admin:services:webldap
Ceci est une ancienne révision du document !
Table des matières
< retour à la page de l'administration technique
webldap est hébergé sur hexagon dans /srv/webldap
.
Installation
Dépendances
aptitude install python-django python-ldap python-django-south python-pip pip install ldapom
Code
cd /srv git clone https://github.com/FedeRez/webldap.git
Ensuite, copier federez_ldap/settings_local.sample.py
vers federez_ldap/settings_local.py
et modifier ce dernier (voir configuration en bas de cette page).
cd /srv/webldap python manage.py syncdb python manage.py migrate accounts chown -R www-data: /srv/webldap
Apache
aptitude install libapache2-mod-wsgi
Vérifier que le module est chargé :
a2enmod wsgi
Configurer le VHost avec le fichier en annexe de cette page puis :
a2ensite webldap apache2ctl configtest service apache restart
Configuration
- federez_ldap/settings_local.py
# Local settings DEBUG = False TEMPLATE_DEBUG = DEBUG DATABASES = { 'default': { 'ENGINE': 'django.db.backends.sqlite3', # Add 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'. 'NAME': '/srv/webldap/db', # Or path to database file if using sqlite3. 'USER': '', # Not used with sqlite3. 'PASSWORD': '', # Not used with sqlite3. 'HOST': '', # Set to empty string for localhost. Not used with sqlite3. 'PORT': '', # Set to empty string for default. Not used with sqlite3. } } # Make this unique, and don't share it with anybody. SECRET_KEY = 'secret' TEMPLATE_DIRS = ( # Put strings here, like "/home/html/django_templates" or "C:/www/django/templates". # Always use forward slashes, even on Windows. # Don't forget to use absolute paths, not relative paths. ) # Settings specific to 'accounts' # SMTP relay (host and port) to use for confirmation mails EMAIL_HOST = 'localhost' EMAIL_PORT = 25 # Address to appear in From field EMAIL_FROM = 'admin@federez.net' # Number of hours a token sent by email remains valid after having been # created. Numeric and string versions should have the same meaning. REQ_EXPIRE_HRS = 48 REQ_EXPIRE_STR = '48 heures' # LDAP URI (protocol and address) LDAP_URI = 'ldap://localhost' # Whether to use STARTTLS or not LDAP_STARTTLS = False # Certificate to be used with LDAPS or STARTTLS LDAP_CACERT = '' # LDAP base LDAP_BASE = 'dc=federez,dc=net' # LDAP application DN LDAP_WEBLDAP_USER = 'cn=webldap,ou=service-users,dc=federez,dc=net' # LDAP application password LDAP_WEBLDAP_PASSWD = 'secret' # Default LDAP groups and roles for created users LDAP_DEFAULT_GROUPS = [] LDAP_DEFAULT_ROLES = ['member']
- /etc/apache2/sites-available/webldap
<VirtualHost *:80> ServerName ldap.federez.net Redirect permanent / https://ldap.federez.net # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn ErrorLog ${APACHE_LOG_DIR}/webldap-error.log CustomLog ${APACHE_LOG_DIR}/webldap-access.log combined </VirtualHost> <VirtualHost *:443> ServerName ldap.federez.net # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn ErrorLog ${APACHE_LOG_DIR}/webldap-error.log CustomLog ${APACHE_LOG_DIR}/webldap-access.log combined Alias /static /srv/webldap/accounts/static WSGIScriptAlias / /srv/webldap/federez_ldap/wsgi.py WSGIProcessGroup webldap WSGIDaemonProcess webldap processes=2 threads=16 maximum-requests=1000 display-name=webldap SSLEngine on SSLCertificateFile /etc/ssl/federez/federez.crt SSLCertificateKeyFile /etc/ssl/private/federez.key SSLCertificateChainFile /etc/ssl/federez/sub.class2.server.ca.pem SSLCACertificateFile /etc/ssl/certs/StartCom_Certification_Authority.pem </VirtualHost>
admin/services/webldap.1386943368.txt.gz · Dernière modification : 2013/12/13 15:02 de zertrin