Cosmetic changes
This commit is contained in:
parent
9e3b172227
commit
5a7d32de13
14 changed files with 46 additions and 46 deletions
10
LICENSE
10
LICENSE
|
@ -31,7 +31,7 @@ these rights or asking you to surrender the rights. Therefore, you have
|
|||
certain responsibilities if you distribute copies of the software, or if
|
||||
you modify it: responsibilities to respect the freedom of others.
|
||||
|
||||
For example, if you distribute copies of such a program, whether
|
||||
For exemple, if you distribute copies of such a program, whether
|
||||
gratis or for a fee, you must pass on to the recipients the same
|
||||
freedoms that you received. You must make sure that they, too, receive
|
||||
or can get the source code. And you must show them these terms so they
|
||||
|
@ -137,7 +137,7 @@ work) run the object code and to modify the work, including scripts to
|
|||
control those activities. However, it does not include the work's
|
||||
System Libraries, or general-purpose tools or generally available free
|
||||
programs which are used unmodified in performing those activities but
|
||||
which are not part of the work. For example, Corresponding Source
|
||||
which are not part of the work. For exemple, Corresponding Source
|
||||
includes interface definition files associated with source files for
|
||||
the work, and the source code for shared libraries and dynamically
|
||||
linked subprograms that the work is specifically designed to require,
|
||||
|
@ -323,7 +323,7 @@ fixed term (regardless of how the transaction is characterized), the
|
|||
Corresponding Source conveyed under this section must be accompanied
|
||||
by the Installation Information. But this requirement does not apply
|
||||
if neither you nor any third party retains the ability to install
|
||||
modified object code on the User Product (for example, the work has
|
||||
modified object code on the User Product (for exemple, the work has
|
||||
been installed in ROM).
|
||||
|
||||
The requirement to provide Installation Information does not include a
|
||||
|
@ -461,7 +461,7 @@ Corresponding Source of the work from the predecessor in interest, if
|
|||
the predecessor has it or can get it with reasonable efforts.
|
||||
|
||||
You may not impose any further restrictions on the exercise of the
|
||||
rights granted or affirmed under this License. For example, you may
|
||||
rights granted or affirmed under this License. For exemple, you may
|
||||
not impose a license fee, royalty, or other charge for exercise of
|
||||
rights granted under this License, and you may not initiate litigation
|
||||
(including a cross-claim or counterclaim in a lawsuit) alleging that
|
||||
|
@ -544,7 +544,7 @@ otherwise) that contradict the conditions of this License, they do not
|
|||
excuse you from the conditions of this License. If you cannot convey a
|
||||
covered work so as to satisfy simultaneously your obligations under this
|
||||
License and any other pertinent obligations, then as a consequence you may
|
||||
not convey it at all. For example, if you agree to terms that obligate you
|
||||
not convey it at all. For exemple, if you agree to terms that obligate you
|
||||
to collect a royalty for further conveying from those to whom you convey
|
||||
the Program, the only way you could satisfy both those terms and this
|
||||
License would be to refrain entirely from conveying the Program.
|
||||
|
|
18
README.md
18
README.md
|
@ -1,6 +1,6 @@
|
|||
# Guichet
|
||||
|
||||
[![Build Status](https://drone.deuxfleurs.fr/api/badges/Deuxfleurs/guichet/status.svg?ref=refs/heads/main)](https://drone.deuxfleurs.fr/Deuxfleurs/guichet)
|
||||
[![Build Status](https://drone.resdigita.org/api/badges/Deuxfleurs/guichet/status.svg?ref=refs/heads/main)](https://drone.resdigita.org/Deuxfleurs/guichet)
|
||||
|
||||
Guichet is a simple LDAP web interface for the following tasks:
|
||||
|
||||
|
@ -10,11 +10,11 @@ Guichet is a simple LDAP web interface for the following tasks:
|
|||
|
||||
Guichet works well with the [Bottin](https://bottin.eu) LDAP server.
|
||||
Currently, Guichet's templates are only in French as it has been created for
|
||||
the [Deuxfleurs](https://deuxfleurs.fr) collective.
|
||||
the [Deuxfleurs](https://resdigita.org) collective.
|
||||
We would gladly merge a pull request with an English transaltion !
|
||||
|
||||
A Docker image is provided on the [Docker hub](https://hub.docker.com/r/lxpz/guichet_amd64).
|
||||
An example for running Guichet on a Nomad cluster can be found in `guichet.hcl.example`.
