History

Emmanuel Garette ccb279d482 update doc		2023-08-10 21:58:39 +02:00
..
dictionaries	update doc	2023-08-10 09:34:41 +02:00
extras/oauth2	update	2023-07-31 15:30:32 +02:00
funcs	remove application version	2022-07-01 22:10:33 +02:00
manual/image/preinstall	remove application version	2022-07-01 22:10:33 +02:00
templates	update	2023-07-31 15:30:32 +02:00
tests	manage well-known file (from internal or external)	2022-07-05 22:08:20 +02:00
applicationservice.yml	update doc	2023-08-01 15:13:17 +02:00
DEBUG.md	ansible template	2023-06-23 08:12:05 +02:00
doc.md	remove application version	2022-07-01 22:10:33 +02:00
README.md	update doc	2023-08-10 21:58:39 +02:00

README.md

Table of Contents

lemonldap

Synopsis
Basic variables

Général

Reverse proxy

Point d'entrée des clients

LemonLDAP

Variables for expert

Général

Annuaire OpenLDAP

Client

NGINX
Reverse proxy

Point d'entrée des clients

LemonLDAP

Requirements services
Example
Dependances
Supplier

lemonldap

Synopsis

LemonLDAP, a Web Single Sign On and Access Management.

Software's website.

Basic variables

Général

Reverse proxy

Point d'entrée des clients

This family is a leadership.

Parameter	Comments
general.revprox.revprox_client.revprox_client_external_domainnames mandatory, multiple Type: `domainname`	Nom de domaine exterieur du serveur. Example: service.example.net
general.revprox.revprox_client.revprox_client_location mandatory Type: `filename`	Nom de l'arborescence racine du site.

LemonLDAP

Configuration de la solution d'authentification unique LemonLDAP::NG.

Parameter	Comments
general.lemonldap.lemon_mail_admin mandatory Type: `mail`	Courriel de l'administrateur. Example: admin@example.net

Variables for expert

Général

Annuaire OpenLDAP

Client

Parameter	Comments
general.ldap.client.ldapclient_family mandatory Type: `unix_user`	Nom de la famille LDAP. Default: all
general.ldap.client.ldapclient_base_dn mandatory Type: `string`	Base DN de l'annuaire. Default: calculated
general.ldap.client.ldapclient_search_dn mandatory Type: `string`	Base DN de l'annuaire des utilisateurs. Default: calculated
general.ldap.client.ldapclient_group_dn mandatory Type: `string`	Base DN de l'annuaire des groupes. Default: calculated
general.ldap.client.ldapclient_user_dn mandatory Type: `string`	Base DN de l'annuaire des utilisateurs n'appartenant à une famille. Default: calculated

NGINX

Paramétrage global de NGINX.

Parameter	Comments
general.nginx.nginx_hash_bucket_size mandatory Type: `choice`	Longueur maximum pour un nom de domaine. Choices: - `128` ← default - `64` - `32`
general.nginx.nginx_post_max_size mandatory Type: `number`	Taille maximale des données reçues par la méthode POST (en Mo). Default: 32

Reverse proxy

Point d'entrée des clients

This family is a leadership.

Parameter	Comments
general.revprox.revprox_client.revprox_client_max_body_size Type: `string`	Taille maximum du corps.

LemonLDAP

Configuration de la solution d'authentification unique LemonLDAP::NG.

Parameter	Comments
general.lemonldap.lemon_proc mandatory Type: `number`	Nombre de processus dédié à LemonLdap (équivalent au nombre de processeurs). Default: 1

Requirements services

LocalDNS
Journald
SMTP
LDAP
ReverseProxy

bold: provider is mandatory

Example

Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file.

lemonldap:
  applicationservice: lemonldap
  provider_zone: oauth2
  zones_name:
    - ldap
    - localdns
    - reverseproxy
    - smtp
  values:
    general.revprox.revprox_client.revprox_client_external_domainnames:
      - service.example.net
    general.lemonldap.lemon_mail_admin: admin@example.net

Dependances

Supplier

oauth2-client

All applications services for this dataset.