Cosmetic changes

This commit is contained in:
Chris Mann 2023-07-17 11:18:21 +02:00
parent 9e3b172227
commit 5a7d32de13
14 changed files with 46 additions and 46 deletions

10
LICENSE
View file

@ -31,7 +31,7 @@ these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether
For exemple, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
@ -137,7 +137,7 @@ work) run the object code and to modify the work, including scripts to
control those activities. However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work. For example, Corresponding Source
which are not part of the work. For exemple, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
@ -323,7 +323,7 @@ fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information. But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
modified object code on the User Product (for exemple, the work has
been installed in ROM).
The requirement to provide Installation Information does not include a
@ -461,7 +461,7 @@ Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License. For example, you may
rights granted or affirmed under this License. For exemple, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
@ -544,7 +544,7 @@ otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all. For example, if you agree to terms that obligate you
not convey it at all. For exemple, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.

View file

@ -1,6 +1,6 @@
# Guichet
[![Build Status](https://drone.deuxfleurs.fr/api/badges/Deuxfleurs/guichet/status.svg?ref=refs/heads/main)](https://drone.deuxfleurs.fr/Deuxfleurs/guichet)
[![Build Status](https://drone.resdigita.org/api/badges/Deuxfleurs/guichet/status.svg?ref=refs/heads/main)](https://drone.resdigita.org/Deuxfleurs/guichet)
Guichet is a simple LDAP web interface for the following tasks:
@ -10,11 +10,11 @@ Guichet is a simple LDAP web interface for the following tasks:
Guichet works well with the [Bottin](https://bottin.eu) LDAP server.
Currently, Guichet's templates are only in French as it has been created for
the [Deuxfleurs](https://deuxfleurs.fr) collective.
the [Deuxfleurs](https://resdigita.org) collective.
We would gladly merge a pull request with an English transaltion !
A Docker image is provided on the [Docker hub](https://hub.docker.com/r/lxpz/guichet_amd64).
An example for running Guichet on a Nomad cluster can be found in `guichet.hcl.example`.
An exemple for running Guichet on a Nomad cluster can be found in `guichet.hcl.exemple`.
Guichet takes a single command line argument, `-config <filename>`, which is the
path to its config file (defaults to `./config.json`).
@ -34,7 +34,7 @@ Then, run `make` in the root of the repo.
## Configuration of Guichet
Guichet is configured using a simple JSON config file which is a dictionnary whose keys
are described below. An example is provided in a further section.
are described below. An exemple is provided in a further section.
### HTTP listen address
@ -66,7 +66,7 @@ Invitation codes are created as temporary LDAP objects in a special folder.
- `group_can_invite`: the LDAP DN of a group whose members are allowed to send invitations to new users
- `invitation_base_dn`: the LDAP folder in which invitation codes are stored
- `invitation_name_attr`: just use `cn`
- `invited_mail_format`: automatically set the invited user's email to this string, where `{}` is replaced by the created username (ex: `{}@deuxfleurs.fr`)
- `invited_mail_format`: automatically set the invited user's email to this string, where `{}` is replaced by the created username (ex: `{}@resdigita.org`)
- `invited_auto_groups` (list of strings): a list of DNs of LDAP groups
#### Email configuration
@ -78,14 +78,14 @@ Guichet can send an invitation link by email. To do so, an SMTP server must be c
- `mail_from`: the sender email address for the invitation message
- `web_address`: the base web address of the Guichet service (used for building the invitation link)
## Example configuration
## exemple configuration
This is a subset of the configuration we use on Deuxfleurs:
```
{
"http_bind_addr": ":9991",
"ldap_server_addr": "ldap://bottin2.service.2.cluster.deuxfleurs.fr:389",
"ldap_server_addr": "ldap://bottin2.service.2.cluster.resdigita.org:389",
"base_dn": "dc=deuxfleurs,dc=fr",
"user_base_dn": "ou=users,dc=deuxfleurs,dc=fr",
@ -99,7 +99,7 @@ This is a subset of the configuration we use on Deuxfleurs:
}
```
Here is an example of Bottin ACLs that may be used to support Guichet invitations:
Here is an exemple of Bottin ACLs that may be used to support Guichet invitations:
```
"acl": [
@ -127,5 +127,5 @@ Here is an example of Bottin ACLs that may be used to support Guichet invitation
]
```
Consult [this directory](https://git.deuxfleurs.fr/Deuxfleurs/infrastructure/src/branch/main/app/directory/config)
Consult [this directory](https://git.resdigita.org/Deuxfleurs/infrastructure/src/branch/main/app/directory/config)
to view the full configuration in use on Deuxfleurs.