|
||||
An exemple for running Guichet on a Nomad cluster can be found in `guichet.hcl.exemple`.
|
||||
|
||||
Guichet takes a single command line argument, `-config <filename>`, which is the
|
||||
path to its config file (defaults to `./config.json`).
|
||||
|
@ -34,7 +34,7 @@ Then, run `make` in the root of the repo.
|
|||
## Configuration of Guichet
|
||||
|
||||
Guichet is configured using a simple JSON config file which is a dictionnary whose keys
|
||||
are described below. An example is provided in a further section.
|
||||
are described below. An exemple is provided in a further section.
|
||||
|
||||
### HTTP listen address
|
||||
|
||||
|
@ -66,7 +66,7 @@ Invitation codes are created as temporary LDAP objects in a special folder.
|
|||
- `group_can_invite`: the LDAP DN of a group whose members are allowed to send invitations to new users
|
||||
- `invitation_base_dn`: the LDAP folder in which invitation codes are stored
|
||||
- `invitation_name_attr`: just use `cn`
|
||||
- `invited_mail_format`: automatically set the invited user's email to this string, where `{}` is replaced by the created username (ex: `{}@deuxfleurs.fr`)
|
||||
- `invited_mail_format`: automatically set the invited user's email to this string, where `{}` is replaced by the created username (ex: `{}@resdigita.org`)
|
||||
- `invited_auto_groups` (list of strings): a list of DNs of LDAP groups
|
||||
|
||||
#### Email configuration
|
||||
|
@ -78,14 +78,14 @@ Guichet can send an invitation link by email. To do so, an SMTP server must be c
|
|||
- `mail_from`: the sender email address for the invitation message
|
||||
- `web_address`: the base web address of the Guichet service (used for building the invitation link)
|
||||
|
||||
## Example configuration
|
||||
## exemple configuration
|
||||
|
||||
This is a subset of the configuration we use on Deuxfleurs:
|
||||
|
||||
```
|
||||
{
|
||||
"http_bind_addr": ":9991",
|
||||
"ldap_server_addr": "ldap://bottin2.service.2.cluster.deuxfleurs.fr:389",
|
||||
"ldap_server_addr": "ldap://bottin2.service.2.cluster.resdigita.org:389",
|
||||
|
||||
"base_dn": "dc=deuxfleurs,dc=fr",
|
||||
"user_base_dn": "ou=users,dc=deuxfleurs,dc=fr",
|
||||
|
@ -99,7 +99,7 @@ This is a subset of the configuration we use on Deuxfleurs:
|
|||
}
|
||||
```
|
||||
|
||||
Here is an example of Bottin ACLs that may be used to support Guichet invitations:
|
||||
Here is an exemple of Bottin ACLs that may be used to support Guichet invitations:
|
||||
|
||||
```
|
||||
"acl": [
|
||||
|
@ -127,5 +127,5 @@ Here is an example of Bottin ACLs that may be used to support Guichet invitation
|
|||
]
|
||||
```
|
||||
|
||||
Consult [this directory](https://git.deuxfleurs.fr/Deuxfleurs/infrastructure/src/branch/main/app/directory/config)
|
||||
Consult [this directory](https://git.resdigita.org/Deuxfleurs/infrastructure/src/branch/main/app/directory/config)
|
||||
to view the full configuration in use on Deuxfleurs.
