8500/ui || exit 1 + interval: 10s + retries: 5 + start_period: 10s + timeout: 10s + ports: + - "8500:8500" From 4f3b5d8210911b2206abfab205b22759968b9ae6 Mon Sep 17 00:00:00 2001 From: Fabien Le Frapper Date: Thu, 20 Mar 2025 23:29:05 +0100 Subject: [PATCH 2/8] Do not expose ports in consul --- docker-compose.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 45675f2..66ab57c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -20,5 +20,3 @@ services: retries: 5 start_period: 10s timeout: 10s - ports: - - "8500:8500" From 0d3457142e47af958963babde6006042d950428f Mon Sep 17 00:00:00 2001 From: Fabien Le Frapper Date: Sun, 23 Mar 2025 20:11:13 +0100 Subject: [PATCH 3/8] Update readme --- README.md | 45 ++++++++++++++++++++++++++++++++++++++++----- bottin.config.json | 13 ------------- docker-compose.yml | 22 ---------------------- 3 files changed, 40 insertions(+), 40 deletions(-) delete mode 100644 bottin.config.json delete mode 100644 docker-compose.yml diff --git a/README.md b/README.md index d8ddaef..2f7a09d 100644 --- a/README.md +++ b/README.md @@ -130,18 +130,19 @@ Here is an example of Bottin ACLs that may be used to support Guichet invitation Consult [this directory](https://git.deuxfleurs.fr/Deuxfleurs/infrastructure/src/branch/main/app/directory/config) to view the full configuration in use on Deuxfleurs. -## Contribute +## Contribute & local development Guichet needs a few components to work : - A Bottin server - that needs a consul server A basic consul / bottin stack is available through the docker compose file -``` +```sh +cd integration docker compose up -d ``` - -You can then run Guichet locally + +You can then run Guichet locally : ```sh # First, copy a sample config file copy config.json.example config.json @@ -150,4 +151,38 @@ copy config.json.example config.json go run . ``` -It will be available on http://localhost:9991 +It will be available on http://localhost:9991. + +### First run + +#### How to get my admin password + +On first Bottin's run, it is displayed in the logs. +You can easily find it by reading the container logs : +```sh +docker compose logs bottin | grep password: +``` + +- username : it is provided by the log, and should be `cn=admin,dc=bottin,dc=eu` + + +#### Garage +⚠️ Be aware at this stage you local guichet installation is not 100% working, especially the websites features. +You need to initialise Garage. It can be done in a few commands, coming [the official documentation] : + +```sh +# Find your Garage node ID +docker compose exec garage /garage + +# eb820c8da5605f78 in the output below +ID Hostname Address Tags Zone Capacity DataAvail +eb820c8da5605f78 9bd710b31be0 127.0.0.1:3901 NO ROLE ASSIGNED + +# Then create a cluster layout +docker compose exec garage /garage layout assign -z dc1 -c 1G eb820c8da5605f78 + +# Finally, apply the layout +docker compose exec garage /garage layout apply +``` + +🎉 You now can go to http://localhost:9991/website without getting 503 errors. diff --git a/bottin.config.json b/bottin.config.json deleted file mode 100644 index 2592f8f..0000000 --- a/bottin.config.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "suffix": "dc=bottin,dc=eu", - "bind": "127.0.0.1:1389", - "consul_host": "consul:8500", - "acl": [ - "ANONYMOUS::bind:*,ou=users,dc=bottin,dc=eu:", - "ANONYMOUS::bind:cn=admin,dc=bottin,dc=eu:", - "*,dc=bottin,dc=eu::read:*:* !userpassword", - "*::read modify:SELF:*", - "cn=admin,dc=bottin,dc=eu::read add modify delete:*:*", - "*:cn=admin,ou=groups,dc=bottin,dc=eu:read add modify delete:*:*" - ] -} diff --git a/docker-compose.yml b/docker-compose.yml deleted file mode 100644 index 66ab57c..0000000 --- a/docker-compose.yml +++ /dev/null @@ -1,22 +0,0 @@ -services: - bottin: - image: lxpz/bottin_amd64 - platform: linux/amd64 - entrypoint: /bottin -config /config.json - depends_on: - consul: - condition: service_healthy - restart: true - ports: - - 389:389 - volumes: - - ./bottin.config.json:/config.json - consul: - image: consul:1.15 - command: agent -server -ui -node=server-1 -bootstrap-expect=1 -client=0.0.0.0 - healthcheck: - test: curl --fail http://localhost:8500/ui || exit 1 - interval: 10s - retries: 5 - start_period: 10s - timeout: 