View file

@ -10,14 +10,14 @@
"invitation_base_dn": "ou=invitations,dc=bottin,dc=eu",
"invitation_name_attr": "cn",
"invited_mail_format": "{}@example.com",
"invited_mail_format": "{}@exemple.com",
"invited_auto_groups": [
"cn=email,ou=groups,dc=bottin,dc=eu"
],
"web_address": "http://guichet.localhost:9991",
"mail_from": "welcome@example.com",
"smtp_server": "smtp.example.com",
"mail_from": "welcome@exemple.com",
"smtp_server": "smtp.exemple.com",
"smtp_username": "guichet",
"smtp_password": "",

View file

@ -32,7 +32,7 @@
meta = with pkgs.lib; {
description = "A simple LDAP web interface for Bottin";
homepage = "https://git.deuxfleurs.fr/Deuxfleurs/guichet";
homepage = "https://git.resdigita.org/Deuxfleurs/guichet";
license = licenses.gpl3Plus;
platforms = platforms.linux;
};

View file

@ -4,7 +4,7 @@ import (
"context"
"errors"
"fmt"
garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang"
garage "git.resdigita.org/garage-sdk/garage-admin-sdk-golang"
"github.com/go-ldap/ldap/v3"
"github.com/gorilla/mux"
"log"

4
go.mod
View file

@ -1,9 +1,9 @@
module git.deuxfleurs.fr/Deuxfleurs/guichet
module git.resdigita.org/Deuxfleurs/guichet
go 1.18
require (
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9
git.resdigita.org/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9
github.com/emersion/go-sasl v0.0.0-20191210011802-430746ea8b9b
github.com/emersion/go-smtp v0.12.1
github.com/go-ldap/ldap/v3 v3.1.6

4
go.sum
View file

@ -31,8 +31,8 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9 h1:ERg8KCpIKym98EOKa8Gq0NSBxsasD3sqb/R0gg1wOzU=
git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9/go.mod h1:TlSL6QVxozmdRaSgP6Akspi0HCJv4HAkkq3Dldru4GM=
git.resdigita.org/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9 h1:ERg8KCpIKym98EOKa8Gq0NSBxsasD3sqb/R0gg1wOzU=
git.resdigita.org/garage-sdk/garage-admin-sdk-golang v0.0.0-20230131081355-c965fe7f7dc9/go.mod h1:TlSL6QVxozmdRaSgP6Akspi0HCJv4HAkkq3Dldru4GM=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=

View file

@ -40,7 +40,7 @@ job "guichet" {
"guichet",
"traefik.enable=true",
"traefik.frontend.entryPoints=https,http",
"traefik.frontend.rule=Host:guichet.deuxfleurs.fr,guichet.deuxfleurs.org",
"traefik.frontend.rule=Host:guichet.resdigita.org,guichet.deuxfleurs.org",
]
port = "web_port"
address_mode = "host"

View file

@ -84,7 +84,7 @@ func readConfig() ConfigFile {
_, err := os.Stat(*configFlag)
if os.IsNotExist(err) {
log.Fatalf("Could not find Guichet configuration file at %s. Please create this file, for example starting with config.json.example and customizing it for your deployment.", *configFlag)
log.Fatalf("Could not find Guichet configuration file at %s. Please create this file, for exemple starting with config.json.exemple and customizing it for your deployment.", *configFlag)
}
if err != nil {

View file

@ -33,12 +33,12 @@
{{if eq .Template "ml"}}
<div class="form-group">
<label for="idvalue">Adresse complète de la mailing list :</label>
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" placeholder="example@deuxfleurs.fr" />
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" placeholder="exemple@resdigita.org" pattern="^[\w-\.]+@resdigita.org" />
</div>
{{else}}
<div class="form-group">
<label for="idvalue">Identifiant :</label>
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" />
<label for="idvalue">Identifiant :</label>
<input type="text" id="idvalue" name="idvalue" class="form-control" value="{{ .IdValue }}" placeholder="exemple@resdigita.org" pattern="^[\w-\.]+@resdigita.org"/>
</div>
{{end}}
<div class="form-group">

