.. | ||
dictionaries | ||
extras/oauth2 | ||
funcs | ||
manual/image/preinstall | ||
templates | ||
tests | ||
applicationservice.yml | ||
DEBUG.md | ||
doc.md | ||
README.md |
Table of Contents
Return to the list of application services.
lemonldap
Synopsis
LemonLDAP, a Web Single Sign On and Access Management.
Example
Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file.
lemonldap:
applicationservice: lemonldap
provider_zone: oauth2
zones_name:
- ldap
- localdns
- reverseproxy
- smtp
values:
general.revprox.revprox_client.revprox_client_external_domainnames:
- service.example.net
general.lemonldap.lemon_mail_admin: admin@example.net
Basic variables
General
Reverse proxy
Clients configuration
This family is a leadership.
Parameter | Comment |
---|---|
general.revprox.revprox_client.revprox_client_external_domainnames mandatory, multiple Type: domainname |
Service external domain name. Example: service.example.net |
general.revprox.revprox_client.revprox_client_location mandatory Type: filename |
URI to route request to the correct service. Default: / |
LemonLDAP
Configuration de la solution d'authentification unique LemonLDAP::NG.
Parameter | Comments |
---|---|
general.lemonldap.lemon_mail_admin mandatory Type: mail |
Courriel de l'administrateur. Example: admin@example.net |
Variables
General
OpenLDAP directory
Client
Parameter | Comment |
---|---|
general.ldap.client.ldapclient_family mandatory Type: unix_user |
Restrict service configuration for a LDAP family. "all" for all families. Default: all |
Reverse proxy
Clients configuration
This family is a leadership.
Parameter | Comment |
---|---|
general.revprox.revprox_client.revprox_client_max_body_size Type: string |
The maximum allowed size of the client request body. |
Variables for expert
General
NGINX
Parameter | Comment |
---|---|
general.nginx.nginx_hash_bucket_size mandatory Type: choice |
The bucket size for the server names hash tables. Choices: - 128 ← default- 64 - 32 |
general.nginx.nginx_post_max_size mandatory Type: number |
The maximum allowed size of the client request body. This value is in Mb. Default: 32 |
LemonLDAP
Configuration de la solution d'authentification unique LemonLDAP::NG.
Parameter | Comments |
---|---|
general.lemonldap.lemon_proc mandatory Type: number |
Nombre de processus dédié à LemonLdap (équivalent au nombre de processeurs). Default: 1 |
Requirements services
Mandatories
- LocalDNS: DNS forwarder for local domain name.
- SMTP: Create a SMTP relay account and authorize sending email.
- LDAP: Create account and connexion to a LDAP server.
- ReverseProxy: Register to service to a reverse proxy server.
Optionals
- Journald: Concentrate journal messages on one host.
Dependances
- ldap-client: Application service needs interact with a LDAP server.
- relay-mail-client: Client SMTP.
- nginx-https: Nginx as HTTPS web site.
- nginx-common: Nginx common configuration.
- reverse-proxy-client: Application service needs interact with a a reverse proxy server.
- base-debian-bullseye: Base information of a Debian Bulleye server.
- base-debian: Base information of a Debian server.
Useful for services
- dovecot: Postfix and Dovecot as mail servers (IMAP and submission).
- forgejo: Forgejo, a community managed lightweight code hosting solution.
- gitea: Transitional package for Gitea to Forgejo.
- grafana: Grafana is an analytics and interactive visualization web application.
- mailman: GNU Mailman, managing electronic mail discussion and e-newsletter lists.
- nextcloud: Nextcloud, Online collaboration platform.
- odoo: Odoo, an ERP and CRM.
- peertube: Peertube, a federated (ActivityPub) video streaming platform.
- piwigo: Piwigo, a photo management software.
- roundcube: Roundcube, a webmail.