10s From a7180549ede7740134552083e909600884251e89 Mon Sep 17 00:00:00 2001 From: Fabien Le Frapper Date: Sun, 23 Mar 2025 20:31:25 +0100 Subject: [PATCH 4/8] Add garage in list --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 2f7a09d..e32c70d 100644 --- a/README.md +++ b/README.md @@ -135,7 +135,8 @@ to view the full configuration in use on Deuxfleurs. Guichet needs a few components to work : - A Bottin server - that needs a consul server -A basic consul / bottin stack is available through the docker compose file +- And a Garage cluster (of at least one node) +A basic consul / bottin stack is available through the docker compose file you can find in `integration` subdirectory: ```sh cd integration From 9fef8d855f0daa642b25c5e0ae69667ac4124a77 Mon Sep 17 00:00:00 2001 From: Fabien Le Frapper Date: Sun, 23 Mar 2025 20:32:56 +0100 Subject: [PATCH 5/8] Typo + link --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e32c70d..9604fe8 100644 --- a/README.md +++ b/README.md @@ -168,8 +168,8 @@ docker compose logs bottin | grep password: #### Garage -⚠️ Be aware at this stage you local guichet installation is not 100% working, especially the websites features. -You need to initialise Garage. It can be done in a few commands, coming [the official documentation] : +⚠️ Be aware at this stage that your local Guichet installation is not 100% working, especially the websites features. +You need to initialise Garage. It can be done in a few commands, coming from [the official Garage's documentation](https://garagehq.deuxfleurs.fr/documentation/quick-start/): ```sh # Find your Garage node ID From 56d78d4a1fc866a0498059cb23058c347a2616ba Mon Sep 17 00:00:00 2001 From: Fabien Le Frapper Date: Sun, 23 Mar 2025 20:35:12 +0100 Subject: [PATCH 6/8] Update comments --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9604fe8..cdb1e88 100644 --- a/README.md +++ b/README.md @@ -175,11 +175,11 @@ You need to initialise Garage. It can be done in a few commands, coming from [th # Find your Garage node ID docker compose exec garage /garage -# eb820c8da5605f78 in the output below +# Your id is eb820c8da5605f78 in the output below ID Hostname Address Tags Zone Capacity DataAvail eb820c8da5605f78 9bd710b31be0 127.0.0.1:3901 NO ROLE ASSIGNED -# Then create a cluster layout +# Then create a cluster layout with this id docker compose exec garage /garage layout assign -z dc1 -c 1G eb820c8da5605f78 # Finally, apply the layout From 97a0d1ed24a9af7bf67564f0fe534c1b30be930c Mon Sep 17 00:00:00 2001 From: Fabien Le Frapper Date: Sun, 23 Mar 2025 20:36:31 +0100 Subject: [PATCH 7/8] Add password example --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index cdb1e88..c937874 100644 --- a/README.md +++ b/README.md @@ -164,7 +164,8 @@ You can easily find it by reading the container logs : docker compose logs bottin | grep password: ``` -- username : it is provided by the log, and should be `cn=admin,dc=bottin,dc=eu` +- The **username** is provided in the log, and should look like this: `cn=admin,dc=bottin,dc=eu`. +- The **password** is right after in the same log line. #### Garage From c1fcc1bbba01f69882cb8baabc640d98aa3728f1 Mon Sep 17 00:00:00 2001 From: Fabien Le Frapper Date: Sun, 23 Mar 2025 20:39:25 +0100 Subject: [PATCH 8/8] Add line breaks --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c937874..f99061f 100644 --- a/README.md +++ b/README.md @@ -158,7 +158,7 @@ It will be available on http://localhost:9991. #### How to get my admin password -On first Bottin's run, it is displayed in the logs. +On first Bottin's run, it is displayed in the logs. You can easily find it by reading the container logs : ```sh docker compose logs bottin | grep password: @@ -169,7 +169,7 @@ docker compose logs bottin | grep password: #### Garage -⚠️ Be aware at this stage that your local Guichet installation is not 100% working, especially the websites features. +⚠️ Be aware at this stage that your local Guichet installation is not 100% working, especially the websites features. You need to initialise Garage. It can be done in a few commands, coming from [the official Garage's documentation](https://garagehq.deuxfleurs.fr/documentation/quick-start/): ```sh