mirror/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2024-11-10 12:47:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #44 from tvo6/ldap-auth

Browse Source 
Add LDAP auth support
This commit is contained in:
Slavi Pantaleev 2018-11-28 09:53:23 +01:00 committed by GitHub
commit cee31a8ab5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 41 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
roles/matrix-server/defaults/main.yml
View File

@ -152,6 +152,18 @@ matrix_synapse_ext_password_provider_shared_secret_auth_enabled: false
matrix_synapse_ext_password_provider_shared_secret_auth_download_url: "https://raw.githubusercontent.com/devture/matrix-synapse-shared-secret-auth/1.0/shared_secret_authenticator.py" matrix_synapse_ext_password_provider_shared_secret_auth_download_url: "https://raw.githubusercontent.com/devture/matrix-synapse-shared-secret-auth/1.0/shared_secret_authenticator.py"
matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: "" matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: ""
# Enable this to activate LDAP password provider
matrix_synapse_ext_password_provider_ldap: false
matrix_synapse_ext_password_provider_ldap_uri: "ldap://ldap.mydomain.tld:389"
matrix_synapse_ext_password_provider_ldap_start_tls: true
matrix_synapse_ext_password_provider_ldap_base: ""
matrix_synapse_ext_password_provider_ldap_attributes_uid: "uid"
matrix_synapse_ext_password_provider_ldap_attributes_mail: "mail"
matrix_synapse_ext_password_provider_ldap_attributes_name: "cn"
matrix_synapse_ext_password_provider_ldap_bind_dn: ""
matrix_synapse_ext_password_provider_ldap_bind_password: ""
matrix_synapse_ext_password_provider_ldap_filter: ""
# The defaults below cause a postgres server to be configured (running within a container). # The defaults below cause a postgres server to be configured (running within a container).
# Using an external server is possible by tweaking all of the parameters below. # Using an external server is possible by tweaking all of the parameters below.

2
roles/matrix-server/tasks/setup/setup_synapse_ext.yml
View File

@ -4,6 +4,8 @@
- include: tasks/setup/setup_synapse_ext_shared_secret_auth.yml - include: tasks/setup/setup_synapse_ext_shared_secret_auth.yml
- include: tasks/setup/setup_synapse_ext_ldap.yml
- include: tasks/setup/setup_synapse_ext_mautrix_telegram.yml - include: tasks/setup/setup_synapse_ext_mautrix_telegram.yml
- include: tasks/setup/setup_synapse_ext_mautrix_whatsapp.yml - include: tasks/setup/setup_synapse_ext_mautrix_whatsapp.yml

11
roles/matrix-server/tasks/setup/setup_synapse_ext_ldap.yml Normal file
View File

@ -0,0 +1,11 @@
- set_fact:
matrix_synapse_password_providers_enabled: true
when: "matrix_synapse_ext_password_provider_ldap"
- set_fact:
matrix_synapse_additional_loggers: >
{{ matrix_synapse_additional_loggers }}
+
{{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }}
when: "matrix_synapse_ext_password_provider_ldap"

17
roles/matrix-server/templates/synapse/homeserver.yaml.j2
View File

@ -649,6 +649,21 @@ password_providers:
config: config:
sharedSecret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}" sharedSecret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}"
{% endif %} {% endif %}
{% if matrix_synapse_ext_password_provider_ldap %}
- module: "ldap_auth_provider.LdapAuthProvider"
config:
enabled: true
uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}"
start_tls: "{{ matrix_synapse_ext_password_provider_ldap_start_tls }}"
base: "{{ matrix_synapse_ext_password_provider_ldap_base }}"
attributes:
uid: "{{ matrix_synapse_ext_password_provider_ldap_attributes_uid }}"
mail: "{{ matrix_synapse_ext_password_provider_ldap_attributes_mail }}"
name: "{{ matrix_synapse_ext_password_provider_ldap_attributes_name }}"
bind_dn: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}"
bind_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}"
filter: "{{ matrix_synapse_ext_password_provider_ldap_filter }}"
{% endif %}
{% endif %} {% endif %}
@ -779,4 +794,4 @@ enable_group_creation: false
alias_creation_rules: alias_creation_rules:
- user_id: "*" - user_id: "*"
alias: "*" alias: "*"
action: allow action: allow