fix(lldap): lldap fixes and refactor (#7869)
**Description** <!-- Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change. --> Installed lldap as it's recently come through. Addressing issues with answers to the questions.yaml not feeding through also removed the password var as the default can be changed in the web portal. LDAP service also wasn't being created so addressed that too. Need to push a seperate change to container repo to switch to a more stable image i.e. stable instead of latest tag. Also taken the opportunity to pare down the questions.yaml to ensure it keeps the app as simple as possible in line with it's keep things as simple as possible philosophy. ⚒️ Fixes # <!--(issue)--> **⚙️ Type of change** - [ ] ⚙️ Feature/App addition - [X] 🪛 Bugfix - [ ] ⚠️ Breaking change (fix or feature that would cause existing functionality to not work as expected) - [X] 🔃 Refactor of current code **🧪 How Has This Been Tested?** <!-- Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration --> Tested initial app on my own live system and identified issues with the questions.yaml (default in values.yaml not overridden) as well as the ldap service not appearing. **📃 Notes:** <!-- Please enter any other relevant information here --> Additional container PR to be raised changing app image tag to stable instead of latest (potentially unstable changes with this tag that aren't production ready). **✔️ Checklist:** - [X] ⚖️ My code follows the style guidelines of this project - [X] 👀 I have performed a self-review of my own code - [ ] #️⃣ I have commented my code, particularly in hard-to-understand areas - [ ] 📄 I have made corresponding changes to the documentation - [ ] ⚠️ My changes generate no new warnings - [ ] 🧪 I have added tests to this description that prove my fix is effective or that my feature works - [X] ⬆️ I increased versions for any altered app according to semantic versioning **➕ App addition** If this PR is an app addition please make sure you have done the following. - [ ] 🪞 I have opened a PR on [truecharts/containers](https://github.com/truecharts/containers) adding the container to TrueCharts mirror repo. - [ ] 🖼️ I have added an icon in the Chart's root directory called `icon.png` --- _Please don't blindly check all the boxes. Read them and only check those that apply. Those checkboxes are there for the reviewer to see what is this all about and the status of this PR with a quick glance._
This commit is contained in:
MaverickD650
GitHub
parent
337a44e09f
commit
f07f0f38b2
|
|
@ -3,7 +3,7 @@ appVersion: "latest"
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 12.2.28
|
||||
version: 12.4.6
|
||||
deprecated: false
|
||||
description: Lightweight ldap server for authentication and user management
|
||||
home: https://truecharts.org/charts/incubator/lldap
|
||||
|
|
@ -23,7 +23,7 @@ sources:
|
|||
- https://github.com/truecharts/charts/tree/master/charts/incubator/lldap
|
||||
- https://github.com/nitnelave/lldap
|
||||
type: application
|
||||
version: 0.0.2
|
||||
version: 0.1.0
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- ldap
|
||||
|
|
|
|||
|
|
@ -0,0 +1,27 @@
|
|||
# Installation notes
|
||||
|
||||
## Default Configuration
|
||||
|
||||
LLDAP is configured using the default options generated by the application on first run. The exception to this is the 'Base DN for LDAP' option which has been exposed to the user.
|
||||
|
||||
By default, LLDAP will use the following options:
|
||||
|
||||
- Admin username: admin
|
||||
- Admin password: password
|
||||
- Base DN for LDAP: dc=example,dc=org
|
||||
- LDAP port: 3890
|
||||
|
||||
> ⚠️ **WARNING**: The default configuration is not secure and should not be used in production. Please change the admin password for LDAP before using LLDAP in production. ⚠️
|
||||
|
||||
## Usage
|
||||
|
||||
LLDAP can be used as the user backend for Authelia and Authentik as well as any other application that supports LDAP e.g. Jellyfin and Nextcloud.
|
||||
|
||||
## Support
|
||||
|
||||
- If you need more details or have a more custom setup the documentation on the [upstream](https://github.com/ldap/ldap) is very useful so check the descriptions of the options there including example configs for various apps.
