stove/dataset
3
0
Fork 1
Code Issues 2 Pull requests Projects Releases Wiki Activity
dataset/seed/lemonldap/README.md
Emmanuel Garette e8e9e8719e update doc
2023-08-10 09:34:41 +02:00

131 lines
9.5 KiB
Markdown
Raw Blame History

---
gitea: none
include_toc: true
---
# lemonldap
## Synopsis
LemonLDAP, a Web Single Sign On and Access Management.
[More informations about this software.](https://lemonldap-ng.org/)
## Basic variables
### Général
#### Reverse proxy
##### Point d'entrée des clients
This a family is a leadership.
| Parameter | Comments |
|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------|
| **[general.revprox.revprox_client.revprox_client_external_domainnames](dictionaries/21_revprox_client.xml)**<br/>mandatory, multiple<br/>**Type:** [`domainname`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de domaine exterieur du serveur.<br/>**Example:** service.example.net |
| **[general.revprox.revprox_client.revprox_client_location](dictionaries/21_revprox_client.xml)**<br/>mandatory<br/>**Type:** [`filename`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de l'arborescence racine du site. |
#### LemonLDAP
Configuration de la solution d'authentification unique LemonLDAP::NG.
| Parameter | Comments |
|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------|
| **[general.lemonldap.lemon_mail_admin](dictionaries/70_lemonldap_ng.xml)**<br/>mandatory<br/>**Type:** [`mail`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Courriel de l'administrateur.<br/>**Example:** admin@example.net |
## Variables for expert
### Général
#### Annuaire OpenLDAP
##### Client
| Parameter | Comments |
|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------|
| **[general.ldap.client.ldapclient_family](dictionaries/70_lemonldap_ng.xml)**<br/>mandatory<br/>**Type:** [`unix_user`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nom de la famille LDAP.<br/>**Default:** all |
| **[general.ldap.client.ldapclient_base_dn](dictionaries/21_ldap-client.xml)**<br/>mandatory<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Base DN de l'annuaire.<br/>**Default:** *calculated* |
| **[general.ldap.client.ldapclient_search_dn](dictionaries/21_ldap-client.xml)**<br/>mandatory<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Base DN de l'annuaire des utilisateurs.<br/>**Default:** *calculated* |
| **[general.ldap.client.ldapclient_group_dn](dictionaries/21_ldap-client.xml)**<br/>mandatory<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Base DN de l'annuaire des groupes.<br/>**Default:** *calculated* |
| **[general.ldap.client.ldapclient_user_dn](dictionaries/21_ldap-client.xml)**<br/>mandatory<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Base DN de l'annuaire des utilisateurs n'appartenant à une famille.<br/>**Default:** *calculated* |
#### NGINX
Paramétrage global de NGINX.
| Parameter | Comments |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------|
| **[general.nginx.nginx_hash_bucket_size](dictionaries/21_nginx.xml)**<br/>mandatory<br/>**Type:** [`choice`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Longueur maximum pour un nom de domaine.<br/>**Choices:**<br/>- `128` ← (default)<br/>- `64`<br/>- `32` |
| **[general.nginx.nginx_post_max_size](dictionaries/21_nginx.xml)**<br/>mandatory<br/>**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille maximale des données reçues par la méthode POST (en Mo).<br/>**Default:** 32 |
#### Reverse proxy
##### Point d'entrée des clients
This a family is a leadership.
| Parameter | Comments |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------|
| **[general.revprox.revprox_client.revprox_client_max_body_size](dictionaries/21_revprox_client.xml)**<br/>**Type:** [`string`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Taille maximum du corps. |
#### LemonLDAP
Configuration de la solution d'authentification unique LemonLDAP::NG.
| Parameter | Comments |
|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------|
| **[general.lemonldap.lemon_proc](dictionaries/70_lemonldap_ng.xml)**<br/>mandatory<br/>**Type:** [`number`](https://forge.cloud.silique.fr/risotto/rougail/src/branch/main/doc/variable/README.md#le-type-de-la-variable) | Nombre de processus dédié à LemonLdap (équivalent au nombre de processeurs).<br/>**Default:** 1 |
## Requirements services
- **LocalDNS**
- Journald
- **SMTP**
- **LDAP**
- **ReverseProxy**
**bold**: provider is mandatory
## Example
Zone names are provided as examples. Think about adapting with the value of provider_zone in configuration file.
```
lemonldap:
applicationservice: lemonldap
provider_zone: oauth2
zones_name:
- ldap
- localdns
- reverseproxy
- smtp
values:
general.revprox.revprox_client.revprox_client_external_domainnames:
- service.example.net
general.lemonldap.lemon_mail_admin: admin@example.net
```
## Dependances
- [ldap-client](../ldap-client/README.md)
- [relay-mail-client](../relay-mail-client/README.md)
- [nginx-https](../nginx-https/README.md)
- [nginx-common](../nginx-common/README.md)
- [reverse-proxy-client](../reverse-proxy-client/README.md)
- [base-debian-bullseye](../base-debian-bullseye/README.md)
- [base-debian](../base-debian/README.md)
- [systemd](../systemd/README.md)
- [base-machine](../base-machine/README.md)
- [base](../base/README.md)
- [dns-local](../dns-local/README.md)
- [pki-tls](../pki-tls/README.md)
- [journald](../journald/README.md)
- [resolved](../resolved/README.md)
## Supplier
[oauth2-client](../oauth2-client/README.md)
[All applications services for this dataset.](../README.md)
Reference in a new issue View git blame Copy permalink