|
||||
|
|
|
@ -10,14 +10,14 @@
|
|||
|
||||
"invitation_base_dn": "ou=invitations,dc=bottin,dc=eu",
|
||||
"invitation_name_attr": "cn",
|
||||
"invited_mail_format": "{}@example.com",
|
||||
"invited_mail_format": "{}@exemple.com",
|
||||
"invited_auto_groups": [
|
||||
"cn=email,ou=groups,dc=bottin,dc=eu"
|
||||
],
|
||||
|
||||
"web_address": "http://guichet.localhost:9991",
|
||||
"mail_from": "welcome@example.com",
|
||||
"smtp_server": "smtp.example.com",
|
||||
"mail_from": "welcome@exemple.com",
|
||||
"smtp_server": "smtp.exemple.com",
|
||||
"smtp_username": "guichet",
|
||||
"smtp_password": "",
|
||||
|
||||
|
|
|
@ -32,7 +32,7 @@
|
|||
|
||||
meta = with pkgs.lib; {
|
||||
description = "A simple LDAP web interface for Bottin";
|
||||
homepage = "https://git.deuxfleurs.fr/Deuxfleurs/guichet";
|
||||
homepage = "https://git.resdigita.org/Deuxfleurs/guichet";
|
||||
license = licenses.gpl3Plus;
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
|
|
|
@ -4,7 +4,7 @@ import (
|
|||
"context"
|
||||
"errors"
|
||||
"fmt"
|
||||
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
|
||||
garage "git.resdigita.org/garage-sdk/garage-admin-sdk-golang"
|
||||
"github.com/go-ldap/ldap/v3"
|
||||
"github.com/gorilla/mux"
|
||||
"log"
|
||||
|
|
4
go.mod
4
go.mod
|
@ -1,9 +1,9 @@
|
|||
module git.deuxfleurs.fr/Deuxfleurs/guichet
|
||||
module git.resdigita.org/Deuxfleurs/guichet
|
||||
|
||||
go 1.18
|
||||
|
||||
require (
|
||||
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9
|
||||
git.resdigita.org/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9
|
||||
github.com/emersion/go-sasl v0.0.0-20191210011802-430746ea8b9b
|
||||
github.com/emersion/go-smtp v0.12.1
|
||||
github.com/go-ldap/ldap/v3 v3.1.6
|
||||
|
|
4
go.sum
4
go.sum
|
@ -31,8 +31,8 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl
|
|||
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
|
||||
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
|
||||
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
|
||||
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9 h1:ERg8KCpIKym98EOKa8Gq0NSBxsasD3sqb/R0gg1wOzU=
|
||||
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9/go.mod h1:TlSL6QVxozmdRaSgP6Akspi0HCJv4HAkkq3Dldru4GM=
|
||||
git.resdigita.org/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9 h1:ERg8KCpIKym98EOKa8Gq0NSBxsasD3sqb/R0gg1wOzU=
|
||||
git.resdigita.org/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9/go.mod h1:TlSL6QVxozmdRaSgP6Akspi0HCJv4HAkkq3Dldru4GM=
|
||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
||||
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
||||
|
|
|
@ -40,7 +40,7 @@ job "guichet" {
|
|||
"guichet",
|
||||
"traefik.enable=true",
|
||||
"traefik.frontend.entryPoints=https,http",
|
||||
"traefik.frontend.rule=Host:guichet.deuxfleurs.fr,guichet.deuxfleurs.org",
|
||||
"traefik.frontend.rule=Host:guichet.resdigita.org,guichet.deuxfleurs.org",
|
||||
]
|
||||
port = "web_port"
|
||||
address_mode = "host"
|
||||
|
|
2
main.go
2
main.go
|
@ -84,7 +84,7 @@ func readConfig() ConfigFile {
|
|||
|
||||
_, err := os.Stat(*configFlag)
|
||||
if os.IsNotExist(err) {
|
||||
log.Fatalf("Could not find Guichet configuration file at %s. Please create this file, for example starting with config.json.example and customizing it for your deployment.", *configFlag)
|
||||
log.Fatalf("Could not find Guichet configuration file at %s. Please create this file, for exemple starting with config.json.exemple and customizing it for your deployment.", *configFlag)
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
|
|
|
@ -33,12 +33,12 @@
|
|||
{{if eq .Template "ml"}}
|
||||
<div class="form-group">
|
||||
<label for="idvalue">Adresse complète de la mailing list :</label>
|
||||
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" placeholder="example@deuxfleurs.fr" />
|
||||
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" placeholder="exemple@resdigita.org" pattern="^[\w-\.]+@resdigita.org" />
|
||||
</div>
|
||||
{{else}}
