No description
Find a file
Rico Ullmann d05d01933d
adjust email value to external-email
as we want to use the mail attribute for postfix and dovecot it makes sense to rename
the existing email attribute. The external-mail attribute can be used for communication
from qzwi to members and/or others, e.g. public authorities, political contacts and so on.
2021-12-31 22:25:16 +01:00
ldap_frontend adjust email value to external-email 2021-12-31 22:25:16 +01:00
.gitignore add translation to german 2021-12-23 09:19:51 +01:00
LICENCE add LICENCE and README.md 2021-12-21 17:07:56 +01:00
README.md add translation to german 2021-12-23 09:19:51 +01:00
requirements.txt add translation to german 2021-12-23 09:19:51 +01:00

ldap frontend for Queeres Zentrum Wiesbaden

Licenced under CC BY-NC-SA 4.0. See LICENCE file for full licence text.

Development

All instructions assume you have the requirements already installed.

Adding translations

Replace <LANG> with your intended language.

  1. run pybabel init -i messages.pot -d translations -l <LANG>
  2. edit translations/<LANG>/LC_MESSAGES/messages.po
  3. For testing, run pybabel compile -d translations

If you changed the translation strings, make sure to run pybabel extract -F babel.cfg -o messages.pot . and pybabel update -i messages.pot -d translations first.

Setting it up

After deploying the repository, change to ldap_frontend directory, then run pybabel compile -d translations.

config.json

{
    "ldap": {
        "server": "ldap://localhost:389",
        "username": "uid=ldap-frontend,ou=Applications,dc=qzwi,dc=de",
        "password": "my_super_secure_password",
        "group_base": "ou=Groups,dc=qzwi,dc=de",
        "user_base": "ou=Users,dc=qzwi,dc=de"
    },
    "template": {
        "group_admin": "(&(objectclass=inetOrgPerson)(uid={})(memberOf=ou=qzwi-admins,ou=Groups,dc=qzwi,dc=de))",
        "group_dn": "ou={},ou=Groups,dc=qzwi,dc=de",
        "group_members": "(&(objectclass=inetOrgPerson)(memberOf=ou={},ou=Groups,dc=qzwi,dc=de))",
        "group_nonmembers": "(&(objectclass=inetOrgPerson)(!(memberOf=ou={},ou=Groups,dc=qzwi,dc=de)))",
        "user_dn": "uid={},ou=Users,dc=qzwi,dc=de",
        "user_search": "(&(objectclass=inetOrgPerson)(uid={}))"
    },
    "title": "Usermanagement QZWI"
}

ldap-frontend.service

[Unit]
Description=LDAP frontend
After=network.target
Requires=slapd.service # remove this if your server is not running on same machine

[Service]
User=www-data
Group=www-data
Environment=APP_CONFIG=/opt/ldap-frontend/config.json
Environment=FLASK_SECRET_KEY=reallysecure
WorkingDirectory=/opt/ldap-frontend/src
ExecStart=/opt/ldap-frontend/venv/bin/gunicorn --threads 4 --bind 127.0.0.1:23000 'ldap_frontend:app'

[Install]
WantedBy=multi-user.target