lemonldap: add category and logo

seed/applicationservice/2022.03.08/gitea/dictionaries/31_gitea.xml

@@ -42,6 +42,12 @@
       <variable name="oauth2_client_description" redefine='True'>
         <value>Forge logiciel Gitea</value>
       </variable>
+      <variable name="oauth2_client_category" redefine='True'>
+        <value>Développement</value>
+      </variable>
+      <variable name="oauth2_client_logo" redefine='True'>
+        <value>silique_note.png</value>
+      </variable>
       <variable name="oauth2_client_token_signature_algo" redefine="True">
         <value>RS256</value>
       </variable>

seed/applicationservice/2022.03.08/lemonldap/dictionaries/70_lemonldap_ng.xml

@@ -3,6 +3,12 @@
   <services>
     <service name="lemonldap-ng-fastcgi-server">
       <override/>
+      <file engine="none">/static/logo.png</file>
+      <file engine="none">/static/demo.png</file>
+      <file engine="none">/static/silique_email.png</file>
+      <file engine="none">/static/silique_folder.png</file>
+      <file engine="none">/static/silique_note.png</file>
+      <file engine="none">/static/risotto.css</file>
       <file>/var/lib/lemonldap-ng/conf/lmConf-1.json</file>
       <file engine="none">/etc/lemonldap-ng/lemonldap-ng.ini</file>
       <!--file>/etc/lemonldap-ng/handler-nginx.conf</file-->

seed/applicationservice/2022.03.08/lemonldap/extras/oauth2/00_oauth2.xml

@@ -6,8 +6,10 @@
       <variable name="secret_" description="Remote secret for" type="password" mandatory="True" hidden="True" provider="oauth2_secret"/>
       <variable name="name_" description="Remote name for" hidden="True" provider="oauth2_name"/>
       <variable name="description_" description="Remote description for" hidden="True" provider="oauth2_description"/>
+      <variable name="category_" hidden="True" provider="oauth2_category"/>
       <variable name="login_" description="Remote URL to login" hidden="True" provider="oauth2_login"/>
       <variable name="external_" description="Remote external for" hidden="True" provider="oauth2_external"/>
+      <variable name="logo_" hidden="True" provider="oauth2_logo"/>
       <variable name="token_signature_algo_" type="choice" description="OAuth2 token signature algorithm" mandatory='True' hidden="True" provider="oauth2_token_signature_algo">
         <choice>HS512</choice>
         <choice>RS256</choice>

seed/applicationservice/2022.03.08/lemonldap/templates/lemonldap-ng.ini

@@ -187,7 +187,10 @@ staticPrefix = /static
 templateDir  = /usr/share/lemonldap-ng/portal/templates
 
 ; languages: available languages for portal interface
-languages    = fr, en, vi, it, ar, de, fi, tr
+# GNUNUX languages    = fr, en, vi, it, ar, de, fi, tr
+#>GNUNUX
+languages    = fr
+#<GNUNUX
 
 ; II - Optional parameters (overwrite configuration)
 
@@ -195,7 +198,7 @@ languages    = fr, en, vi, it, ar, de, fi, tr
 portalSkin = bootstrap
 ; Modules displayed
 ;portalDisplayLogout = 1
-portalDisplayResetPassword = 1
+;portalDisplayResetPassword = 1
 portalDisplayChangePassword = 1
 ;portalDisplayAppslist = 1
 ;portalDisplayLoginHistory = 1
@@ -372,7 +375,10 @@ staticPrefix = /static
 templateDir  = /usr/share/lemonldap-ng/manager/htdocs/templates
 
 ; languages: available languages for manager interface
-languages    = fr, en, it, vi, ar, tr
+# GNUNUX languages    = fr, en, it, vi, ar, tr
+#>GNUNUX
+languages    = fr
+#<GNUNUX
 