|
||||
- You can also reach us using [Discord](https://discord.gg/tVsPTHWTtr) for real-time feedback and support
|
||||
|
||||
---
|
||||
|
||||
All Rights Reserved - The TrueCharts Project
|
||||
|
|
@ -4,41 +4,41 @@ portals:
|
|||
# Include{portalLink}
|
||||
questions:
|
||||
# Include{global}
|
||||
# Include{controllerExpert}
|
||||
# Include{fixedEnv}
|
||||
# Include{workload}
|
||||
# Include{workloadDeployment}
|
||||
# Include{replicas1}
|
||||
# Include{podSpec}
|
||||
# Include{containerMain}
|
||||
- variable: env
|
||||
label: ""
|
||||
group: "App Configuration"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: LLDAP_LDAP_BASE_DN
|
||||
label: "Base DN for LDAP"
|
||||
schema:
|
||||
type: string
|
||||
required: true
|
||||
default: "dc=example,dc=com"
|
||||
# Include{containerBasic}
|
||||
# Include{containerAdvanced}
|
||||
# Include{containerConfig}
|
||||
- variable: env
|
||||
group: "App Configuration"
|
||||
label: "Image Environment"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: LLDAP_LDAP_USER_PASS
|
||||
group: "App Configuration"
|
||||
label: "Admin Password"
|
||||
schema:
|
||||
type: string
|
||||
required: true
|
||||
default: "change me"
|
||||
- variable: LLDAP_LDAP_BASE_DN
|
||||
group: "App Configuration"
|
||||
label: "Base DN for LDAP"
|
||||
schema:
|
||||
type: string
|
||||
required: true
|
||||
default: "dc=example,dc=com"
|
||||
# Include{serviceRoot}
|
||||
- variable: main
|
||||
label: "Main Service"
|
||||
description: "The Primary service on which the healthcheck runs, often the webUI"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
# Include{serviceSelector}
|
||||
# Include{serviceSelectorLoadBalancer}
|
||||
# Include{serviceSelectorExtras}
|
||||
- variable: main
|
||||
label: "Main Service Port Configuration"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: port
|
||||
|
|
@ -49,18 +49,27 @@ questions:
|
|||
default: 17170
|
||||
required: true
|
||||
- variable: ldap
|
||||
label: "LDAP Service Port Configuration"
|
||||
label: "Additional service to accept LDAP connections"
|
||||
description: "The Service in which external sources will connect to the LDAP service"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: port
|
||||
label: "Port"
|
||||
description: "This port exposes the container port on the service"
|
||||
schema:
|
||||
type: int
|
||||
default: 3890
|
||||
required: true
|
||||
# Include{serviceSelectorLoadBalancer}
|
||||
# Include{serviceSelectorExtras}
|
||||
- variable: ldap
|
||||
label: "LDAP Service Port Configuration"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: port
|
||||
label: "Port"
|
||||
description: "This port exposes the container port on the service"
|
||||
schema:
|
||||
type: int
|
||||
default: 3890
|
||||
required: true
|
||||
# Include{serviceExpertRoot}
|
||||
default: false
|
||||
# Include{serviceExpert}
|
||||
|
|
@ -83,35 +92,33 @@ questions:
|
|||
# Include{ingressDefault}
|
||||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressExpert}
|
||||
# Include{ingressList}
|
||||
# Include{securityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{postgresql}
|
||||
# Include{postgresqlBasics}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{promtail}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
|||
|
|
@ -15,7 +15,8 @@ service:
|
|||
port: 17170
|
||||
ldap:
|
||||
ports:
|
||||
main:
|
||||
enabled: true
|
||||
ldap:
|
||||
targetPort: 3890
|
||||
port: 3890
|
||||
|
||||
|
|
@ -28,7 +29,6 @@ workload:
|
|||
args: ["run"]
|
||||
env:
|
||||
LLDAP_LDAP_BASE_DN: "dc=example,dc=com"
|
||||
LLDAP_LDAP_USER_PASS: "change me"
|
||||
LLDAP_JWT_SECRET:
|
||||
- secretRef:
|
||||
name: secrets
|
||||
|
|
|
|||
Loading…
Reference in New Issue