Ajout du mecanisme d'invitation de Guichet
This commit is contained in:
parent
69e5c595d7
commit
4abdf2883e
4 changed files with 53 additions and 21 deletions
|
@ -6,10 +6,23 @@
|
||||||
"acl": [
|
"acl": [
|
||||||
"*,dc=deuxfleurs,dc=fr::read:*:* !userpassword",
|
"*,dc=deuxfleurs,dc=fr::read:*:* !userpassword",
|
||||||
"*::read modify:SELF:*",
|
"*::read modify:SELF:*",
|
||||||
"cn=admin,dc=deuxfleurs,dc=fr::read add modify delete:*:*",
|
|
||||||
"*:cn=admin,ou=groups,dc=deuxfleurs,dc=fr:read add modify delete:*:*",
|
|
||||||
"ANONYMOUS::bind:*,ou=users,dc=deuxfleurs,dc=fr:",
|
"ANONYMOUS::bind:*,ou=users,dc=deuxfleurs,dc=fr:",
|
||||||
"ANONYMOUS::bind:cn=admin,dc=deuxfleurs,dc=fr:",
|
"ANONYMOUS::bind:cn=admin,dc=deuxfleurs,dc=fr:",
|
||||||
"*,ou=services,ou=users,dc=deuxfleurs,dc=fr::bind:*,ou=users,dc=deuxfleurs,dc=fr:*"
|
"*,ou=services,ou=users,dc=deuxfleurs,dc=fr::bind:*,ou=users,dc=deuxfleurs,dc=fr:*",
|
||||||
|
|
||||||
|
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:add:*,ou=invitations,dc=deuxfleurs,dc=fr:*",
|
||||||
|
"ANONYMOUS::bind:*,ou=invitations,dc=deuxfleurs,dc=fr:",
|
||||||
|
"*,ou=invitations,dc=deuxfleurs,dc=fr::delete:SELF:*",
|
||||||
|
|
||||||
|
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:add:*,ou=users,dc=deuxfleurs,dc=fr:*",
|
||||||
|
"*,ou=invitations,dc=deuxfleurs,dc=fr::add:*,ou=users,dc=deuxfleurs,dc=fr:*",
|
||||||
|
|
||||||
|
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=email,ou=groups,dc=deuxfleurs,dc=fr:*",
|
||||||
|
"*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=email,ou=groups,dc=deuxfleurs,dc=fr:*",
|
||||||
|
"*:cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr:modifyAdd:cn=seafile,ou=groups,dc=deuxfleurs,dc=fr:*",
|
||||||
|
"*,ou=invitations,dc=deuxfleurs,dc=fr::modifyAdd:cn=seafile,ou=groups,dc=deuxfleurs,dc=fr:*",
|
||||||
|
|
||||||
|
"cn=admin,dc=deuxfleurs,dc=fr::read add modify delete:*:*",
|
||||||
|
"*:cn=admin,ou=groups,dc=deuxfleurs,dc=fr:read add modify delete:*:*"
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
{
|
|
||||||
"http_bind_addr": ":9991",
|
|
||||||
"ldap_server_addr": "ldap://bottin2.service.2.cluster.deuxfleurs.fr:389",
|
|
||||||
|
|
||||||
"base_dn": "dc=deuxfleurs,dc=fr",
|
|
||||||
"user_base_dn": "ou=users,dc=deuxfleurs,dc=fr",
|
|
||||||
"user_name_attr": "cn",
|
|
||||||
"group_base_dn": "ou=groups,dc=deuxfleurs,dc=fr",
|
|
||||||
"group_name_attr": "cn",
|
|
||||||
|
|
||||||
"admin_account": "cn=admin,dc=deuxfleurs,dc=fr",
|
|
||||||
"group_can_admin": "cn=admin,ou=groups,dc=deuxfleurs,dc=fr",
|
|
||||||
"group_can_invite": "cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr"
|
|
||||||
}
|
|
||||||
|
|
29
consul/configuration/directory/guichet/config.json.tpl
Normal file
29
consul/configuration/directory/guichet/config.json.tpl
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
{
|
||||||
|
"http_bind_addr": ":9991",
|
||||||
|
"ldap_server_addr": "ldap://bottin2.service.2.cluster.deuxfleurs.fr:389",
|
||||||
|
|
||||||
|
"base_dn": "dc=deuxfleurs,dc=fr",
|
||||||
|
"user_base_dn": "ou=users,dc=deuxfleurs,dc=fr",
|
||||||
|
"user_name_attr": "cn",
|
||||||
|
"group_base_dn": "ou=groups,dc=deuxfleurs,dc=fr",
|
||||||
|
"group_name_attr": "cn",
|
||||||
|
|
||||||
|
"invitation_base_dn": "ou=invitations,dc=deuxfleurs,dc=fr",
|
||||||
|
"invitation_name_attr": "cn",
|
||||||
|
"invited_mail_format": "{}@deuxfleurs.fr",
|
||||||
|
"invited_auto_groups": [
|
||||||
|
"cn=email,ou=groups,dc=deuxfleurs,dc=fr",
|
||||||
|
"cn=seafile,ou=groups,dc=deuxfleurs,dc=fr"
|
||||||
|
],
|
||||||
|
|
||||||
|
"web_address": "https://guichet.deuxfleurs.fr",
|
||||||
|
"mail_from": "coucou@deuxfleurs.fr",
|
||||||
|
"smtp_server": "adnab.me:25",
|
||||||
|
"smtp_username": "{{ key "secrets/directory/guichet/smtp_user" | trimSpace }}",
|
||||||
|
"smtp_password": "{{ key "secrets/directory/guichet/smtp_pass" | trimSpace }}",
|
||||||
|
|
||||||
|
"admin_account": "cn=admin,dc=deuxfleurs,dc=fr",
|
||||||
|
"group_can_admin": "cn=admin,ou=groups,dc=deuxfleurs,dc=fr",
|
||||||
|
"group_can_invite": "cn=asso_deuxfleurs,ou=groups,dc=deuxfleurs,dc=fr"
|
||||||
|
}
|
||||||
|
|
|
@ -12,7 +12,7 @@ job "directory2" {
|
||||||
task "bottin" {
|
task "bottin" {
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
config {
|
config {
|
||||||
image = "lxpz/bottin_amd64:12"
|
image = "lxpz/bottin_amd64:13"
|
||||||
readonly_rootfs = true
|
readonly_rootfs = true
|
||||||
port_map {
|
port_map {
|
||||||
ldap_port = 1389
|
ldap_port = 1389
|
||||||
|
@ -61,7 +61,7 @@ job "directory2" {
|
||||||
task "guichet" {
|
task "guichet" {
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
config {
|
config {
|
||||||
image = "lxpz/guichet_amd64:5"
|
image = "lxpz/guichet_amd64:8"
|
||||||
readonly_rootfs = true
|
readonly_rootfs = true
|
||||||
port_map {
|
port_map {
|
||||||
web_port = 9991
|
web_port = 9991
|
||||||
|
@ -71,8 +71,13 @@ job "directory2" {
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
artifact {
|
||||||
|
source = "http://127.0.0.1:8500/v1/kv/configuration/directory/guichet/config.json.tpl?raw"
|
||||||
|
destination = "secrets/config.json.tpl"
|
||||||
|
mode = "file"
|
||||||
|
}
|
||||||
template {
|
template {
|
||||||
data = "{{ key \"configuration/directory/guichet/config.json\" }}"
|
source = "secrets/config.json.tpl"
|
||||||
destination = "secrets/config.json"
|
destination = "secrets/config.json"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Reference in a new issue