 ; Manager modules enabled
 ; Set here the list of modules you want to see in manager interface

seed/applicationservice/2022.03.08/lemonldap/templates/lmConf-1.json

@@ -4,7 +4,8 @@ commentStartToken = §
 {
    "mailFrom" : "%%lemon_mail_admin",
    "mailLDAPFilter" : "(&(mail=$mail)(objectClass=inetOrgPerson))",
-   "portalSkinBackground" : "1280px-Cedar_Breaks_National_Monument_partially.jpg",
+   "portalSkinBackground" : "",
+   "portalCustomCss": "risotto/risotto.css",
    "authentication" : "LDAP",
    "AuthLDAPFilter" : "(&(cn=$user)(objectClass=inetOrgPerson))",
    "managerDn" : "%%ldapclient_remote_user",
@@ -147,32 +148,52 @@ commentStartToken = §
       "LockDirectory": "/srv/lemonldap-ng/psessions/lock"
    },
    "portal" : "https://%%revprox_client_external_domainname/",
+   "portalCheckLogins": 0,
+   "portalDisplayRegister": 0,
+   "portalDisplayResetPassword": 0,
+   "portalMainLogo": "risotto/logo.png",
    "registerUrl" : "https://%%lemon_reload_web_name/register",
    "reloadUrls" : {
       "localhost" : "https://%%lemon_reload_web_name/reload"
    },
+   "showLanguages": 0,
    "whatToTrace" : "_whatToTrace",
-   "applicationList" : {
+%set %%remotes = {}
-      "test" : {
+%for %%index, %%app in %%enumerate(%%oauth2.remotes)
-         "catname" : "Test Cat",
-%for %%app in %%oauth2.remotes
  %set %%key = %%normalize_family(%%app)
  %set %%description = %%oauth2['oauth2_' + %%key]['description_' + %%key]
  %if not %%description
   %continue
  %end if
-         "%%key" : {
+ %set %%dico = {'key': %%key,
+                'description': %%description,
+                'logo': "risotto/" + %%oauth2['oauth2_' + %%key]['logo_' + %%key],
+                'name': %%oauth2['oauth2_' + %%key]['name_' + %%key],
+                'uri': %%oauth2['oauth2_' + %%key]['external_' + %%key]}
+%%remotes.setdefault(%%oauth2['oauth2_' + %%key]['category_' + %%key], []).append(%%dico)%slurp
+%end for
+   "applicationList" : {
+%for %%index, %%cat in %%enumerate(%%remotes)
+ %if %%index != 0
+,
+ %end if
+      "cat_%%index" : {
+         "catname" : "%%cat",
+ %for %%dico in %%remotes[%%cat]
+         "%%dico['key']" : {
             "options" : {
-               "description" : "%%description",
+               "description" : "%%dico['description']",
                "display" : "auto",
-               "logo" : "demo.png",
+               "logo" : "%%dico['logo']",
-               "name" : "%%oauth2['oauth2_' + %%key]['name_' + %%key]",
+               "name" : "%%dico['name']",
-               "uri" : "%%oauth2['oauth2_' + %%key]['external_' + %%key]"
+               "uri" : "%%dico['uri']"
             },
             "type" : "application"
          },
 %end for
          "type" : "category"
-      }
+      }%slurp
+%end for
+
    }
 }

seed/applicationservice/2022.03.08/lemonldap/templates/portal-nginx.conf

@@ -147,6 +147,15 @@ server {
     alias /usr/share/lemonldap-ng/portal/htdocs/static/;
   }
 
+#>GNUNUX
+  location /static/risotto/ {
+    alias /usr/local/lib/static/;
+  }
+  location /static/common/apps/risotto/ {
+    alias /usr/local/lib/static/;
+  }
+#<GNUNUX
+
   # DEBIAN
   # If install was made with USEDEBIANLIBS (official releases), uncomment this
   location /javascript/ {

seed/applicationservice/2022.03.08/lemonldap/templates/risotto.css

@@ -0,0 +1,12 @@
+#header img {
+  background-color: transparent;
+}
+#footer {
+  display: none;
+}
+#logincontent {
+    max-width: 600px;
+}
+.alert {
+  text-align: center;
+}

seed/applicationservice/2022.03.08/mailman/dictionaries/31_mailman.xml

@@ -31,6 +31,12 @@
       <variable name="oauth2_client_description" redefine='True'>
         <value>Liste de distribution Mailman</value>
       </variable>
+      <variable name="oauth2_client_category" redefine='True'>
+        <value>Développement</value>
+      </variable>
+      <variable name="oauth2_client_logo" redefine='True'>
+        <value>silique_email.png</value>
+      </variable>
       <variable name="oauth2_client_token_signature_algo" redefine="True">
         <value>RS256</value>
       </variable>

