admin:services:webldap
Table des matières
< retour à la page de l'administration technique
CETTE PAGE EST OBSOLETE
webldap est hébergé sur hexagon et sur federez-test dans /srv/webldap.
Installation
Dépendances Debian
apt-get install libldap2-dev libffi-dev python3 python3-pip
Code
cd /srv git clone https://github.com/FedeRez/webldap.git
Ensuite, copier app/webldap/local_settings.sample.py vers app/webldap/local_settings.py et modifier ce dernier (voir configuration en bas de cette page).
cd /srv/webldap pip3 install -r requirements.txt python manage.py migrate chown -R www-data: /srv/webldap
Apache
aptitude install libapache2-mod-wsgi-py3
Vérifier que le module est chargé :
a2enmod wsgi
Configurer le VHost avec le fichier en annexe de cette page puis :
a2ensite webldap apache2ctl configtest service apache restart
Configuration
- app/webldap/local_settings.py
DEBUG = True TEMPLATE_DEBUG = DEBUG ALLOWED_HOSTS = [ '.federez.net', ] DATABASES = { 'default': { 'ENGINE': 'django.db.backends.sqlite3', 'NAME': '/srv/webldap/db', } } # Make this unique, and don't share it with anybody. SECRET_KEY = '' # Absolute paths to template directories TEMPLATE_DIRS = ( '/srv/webldap/templates', ) # SMTP relay (host and port) to use for confirmation mails EMAIL_HOST = 'localhost' EMAIL_PORT = 25 # Email `From` field EMAIL_FROM = 'admin@federez.net' # Number of hours a token remains valid after having been created. Numeric and string # versions should have the same meaning. REQ_EXPIRE_HRS = 48 REQ_EXPIRE_STR = '48 heures' # LDAP server URI (protocol and address) LDAP_URI = 'ldap://localhost' # Whether to use STARTTLS LDAP_STARTTLS = False # Certificate used with LDAPS or STARTTLS LDAP_CACERT = '' # LDAP base DN LDAP_BASE = 'dc=federez,dc=net' # LDAP application DN LDAP_WEBLDAP_USER = 'cn=webldap,ou=service-users,dc=federez,dc=net' # LDAP application password LDAP_WEBLDAP_PASSWD = 'secret' # Default LDAP groups and roles for created users LDAP_DEFAULT_GROUPS = [] LDAP_DEFAULT_ROLES = ['member']
- /etc/apache2/sites-available/webldap
<VirtualHost *:80> ServerName ldap.federez.net Redirect permanent / https://ldap.federez.net # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn ErrorLog ${APACHE_LOG_DIR}/webldap-error.log CustomLog ${APACHE_LOG_DIR}/webldap-access.log combined </VirtualHost> <VirtualHost *:443> ServerName ldap.federez.net # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn ErrorLog ${APACHE_LOG_DIR}/webldap-error.log CustomLog ${APACHE_LOG_DIR}/webldap-access.log combined Alias /static /srv/webldap/app/main/static WSGIScriptAlias / /srv/webldap/app/wsgi.py WSGIProcessGroup webldap WSGIDaemonProcess webldap processes=2 threads=16 maximum-requests=1000 display-name=webldap SSLEngine on SSLCertificateFile /etc/ssl/federez/federez.crt SSLCertificateKeyFile /etc/ssl/private/federez.key SSLCertificateChainFile /etc/ssl/federez/sub.class2.server.ca.pem SSLCACertificateFile /etc/ssl/certs/StartCom_Certification_Authority.pem </VirtualHost>
admin/services/webldap.txt · Dernière modification : 2017/11/20 07:40 de chirac