mirror of
https://github.com/auricom/home-cluster.git
synced 2025-09-17 18:24:14 +02:00
89 lines
1.7 KiB
Markdown
89 lines
1.7 KiB
Markdown
# glAuth
|
|
|
|
## Repo configuration
|
|
|
|
1. Add/Update `.vscode/extensions.json`
|
|
|
|
```json
|
|
{
|
|
"files.associations": {
|
|
"**/cluster/**/*.sops.toml": "plaintext"
|
|
}
|
|
}
|
|
```
|
|
|
|
2. Add/Update `.gitattributes`
|
|
|
|
```text
|
|
*.sops.toml linguist-language=JSON
|
|
```
|
|
|
|
3. Add/Update `.sops.yaml`
|
|
|
|
```yaml
|
|
- path_regex: cluster/.*\.sops\.toml
|
|
key_groups:
|
|
- age:
|
|
- age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg
|
|
```
|
|
|
|
## App Configuration
|
|
|
|
Below are the decrypted versions of the sops encrypted toml files.
|
|
|
|
> `passbcrypt` can be generated [on CyberChef](https://gchq.github.io/CyberChef/#recipe=Bcrypt(12)To_Hex(%27None%27,0))
|
|
|
|
1. `server.sops.toml`
|
|
|
|
```toml
|
|
debug = true
|
|
[ldap]
|
|
enabled = true
|
|
listen = "0.0.0.0:389"
|
|
[ldaps]
|
|
enabled = false
|
|
[api]
|
|
enabled = true
|
|
tls = false
|
|
listen = "0.0.0.0:5555"
|
|
[backend]
|
|
datastore = "config"
|
|
baseDN = "dc=home,dc=arpa"
|
|
```
|
|
|
|
2. `groups.sops.toml`
|
|
|
|
```toml
|
|
[[groups]]
|
|
name = "svcaccts"
|
|
gidnumber = 6500
|
|
[[groups]]
|
|
name = "admins"
|
|
gidnumber = 6501
|
|
[[groups]]
|
|
name = "people"
|
|
gidnumber = 6502
|
|
```
|
|
|
|
3. `users.sops.toml`
|
|
|
|
```toml
|
|
[[users]]
|
|
name = "search"
|
|
uidnumber = 5000
|
|
primarygroup = 6500
|
|
passbcrypt = ""
|
|
[[users.capabilities]]
|
|
action = "search"
|
|
object = "*"
|
|
[[users]]
|
|
name = "<name>"
|
|
mail = ""
|
|
givenname = "<Name>"
|
|
sn = "<sn>"
|
|
uidnumber = <uid>
|
|
primarygroup = <gid>
|
|
othergroups = [ <gid> ]
|
|
passbcrypt = ""
|
|
```
|