seed/applicationservice/2022.03.08/nextcloud/dictionaries/31_nextcloud.xml

@@ -17,8 +17,9 @@
       <variable name="nextcloud_admin_password" type="password" auto_freeze="True" hidden="True"/>
       <variable name="nextcloud_mail_admin" type="mail" mandatory="True"/>
       <variable name="nextcloud_instance_id" type="password" auto_freeze="True" hidden="True"/>
-      <variable name="nexcloud_well_known_caldav" type="web_address" hidden='True'/>
+      <variable name="nextcloud_well_known_server" type="domainname" description="Nom de domaine du serveur hebergeant le répertoire .well-known"/>
-      <variable name="nexcloud_well_known_carddav" type="web_address" hidden='True'/>
+      <variable name="nextcloud_well_known_caldav" type="web_address" hidden='True'/>
+      <variable name="nextcloud_well_known_carddav" type="web_address" hidden='True'/>
     </family>
     <family name="oauth2_client">
       <variable name="oauth2_is_client_application" redefine='True'>
@@ -30,6 +31,12 @@
       <variable name="oauth2_client_description" redefine='True'>
         <value>Plateforme de collaboration Nextcloud</value>
       </variable>
+      <variable name="oauth2_client_category" redefine='True'>
+        <value>Collaboration</value>
+      </variable>
+      <variable name="oauth2_client_logo" redefine='True'>
+        <value>silique_folder.png</value>
+      </variable>
     </family>
     <family name="php">
       <variable name="php_enable_output_buffering" redefine="True">
@@ -57,39 +64,43 @@
       <param name="starts_with_char" type="boolean">True</param>
       <target>nextcloud_instance_id</target>
     </fill>
+    <fill name="calc_value">
+      <param type="variable">revprox_client_external_domainname</param>
+      <target>nextcloud_well_known_server</target>
+    </fill>
     <check name="set_linked_multi_variables">
       <param name="linked_provider_0">revprox_clients</param>
-      <param name="linked_value_0" type="variable">revprox_client_external_domainname</param>
+      <param name="linked_value_0" type="variable">nextcloud_well_known_server</param>
       <param name="linked_provider_1">revprox_location</param>
       <param name="linked_value_1">/.well-known/caldav</param>
       <param name="linked_provider_2">revprox_is_websocket</param>
       <param name="linked_value_2" type="boolean">False</param>
       <param name="linked_provider_3">revprox_url</param>
-      <param name="linked_value_3" type="variable">nexcloud_well_known_caldav</param>
+      <param name="linked_value_3" type="variable">nextcloud_well_known_caldav</param>
       <target>revprox_client_server_domainname</target>
     </check>
     <fill name="calc_web_address">
       <param type="variable">domain_name_eth0</param>
       <param type="variable">revprox_client_port</param>
       <param>/.well-known/caldav</param>
-      <target>nexcloud_well_known_caldav</target>
+      <target>nextcloud_well_known_caldav</target>
     </fill>
     <check name="set_linked_multi_variables">
       <param name="linked_provider_0">revprox_clients</param>
-      <param name="linked_value_0" type="variable">revprox_client_external_domainname</param>
+      <param name="linked_value_0" type="variable">nextcloud_well_known_server</param>
       <param name="linked_provider_1">revprox_location</param>
       <param name="linked_value_1">/.well-known/carddav</param>
       <param name="linked_provider_2">revprox_is_websocket</param>
       <param name="linked_value_2" type="boolean">False</param>
       <param name="linked_provider_3">revprox_url</param>
-      <param name="linked_value_3" type="variable">nexcloud_well_known_carddav</param>
+      <param name="linked_value_3" type="variable">nextcloud_well_known_carddav</param>
       <target>revprox_client_server_domainname</target>
     </check>
     <fill name="calc_web_address">
       <param type="variable">domain_name_eth0</param>
       <param type="variable">revprox_client_port</param>
       <param>/.well-known/carddav</param>
-      <target>nexcloud_well_known_carddav</target>
+      <target>nextcloud_well_known_carddav</target>
     </fill>
   </constraints>
 </rougail>

seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/dictionaries/25_nginx.xml

