__netbox: enable ldap usage via configuration.py
The REMOTE_AUTH_BACKEND must be set to use LDAP. It now exports USE_LDAP to generally say if LDAP is being used in the configuration or not.
This commit is contained in:
parent
e0a1b4f663
commit
bbce0030ab
3 changed files with 21 additions and 7 deletions
|
|
@ -240,9 +240,23 @@ PREFER_IPV4 = False
|
|||
RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = 22
|
||||
RACK_ELEVATION_DEFAULT_UNIT_WIDTH = 220
|
||||
|
||||
EOF
|
||||
|
||||
if [ "$USE_LDAP" ]; then
|
||||
cat << EOF
|
||||
# Remote authentication support with ldap
|
||||
REMOTE_AUTH_ENABLED = True
|
||||
REMOTE_AUTH_BACKEND = 'netbox.authentication.LDAPBackend'
|
||||
EOF
|
||||
else
|
||||
cat << EOF
|
||||
# Remote authentication support
|
||||
REMOTE_AUTH_ENABLED = False
|
||||
REMOTE_AUTH_BACKEND = 'netbox.authentication.RemoteUserBackend'
|
||||
EOF
|
||||
fi
|
||||
|
||||
cat << EOF
|
||||
REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER'
|
||||
REMOTE_AUTH_AUTO_CREATE_USER = True
|
||||
REMOTE_AUTH_DEFAULT_GROUPS = []
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/sh
|
||||
|
||||
# no configuration if there are no ldap parameters
|
||||
if [ -z "$(find "$__object/parameter/" -type f -name 'ldap-*' -print)" ]; then
|
||||
if [ -z "$USE_LDAP" ]; then
|
||||
# skip
|
||||
cat << EOF
|
||||
##############################
|
||||
|
|
|
|||
|
|
@ -57,38 +57,38 @@ export SECRET_KEY
|
|||
|
||||
if [ -f "$__object/parameter/ldap-server" ]; then
|
||||
LDAP_SERVER=$(cat "$__object/parameter/ldap-server")
|
||||
USE_LDAP=yes
|
||||
export LDAP_SERVER
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/ldap-bind-dn" ]; then
|
||||
LDAP_BIND_DN=$(cat "$__object/parameter/ldap-bind-dn")
|
||||
USE_LDAP=yes
|
||||
export LDAP_BIND_DN
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/ldap-bind-password" ]; then
|
||||
LDAP_BIND_PASSWORD=$(cat "$__object/parameter/ldap-bind-password")
|
||||
USE_LDAP=yes
|
||||
export LDAP_BIND_PASSWORD
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/ldap-user-base" ]; then
|
||||
LDAP_USER_BASE=$(cat "$__object/parameter/ldap-user-base")
|
||||
USE_LDAP=yes
|
||||
export LDAP_USER_BASE
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/ldap-group-base" ]; then
|
||||
LDAP_GROUP_BASE=$(cat "$__object/parameter/ldap-group-base")
|
||||
export LDAP_GROUP_BASE
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/ldap-require-group" ]; then
|
||||
LDAP_REQUIRE_GROUP=$(cat "$__object/parameter/ldap-require-group")
|
||||
export LDAP_REQUIRE_GROUP
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/ldap-superuser-group" ]; then
|
||||
LDAP_SUPERUSER_GROUP=$(cat "$__object/parameter/ldap-superuser-group")
|
||||
export LDAP_SUPERUSER_GROUP
|
||||
fi
|
||||
# export if base ldap parameters are used
|
||||
export USE_LDAP
|
||||
|
||||
# have default values
|
||||
REDIS_HOST="$(cat "$__object/parameter/redis-host")"
|
||||
|
|
|
|||
Loading…
Reference in a new issue