|
||||
<div class="form-group">
|
||||
<label for="idvalue">Identifiant :</label>
|
||||
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" />
|
||||
<label for="idvalue">Identifiant :</label>
|
||||
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" placeholder="exemple@resdigita.org" pattern="^[\w-\.]+@resdigita.org"/>
|
||||
</div>
|
||||
{{end}}
|
||||
<div class="form-group">
|
||||
|
|
|
@ -34,7 +34,7 @@
|
|||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Endpoint URL</th>
|
||||
<td>https://garage.deuxfleurs.fr</td>
|
||||
<td>https://garage.resdigita.org</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Type d'URL</th>
|
||||
|
@ -66,7 +66,7 @@ export AWS_ACCESS_KEY_ID={{ .Key.AccessKeyId }}
|
|||
export AWS_SECRET_ACCESS_KEY={{ .Key.SecretAccessKey }}
|
||||
export AWS_DEFAULT_REGION='garage'
|
||||
|
||||
function aws { command aws --endpoint-url https://garage.deuxfleurs.fr $@ ; }
|
||||
function aws { command aws --endpoint-url https://garage.resdigita.org $@ ; }
|
||||
aws --version
|
||||
</pre>
|
||||
<p>Ensuite vous pouvez utiliser awscli :</p>
|
||||
|
@ -96,7 +96,7 @@ aws s3 cp /tmp/a.txt s3://my-bucket
|
|||
<pre>
|
||||
mc alias set \
|
||||
garage \
|
||||
https://garage.deuxfleurs.fr \
|
||||
https://garage.resdigita.org \
|
||||
{{ .Key.AccessKeyId }} \
|
||||
{{ .Key.SecretAccessKey }} \
|
||||
--api S3v4
|
||||
|
@ -140,7 +140,7 @@ mc cp /tmp/a.txt garage/my-bucket/a.txt
|
|||
<p>Dans votre fichier <code>config.toml</code>, rajoutez :</p>
|
||||
<pre>
|
||||
[[deployment.targets]]
|
||||
URL = "s3://bucket?endpoint=garage.deuxfleurs.fr&s3ForcePathStyle=true&region=garage"
|
||||
URL = "s3://bucket?endpoint=garage.resdigita.org&s3ForcePathStyle=true&region=garage"
|
||||
</pre>
|
||||
<p>Assurez-vous d'avoir un fichier dans lequel les variables <code>AWS_ACCESS_KEY_ID</code> et <code>AWS_SECRET_ACCESS_KEY</code> sont définies,
|
||||
ici on suppose que vous avez suivi les instructions de l'outil awscli (ci-dessus) et que vous avez un fichier <code>~/.awsrc</code> qui défini ces variables.
|
||||
|
@ -184,7 +184,7 @@ hugo deploy
|
|||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Hôte</th>
|
||||
<td>sftp://bagage.deuxfleurs.fr</td>
|
||||
<td>sftp://bagage.resdigita.org</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row">Port</th>
|
||||
|
@ -207,7 +207,7 @@ hugo deploy
|
|||
<div class="card-body">
|
||||
<p>Un exemple avec SCP :</p>
|
||||
<pre>
|
||||
scp -oHostKeyAlgorithms=+ssh-rsa -P2222 -r ./public {{ .Status.Info.Username }}@bagage.deuxfleurs.fr:mon_bucket/
|
||||
scp -oHostKeyAlgorithms=+ssh-rsa -P2222 -r ./public {{ .Status.Info.Username }}@bagage.resdigita.org:mon_bucket/
|
||||
</pre>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
{{ if contains $alias "." }}
|
||||
https://{{ $alias }}
|
||||
{{ else }}
|
||||
https://{{ $alias }}.web.deuxfleurs.fr
|
||||
https://{{ $alias }}.web.resdigita.org
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
</td>
|
||||
|
@ -49,9 +49,9 @@
|
|||
|
||||
{{ range $alias := .Bucket.GlobalAliases }}
|
||||
{{ if contains $alias "." }}
|
||||
<p> Le nom de domaine {{ $alias }} n'est pas géré par Deuxfleurs, il vous revient donc de configurer la zone DNS. Vous devez ajouter une entrée <code>CNAME garage.deuxfleurs.fr</code> ou <code>ALIAS garage.deuxfleurs.fr</code> auprès de votre hébergeur DNS, qui est souvent aussi le bureau d'enregistrement (eg. Gandi, GoDaddy, BookMyName, etc.).</p>
|
||||
<p> Le nom de domaine {{ $alias }} n'est pas géré par Deuxfleurs, il vous revient donc de configurer la zone DNS. Vous devez ajouter une entrée <code>CNAME garage.resdigita.org</code> ou <code>ALIAS garage.resdigita.org</code> auprès de votre hébergeur DNS, qui est souvent aussi le bureau d'enregistrement (eg. Gandi, GoDaddy, BookMyName, etc.).</p>
|
||||
{{ else }}
|
||||
<p> Le nom de domaine https://{{ $alias }}.web.deuxfleurs.fr est fourni par Deuxfleurs, il n'y a pas de configuration à faire.</p>
|
||||
<p> Le nom de domaine https://{{ $alias }}.web.resdigita.org est fourni par Deuxfleurs, il n'y a pas de configuration à faire.</p>
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
{{ if contains $alias "." }}
|
||||
https://{{ $alias }}
|
||||
{{ else }}
|
||||
https://{{ $alias }}.web.deuxfleurs.fr
|
||||
https://{{ $alias }}.web.resdigita.org
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
</td>
|
||||
|
|
|
@ -22,11 +22,11 @@
|
|||
<div class="form-row">
|
||||
<div class="form-group col-md-6">
|
||||
<label for="bucket">Sous-domaine désiré :</label>
|
||||
<input type="text" id="bucket" name="bucket" placeholder="mon-site" class="form-control" value="" onkeyup="document.getElementById('url').value = `https://${document.getElementById('bucket').value}.web.deuxfleurs.fr`" />
|
||||
<input type="text" id="bucket" name="bucket" placeholder="mon-site" class="form-control" value="" onkeyup="document.getElementById('url').value = `https://${document.getElementById('bucket').value}.web.resdigita.org`" />
|
||||
</div>
|
||||
<div class="form-group col-md-6">
|
||||
<label for="url">Votre site sera accessible à l'URL suivante :</label>
|
||||
<input type="text" id="url" disabled="true" name="url" class="form-control" value="https://mon-site.web.deuxfleurs.fr" />
|
||||
<input type="text" id="url" disabled="true" name="url" class="form-control" value="https://mon-site.web.resdigita.org" />
|
||||
</div>
|
||||
</div>
|
||||
<div class="mt-4">
|
||||
|
@ -40,18 +40,18 @@
|
|||
<div class="form-row">
|
||||
<div class="form-group col-md-6">
|
||||
<label for="bucket2">Votre nom de domaine :</label>
|
||||
<input type="text" id="bucket2" name="bucket2" placeholder="example.com" class="form-control" value="" onkeyup="document.getElementById('url2').value = `https://${document.getElementById('bucket2').value}`" />
|
||||
<input type="text" id="bucket2" name="bucket2" placeholder="exemple.com" class="form-control" value="" onkeyup="document.getElementById('url2').value = `https://${document.getElementById('bucket2').value}`" />
|
||||
</div>
|
||||
<div class="form-group col-md-6">
|
||||
<label for="url2">Votre site sera accessible à l'URL suivante :</label>
|
||||
<input type="text" id="url2" disabled="true" name="url2" class="form-control" value="https://example.com" />
|
||||
<input type="text" id="url2" disabled="true" name="url2" class="form-control" value="https://exemple.com" />
|
||||
</div>
|
||||
</div>
|
||||
<div>
|
||||
<p>Vous devez éditer votre zone DNS, souvent gérée par votre bureau d'enregistrement, comme Gandi, pour la faire pointer vers Deuxfleurs. Si vous utilisez un sous domaine (eg. <code>site.example.com</code>), une entrée <code>CNAME</code> est appropriée :</p>
|
||||
<pre>site CNAME 3600 garage.deuxfleurs.fr.</pre>
|
||||
<p>Si vous utilisez la racine de votre nom de domaine (eg. <code>example.com</code>, aussi appelée APEX), la solution dépend de votre fournisseur DNS, il vous faudra au choix une entrée <code>ALIAS</code> ou <code>CNAME</code> en fonction de ce que votre fournisseur supporte :</p>
|
||||
<pre>@ ALIAS 3600 garage.deuxfleurs.fr.</pre>
|
||||
<p>Vous devez éditer votre zone DNS, souvent gérée par votre bureau d'enregistrement, comme Gandi, pour la faire pointer vers Deuxfleurs. Si vous utilisez un sous domaine (eg. <code>site.exemple.com</code>), une entrée <code>CNAME</code> est appropriée :</p>
|
||||
<pre>site CNAME 3600 garage.resdigita.org.</pre>
|
||||
<p>Si vous utilisez la racine de votre nom de domaine (eg. <code>exemple.com</code>, aussi appelée APEX), la solution dépend de votre fournisseur DNS, il vous faudra au choix une entrée <code>ALIAS</code> ou <code>CNAME</code> en fonction de ce que votre fournisseur supporte :</p>
|
||||
<pre>@ ALIAS 3600 garage.resdigita.org.</pre>
|
||||
<p>La première fois que vous chargerez votre site web, une erreur de certificat sera renvoyée. C'est normal, il faudra patienter quelques minutes le temps que le certificat se génère.</p>
|
||||
</div>
|
||||
<div class="mt-4">
|
||||
|
|
Loading…
Reference in a new issue