[auth-ldap] add template + vars for ldap auth

This commit is contained in:
Thomas vO 2018-11-27 16:40:22 +01:00
parent 18e1dda4c8
commit 9cf9a1ec54
2 changed files with 30 additions and 1 deletions

View File

@ -152,6 +152,18 @@ matrix_synapse_ext_password_provider_shared_secret_auth_enabled: false
matrix_synapse_ext_password_provider_shared_secret_auth_download_url: "https://raw.githubusercontent.com/devture/matrix-synapse-shared-secret-auth/1.0/shared_secret_authenticator.py" matrix_synapse_ext_password_provider_shared_secret_auth_download_url: "https://raw.githubusercontent.com/devture/matrix-synapse-shared-secret-auth/1.0/shared_secret_authenticator.py"
matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: "" matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: ""
# Enable this to activate LDAP password provider
matrix_synapse_ext_password_provider_ldap: false
matrix_synapse_ext_password_provider_ldap_uri: "ldap://ldap.mydomain.tld:389"
matrix_synapse_ext_password_provider_ldap_tls: true
matrix_synapse_ext_password_provider_ldap_base: ""
matrix_synapse_ext_password_provider_ldap_attr_uid: "uid"
matrix_synapse_ext_password_provider_ldap_attr_mail: "mail"
matrix_synapse_ext_password_provider_ldap_attr_name: "name"
matrix_synapse_ext_password_provider_ldap_binddn: ""
matrix_synapse_ext_password_provider_ldap_bindpwd: ""
matrix_synapse_ext_password_provider_ldap_filter: ""
# The defaults below cause a postgres server to be configured (running within a container). # The defaults below cause a postgres server to be configured (running within a container).
# Using an external server is possible by tweaking all of the parameters below. # Using an external server is possible by tweaking all of the parameters below.

View File

@ -649,6 +649,23 @@ password_providers:
config: config:
sharedSecret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}" sharedSecret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}"
{% endif %} {% endif %}
{% if matrix_synapse_ext_password_provider_ldap %}
- module: "ldap_auth_provider.LdapAuthProvider"
config:
enabled: true
uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}"
start_tls: {{ matrix_synapse_ext_password_provider_ldap_tls }}
base: "{{ matrix_synapse_ext_password_provider_ldap_base }}"
attributes:
uid: "{{ matrix_synapse_ext_password_provider_ldap_attr_uid }}"
mail: "{{ matrix_synapse_ext_password_provider_ldap_attr_mail }}"
name: "{{ matrix_synapse_ext_password_provider_ldap_attr_name }}"
bind_dn: "{{ matrix_synapse_ext_password_provider_ldap_binddn }}"
bind_password: "{{ matrix_synapse_ext_password_provider_ldap_bindpwd }}"
{% if matrix_synapse_ext_password_provider_ldap_filter %}
filter: "{{ matrix_synapse_ext_password_provider_ldap_filter }}"
{% endif %}
{% endif %}
{% endif %} {% endif %}
@ -779,4 +796,4 @@ enable_group_creation: false
alias_creation_rules: alias_creation_rules:
- user_id: "*" - user_id: "*"
alias: "*" alias: "*"
action: allow action: allow