Skip to content

Integrate ldap with the management console #144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
runleveldev merged 14 commits into from
Dec 17, 2025
Merged

Integrate ldap with the management console #144

runleveldev merged 14 commits into from
Dec 17, 2025

Conversation

@runleveldev
Copy link
Collaborator

@runleveldev runleveldev commented Dec 2, 2025
edited
Loading

  • Add ldap-gateway to the Dockerfile

opensource-server/Dockerfile

Lines 56 to 68 in 69240f6

# Install the ldap-gateway package
ARG LDAP_GATEWAY_BRANCH=main
RUN git clone \
--branch=${LDAP_GATEWAY_BRANCH} \
https://github.com/mieweb/LDAPServer.git \
/opt/ldap-gateway \
&& cd /opt/ldap-gateway \
&& npm install \
&& npm run build \
&& adduser --system --group --disabled-login --no-create-home --home /nonexistent ldap-gateway \
&& chown -R ldap-gateway:ldap-gateway /opt/ldap-gateway \
&& cp /opt/ldap-gateway/nfpm/systemd/ldap-gateway.service /etc/systemd/system/ldap-gateway.service \
&& systemctl enable ldap-gateway

  • Implement SRV record Services to expose the LDAP server to cluster machines
image 
root@manager:/opt/opensource-server# dig SRV _ldaps._tcp.cluster.mieweb.org

; <<>> DiG 9.20.11-4-Debian <<>> SRV _ldaps._tcp.cluster.mieweb.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13940
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;_ldaps._tcp.cluster.mieweb.org.        IN      SRV

;; ANSWER SECTION:
_ldaps._tcp.cluster.mieweb.org. 0 IN    SRV     0 0 636 manager.cluster.mieweb.org.

;; ADDITIONAL SECTION:
manager.cluster.mieweb.org. 0   IN      A       10.17.0.5

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Wed Dec 10 20:41:02 UTC 2025
;; MSG SIZE  rcvd: 121
  • Add ldap-gateway config generation to the pull-config system

opensource-server/create-a-container/routers/sites.js

Line 101 in 69240f6

router.get('/:siteId/ldap.conf', requireLocalhost, async (req, res) => { 

root@manager:/opt/opensource-server# curl localhost:3000/sites/1/ldap.conf
AUTH_BACKENDS=sql
DIRECTORY_BACKEND=sql
LDAP_COMMON_NAME=manager
LDAP_BASE_DN=dc=cluster,dc=mieweb,dc=org
SQL_URI=sqlite:///opt/opensource-server/create-a-container/data/database.sqlite
SQL_QUERY_ALL_USERS="     SELECT       `uid` AS username,       `uidNumber` AS uid_number,       `gidNumber` AS gid_number,       `cn` AS full_name,       `sn` AS surname,       `mail`,       `homeDirectory` AS home_directory,       `userPassword` AS password     FROM `Users`   "
SQL_QUERY_ONE_USER="          SELECT       `uid` AS username,       `uidNumber` AS uid_number,       `gidNumber` AS gid_number,       `cn` AS full_name,       `sn` AS surname,       `mail`,       `homeDirectory` AS home_directory,       `userPassword` AS password     FROM `Users`        WHERE `uid` = ?   "
SQL_QUERY_ALL_GROUPS="     SELECT       g.`cn` AS name,       g.`gidNumber` AS gid_number     FROM `Groups` g   "
SQL_QUERY_GROUPS_BY_MEMBER="          SELECT       g.`cn` AS name,       g.`gidNumber` AS gid_number     FROM `Groups` g        INNER JOIN `UserGroups` ug       ON g.`gidNumber` = ug.`gidNumber`     INNER JOIN `Users` u       ON ug.`uidNumber` = u.`uidNumber`     WHERE u.`uid` = ?   "
  • Refactor the Services model for more flexibility
image

@runleveldev runleveldev linked an issue Dec 2, 2025 that may be closed by this pull request
Integrate LDAP with the management console #140
Closed
@runleveldev runleveldev force-pushed the 140-integrate-ldap-with-the-management-console branch 4 times, most recently from 5e9c372 to f8264a1 Compare December 3, 2025 15:13
@runleveldev runleveldev changed the base branch from main to 118-bootstrap-procedure December 3, 2025 17:53
@runleveldev runleveldev changed the base branch from 118-bootstrap-procedure to main December 3, 2025 17:53
@runleveldev runleveldev force-pushed the 140-integrate-ldap-with-the-management-console branch from f8264a1 to c6428c2 Compare December 3, 2025 17:55
mie-jcrandal
mie-jcrandal approved these changes Dec 5, 2025
View reviewed changes
Copy link
Contributor

@mie-jcrandal mie-jcrandal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, it does need some documentation for how the new fields work with examples.

mie-jcrandal
mie-jcrandal approved these changes Dec 12, 2025
View reviewed changes
Copy link
Contributor

@mie-jcrandal mie-jcrandal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good

@runleveldev runleveldev merged commit 8726d69 into main Dec 17, 2025
3 checks passed
@runleveldev runleveldev deleted the 140-integrate-ldap-with-the-management-console branch December 17, 2025 16:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mie-jcrandal mie-jcrandal mie-jcrandal approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Integrate LDAP with the management console

3 participants

@runleveldev @mie-jcrandal