dataset/seed/lemonldap
2023-08-10 21:58:39 +02:00
..
dictionaries update doc 2023-08-10 09:34:41 +02:00
extras/oauth2 update 2023-07-31 15:30:32 +02:00
funcs remove application version 2022-07-01 22:10:33 +02:00
manual/image/preinstall remove application version 2022-07-01 22:10:33 +02:00
templates update 2023-07-31 15:30:32 +02:00
tests manage well-known file (from internal or external) 2022-07-05 22:08:20 +02:00
applicationservice.yml update doc 2023-08-01 15:13:17 +02:00
DEBUG.md ansible template 2023-06-23 08:12:05 +02:00
doc.md remove application version 2022-07-01 22:10:33 +02:00
README.md update doc 2023-08-10 21:58:39 +02:00

Table of Contents

lemonldap

Synopsis

LemonLDAP, a Web Single Sign On and Access Management.

Software's website.

Basic variables

Général

Reverse proxy

Point d'entrée des clients

This family is a leadership.

Parameter Comments
general.revprox.revprox_client.revprox_client_external_domainnames
mandatory, multiple
Type: domainname
Nom de domaine exterieur du serveur.
Example: service.example.net
general.revprox.revprox_client.revprox_client_location
mandatory
Type: filename
Nom de l'arborescence racine du site.

LemonLDAP

Configuration de la solution d'authentification unique LemonLDAP::NG.

Parameter Comments
general.lemonldap.lemon_mail_admin
mandatory
Type: mail
Courriel de l'administrateur.
Example: admin@example.net

Variables for expert

Général

Annuaire OpenLDAP

Client
Parameter Comments
general.ldap.client.ldapclient_family
mandatory
Type: unix_user
Nom de la famille LDAP.
Default: all
general.ldap.client.ldapclient_base_dn
mandatory
Type: string
Base DN de l'annuaire.
Default: calculated
general.ldap.client.ldapclient_search_dn
mandatory
Type: string
Base DN de l'annuaire des utilisateurs.
Default: calculated
general.ldap.client.ldapclient_group_dn
mandatory
Type: string
Base DN de l'annuaire des groupes.
Default: calculated
general.ldap.client.ldapclient_user_dn
mandatory
Type: string
Base DN de l'annuaire des utilisateurs n'appartenant à une famille.
Default: calculated

NGINX

Paramétrage global de NGINX.

Parameter Comments
general.nginx.nginx_hash_bucket_size
mandatory
Type: choice
Longueur maximum pour un nom de domaine.
Choices:
- 128 ← default
- 64
- 32
general.nginx.nginx_post_max_size
mandatory
Type: number
Taille maximale des données reçues par la méthode POST (en Mo).
Default: 32

Reverse proxy

Point d'entrée des clients

This family is a leadership.

Parameter Comments
general.revprox.revprox_client.revprox_client_max_body_size
Type: string
Taille maximum du corps.

LemonLDAP

Configuration de la solution d'authentification unique LemonLDAP::NG.

Parameter Comments
general.lemonldap.lemon_proc
mandatory
Type: number
Nombre de processus dédié à LemonLdap (équivalent au nombre de processeurs).
Default: 1

Requirements services

  • LocalDNS
  • Journald
  • SMTP
  • LDAP
  • ReverseProxy

bold: provider is mandatory

Example

Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file.

lemonldap:
  applicationservice: lemonldap
  provider_zone: oauth2
  zones_name:
    - ldap
    - localdns
    - reverseproxy
    - smtp
  values:
    general.revprox.revprox_client.revprox_client_external_domainnames:
      - service.example.net
    general.lemonldap.lemon_mail_admin: admin@example.net

Dependances

Supplier

oauth2-client

All applications services for this dataset.