opencloud

mirror/opencloud

Fork 0

mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-06 12:19:37 -06:00

Commit Graph

Author	SHA1	Message	Date
Ralf Haferkamp	436399e8ea	idm: Allow to create demo and service users on startup Uses go:embed to include the demo and service users from LDIF. Using a template file for the service users to be able to set custom passwords via config/env. In order to switch ocis to use idm instead of accounts/glauth it currently needs to be started with this env: GRAPH_IDENTITY_BACKEND=ldap GRAPH_LDAP_URI=ldaps://localhost:9235 GRAPH_LDAP_BIND_DN="uid=libregraph,ou=sysusers,o=libregraph-idm" GRAPH_LDAP_BIND_PASSWORD=idm GRAPH_LDAP_USER_EMAIL_ATTRIBUTE=mail GRAPH_LDAP_USER_NAME_ATTRIBUTE=uid GRAPH_LDAP_USER_BASE_DN="ou=users,o=libregraph-idm" GRAPH_LDAP_GROUP_BASE_DN="ou=groups,o=libregraph-idm" GRAPH_LDAP_SERVER_WRITE_ENABLED="true" IDP_LDAP_FILTER="(&(objectclass=inetOrgPerson)(objectClass=owncloud))" IDP_LDAP_URI=ldaps://localhost:9235 IDP_LDAP_BIND_DN="uid=idp,ou=sysusers,o=libregraph-idm" IDP_LDAP_BIND_PASSWORD="idp" IDP_LDAP_BASE_DN="ou=users,o=libregraph-idm" IDP_LDAP_LOGIN_ATTRIBUTE=uid IDP_LDAP_UUID_ATTRIBUTE="ownclouduuid" IDP_LDAP_UUID_ATTRIBUTE_TYPE=binary PROXY_ACCOUNT_BACKEND_TYPE=cs3 OCS_ACCOUNT_BACKEND_TYPE=cs3 STORAGE_LDAP_HOSTNAME=localhost STORAGE_LDAP_PORT=9235 STORAGE_LDAP_INSECURE="true" STORAGE_LDAP_BASE_DN="o=libregraph-idm" STORAGE_LDAP_BIND_DN="uid=reva,ou=sysusers,o=libregraph-idm" STORAGE_LDAP_BIND_PASSWORD=reva STORAGE_LDAP_LOGINFILTER='(&(objectclass=inetOrgPerson)(objectclass=owncloud)(\|(uid={{login}})(mail={{login}})))' STORAGE_LDAP_USERFILTER='(&(objectclass=inetOrgPerson)(objectclass=owncloud)(\|(ownclouduuid={{.OpaqueId}})(uid={{.OpaqueId}})))' STORAGE_LDAP_USERATTRIBUTEFILTER='(&(objectclass=owncloud)({{attr}}={{value}}))' STORAGE_LDAP_USERFINDFILTER='(&(objectclass=owncloud)(\|(uid={{query}})(cn={{query}})(displayname={{query}})(mail={{query}})(description={{query}})))' STORAGE_LDAP_GROUPFILTER='(&(objectclass=groupOfNames)(objectclass=owncloud)(ownclouduuid={{.OpaqueId}}))' OCIS_INSECURE=true	2022-03-09 15:18:15 +01:00
Ralf Haferkamp	ccf6bf1b0d	idm: Fix error handling on startup (#3243 ) * Fix idm to acutally return error during startup to the runtime * Add proper conditon to error log statement	2022-02-28 17:52:51 +01:00
Ralf Haferkamp	02775b72c7	Add embeded libregrah/idm server This add a new service "idm" providing and LDAP service (via ldaps) on port 9235. If not existing it will bootstrap an initial LDAP tree and administrative user as well as a self-signed Certificate and Key (similar to what is done for glauth).	2022-02-25 11:43:03 +01:00

Author

SHA1

Message

Date

Ralf Haferkamp

436399e8ea

idm: Allow to create demo and service users on startup

Uses go:embed to include the demo and service users from LDIF.
Using a template file for the service users to be able to set
custom passwords via config/env.

In order to switch ocis to use idm instead of accounts/glauth it
currently needs to be started with this env:

GRAPH_IDENTITY_BACKEND=ldap
GRAPH_LDAP_URI=ldaps://localhost:9235
GRAPH_LDAP_BIND_DN="uid=libregraph,ou=sysusers,o=libregraph-idm"
GRAPH_LDAP_BIND_PASSWORD=idm
GRAPH_LDAP_USER_EMAIL_ATTRIBUTE=mail
GRAPH_LDAP_USER_NAME_ATTRIBUTE=uid
GRAPH_LDAP_USER_BASE_DN="ou=users,o=libregraph-idm"
GRAPH_LDAP_GROUP_BASE_DN="ou=groups,o=libregraph-idm"
GRAPH_LDAP_SERVER_WRITE_ENABLED="true"
IDP_LDAP_FILTER="(&(objectclass=inetOrgPerson)(objectClass=owncloud))"
IDP_LDAP_URI=ldaps://localhost:9235
IDP_LDAP_BIND_DN="uid=idp,ou=sysusers,o=libregraph-idm"
IDP_LDAP_BIND_PASSWORD="idp"
IDP_LDAP_BASE_DN="ou=users,o=libregraph-idm"
IDP_LDAP_LOGIN_ATTRIBUTE=uid
IDP_LDAP_UUID_ATTRIBUTE="ownclouduuid"
IDP_LDAP_UUID_ATTRIBUTE_TYPE=binary
PROXY_ACCOUNT_BACKEND_TYPE=cs3
OCS_ACCOUNT_BACKEND_TYPE=cs3
STORAGE_LDAP_HOSTNAME=localhost
STORAGE_LDAP_PORT=9235
STORAGE_LDAP_INSECURE="true"
STORAGE_LDAP_BASE_DN="o=libregraph-idm"
STORAGE_LDAP_BIND_DN="uid=reva,ou=sysusers,o=libregraph-idm"
STORAGE_LDAP_BIND_PASSWORD=reva
STORAGE_LDAP_LOGINFILTER='(&(objectclass=inetOrgPerson)(objectclass=owncloud)(|(uid={{login}})(mail={{login}})))'
STORAGE_LDAP_USERFILTER='(&(objectclass=inetOrgPerson)(objectclass=owncloud)(|(ownclouduuid={{.OpaqueId}})(uid={{.OpaqueId}})))'
STORAGE_LDAP_USERATTRIBUTEFILTER='(&(objectclass=owncloud)({{attr}}={{value}}))'
STORAGE_LDAP_USERFINDFILTER='(&(objectclass=owncloud)(|(uid={{query}}*)(cn={{query}}*)(displayname={{query}}*)(mail={{query}}*)(description={{query}}*)))'
STORAGE_LDAP_GROUPFILTER='(&(objectclass=groupOfNames)(objectclass=owncloud)(ownclouduuid={{.OpaqueId}}*))'
OCIS_INSECURE=true

2022-03-09 15:18:15 +01:00

Ralf Haferkamp

ccf6bf1b0d

idm: Fix error handling on startup (#3243 )

* Fix idm to acutally return error during startup to the runtime
* Add proper conditon to error log statement

2022-02-28 17:52:51 +01:00

Ralf Haferkamp

02775b72c7

Add embeded libregrah/idm server

This add a new service "idm" providing and LDAP service (via ldaps) on
port 9235.  If not existing it will bootstrap an initial LDAP tree and
administrative user as well as a self-signed Certificate and Key
(similar to what is done for glauth).

2022-02-25 11:43:03 +01:00

3 Commits