2021-12-21 16:07:56 +00:00
|
|
|
# ldap frontend for Queeres Zentrum Wiesbaden
|
|
|
|
|
|
|
|
Licenced under [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). See [LICENCE](LICENCE) file for full licence text.
|
|
|
|
|
2021-12-23 08:14:27 +00:00
|
|
|
## Development
|
|
|
|
|
|
|
|
All instructions assume you have the requirements already installed.
|
|
|
|
|
|
|
|
## Adding translations
|
|
|
|
|
|
|
|
Replace `<LANG>` with your intended language.
|
|
|
|
|
|
|
|
1. run `pybabel init -i messages.pot -d translations -l <LANG>`
|
|
|
|
2. edit `translations/<LANG>/LC_MESSAGES/messages.po`
|
|
|
|
3. For testing, run `pybabel compile -d translations`
|
|
|
|
|
|
|
|
If you changed the translation strings, make sure to run `pybabel extract -F babel.cfg -o messages.pot .` and
|
|
|
|
`pybabel update -i messages.pot -d translations` first.
|
|
|
|
|
2021-12-21 16:07:56 +00:00
|
|
|
## Setting it up
|
|
|
|
|
2021-12-23 08:14:27 +00:00
|
|
|
After deploying the repository, change to `ldap_frontend` directory, then
|
|
|
|
run `pybabel compile -d translations`.
|
|
|
|
|
2021-12-21 16:07:56 +00:00
|
|
|
### config.json
|
|
|
|
```json
|
|
|
|
{
|
|
|
|
"ldap": {
|
|
|
|
"server": "ldap://localhost:389",
|
|
|
|
"username": "uid=ldap-frontend,ou=Applications,dc=qzwi,dc=de",
|
|
|
|
"password": "my_super_secure_password",
|
|
|
|
"group_base": "ou=Groups,dc=qzwi,dc=de",
|
|
|
|
"user_base": "ou=Users,dc=qzwi,dc=de"
|
|
|
|
},
|
|
|
|
"template": {
|
|
|
|
"group_admin": "(&(objectclass=inetOrgPerson)(uid={})(memberOf=ou=qzwi-admins,ou=Groups,dc=qzwi,dc=de))",
|
|
|
|
"group_dn": "ou={},ou=Groups,dc=qzwi,dc=de",
|
|
|
|
"group_members": "(&(objectclass=inetOrgPerson)(memberOf=ou={},ou=Groups,dc=qzwi,dc=de))",
|
|
|
|
"group_nonmembers": "(&(objectclass=inetOrgPerson)(!(memberOf=ou={},ou=Groups,dc=qzwi,dc=de)))",
|
|
|
|
"user_dn": "uid={},ou=Users,dc=qzwi,dc=de",
|
|
|
|
"user_search": "(&(objectclass=inetOrgPerson)(uid={}))"
|
|
|
|
},
|
|
|
|
"title": "Usermanagement QZWI"
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
### ldap-frontend.service
|
|
|
|
```
|
|
|
|
[Unit]
|
|
|
|
Description=LDAP frontend
|
|
|
|
After=network.target
|
|
|
|
Requires=slapd.service # remove this if your server is not running on same machine
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
User=www-data
|
|
|
|
Group=www-data
|
|
|
|
Environment=APP_CONFIG=/opt/ldap-frontend/config.json
|
|
|
|
Environment=FLASK_SECRET_KEY=reallysecure
|
|
|
|
WorkingDirectory=/opt/ldap-frontend/src
|
|
|
|
ExecStart=/opt/ldap-frontend/venv/bin/gunicorn --threads 4 --bind 127.0.0.1:23000 'ldap_frontend:app'
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
WantedBy=multi-user.target
|
|
|
|
```
|