View file

@ -34,7 +34,7 @@
</tr>
<tr>
<th scope="row">Endpoint URL</th>
<td>https://garage.deuxfleurs.fr</td>
<td>https://garage.resdigita.org</td>
</tr>
<tr>
<th scope="row">Type d'URL</th>
@ -66,7 +66,7 @@ export AWS_ACCESS_KEY_ID={{ .Key.AccessKeyId }}
export AWS_SECRET_ACCESS_KEY={{ .Key.SecretAccessKey }}
export AWS_DEFAULT_REGION='garage'
function aws { command aws --endpoint-url https://garage.deuxfleurs.fr $@ ; }
function aws { command aws --endpoint-url https://garage.resdigita.org $@ ; }
aws --version
</pre>
<p>Ensuite vous pouvez utiliser awscli :</p>
@ -96,7 +96,7 @@ aws s3 cp /tmp/a.txt s3://my-bucket
<pre>
mc alias set \
garage \
https://garage.deuxfleurs.fr \
https://garage.resdigita.org \
{{ .Key.AccessKeyId }} \
{{ .Key.SecretAccessKey }} \
--api S3v4
@ -140,7 +140,7 @@ mc cp /tmp/a.txt garage/my-bucket/a.txt
<p>Dans votre fichier <code>config.toml</code>, rajoutez :</p>
<pre>
[[deployment.targets]]
URL = "s3://bucket?endpoint=garage.deuxfleurs.fr&amp;s3ForcePathStyle=true&amp;region=garage"
URL = "s3://bucket?endpoint=garage.resdigita.org&amp;s3ForcePathStyle=true&amp;region=garage"
</pre>
<p>Assurez-vous d'avoir un fichier dans lequel les variables <code>AWS_ACCESS_KEY_ID</code> et <code>AWS_SECRET_ACCESS_KEY</code> sont définies,
ici on suppose que vous avez suivi les instructions de l'outil awscli (ci-dessus) et que vous avez un fichier <code>~/.awsrc</code> qui défini ces variables.
@ -184,7 +184,7 @@ hugo deploy
</tr>
<tr>
<th scope="row">Hôte</th>
<td>sftp://bagage.deuxfleurs.fr</td>
<td>sftp://bagage.resdigita.org</td>
</tr>
<tr>
<th scope="row">Port</th>
@ -207,7 +207,7 @@ hugo deploy
<div class="card-body">
<p>Un exemple avec SCP :</p>
<pre>
scp -oHostKeyAlgorithms=+ssh-rsa -P2222 -r ./public {{ .Status.Info.Username }}@bagage.deuxfleurs.fr:mon_bucket/
scp -oHostKeyAlgorithms=+ssh-rsa -P2222 -r ./public {{ .Status.Info.Username }}@bagage.resdigita.org:mon_bucket/
</pre>
</div>
</div>

View file

@ -21,7 +21,7 @@
{{ if contains $alias "." }}
https://{{ $alias }}
{{ else }}
https://{{ $alias }}.web.deuxfleurs.fr
https://{{ $alias }}.web.resdigita.org
{{ end }}
{{ end }}
</td>
@ -49,9 +49,9 @@
{{ range $alias := .Bucket.GlobalAliases }}
{{ if contains $alias "." }}
<p> Le nom de domaine {{ $alias }} n'est pas géré par Deuxfleurs, il vous revient donc de configurer la zone DNS. Vous devez ajouter une entrée <code>CNAME garage.deuxfleurs.fr</code> ou <code>ALIAS garage.deuxfleurs.fr</code> auprès de votre hébergeur DNS, qui est souvent aussi le bureau d'enregistrement (eg. Gandi, GoDaddy, BookMyName, etc.).</p>
<p> Le nom de domaine {{ $alias }} n'est pas géré par Deuxfleurs, il vous revient donc de configurer la zone DNS. Vous devez ajouter une entrée <code>CNAME garage.resdigita.org</code> ou <code>ALIAS garage.resdigita.org</code> auprès de votre hébergeur DNS, qui est souvent aussi le bureau d'enregistrement (eg. Gandi, GoDaddy, BookMyName, etc.).</p>
{{ else }}
<p> Le nom de domaine https://{{ $alias }}.web.deuxfleurs.fr est fourni par Deuxfleurs, il n'y a pas de configuration à faire.</p>
<p> Le nom de domaine https://{{ $alias }}.web.resdigita.org est fourni par Deuxfleurs, il n'y a pas de configuration à faire.</p>
{{ end }}
{{ end }}

