strepsirrhini/lemur
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Agregué variables para habilitar y configurar ldap

Browse source
This commit is contained in:
Iván Chavero 2023-07-11 22:52:19 -06:00
parent e4eb070c4a
commit c8850d0d46
2 changed files with 33 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
nextcloud/ansible/roles/nextcloud/tasks/main.yml
View file

@ -302,23 +302,24 @@
- name: Configure LDAP
ansible.builtin.shell:
cmd: |
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapBase cn=users,cn=accounts,dc=libreoffice,dc=gob,dc=mx
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapBaseGroups cn=users,cn=accounts,dc=libreoffice,dc=gob,dc=mx
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapBaseUsers cn=users,cn=accounts,dc=libreoffice,dc=gob,dc=mx
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapAgentName "cn=Directory Manager"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapAgentPassword {{ ldap_agent_password }}
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapHost {{ ldap_server_host }}
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 hasMemberOfFilterSupport 1
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapEmailAttribute mail
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapLoginFilter "(&(&(|(objectclass=posixAccount)))(|(uid=%uid)(|(mailPrimaryAddress=%uid)(mail=%uid))))"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapPort 389
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapUserFilter "(&(|(objectclass=posixAccount)))"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapUserFilterObjectclass posixAccount
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapConfigurationActive 1
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapBase "{{ ldapBase }}"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapBaseGroups "{{ ldapBaseGroups }}"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapBaseUsers "{{ ldapBaseUsers }}"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapAgentName "{{ ldapAgentName }}"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapAgentPassword "{{ ldap_agent_password }}"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapHost "{{ ldap_server_host }}"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 hasMemberOfFilterSupport "{{ hasMemberOfFilterSupport }}"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapEmailAttribute "{{ ldapEmailAttribute }}"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapLoginFilter "{{ ldapLoginFilter }}"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapPort "{{ ldapPort }}"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapUserFilter "{{ ldapUserFilter }}"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapUserFilterObjectclass "{{ ldapUserFilterObjectclass }}"
/usr/bin/php "{{ nextcloud_occ }}" ldap:set-config s01 ldapConfigurationActive "{{ ldapConfigurationActive }}"
become: true
become_user: "{{ web_user }}"
tags:
- ldap
when: ldap_enabled
- name: Set httpd_can_network_relay to allow nginx to proxy connections
seboolean:

19
nextcloud/ansible/vars/main.ejemplo.yaml
View file

@ -22,6 +22,25 @@ nextcloud_db: nextcloud
nextcloud_db_user: nextcloud
nextcloud_db_user_password: Una contraseña bien, pero bien difícil.
## LDAP
ldap_enabled: false
ldap_agent_password: cIBI4mLESN1nSrAPr7pX3350NPXkD3vExjr27X1ju
ldap_server_host: "10.254.1.1"
ldapBase: cn=users,cn=accounts,dc=softwarelibre,dc=mx
ldapBaseGroups: cn=users,cn=accounts,dc=softwarelibre,dc=mx
ldapBaseUsers: cn=users,cn=accounts,dc=softwarelibre,dc=mx
ldapAgentName: "cn=Directory Manager"
ldapAgentPassword: {{ ldap_agent_password }}
ldapHost: {{ ldap_server_host }}
hasMemberOfFilterSupport: 1
ldapEmailAttribute: mail
ldapLoginFilter: "(&(&(|(objectclass=posixAccount)))(|(uid=%uid)(|(mailPrimaryAddress=%uid)(mail=%uid))))"
ldapPort: 389
ldapUserFilter: "(&(|(objectclass=posixAccount)))"
ldapUserFilterObjectclass: posixAccount
ldapConfigurationActive: 1
## occ
nextcloud_occ: "{{ nextcloud_path }}/occ"