Merge branch '2.8.0/master' into dist/eole/2.8.0/master

2020-12-02 10:20:52 +01:00
parent 5c7a9f9894 0f3ff07b5f
commit ad8e4a69a9
4 changed files with 32 additions and 12 deletions
--- a/dicos/70_lemonldap_ng.xml
+++ b/dicos/70_lemonldap_ng.xml
@ -2,7 +2,6 @@
 <creole>
    <files>
        <file filelist='lemonldap' name='/etc/lemonldap-ng/lemonldap-ng.ini' mkdir='True' rm='True'/>
        <file filelist='lemonldap' name='/var/lib/lemonldap-ng/conf/lmConf-1.json' mkdir='True' rm='True'/>
        <file filelist='lemonldap' name='/etc/default/lemonldap-ng-fastcgi-server' mkdir='True' rm='True'/>
@ -15,7 +14,7 @@
        <file filelist='lemonldap-apache' name='/etc/lemonldap-ng/handler-apache2.X.conf' mkdir='True' rm='True'/>
        <file filelist='lemonldap-apache' name='/etc/lemonldap-ng/portal-apache2.X.conf' mkdir='True' rm='True'/>
-        <service>lemonldap-ng-fastcgi-server</service>
+        <service servicelist="sllemon">lemonldap-ng-fastcgi-server</service>
        <service method='apache' servicelist='lemonldap-apache'>manager-apache2</service>
        <service method='apache' servicelist='lemonldap-apache'>portal-apache2</service>
@ -47,11 +46,18 @@
            <variable name='ldapBindUserDN' type='string' description="Utilisateur de connection à l'annuaire" mandatory="True"/>
            <variable name='ldapBindUserPassword' type='password' description="Mot de passe de l'utilisateur de connection à l'annuaire" mandatory="True"/>
            <variable name="samlOrganizationName" type='string' description="Nom de l'organisation SAML" mode='expert'/>
            <variable name='lmldapverify' type='oui/non' description="Vérifier les certificats SSL du serveur LDAP">
                <value>oui</value>
            </variable>
            <variable name="lemonproc" type='number' description="Nombre de processus dédié à Lemon (équivalent au nombre de processeurs)" mandatory="True">
                <value>4</value>
            </variable>
            <variable name="lm_loglevel" type='string' description="Verbosité des journaux" mode='expert'>
                <value>info</value>
            </variable>
            <variable name="lemonAdmin" type='string' description="LemonLDAP Administrator username" mode='expert'>
                <value>admin</value>
            </variable>
@ -118,10 +124,13 @@
            <param>['ldaps','ldap']</param>
        </check>
        <check name='valid_enum' target="lm_loglevel">
            <param>['info','notice','warn','error','debug']</param>
        </check>
        <check name="valid_enum" target="llRegisterDB">
            <param>['LDAP','Demo','Custom']</param>
        </check>
        <group master="casAttribute">
            <slave>casLDAPAttribute</slave>
        </group>
@ -132,6 +141,7 @@
            <target type='filelist'>lemonldap-nginx</target>
            <target type='filelist'>lemonldap-apache</target>
            <target type='servicelist'>lemonldap-apache</target>
            <target type='servicelist'>sllemon</target>
            <target type='family'>LemonLDAP</target>
            <target type='service_accesslist'>saLemon</target>
        </condition>
@ -170,7 +180,8 @@
        <variable name='activerLemon'>Activer le service LemonLDAP::NG sur ce serveur</variable>
        <variable name='managerWebName'>Nom DNS de l'application de gestion de LemonLDAP::NG ex:manager.example.fr</variable>
        <variable name='authWebName'>Nom DNS de service d'authentification de LemonLDAP::NG ex:auth.example.fr</variable>
-        <variable name='ldapUserBaseDN'>DN de l'utilisateur de connection en lecture à l'annuaire (ex: cn=reader,o=gouv,c=fr)</variable>
+	<variable name='ldapUserBaseDN'>DN de base de l'emplactement des utilisateurs dans l'annuaire (ex: ou=users,o=gouv,c=fr)</variable>
 	<variable name='ldapBindUserDN'>DN de l'utilisateur de connection en lecture à l'annuaire (ex: cn=reader,o=gouv,c=fr)</variable>
        <variable name='llCheckLogins'>Affiche une case à cocher sur la mire SSO qui permet a l'utilisateur de voir l'historique de connection de son compte avant d'être redirigé vers le service demandé</variable>
        <variable name='llCSPTargets'>Liste des domaines à ajouter à la directive form-action.</variable>
    </help>
--- a/dicos/71_lemonldap_ng_scribe.xml
+++ b/dicos/71_lemonldap_ng_scribe.xml
@ -5,9 +5,15 @@
    <variables>
-        <family name='eole sso'>
+    <family name='eole sso'>
-            <variable name='eolesso_adresse' description="Nom de domaine du serveur d'authentification SSO" redefine="True" />
+        <variable name='eolesso_adresse' description="Nom de domaine du serveur d'authentification SSO" redefine="True" exists='True' />
-        </family>
+        <variable name='eolesso_cas_folder' redefine="True" exists='True'>
            <value>cas</value>
        </variable>
        <variable name='eolesso_port' redefine="True" exists='True'>
            <value>443</value>
        </variable>
    </family>
    </variables>
@ -51,10 +57,6 @@
            <param type='eole'>ldap_port</param>
        </auto>
        <auto name='calc_val' target='ldapUserBaseDN'>
            <param type='eole'>ldap_base_dn</param>
        </auto>
        <auto name='calc_val' target='ldapBindUserDN'>
            <param type='eole'>ldap_reader</param>
        </auto>
--- a/tmpl/lemonldap-ng-fastcgi-server
+++ b/tmpl/lemonldap-ng-fastcgi-server
@ -1,5 +1,5 @@
 # Number of process (default: 7)
-NPROC = %%lemonproc
+NPROC=%%lemonproc
 # Unix socket to listen to
 SOCKET=/run/llng-fastcgi-server/llng-fastcgi.sock
--- a/tmpl/lmConf-1.json
+++ b/tmpl/lmConf-1.json
@ -173,6 +173,13 @@
    "ldapPpolicyControl": 0,
    "ldapPwdEnc": "utf-8",
    "ldapServer": "%%ldapScheme://%%ldapServer",
 %if %%ldapScheme == "ldaps"
   %if %%lmldapverify == "oui"
    "ldapVerify": "required",
   %else
    "ldapVerify": "none",
   %end if
 %end if
    "ldapSetPassword": 0,
    "ldapTimeout": 120,
    "ldapUsePasswordResetAttribute": 1,