View file

@ -26,7 +26,7 @@
{{ if contains $alias "." }}
https://{{ $alias }}
{{ else }}
https://{{ $alias }}.web.deuxfleurs.fr
https://{{ $alias }}.web.resdigita.org
{{ end }}
{{ end }}
</td>

View file

@ -22,11 +22,11 @@
<div class="form-row">
<div class="form-group col-md-6">
<label for="bucket">Sous-domaine désiré :</label>
<input type="text" id="bucket" name="bucket" placeholder="mon-site" class="form-control" value="" onkeyup="document.getElementById('url').value = `https://${document.getElementById('bucket').value}.web.deuxfleurs.fr`" />
<input type="text" id="bucket" name="bucket" placeholder="mon-site" class="form-control" value="" onkeyup="document.getElementById('url').value = `https://${document.getElementById('bucket').value}.web.resdigita.org`" />
</div>
<div class="form-group col-md-6">
<label for="url">Votre site sera accessible à l'URL suivante :</label>
<input type="text" id="url" disabled="true" name="url" class="form-control" value="https://mon-site.web.deuxfleurs.fr" />
<input type="text" id="url" disabled="true" name="url" class="form-control" value="https://mon-site.web.resdigita.org" />
</div>
</div>
<div class="mt-4">
@ -40,18 +40,18 @@
<div class="form-row">
<div class="form-group col-md-6">
<label for="bucket2">Votre nom de domaine :</label>
<input type="text" id="bucket2" name="bucket2" placeholder="example.com" class="form-control" value="" onkeyup="document.getElementById('url2').value = `https://${document.getElementById('bucket2').value}`" />
<input type="text" id="bucket2" name="bucket2" placeholder="exemple.com" class="form-control" value="" onkeyup="document.getElementById('url2').value = `https://${document.getElementById('bucket2').value}`" />
</div>
<div class="form-group col-md-6">
<label for="url2">Votre site sera accessible à l'URL suivante :</label>
<input type="text" id="url2" disabled="true" name="url2" class="form-control" value="https://example.com" />
<input type="text" id="url2" disabled="true" name="url2" class="form-control" value="https://exemple.com" />
</div>
</div>
<div>
<p>Vous devez éditer votre zone DNS, souvent gérée par votre bureau d'enregistrement, comme Gandi, pour la faire pointer vers Deuxfleurs. Si vous utilisez un sous domaine (eg. <code>site.example.com</code>), une entrée <code>CNAME</code> est appropriée :</p>
<pre>site CNAME 3600 garage.deuxfleurs.fr.</pre>
<p>Si vous utilisez la racine de votre nom de domaine (eg. <code>example.com</code>, aussi appelée APEX), la solution dépend de votre fournisseur DNS, il vous faudra au choix une entrée <code>ALIAS</code> ou <code>CNAME</code> en fonction de ce que votre fournisseur supporte :</p>
<pre>@ ALIAS 3600 garage.deuxfleurs.fr.</pre>
<p>Vous devez éditer votre zone DNS, souvent gérée par votre bureau d'enregistrement, comme Gandi, pour la faire pointer vers Deuxfleurs. Si vous utilisez un sous domaine (eg. <code>site.exemple.com</code>), une entrée <code>CNAME</code> est appropriée :</p>
<pre>site CNAME 3600 garage.resdigita.org.</pre>
<p>Si vous utilisez la racine de votre nom de domaine (eg. <code>exemple.com</code>, aussi appelée APEX), la solution dépend de votre fournisseur DNS, il vous faudra au choix une entrée <code>ALIAS</code> ou <code>CNAME</code> en fonction de ce que votre fournisseur supporte :</p>
<pre>@ ALIAS 3600 garage.resdigita.org.</pre>
<p>La première fois que vous chargerez votre site web, une erreur de certificat sera renvoyée. C'est normal, il faudra patienter quelques minutes le temps que le certificat se génère.</p>
</div>
<div class="mt-4">