Greg greg

1 Followers · 0 Following

• Joined on 2018-11-05
• • 

Repositories Projects Packages Public Activity Starred Repositories

1

greg opened issue kosmos/gitea.kosmos.org#44 2020-02-14 16:00:08 +00:00

Generate the ini config file from environment variables?

greg deleted branch bugfix/128-set_acis_on_users from kosmos/chef 2020-02-14 15:47:23 +00:00

greg merged pull request kosmos/chef#131 2020-02-14 15:47:18 +00:00

Set the ACIs on the base DN

greg closed issue kosmos/chef#128 2020-02-14 15:47:18 +00:00

LDAP users should only be able to change their own password

greg closed pull request kosmos/chef#131 2020-02-14 15:47:18 +00:00

Set the ACIs on the base DN

greg pushed to master at kosmos/chef 2020-02-14 15:47:18 +00:00

585041e36c Merge branch 'bugfix/128-set_acis_on_users' of kosmos/chef into master

e56faab5b1 Set the ACIs on the base DN

Compare 2 commits »

greg commented on issue kosmos/chef#132 2020-02-14 13:03:26 +00:00

Enable LDAP for the XMPP 5apps.com vhost

Good point, I have moved the admin users to an encrypted data bag

greg commented on issue kosmos/chef#123 2020-02-14 13:02:25 +00:00

Enable LDAP support on ejabberd

The LDAP implementation in ejabberd doesn't support SASL authentication. From the docs:

greg pushed to feature/123-ejabberd_5apps at kosmos/chef 2020-02-14 12:57:28 +00:00

55eb95ae73 Verify the TLS server's certificate

dc1226073c Move the admin users to the ejabberd encrypted data bag

Compare 2 commits »

greg commented on issue kosmos/chef#132 2020-02-14 09:11:33 +00:00

Enable LDAP for the XMPP 5apps.com vhost

I was considering using different files for the vhosts, but then I could not find a way to define the hosts all at once (https://docs.ejabberd.im/admin/configuration/#host-names), so it didn't seem to make much sense to split the config. I'm going to look into what's possible

greg created pull request kosmos/chef#132 2020-02-12 17:04:36 +00:00

WIP: Enable LDAP on the XMPP 5apps.com vhost

greg pushed to feature/123-ejabberd_5apps at kosmos/chef 2020-02-12 16:42:13 +00:00

49d01991fd Enable LDAP on the XMPP 5apps.com vhost

greg created pull request kosmos/chef#131 2020-02-12 15:19:29 +00:00

Set the ACIs on the base DN

greg pushed to bugfix/128-set_acis_on_users at kosmos/chef 2020-02-12 15:17:40 +00:00

e56faab5b1 Set the ACIs on the base DN

greg commented on issue kosmos/chef#128 2020-02-07 15:42:19 +00:00

LDAP users should only be able to change their own password

Makes sense, I'm fixing the title

greg commented on issue kosmos/chef#129 2020-02-07 10:31:22 +00:00

Encrypt user data at rest

Good idea. We might want to compare it with eCryptfs and other solutions

greg commented on issue kosmos/chef#128 2020-02-07 10:28:42 +00:00

LDAP users should only be able to change their own password

I agree that everything should be locked down (and the LDAP server should only be accessible by servers that need access) once we have added these features to akkounts. However I think the changes for akkounts should go in another issue. For now we need users to be able to change their passwords.

greg commented on issue kosmos/chef#127 2020-02-06 12:27:22 +00:00

Change LDAP directory structure to accommodate multiple domains

I agree, here's a filtered role example (for the 5apps XMPP config): kosmos/chef#123 (comment)

greg commented on issue kosmos/chef#123 2020-02-06 12:24:18 +00:00

Enable LDAP support on ejabberd

I have prepared the 5apps XMPP migration to LDAP.

greg commented on issue kosmos/meta#12 2020-02-06 09:37:19 +00:00

Kosmos Hack Days 2020/1

Cool! I'm in for both XMPP and Kosmos