Outils pour utilisateurs

Outils du site


admin:services:webldap

< retour à la page de l'administration technique

CETTE PAGE EST OBSOLETE

webldap est hébergé sur hexagon et sur federez-test dans /srv/webldap.

Installation

Dépendances Debian

apt-get install libldap2-dev libffi-dev python3 python3-pip

Code

cd /srv
git clone https://github.com/FedeRez/webldap.git

Ensuite, copier app/webldap/local_settings.sample.py vers app/webldap/local_settings.py et modifier ce dernier (voir configuration en bas de cette page).

cd /srv/webldap
pip3 install -r requirements.txt
python manage.py migrate
chown -R www-data: /srv/webldap

Apache

aptitude install libapache2-mod-wsgi-py3

Vérifier que le module est chargé :

a2enmod wsgi

Configurer le VHost avec le fichier en annexe de cette page puis :

a2ensite webldap
apache2ctl configtest
service apache restart

Configuration

app/webldap/local_settings.py
DEBUG = True
TEMPLATE_DEBUG = DEBUG
 
ALLOWED_HOSTS = [
    '.federez.net',
]
 
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',
        'NAME': '/srv/webldap/db',
    }
}
 
# Make this unique, and don't share it with anybody.
SECRET_KEY = ''
 
# Absolute paths to template directories
TEMPLATE_DIRS = (
        '/srv/webldap/templates',
)
 
# SMTP relay (host and port) to use for confirmation mails
EMAIL_HOST = 'localhost'
EMAIL_PORT = 25
 
# Email `From` field
EMAIL_FROM = 'admin@federez.net'
 
# Number of hours a token remains valid after having been created.  Numeric and string
# versions should have the same meaning.
REQ_EXPIRE_HRS = 48
REQ_EXPIRE_STR = '48 heures'
 
# LDAP server URI (protocol and address)
LDAP_URI = 'ldap://localhost'
 
# Whether to use STARTTLS
LDAP_STARTTLS = False
 
# Certificate used with LDAPS or STARTTLS
LDAP_CACERT = ''
 
# LDAP base DN
LDAP_BASE = 'dc=federez,dc=net'
 
# LDAP application DN
LDAP_WEBLDAP_USER = 'cn=webldap,ou=service-users,dc=federez,dc=net'
 
# LDAP application password
LDAP_WEBLDAP_PASSWD = 'secret'
 
# Default LDAP groups and roles for created users
LDAP_DEFAULT_GROUPS = []
LDAP_DEFAULT_ROLES = ['member']
/etc/apache2/sites-available/webldap
<VirtualHost *:80>
    ServerName ldap.federez.net
 
    Redirect permanent / https://ldap.federez.net
 
    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn
    ErrorLog ${APACHE_LOG_DIR}/webldap-error.log
    CustomLog ${APACHE_LOG_DIR}/webldap-access.log combined
</VirtualHost>
 
<VirtualHost *:443>
    ServerName ldap.federez.net
 
    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn
    ErrorLog ${APACHE_LOG_DIR}/webldap-error.log
    CustomLog ${APACHE_LOG_DIR}/webldap-access.log combined
 
    Alias /static /srv/webldap/app/main/static
 
    WSGIScriptAlias / /srv/webldap/app/wsgi.py
    WSGIProcessGroup webldap
    WSGIDaemonProcess webldap processes=2 threads=16 maximum-requests=1000 display-name=webldap
 
    SSLEngine on
    SSLCertificateFile /etc/ssl/federez/federez.crt
    SSLCertificateKeyFile /etc/ssl/private/federez.key
    SSLCertificateChainFile /etc/ssl/federez/sub.class2.server.ca.pem
    SSLCACertificateFile /etc/ssl/certs/StartCom_Certification_Authority.pem
</VirtualHost>
admin/services/webldap.txt · Dernière modification : 2017/11/20 07:40 de chirac

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki