Skip to content
Snippets Groups Projects
Commit ad12ac0c authored by Christian Elberfeld's avatar Christian Elberfeld
Browse files

Einrichtung OAUth Login mit uffd

parent cf6b472c
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
testserver/docker_dokuwiki/tasks/main.yml
+ 27
23
View file @ ad12ac0c
...@@ -3,6 +3,8 @@ ...@@ -3,6 +3,8 @@
- include_tasks: ../functions/get_secret.yml - include_tasks: ../functions/get_secret.yml
with_items: with_items:
- { path: "{{ basedir }}/secrets/oauth_secret", length: 64} - { path: "{{ basedir }}/secrets/oauth_secret", length: 64}
- { path: "{{ basedir }}/dokuwiki_api_secret", length: 32 }
- { path: "{{ basedir }}/ldap_bind_pw", length: 32 }
- name: create folder struct for dokuwiki - name: create folder struct for dokuwiki
file: file:
...@@ -16,6 +18,7 @@ ...@@ -16,6 +18,7 @@
- "{{ basedir }}/data/lib/plugins" - "{{ basedir }}/data/lib/plugins"
- "{{ basedir }}/data/lib/plugins/oauth" - "{{ basedir }}/data/lib/plugins/oauth"
- "{{ basedir }}/data/lib/plugins/oauthgeneric" - "{{ basedir }}/data/lib/plugins/oauthgeneric"
- "{{ basedir }}/uffd-ldapd"
- name: Docker Compose Konfig-Datei erstellen - name: Docker Compose Konfig-Datei erstellen
template: template:
...@@ -24,35 +27,36 @@ ...@@ -24,35 +27,36 @@
with_items: with_items:
- docker-compose.yml - docker-compose.yml
- Dockerfile - Dockerfile
- uffd-ldapd/Dockerfile
register: config register: config
- name: oauth plugin clonen #- name: oauth plugin clonen
ansible.builtin.git: # ansible.builtin.git:
repo: https://github.com/cosmocode/dokuwiki-plugin-oauth.git # repo: https://github.com/cosmocode/dokuwiki-plugin-oauth.git
dest: "{{ basedir }}/data/lib/plugins/oauth" # dest: "{{ basedir }}/data/lib/plugins/oauth"
force: true # force: true
- name: config für oauth kopieren #- name: config für oauth kopieren
ansible.builtin.template: # ansible.builtin.template:
src: oauth_vars.php # src: oauth_vars.php
dest: "{{ basedir }}/data/lib/plugins/oauth/conf/default.php" # dest: "{{ basedir }}/data/lib/plugins/oauth/conf/default.php"
- name: oauthgeneric plugin clonen #- name: oauthgeneric plugin clonen
ansible.builtin.git: # ansible.builtin.git:
repo: https://github.com/cosmocode/dokuwiki-plugin-oauthgeneric.git # repo: https://github.com/cosmocode/dokuwiki-plugin-oauthgeneric.git
dest: "{{ basedir }}/data/lib/plugins/oauthgeneric" # dest: "{{ basedir }}/data/lib/plugins/oauthgeneric"
force: true # force: true
- name: config für oauthgeneric kopieren #- name: config für oauthgeneric kopieren
ansible.builtin.template: # ansible.builtin.template:
src: oauthgeneric_vars.php # src: oauthgeneric_vars.php
dest: "{{ basedir }}/data/lib/plugins/oauthgeneric/conf/default.php" # dest: "{{ basedir }}/data/lib/plugins/oauthgeneric/conf/default.php"
- name: oauth provider aktivieren #- name: oauth provider aktivieren
ansible.builtin.lineinfile: # ansible.builtin.lineinfile:
path: "{{ basedir }}/data/conf/local.php" # path: "{{ basedir }}/data/conf/local.php"
regexp: "^$conf['authtype'] = " # regexp: "^$conf['authtype'] = "
line: "$conf['authtype'] = 'oauth';" # line: "$conf['authtype'] = 'oauth';"
- name: "stop {{ servicename}} docker" - name: "stop {{ servicename}} docker"
community.docker.docker_compose_v2: community.docker.docker_compose_v2:
......
testserver/docker_dokuwiki/templates/docker-compose.yml
+ 14
1
View file @ ad12ac0c
...@@ -17,7 +17,20 @@ services: ...@@ -17,7 +17,20 @@ services:
networks: networks:
- default - default
- web - web
ldap:
build: uffd-ldapd/
restart: always
environment:
SERVER_API_URL: "{{ oidc_global.provider_url }}"
SERVER_API_USER: "dokuwikildap"
SERVER_API_SECRET: "{{ dokuwiki_api_secret }}"
SERVER_BASE_DN: "{{ oidc_global.ldap_base_dn }}"
SERVER_BIND_PASSWORD: "{{ ldap_bind_pw}}"
networks:
- default
networks: networks:
web: web:
external: true external: true
testserver/docker_dokuwiki/templates/uffd-ldapd/Dockerfile 0 → 100644
+ 24
0
View file @ ad12ac0c
FROM debian:bookworm-slim
# Set environment variables
ENV DEBIAN_FRONTEND=noninteractive
# Install necessary dependencies and configure custom repository
RUN apt-get update \
&& apt-get install -y --no-install-recommends wget gnupg ca-certificates \
&& wget -O- "https://packages.cccv.de/docs/cccv-archive-key.gpg" | gpg --dearmor -o /etc/apt/trusted.gpg.d/cccv-archive-key.gpg \
&& echo "deb https://packages.cccv.de/uffd bookworm main" > /etc/apt/sources.list.d/custom.list \
&& apt-get update \
&& apt-get install -y --no-install-recommends uffd-ldapd ldap-utils \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
USER 999
EXPOSE 389/tcp
# Set default command
CMD ["/usr/sbin/uffd-ldapd","--socket-address","0.0.0.0:389"]
# Get all LDAP Entries
# ldapsearch -x -H ldap://127.0.0.1 -D "cn=service,ou=system,{{ oidc_global.ldap_base_dn }}" -w "{{ ldap_bind_pw }}" -b "ou=users,{{ oidc_global.ldap_base_dn }}" "(objectClass=*)"
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment