diff options
author | Alex <alex@adnab.me> | 2020-02-11 23:35:53 +0100 |
---|---|---|
committer | Gitea <gitea@fake.local> | 2020-02-11 23:35:53 +0100 |
commit | 9e5839765a5578fb3ca63fbe55eeba96c14969b6 (patch) | |
tree | 1a2b518ccd68cdd0fe2530041b28bfc910760eb0 /consul | |
parent | 535d1c3aba902ec644387cb41fc7cc0bcf86fae0 (diff) | |
parent | 91032944ee47ed6b6eeb674266ec64bedeac37b7 (diff) | |
download | infrastructure-9e5839765a5578fb3ca63fbe55eeba96c14969b6.tar.gz infrastructure-9e5839765a5578fb3ca63fbe55eeba96c14969b6.zip |
Merge branch 'bottin2_upgrade' of Deuxfleurs/deuxfleurs.fr into master
Diffstat (limited to 'consul')
-rw-r--r-- | consul/configuration/chat/synapse/homeserver.yaml | 2 | ||||
-rw-r--r-- | consul/configuration/directory/bottin/config.json | 3 | ||||
-rw-r--r-- | consul/configuration/email/dovecot/dovecot-ldap.conf.tpl (renamed from consul/configuration/email/dovecot/dovecot-ldap.conf.sample) | 6 | ||||
-rw-r--r-- | consul/configuration/email/postfix/ldap-account.cf.sample | 12 | ||||
-rw-r--r-- | consul/configuration/email/postfix/ldap-account.cf.tpl | 12 | ||||
-rw-r--r-- | consul/configuration/email/postfix/ldap-alias.cf.tpl (renamed from consul/configuration/email/postfix/ldap-alias.cf.sample) | 6 | ||||
-rw-r--r-- | consul/configuration/email/sogo/sogo.conf.tpl | 2 |
7 files changed, 22 insertions, 21 deletions
diff --git a/consul/configuration/chat/synapse/homeserver.yaml b/consul/configuration/chat/synapse/homeserver.yaml index 9e0e97f..c54d4a0 100644 --- a/consul/configuration/chat/synapse/homeserver.yaml +++ b/consul/configuration/chat/synapse/homeserver.yaml @@ -378,7 +378,7 @@ password_providers: - module: "ldap_auth_provider.LdapAuthProvider" config: enabled: true - uri: "ldap://bottin.service.2.cluster.deuxfleurs.fr:389" + uri: "ldap://bottin2.service.2.cluster.deuxfleurs.fr:389" start_tls: false bind_dn: '{{ key "secrets/chat/synapse/ldap_binddn" | trimSpace }}' bind_password: '{{ key "secrets/chat/synapse/ldap_bindpw" | trimSpace }}' diff --git a/consul/configuration/directory/bottin/config.json b/consul/configuration/directory/bottin/config.json index ca49922..93d95c9 100644 --- a/consul/configuration/directory/bottin/config.json +++ b/consul/configuration/directory/bottin/config.json @@ -9,6 +9,7 @@ "cn=admin,dc=deuxfleurs,dc=fr::read add modify delete:*:*", "*:cn=admin,ou=groups,dc=deuxfleurs,dc=fr:read add modify delete:*:*", "ANONYMOUS::bind:*,ou=users,dc=deuxfleurs,dc=fr:", - "ANONYMOUS::bind:cn=admin,dc=deuxfleurs,dc=fr:" + "ANONYMOUS::bind:cn=admin,dc=deuxfleurs,dc=fr:", + "*,ou=services,ou=users,dc=deuxfleurs,dc=fr::bind:*,ou=users,dc=deuxfleurs,dc=fr:*" ] } diff --git a/consul/configuration/email/dovecot/dovecot-ldap.conf.sample b/consul/configuration/email/dovecot/dovecot-ldap.conf.tpl index 4848d6e..9fb1ea6 100644 --- a/consul/configuration/email/dovecot/dovecot-ldap.conf.sample +++ b/consul/configuration/email/dovecot/dovecot-ldap.conf.tpl @@ -1,6 +1,6 @@ -hosts = bottin.service.2.cluster.deuxfleurs.fr -dn = cn=<username>,dc=deuxfleurs,dc=fr -dnpass = <password> +hosts = bottin2.service.2.cluster.deuxfleurs.fr +dn = {{ key "secrets/email/dovecot/ldap_binddn" | trimSpace }} +dnpass = {{ key "secrets/email/dovecot/ldap_bindpwd" | trimSpace }} base = dc=deuxfleurs,dc=fr scope = subtree user_filter = (&(mail=%u)(&(objectClass=inetOrgPerson)(memberOf=cn=email,ou=groups,dc=deuxfleurs,dc=fr))) diff --git a/consul/configuration/email/postfix/ldap-account.cf.sample b/consul/configuration/email/postfix/ldap-account.cf.sample deleted file mode 100644 index 1b90252..0000000 --- a/consul/configuration/email/postfix/ldap-account.cf.sample +++ /dev/null @@ -1,12 +0,0 @@ -bind = yes -bind_dn = cn=<user>,dc=deuxfleurs,dc=fr -bind_pw = <secret> -version = 3 -timeout = 20 -start_tls = no -tls_require_cert = no -server_host = ldap://bottin.service.2.cluster.deuxfleurs.fr -scope = sub -search_base = ou=users,dc=deuxfleurs,dc=fr -query_filter = mail=%s -result_attribute = mail diff --git a/consul/configuration/email/postfix/ldap-account.cf.tpl b/consul/configuration/email/postfix/ldap-account.cf.tpl new file mode 100644 index 0000000..2575f10 --- /dev/null +++ b/consul/configuration/email/postfix/ldap-account.cf.tpl @@ -0,0 +1,12 @@ +bind = yes +bind_dn = {{ key "secrets/email/postfix/ldap_binddn" | trimSpace }} +bind_pw = {{ key "secrets/email/postfix/ldap_bindpwd" | trimSpace }} +version = 3 +timeout = 20 +start_tls = no +tls_require_cert = no +server_host = ldap://bottin2.service.2.cluster.deuxfleurs.fr +scope = sub +search_base = ou=users,dc=deuxfleurs,dc=fr +query_filter = mail=%s +result_attribute = mail diff --git a/consul/configuration/email/postfix/ldap-alias.cf.sample b/consul/configuration/email/postfix/ldap-alias.cf.tpl index 8ed3361..775c0ad 100644 --- a/consul/configuration/email/postfix/ldap-alias.cf.sample +++ b/consul/configuration/email/postfix/ldap-alias.cf.tpl @@ -1,9 +1,9 @@ -server_host = bottin.service.2.cluster.deuxfleurs.fr +server_host = bottin2.service.2.cluster.deuxfleurs.fr server_port = 389 search_base = dc=deuxfleurs,dc=fr query_filter = (&(objectClass=inetOrgPerson)(memberOf=cn=%s,ou=mailing_lists,ou=groups,dc=deuxfleurs,dc=fr)) result_attribute = mail bind = yes -bind_dn = cn=<someone>,dc=deuxfleurs,dc=fr -bind_pw = <password> +bind_dn = {{ key "secrets/email/postfix/ldap_binddn" | trimSpace }} +bind_pw = {{ key "secrets/email/postfix/ldap_bindpwd" | trimSpace }} version = 3 diff --git a/consul/configuration/email/sogo/sogo.conf.tpl b/consul/configuration/email/sogo/sogo.conf.tpl index bb13a83..0b87db7 100644 --- a/consul/configuration/email/sogo/sogo.conf.tpl +++ b/consul/configuration/email/sogo/sogo.conf.tpl @@ -60,7 +60,7 @@ bindFields = (cn, mail); canAuthenticate = YES; displayName = "Bottin"; - hostname = "ldap://bottin.service.2.cluster.deuxfleurs.fr:389"; + hostname = "ldap://bottin2.service.2.cluster.deuxfleurs.fr:389"; id = bottin; isAddressBook = NO; } |