@@ -25,7 +25,6 @@
       <variable name="revprox_domainnames_all" type="domainname" description="Tous les noms de domaines" multi="True" hidden="True"/>
       <variable name='nginx_private_key_filename' type="filename" description="Private key filename" hidden='True' multi='True'/>
       <variable name='nginx_certificate_filename' type="filename" description="Certificate filename" hidden='True' multi='True'/>
-      <variable name='internal_nginx_chain' type="string" description="Certificate" hidden='True'/>
     </family>
   </variables>
   <constraints>
@@ -50,10 +49,5 @@
       <param name="multi" type="boolean">True</param>
       <target>nginx_private_key_filename</target>
     </fill>
-    <fill name="get_chain">
-      <param name="authority_cn" type="variable">domain_name_eth0</param> 
-      <param name="authority_name">InternalReverseProxy</param>
-      <target>internal_nginx_chain</target>
-    </fill>
   </constraints>
 </rougail>

seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/templates/ca_InternalReverseProxy.crt

@@ -1 +1 @@
-%%internal_nginx_chain
+%%get_chain(authority_cn=%%domain_name_eth0, authority_name="InternalReverseProxy")

seed/applicationservice/2022.03.08/oauth2-client/dictionaries/30_oauth2_client.xml

@@ -10,6 +10,12 @@
       <variable name="oauth2_client_description" description="OAuth2 client description" mandatory='True'/>
       <variable name="oauth2_client_login" type="web_address" description="OAuth2 URL to valid login"/>
       <variable name="oauth2_client_external" type="web_address" description="OAuth2 client external" mandatory='True'/>
+      <variable name="oauth2_client_category" description="OAuth2 category" mandatory='True'>
+        <value>Défaut</value>
+      </variable>
+      <variable name="oauth2_client_logo" description="OAuth2 logo" mandatory='True'>
+        <value>demo.png</value>
+      </variable>
       <variable name="oauth2_client_id" description="OAuth2 ID" mandatory='True' hidden='True'/>
       <variable name="oauth2_client_secret" type="password" description="OAuth2 secret" mandatory='True' hidden='True'/>
       <variable name="oauth2_client_token_signature_algo" type="choice" description="OAuth2 token signature algorithm" mandatory='True' hidden='True'>
@@ -50,12 +56,24 @@
       <param name="dynamic" type="variable">oauth2_client_id</param>
       <target>oauth2_client_description</target>
     </check>
+    <check name="set_linked_configuration">
+      <param name="linked_server" type="variable">oauth2_client_server_domainname</param>
+      <param name="linked_provider">oauth2_category</param>
+      <param name="dynamic" type="variable">oauth2_client_id</param>
+      <target>oauth2_client_category</target>
+    </check>
     <check name="set_linked_configuration">
       <param name="linked_server" type="variable">oauth2_client_server_domainname</param>
       <param name="linked_provider">oauth2_external</param>
       <param name="dynamic" type="variable">oauth2_client_id</param>
       <target>oauth2_client_external</target>
     </check>
+    <check name="set_linked_configuration">
+      <param name="linked_server" type="variable">oauth2_client_server_domainname</param>
+      <param name="linked_provider">oauth2_logo</param>
+      <param name="dynamic" type="variable">oauth2_client_id</param>
+      <target>oauth2_client_logo</target>
+    </check>
     <check name="set_linked_configuration">
       <param name="linked_server" type="variable">oauth2_client_server_domainname</param>
       <param name="linked_provider">oauth2_login</param>

seed/applicationservice/2022.03.08/roundcube/dictionaries/31_roundcube.xml

@@ -22,6 +22,12 @@
       <variable name="oauth2_client_description" redefine='True'>
         <value>Consulter ces courriels avec Roundcube</value>
       </variable>
+      <variable name="oauth2_client_category" redefine='True'>
+        <value>Collaboration</value>
+      </variable>
+      <variable name="oauth2_client_logo" redefine='True'>
+        <value>silique_email.png</value>
+      </variable>
     </family>
   </variables>
   <constraints>