137 lines
7.4 KiB
XML
137 lines
7.4 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<creole>
|
|
<files>
|
|
<!-- Je suis un commentaire -->
|
|
<file filelist='lemon' name='/etc/lemonldap-ng/manager-nginx.conf' mkdir='True' rm='True'/>
|
|
<file filelist='lemon' name='/etc/lemonldap-ng/handler-nginx.conf' mkdir='True' rm='True'/>
|
|
<file filelist='lemon' name='/etc/lemonldap-ng/portal-nginx.conf' mkdir='True' rm='True'/>
|
|
<file filelist='lemon' name='/etc/lemonldap-ng/test-nginx.conf' mkdir='True' rm='True'/>
|
|
<file filelist='lemon' name='/etc/lemonldap-ng/lemonldap-ng.ini' mkdir='True' rm='True'/>
|
|
<file filelist='lemon' name='/var/lib/lemonldap-ng/conf/lmConf-1.json' mkdir='True' rm='True'/>
|
|
<file filelist='lemonCAS' name='/usr/share/php/configCAS/cas.inc.php' source='cas.inc.php.tmpl' mkdir='True'/>
|
|
<file filelist='lemonCAS' name='/usr/share/php/CAS/eoleCASConfig.php' source='eoleCASConfig.php.tmpl' mkdir='True'/>
|
|
<file filelist='lemonCAS' name='/etc/pam_cas.conf' source="pam_cas_auth.conf"/>
|
|
<service>lemonldap-ng-fastcgi-server</service>
|
|
<service_access service='nginx'>
|
|
<port service_accesslist="saLemon">80</port>
|
|
<port service_accesslist="saLemon">443</port>
|
|
</service_access>
|
|
</files>
|
|
<variables>
|
|
<family name='Services'>
|
|
<variable name='activerLemon' type='oui/non' description="Activer LemonLDAP::NG">
|
|
<value>non</value>
|
|
</variable>
|
|
</family>
|
|
<family name='LemonLDAP'>
|
|
<variable name='managerWebName' type='string' description="Nom DNS du manager LemonLDAP-NG"/>
|
|
<variable name='authWebName' type='string' description="Nom DNS du service d'authentification LemonLDAP-NG"/>
|
|
<variable name='reloadWebName' type='string' description="Nom DNS du service Reload de LemonLDAP-NG" mode="expert"/>
|
|
<variable name='ldapScheme' type='string' description="Protocole LDAP à utiliser" mandatory='True'/> -->
|
|
<variable name='ldapServer' type='string' description="Adresse du Serveur LDAP utilisé par LemonLDAP::NG" mandatory="True"/>
|
|
<variable name='ldapServerPort' type='number' description="Port d'écoute du LDAP utilisé par LemonLDAP::NG" mandatory='True'/>
|
|
<variable name='ldapUserBaseDN' type='string' description="Base DN des utilisateurs dans l'annuaire" mandatory='True'/>
|
|
<variable name='ldapBindUserDN' type='string' description="Utilisateur de connection à l'annuaire" mandatory="True"/>
|
|
<variable name='ldapBindUserPassword' type='string' description="Mot de passe de l'utilisateur de connection à l'annuaire" mandatory="True"/>
|
|
<variable name="samlOrganizationName" type='string' description="Nom de l'organisation SAML" mode='expert'/>
|
|
<variable name="lemonAdmin" type='string' description="LemonLDAP Administrator username" mode='expert'>
|
|
<value>admin</value>
|
|
</variable>
|
|
<variable name="nginxBucketSize" type='number' description="Taille du hash des noms de serveur pour NGINX" mode='expert'>
|
|
<value>64</value>
|
|
</variable>
|
|
<variable name="casAttribute" description="Nom de l'attribut CAS" type="string" mode="expert" multi="True"/>
|
|
<variable name="casLDAPAttribute" description="Attribut LDAP équivalent" type="string" mode="expert"/>
|
|
<variable name="casFolder" description="Endpoint du service cas" type="string" mode="expert">
|
|
<value>cas</value>
|
|
</variable>
|
|
<variable name='cas_send_logout' type='oui/non' description="Activer le logout centralisé du serveur SSO" hidden='True'>
|
|
<value>oui</value>
|
|
</variable>
|
|
<variable name='ssoCALocation' type='string' description="Chemin de l'autorité de certification (ou rien)" mode="expert"/>
|
|
<variable name='ssoDebug' type='string' description="Activer le Debug pour la lib php-CAS" mode="expert">
|
|
<value>non</value>
|
|
</variable>
|
|
<variable name='llSkin' type='string' description="Skin utilisé par LemonLDAP::NG">
