kosmos/akkounts
kosmos
/
akkounts
8
1
Fork 0
Code Issues 21 Pull Requests 1 Actions Packages Releases 11 Activity
akkounts/config/ldap.yml

57 lines
2.0 KiB
YAML
Raw Blame History

## Authorizations
# Uncomment out the merging for each environment that you'd like to include.
# You can also just copy and paste the tree (do not include the "authorizations") to each
# environment if you need something different per environment.
authorizations: &AUTHORIZATIONS
allow_unauthenticated_bind: false
# group_base: ou=groups,dc=test,dc=com
## Requires config.ldap_check_group_membership in devise.rb be true
# Can have multiple values, must match all to be authorized
# required_groups:
# If only a group name is given, membership will be checked against "uniqueMember"
# - cn=admins,ou=groups,dc=test,dc=com
# - cn=users,ou=groups,dc=test,dc=com
# If an array is given, the first element will be the attribute to check against, the second the group name
# - ["moreMembers", "cn=users,ou=groups,dc=test,dc=com"]
## Requires config.ldap_check_attributes in devise.rb to be true
## Can have multiple attributes and values, must match all to be authorized
# require_attribute:
# objectClass: inetOrgPerson
# authorizationRole: postsAdmin
## Requires config.ldap_check_attributes_presence in devise.rb to be true
## Can have multiple attributes set to true or false to check presence, all must match all to be authorized
require_attribute_presence:
mail: true
## Environment
development:
host: 192.168.56.5
port: 389
attribute: cn
base: ou=kosmos.org,cn=users,dc=kosmos,dc=org
admin_user: "cn=Directory Manager"
admin_password: localpass
# ssl: false
# <<: *AUTHORIZATIONS
test:
host: localhost
port: 3389
attribute: cn
base: ou=kosmos.org,cn=users,dc=kosmos,dc=org
admin_user: "cn=Directory Manager"
admin_password: adminpass
# ssl: false
# <<: *AUTHORIZATIONS
production:
host: ldap.kosmos.org
port: 636
attribute: cn
base: ou=kosmos.org,cn=users,dc=kosmos,dc=org
admin_user: <%= Rails.application.credentials.ldap[:username] rescue nil %>
admin_password: <%= Rails.application.credentials.ldap[:password] rescue nil %>
ssl: simple_tls
# <<: *AUTHORIZATIONS
Reference in New Issue View Git Blame Copy Permalink