Merge pull request #77 from NethServer/testFeatureCoreDavidep

Add LDAP user domain configuration and binding
NethServer · Jan 19, 2024 · 5fad83d · 5fad83d
2 parents 60cb076 + e5e3def
commit 5fad83d
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 1 deletion.
diff --git a/build-images.sh b/build-images.sh
@@ -29,7 +29,7 @@ buildah add "${container}" imageroot /imageroot
 buildah add "${container}" ui/dist /ui
 # Setup the entrypoint, ask to reserve one TCP port with the label and set a rootless container
 buildah config --entrypoint=/ \
-    --label="org.nethserver.authorizations=traefik@any:routeadm" \
+    --label="org.nethserver.authorizations=traefik@any:routeadm cluster:accountconsumer" \
     --label="org.nethserver.tcp-ports-demand=1" \
     --label="org.nethserver.rootfull=0" \
     --label="org.nethserver.images=docker.io/redis:6.2.12-alpine docker.io/mariadb:10.6.16 docker.io/nginx:1.25.3-alpine ghcr.io/nethserver/nextcloud-app:${IMAGETAG}" \

diff --git a/imageroot/bin/setup-ldap b/imageroot/bin/setup-ldap
@@ -58,6 +58,9 @@ if not domain:
     print(f'Domain not found: {cdomain}', file=sys.stderr)
     sys.exit(0)
 
+# Bind the new domain, overriding previous values (unbind)
+agent.bind_user_domains([cdomain])
+
 # we wait after nextcloud-app systemed is ready inside systemd script wait_after_nextcloud
 
 occ(["app:enable", "user_ldap"])

diff --git a/imageroot/update-module.d/50bind_user_domain b/imageroot/update-module.d/50bind_user_domain
@@ -0,0 +1,24 @@
+#!/usr/bin/env python3
+
+#
+# Copyright (C) 2024 Nethesis S.r.l.
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+
+import agent
+import os
+import sys
+import json
+
+try:
+    with open("config.json") as fcfg:
+        user_ldap_domain = json.load(fcfg)["domain"]
+except:
+    sys.exit(0)
+
+if not user_ldap_domain:
+    sys.exit(0)
+
+rdb = agent.redis_connect(use_replica=True)
+if not agent.get_bound_domain_list(rdb):
+    agent.bind_user_domains([user_ldap_domain])