|
|
<value>bootstrap</value>
|
|
</variable>
|
|
<variable name='llCheckLogins' type='oui/non' description="Permettre aux utilisateurs d'afficher l'historique de connection">
|
|
<value>non</value>
|
|
</variable>
|
|
<variable name='llResetPassword' type='oui/non' description="Permettre aux utilisateurs de réinitialiser leurs mots de passe">
|
|
<value>oui</value>
|
|
</variable>
|
|
<variable name='llResetUrl' type='string' description="Adresse de l'application pour réinitialiser leurs mots de passe" />
|
|
<variable name='llRegisterAccount' type='oui/non' description="Permettre aux utilisateurs de créer un compte">
|
|
<value>oui</value>
|
|
</variable>
|
|
<variable name='llRegisterDB' type='string' description="Base de comptes pour l'enregistrement"/>
|
|
<variable name='llRegisterURL' type='string' description="Adresse de l'application de création de compte"/>
|
|
</family>
|
|
<separators>
|
|
<separator name="managerWebName">Configuration DNS</separator>
|
|
<separator name="ldapScheme">Configuration LDAP</separator>
|
|
<separator name="casAttribute">Configuration CAS</separator>
|
|
<separator name="llSkin">Personnalisation de la mire SSO</separator>
|
|
</separators>
|
|
</variables>
|
|
<constraints>
|
|
<fill name='concat' target='managerWebName'>
|
|
<param>manager.</param>
|
|
<param type='eole'>nom_domaine_local</param>
|
|
</fill>
|
|
<fill name='concat' target='authWebName'>
|
|
<param>auth.</param>
|
|
<param type='eole'>nom_domaine_local</param>
|
|
</fill>
|
|
<fill name='concat' target='reloadWebName'>
|
|
<param>reload.</param>
|
|
<param type='eole'>nom_domaine_local</param>
|
|
</fill>
|
|
<fill name='concat' target='samlOrganizationName'>
|
|
<param>SAML</param>
|
|
<param type='eole'>nom_domaine_local</param>
|
|
</fill>
|
|
<check name="valid_enum" target="ldapScheme">
|
|
<param>['ldaps','ldap']</param>
|
|
</check>
|
|
<check name="valid_enum" target="llRegisterDB">
|
|
<param>['LDAP','Demo','Custom']</param>
|
|
</check>
|
|
<group master="casAttribute">
|
|
<slave>casLDAPAttribute</slave>
|
|
</group>
|
|
<condition name='disabled_if_in' source='activerLemon'>
|
|
<param>non</param>
|
|
<target type='filelist'>lemon</target>
|
|
<target type='filelist'>lemonCAS</target>
|
|
<target type='family'>LemonLDAP</target>
|
|
<target type='service_accesslist'>saLemon</target>
|
|
</condition>
|
|
<condition name='disabled_if_in' source='llRegisterAccount'>
|
|
<param>non</param>
|
|
<target type='variable'>llRegisterDB</target>
|
|
</condition>
|
|
<condition name='disabled_if_not_in' source='llRegisterDB'>
|
|
<param>Custom</param>
|
|
<target type='variable'>llRegisterURL</target>
|
|
</condition>
|
|
<condition name='disabled_if_in' source='llResetPassword'>
|
|
<param>non</param>
|
|
<target type='variable'>llResetUrl</target>
|
|
</condition>
|
|
<check name='valid_enum' target='llSkin'>
|
|
<param>['bootstrap','dark','impact','pastel']</param>
|
|
<param name="checkval">False</param>
|
|
</check>
|
|
</constraints>
|
|
<help>
|
|
<variable name='activerLemon'>Activer l'hébergement d'une place de marché HTTP pour OpenNebula</variable>
|
|
<variable name='managerWebName'>Nom DNS de l'application de gestion de LemonLDAP::NG ex:manager.cadoles.com</variable>
|
|
<variable name='authWebName'>Nom DNS de service d'authentification de LemonLDAP::NG ex:auth.cadoles.com</variable>
|
|
<variable name='ldapUserBaseDN'>DN de l'utilisateur de connection en lecture à l'annuaire (ex: cn=reader,o=gouv,c=fr)</variable>
|
|
<variable name='nginxBucketSize'>server_names_hash_bucket_size Taille du hash des noms de serveur pour NGINX</variable>
|
|
<variable name='llCheckLogins'>Affiche une case à cocher sur la mire SSO qui permet a l'utilisateur de voir l'historique de connection de son compte avant d'être redirigé vers le service demandé</variable>
|
|
</help>
|
|
</creole>
|