dataset/seed/openldap/extras/accounts/00_account.yml

---
version: 1.1

remotes:
  description: Create account and connexion to a LDAP server
  type: domainname
  multi: true
  mandatory: false
  hidden: true
  provider: LDAP

"remote_{{ suffix }}":
  dynamic:
    variable: accounts.remotes
  hidden: true

  family:
    description: 'LDAP family name for {{ suffix }}'
    mandatory: false
    provider: LDAP:family

  dn:
    description: 'LDAP account DN for {{ suffix }}'
    mandatory: false
    provider: LDAP:dn

  password:
    description: 'LDAP passowrd for {{ suffix }}'
    type: secret
    mandatory: false
    provider: LDAP:password

  base_dn:
    description: 'LDAP base DN for {{ suffix }}'
    mandatory: false
    provider: LDAP:base_dn

users:
  description: Users management
  help: >-
    Management of manually created local users. Those users are not classified
  type: leadership

  ldap_user_mail:
    description: Email address
    examples:
      - johndoe@example.net
    help: An user is identify by his email address.
    type: mail
    mandatory: false

  ldap_user_aliases:
    description: Emails aliases
    multi: true
    examples:
      - jdoe@example.net
    type: mail
    mandatory: false

  ldap_user_uid:
    description: Account name
    examples:
      - jdoe
    type: unix_user

  ldap_user_gn:
    description: Given name
    examples:
      - John
    type: string

  ldap_user_sn:
    description: Surname
    examples:
      - Doe
    type: string

  ldap_user_password:
    type: secret
    default:
      jinja: >-
        {{ accounts.users.ldap_user_mail |
            get_password(server_name=general.network.interface_0.domain_name,
                         description="ldap user",
                         type="cleartext",
                         hide=general.hide_secret,
                         temporary=true)
          }}
    hidden: true

families:
  description: Families to create
  type: unix_user
  multi: true
  help: >-
    Users can be classified into families. This variable contains all the names
    of the families to be created.
  mandatory: false

"family_{{ suffix }}":
  description: 'Management of family {{ suffix }}'
  dynamic:
    variable: accounts.families

  users:
    description: 'Users management for the family {{ suffix }}'
    help: >-
      Management of manually created users. Those users are classified in a
      family.
    type: leadership

    ldap_user_mail:
      description: 'Email address for the family {{ suffix }}'
      examples:
        - johndoe@family.net
      help: An user is identify by his email address.
      type: mail
      mandatory: false

    ldap_user_aliases:
      description: 'Emails aliases for the family {{ suffix }}'
      examples:
        - jdoe@family.net
      type: mail
      multi: true
      mandatory: false

    ldap_user_uid:
      description: 'Account name for the family {{ suffix }}'
      examples:
        - jdoe
      type: unix_user

    ldap_user_gn:
      description: 'Given name for the family {{ suffix }}'
      examples:
        - John
      type: string

    ldap_user_sn:
      description: 'Surname for the family {{ suffix }}'
      examples:
        - Doe
      type: string

    ldap_user_password:
      type: secret
      default:
        jinja: >-
          {{ _.ldap_user_mail |
             get_password(server_name=general.network.interface_0.domain_name,
                          description="ldap family user",
                          type="cleartext",
                          hide=general.hide_secret,
                          temporary=true)
            }}
      hidden: true
feat: upgrate to format 1.1 2024-10-01 13:18:45 +02:00			`---`
			`version: 1.1`

			`remotes:`
			`description: Create account and connexion to a LDAP server`
			`type: domainname`
			`multi: true`
			`mandatory: false`
			`hidden: true`
			`provider: LDAP`

			`"remote_{{ suffix }}":`
			`dynamic:`
			`variable: accounts.remotes`
			`hidden: true`

			`family:`
			`description: 'LDAP family name for {{ suffix }}'`
			`mandatory: false`
			`provider: LDAP:family`

			`dn:`
			`description: 'LDAP account DN for {{ suffix }}'`
			`mandatory: false`
			`provider: LDAP:dn`

			`password:`
			`description: 'LDAP passowrd for {{ suffix }}'`
			`type: secret`
			`mandatory: false`
			`provider: LDAP:password`

			`base_dn:`
			`description: 'LDAP base DN for {{ suffix }}'`
			`mandatory: false`
			`provider: LDAP:base_dn`

			`users:`
			`description: Users management`
			`help: >-`
			`Management of manually created local users. Those users are not classified`
			`type: leadership`

			`ldap_user_mail:`
			`description: Email address`
			`examples:`
			`- johndoe@example.net`
			`help: An user is identify by his email address.`
			`type: mail`
			`mandatory: false`

			`ldap_user_aliases:`
			`description: Emails aliases`
			`multi: true`
			`examples:`
			`- jdoe@example.net`
			`type: mail`
			`mandatory: false`

			`ldap_user_uid:`
			`description: Account name`
			`examples:`
			`- jdoe`
			`type: unix_user`

			`ldap_user_gn:`
			`description: Given name`
			`examples:`
			`- John`
			`type: string`

			`ldap_user_sn:`
			`description: Surname`
			`examples:`
			`- Doe`
			`type: string`

			`ldap_user_password:`
			`type: secret`
			`default:`
			`jinja: >-`
			`{{ accounts.users.ldap_user_mail \|`
			`get_password(server_name=general.network.interface_0.domain_name,`
			`description="ldap user",`
			`type="cleartext",`
			`hide=general.hide_secret,`
			`temporary=true)`
			`}}`
			`hidden: true`

			`families:`
			`description: Families to create`
			`type: unix_user`
			`multi: true`
			`help: >-`
			`Users can be classified into families. This variable contains all the names`
			`of the families to be created.`
			`mandatory: false`

			`"family_{{ suffix }}":`
			`description: 'Management of family {{ suffix }}'`
			`dynamic:`
			`variable: accounts.families`

			`users:`
			`description: 'Users management for the family {{ suffix }}'`
			`help: >-`
			`Management of manually created users. Those users are classified in a`
			`family.`
			`type: leadership`

			`ldap_user_mail:`
			`description: 'Email address for the family {{ suffix }}'`
			`examples:`
			`- johndoe@family.net`
			`help: An user is identify by his email address.`
			`type: mail`
			`mandatory: false`

			`ldap_user_aliases:`
			`description: 'Emails aliases for the family {{ suffix }}'`
			`examples:`
			`- jdoe@family.net`
			`type: mail`
			`multi: true`
			`mandatory: false`

			`ldap_user_uid:`
			`description: 'Account name for the family {{ suffix }}'`
			`examples:`
			`- jdoe`
			`type: unix_user`

			`ldap_user_gn:`
			`description: 'Given name for the family {{ suffix }}'`
			`examples:`
			`- John`
			`type: string`

			`ldap_user_sn:`
			`description: 'Surname for the family {{ suffix }}'`
			`examples:`
			`- Doe`
			`type: string`

			`ldap_user_password:`
			`type: secret`
			`default:`
			`jinja: >-`
			`{{ _.ldap_user_mail \|`
			`get_password(server_name=general.network.interface_0.domain_name,`
			`description="ldap family user",`
			`type="cleartext",`
			`hide=general.hide_secret,`
			`temporary=true)`
			`}}`
			`hidden: true`