__netbox: enable ldap usage via configuration.py
The REMOTE_AUTH_BACKEND must be set to use LDAP. It now exports USE_LDAP to generally say if LDAP is being used in the configuration or not.
This commit is contained in:
parent
e0a1b4f663
commit
bbce0030ab
3 changed files with 21 additions and 7 deletions
|
|
@ -240,9 +240,23 @@ PREFER_IPV4 = False
|
||||||
RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = 22
|
RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = 22
|
||||||
RACK_ELEVATION_DEFAULT_UNIT_WIDTH = 220
|
RACK_ELEVATION_DEFAULT_UNIT_WIDTH = 220
|
||||||
|
|
||||||
|
EOF
|
||||||
|
|
||||||
|
if [ "$USE_LDAP" ]; then
|
||||||
|
cat << EOF
|
||||||
|
# Remote authentication support with ldap
|
||||||
|
REMOTE_AUTH_ENABLED = True
|
||||||
|
REMOTE_AUTH_BACKEND = 'netbox.authentication.LDAPBackend'
|
||||||
|
EOF
|
||||||
|
else
|
||||||
|
cat << EOF
|
||||||
# Remote authentication support
|
# Remote authentication support
|
||||||
REMOTE_AUTH_ENABLED = False
|
REMOTE_AUTH_ENABLED = False
|
||||||
REMOTE_AUTH_BACKEND = 'netbox.authentication.RemoteUserBackend'
|
REMOTE_AUTH_BACKEND = 'netbox.authentication.RemoteUserBackend'
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
|
||||||
|
cat << EOF
|
||||||
REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER'
|
REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER'
|
||||||
REMOTE_AUTH_AUTO_CREATE_USER = True
|
REMOTE_AUTH_AUTO_CREATE_USER = True
|
||||||
REMOTE_AUTH_DEFAULT_GROUPS = []
|
REMOTE_AUTH_DEFAULT_GROUPS = []
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
# no configuration if there are no ldap parameters
|
# no configuration if there are no ldap parameters
|
||||||
if [ -z "$(find "$__object/parameter/" -type f -name 'ldap-*' -print)" ]; then
|
if [ -z "$USE_LDAP" ]; then
|
||||||
# skip
|
# skip
|
||||||
cat << EOF
|
cat << EOF
|
||||||
##############################
|
##############################
|
||||||
|
|
|
||||||
|
|
@ -57,38 +57,38 @@ export SECRET_KEY
|
||||||
|
|
||||||
if [ -f "$__object/parameter/ldap-server" ]; then
|
if [ -f "$__object/parameter/ldap-server" ]; then
|
||||||
LDAP_SERVER=$(cat "$__object/parameter/ldap-server")
|
LDAP_SERVER=$(cat "$__object/parameter/ldap-server")
|
||||||
|
USE_LDAP=yes
|
||||||
export LDAP_SERVER
|
export LDAP_SERVER
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -f "$__object/parameter/ldap-bind-dn" ]; then
|
if [ -f "$__object/parameter/ldap-bind-dn" ]; then
|
||||||
LDAP_BIND_DN=$(cat "$__object/parameter/ldap-bind-dn")
|
LDAP_BIND_DN=$(cat "$__object/parameter/ldap-bind-dn")
|
||||||
|
USE_LDAP=yes
|
||||||
export LDAP_BIND_DN
|
export LDAP_BIND_DN
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -f "$__object/parameter/ldap-bind-password" ]; then
|
if [ -f "$__object/parameter/ldap-bind-password" ]; then
|
||||||
LDAP_BIND_PASSWORD=$(cat "$__object/parameter/ldap-bind-password")
|
LDAP_BIND_PASSWORD=$(cat "$__object/parameter/ldap-bind-password")
|
||||||
|
USE_LDAP=yes
|
||||||
export LDAP_BIND_PASSWORD
|
export LDAP_BIND_PASSWORD
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -f "$__object/parameter/ldap-user-base" ]; then
|
if [ -f "$__object/parameter/ldap-user-base" ]; then
|
||||||
LDAP_USER_BASE=$(cat "$__object/parameter/ldap-user-base")
|
LDAP_USER_BASE=$(cat "$__object/parameter/ldap-user-base")
|
||||||
|
USE_LDAP=yes
|
||||||
export LDAP_USER_BASE
|
export LDAP_USER_BASE
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -f "$__object/parameter/ldap-group-base" ]; then
|
if [ -f "$__object/parameter/ldap-group-base" ]; then
|
||||||
LDAP_GROUP_BASE=$(cat "$__object/parameter/ldap-group-base")
|
LDAP_GROUP_BASE=$(cat "$__object/parameter/ldap-group-base")
|
||||||
export LDAP_GROUP_BASE
|
export LDAP_GROUP_BASE
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -f "$__object/parameter/ldap-require-group" ]; then
|
if [ -f "$__object/parameter/ldap-require-group" ]; then
|
||||||
LDAP_REQUIRE_GROUP=$(cat "$__object/parameter/ldap-require-group")
|
LDAP_REQUIRE_GROUP=$(cat "$__object/parameter/ldap-require-group")
|
||||||
export LDAP_REQUIRE_GROUP
|
export LDAP_REQUIRE_GROUP
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -f "$__object/parameter/ldap-superuser-group" ]; then
|
if [ -f "$__object/parameter/ldap-superuser-group" ]; then
|
||||||
LDAP_SUPERUSER_GROUP=$(cat "$__object/parameter/ldap-superuser-group")
|
LDAP_SUPERUSER_GROUP=$(cat "$__object/parameter/ldap-superuser-group")
|
||||||
export LDAP_SUPERUSER_GROUP
|
export LDAP_SUPERUSER_GROUP
|
||||||
fi
|
fi
|
||||||
|
# export if base ldap parameters are used
|
||||||
|
export USE_LDAP
|
||||||
|
|
||||||
# have default values
|
# have default values
|
||||||
REDIS_HOST="$(cat "$__object/parameter/redis-host")"
|
REDIS_HOST="$(cat "$__object/parameter/redis-host")"
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue