1
0
mirror of https://github.com/kakwa/ldapcherry synced 2024-11-25 18:54:29 +01:00
ldapcherry/conf/ldapcherry.ini

183 lines
4.8 KiB
INI
Raw Normal View History

2014-06-02 23:10:19 +02:00
# global parameters
[global]
# listing interface
server.socket_host = '127.0.0.1'
# port
server.socket_port = 8080
# number of threads
server.thread_pool = 8
#don't show traceback on error
request.show_tracebacks = False
# log configuration
# /!\ you can't have multiple log handlers
#####################################
# configuration to log in files #
#####################################
## logger 'file' for access log
#log.access_handler = 'file'
## logger syslog for error and ldapcherry log
#log.error_handler = 'file'
## access log file
#log.access_file = '/tmp/ldapcherry_access.log'
## error and ldapcherry log file
#log.error_file = '/tmp/ldapcherry_error.log'
#####################################
# configuration to log in syslog #
#####################################
# logger syslog for access log
#log.access_handler = 'syslog'
## logger syslog for error and ldapcherry log
log.error_handler = 'syslog'
#####################################
# configuration to not log at all #
#####################################
# logger none for access log
log.access_handler = 'none'
# logger none for error and ldapcherry log
#log.error_handler = 'none'
# log level
log.level = 'info'
# session configuration
# activate session
tools.sessions.on = True
# session timeout
tools.sessions.timeout = 10
# file session storage(to use if multiple processes,
# default is in RAM and per process)
#tools.sessions.storage_type = "file"
# session
#tools.sessions.storage_path = "/var/lib/ldapcherry/sessions"
2015-04-26 09:40:50 +02:00
[attributes]
# file discribing form content
attributes.file = '/etc/ldapcherry/attributes.yml'
[roles]
# file listing roles
roles.file = '/etc/ldapcherry/roles.yml'
2014-06-02 23:10:19 +02:00
2015-04-15 20:13:56 +02:00
[backends]
2014-06-02 23:10:19 +02:00
2015-06-28 11:41:36 +02:00
#####################################
# configuration of ldap backend #
#####################################
# name of the module
ldap.module = 'ldapcherry.backend.backendLdap'
# display name of the ldap
ldap.display_name = 'My Ldap Directory'
# uri of the ldap directory
2015-06-28 11:41:36 +02:00
ldap.uri = 'ldap://ldap.ldapcherry.org'
# ca to use for ssl/tls connexion
2015-06-28 11:41:36 +02:00
#ldap.ca = '/etc/dnscherry/TEST-cacert.pem'
# use start tls
2015-06-28 11:41:36 +02:00
#ldap.starttls = 'off'
# check server certificate (for tls)
2015-06-28 11:41:36 +02:00
#ldap.checkcert = 'off'
# bind dn to the ldap
2015-06-28 11:41:36 +02:00
ldap.binddn = 'cn=dnscherry,dc=example,dc=org'
# password of the bind dn
ldap.password = 'password'
# timeout of ldap connexion (in second)
ldap.timeout = 1
# groups dn
2015-06-28 11:41:36 +02:00
ldap.groupdn = 'ou=group,dc=example,dc=org'
# users dn
ldap.userdn = 'ou=people,dc=example,dc=org'
# ldapsearch filter to get a user
ldap.user_filter_tmpl = '(uid=%(username)s)'
# ldapsearch filter to get groups of a user
2015-06-28 11:41:36 +02:00
ldap.group_filter_tmpl = '(member=uid=%(username)s,ou=People,dc=example,dc=org)'
# filter to search users
ldap.search_filter_tmpl = '(|(uid=%(searchstring)s*)(sn=%(searchstring)s*))'
# ldap group attributes and how to fill them
2015-06-28 11:41:36 +02:00
ldap.group_attr.member = "%(dn)s"
#ldap.group_attr.memberUid = "%(uid)s"
# object classes of a user entry
2015-06-28 11:41:36 +02:00
ldap.objectclasses = 'top, person, posixAccount, inetOrgPerson'
# dn entry attribute for an ldap user
ldap.dn_user_attr = 'uid'
2015-05-20 17:13:18 +02:00
2015-06-28 11:41:36 +02:00
#####################################
# configuration of ad backend #
#####################################
## Name of the backend
#ad.module = 'ldapcherry.backend.backendAD'
## display name of the ldap
#ldap.display_name = 'My Active Directory'
## ad domain
#ad.domain = 'dc.ldapcherry.org'
## ad login
#ad.login = 'administrator'
## ad password
#ad.password = 'qwertyP455'
## ad uri
#ad.uri = 'ldap://ldap.ldapcherry.org'
## ca to use for ssl/tls connexion
#ad.ca = '/etc/dnscherry/TEST-cacert.pem'
## use start tls
#ad.starttls = 'off'
## check server certificate (for tls)
#ad.checkcert = 'off'
2014-06-02 23:10:19 +02:00
2015-07-01 08:58:23 +02:00
[ppolicy]
# password policy module
ppolicy.module = 'ldapcherry.ppolicy.simple'
# parameters of the module
min_length = 8
min_upper = 1
min_digit = 1
2015-04-15 20:13:56 +02:00
# authentification parameters
[auth]
2014-06-02 23:10:19 +02:00
2015-04-15 20:13:56 +02:00
# Auth mode
# * and: user must authenticate on all backends
# * or: user must authenticate on one of the backend
# * none: disable authentification
# * custom: custom authentification module (need auth.module param)
auth.mode = 'or'
2014-06-02 23:10:19 +02:00
2015-04-15 20:13:56 +02:00
# custom auth module to load
#auth.module = 'ldapcherry.auth.modNone'
2014-06-02 23:10:19 +02:00
2015-04-26 09:40:50 +02:00
# resources parameters
[resources]
# templates directory
templates.dir = '/usr/share/ldapcherry/templates/'
2015-04-26 09:40:50 +02:00
2014-06-02 23:10:19 +02:00
[/static]
# enable serving static file through ldapcherry
# set to False if files served directly by an
# http server for better performance
2014-06-02 23:10:19 +02:00
tools.staticdir.on = True
# static resources directory (js, css, images...)
2015-06-28 23:26:47 +02:00
tools.staticdir.dir = '/usr/share/ldapcherry/static/'
## custom javascript files
#[/custom]
#
## enable serving static file through ldapcherry
## set to False if files served directly by an
## http server for better performance
#tools.staticdir.on = True
## path to directory containing js files
## use it to add custom auto-fill functions
#tools.staticdir.dir = '/etc/ldapcherry/custom_js/'