Refactor LDAP config

* Move credentials to ENV vars in prod
* Use same configs in dev and prod
* Make UID attribute and admin DN configurable

config/credentials.yml.enc

@@ -1 +1 @@
-pTOEEjM0gYLPEE4tjwB6jgnRc08rIgV0d0IkhpalH35eRaXnSKi9WefNQEC/5eM9UwcR1idtFoXyVfIN9/DVxcO7fZ6iBevSCy3yjk4Rx9oxJmt7jy6TV7QGMVm0HsCCOL0jdaZywhOlCrKPng/0SbPWST4PLPuG5rJeW8mIEXMijiQmOW7BbjQUaG3JOUPEdOBftRsDwGn7Ftrr2poxzw7q/i+RcLbklscjz9VfdfemI7z41i/yMVrsg6RPMG3kPjfPv8G8MCYJe1wX82qQZ9FcyfvIdXUx2T8iN1tDpxCNQTR/uVuvmTqVxHosXn2rOVuXauirRx2+4T8BYR4VSNeN+8nwn30eusRm1e4tXrh+Pu1Fo2xVM8/kuDETQnKI5Of6sxYf0/5eAasfkzDlaoqWd9H/0R8vpCrzJ6AUg4vn01VB0r8mTrKYOdctsM3pfq5bnjPUKLGhF/zwUJEWf8baOQabOiMGdklsHLH0kqjKp+je4g7qsCezGYpMIHUnsohgz01XYzC0KC6ZYef3wa2cGM+jMjfumg==--5w+zgJ6GMYtFOSaY--GK6bjOJXO0CYCR+SkyE2mA==
+wVGTGBCsJ2bLSXxn/cYKcYyljVARvZGhi2gOQbiJy/r3Ia4gUmurlKFFKF0m6wmUMIlj+W11Mvu4at3c5h9fzODeIJ+EwkbwLcO8KECUyuXwVxVm2sH2TixWRwhyokT+UwS8J5c7lJTgmFAPlZiRQ+YyrqmhyPzq1fEdErk3btsWNPpJpOsdv1YPBCFFN96zMfY8h+Ttr53a9S58h+fwA+ZF5ePVqeIpJshQ+21UjUIKb5qSLEIECsarI/QJDMQwyKcvYiOEPny8nZL/7bE9TxBgC7v6UnsN+ZXVUB36aw7LOPj+21NVIdWjwOgHYRK1H2Co+stS8bDieuqV29iTTL+F8afHm/6yRc7EAtfKJe3nWf4woI+hHw7p7g/6t451F4nv9Nu1Mmt6YvJjzbSIDbf6Q6yfuYyRAv7uZdXrfsezjyhTDNGQ/SgBDpQ7CUzRoruc--0WsH7dH/QP2Hzvya--8eFWc0g5dVAvrPhC5JpO5Q==

config/initializers/devise.rb

@@ -45,7 +45,7 @@ Devise.setup do |config|
   # Configure the e-mail address which will be shown in Devise::Mailer,
   # note that it will be overwritten if you use your own mailer class
   # with default "from" parameter.
-  config.mailer_sender = 'accounts@kosmos.org'
+  config.mailer_sender = ENV["SMTP_FROM_ADDRESS"] || 'accounts@localhost'
 
   # Configure the class responsible to send e-mails.
   # config.mailer = 'Devise::Mailer'

config/ldap.yml

@@ -28,11 +28,11 @@ authorizations: &AUTHORIZATIONS
 development:
   host: <%= ENV["LDAP_HOST"] || "localhost" %>
   port: <%= ENV["LDAP_PORT"] || "389" %>
-  attribute: cn
-  base: <%= ENV["LDAP_BASE"] || "ou=kosmos.org,cn=users,dc=kosmos,dc=org" %>
-  admin_user: "cn=Directory Manager"
-  admin_password: <%= ENV["LDAP_ADMIN_PASSWORD"] %>
   ssl: <%= ENV["LDAP_USE_TLS"] || "false" %>
+  attribute: <%= ENV["LDAP_UID_ATTR"] || "cn" %>
+  base: <%= ENV["LDAP_BASE"] || "ou=kosmos.org,cn=users,dc=kosmos,dc=org" %>
+  admin_user: <%= ENV["LDAP_ADMIN_USER"] || "cn=Directory Manager" %>
+  admin_password: <%= ENV["LDAP_ADMIN_PASSWORD"] %>
   # <<: *AUTHORIZATIONS
 
 test:
@@ -46,11 +46,11 @@ test:
   # <<: *AUTHORIZATIONS
 
 production:
-  host: ldap.kosmos.local
-  port: 389
-  attribute: cn
-  base: ou=kosmos.org,cn=users,dc=kosmos,dc=org
-  admin_user: <%= Rails.application.credentials.ldap[:username] rescue nil %>
-  admin_password: <%= Rails.application.credentials.ldap[:password] rescue nil %>
-  # ssl: false
+  host: <%= ENV["LDAP_HOST"] || "localhost" %>
+  port: <%= ENV["LDAP_PORT"] || "389" %>
+  ssl: <%= ENV["LDAP_USE_TLS"] || "false" %>
+  attribute: <%= ENV["LDAP_UID_ATTR"] || "cn" %>
+  base: <%= ENV["LDAP_BASE"] || "ou=kosmos.org,cn=users,dc=kosmos,dc=org" %>
+  admin_user: <%= ENV["LDAP_ADMIN_USER"] || "cn=Directory Manager" %>
+  admin_password: <%= ENV["LDAP_ADMIN_PASSWORD"] %>
   # <<: *AUTHORIZATIONS