# global parameters [global] # listing interface server.socket_host = '127.0.0.1' # port server.socket_port = 8080 # number of threads server.thread_pool = 8 #don't show traceback on error request.show_tracebacks = False # log configuration # /!\ you can't have multiple log handlers ##################################### # configuration to log in files # ##################################### ## logger 'file' for access log #log.access_handler = 'file' ## logger syslog for error and ldapcherry log #log.error_handler = 'file' ## access log file #log.access_file = '/tmp/ldapcherry_access.log' ## error and ldapcherry log file #log.error_file = '/tmp/ldapcherry_error.log' ##################################### # configuration to log in syslog # ##################################### # logger syslog for access log #log.access_handler = 'syslog' ## logger syslog for error and ldapcherry log log.error_handler = 'syslog' ##################################### # configuration to not log at all # ##################################### # logger none for access log log.access_handler = 'none' # logger none for error and ldapcherry log #log.error_handler = 'none' # log level log.level = 'info' ##################################### # Form configuration # ##################################### # redirect to zone page after adding/deleting a record # if 'on', redirects to zone page # if 'off', stays on a summary page form.add.redirect = 'on' form.del.redirect = 'on' # session configuration # activate session tools.sessions.on = True # session timeout tools.sessions.timeout = 10 # file session storage(to use if multiple processes, # default is in RAM and per process) #tools.sessions.storage_type = "file" # session #tools.sessions.storage_path = "/var/lib/ldapcherry/sessions" # resources parameters [resources] # templates directory template_dir = '/usr/share/ldapcherry/templates/' # authentification parameters [auth] ###################################### # parameters for auth module 'none' # ###################################### # this module disable authentification # (if you use other means of authentification) # auth module to load auth.module = 'ldapcherry.auth.modNone' # optional http header handling. # useful if username is transmitted by header # (permits nominative logs). # if activated, this header presence # in each request is mandatory. #auth.none.user_header_name = 'AUTH_USER' ####################################### ## parameters for auth module 'ldap' # ####################################### # This module is used for ldap authentification ## name of the auth module #auth.module = 'ldapcherry.auth.modLdap' ## base dn where to search user #auth.ldap.userdn = 'ou=People,dc=example,dc=org' ## ldap login filter #auth.ldap.user.filter.tmpl = '(uid=%(login)s)' ## base dn for group ## (if empty, all user in userdn can access ldapcherry) #auth.ldap.groupdn = 'cn=itpeople,ou=Groups,dc=example,dc=org' ## ldap group filter #auth.ldap.group.filter.tmpl = '(member=%(userdn)s)' ## bind dn #auth.ldap.binddn = 'cn=ldapcherry,dc=example,dc=org' ## bind password #auth.ldap.bindpassword = 'password' ## ldap uri #auth.ldap.uri = 'ldaps://ldap.ldapcherry.org' ## ldap CA file (use for ssl/tls) #auth.ldap.ca = '/etc/ldapcherry/TEST-cacert.pem' ## enable starttls (default off) ##auth.ldap.starttls = 'on' ## check certificat (default on) ##auth.ldap.checkcert = 'off' ########################################## # parameters for auth module 'htpasswd' # ########################################## # This module is used for htpasswd file # user database # # name of the auth module #auth.module = 'ldapcherry.auth.modHtpasswd' # path to htpasswd file #auth.htpasswd.file = '/etc/ldapcherry/users.db' # enable cherrypy static handling # to comment if static content are handled otherwise [/static] tools.staticdir.on = True tools.staticdir.dir = '/usr/share/ldapcherry/static/'