Cadoles/nineschool
10
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: Cadoles:4ea2c08a5149277d04d0821b8153dd591452923f
Branches Tags
Cadoles:master Cadoles:dist/envole/7/master
Cadoles:build/envole/envole-7/unstable
...
compare: Cadoles:dist/envole/7/master
Branches Tags
Cadoles:dist/envole/7/master Cadoles:master
Cadoles:build/envole/envole-7/unstable

18 Commits
4ea2c08a51 ... dist/envol

Author SHA1 Message Date
Arnaud Fornerot
89feb2c358 Merge branch 'master' into dist/envole/7/master 2022-05-10 09:30:15 +02:00
Arnaud Fornerot
123e438123 Synchronisation scribe niveaux + eleves classes + profs classes (ref #34132) 2022-05-10 09:24:28 +02:00
Arnaud Fornerot
62d32fbdb1 synchro modif 2022-05-09 15:58:02 +02:00
Arnaud Fornerot
1faf9935b9 synchro modif 2022-05-09 15:26:13 +02:00
Arnaud Fornerot
203b658726 Merge branch 'master' into dist/envole/7/master 2021-12-08 09:53:18 +01:00
Arnaud Fornerot
870b4701d5 ajout variable activer_revprox si non existante 2021-12-08 09:50:05 +01:00
Arnaud Fornerot
286d87e3a8 Merge branch 'master' into dist/envole/7/master 2021-12-07 15:04:03 +01:00
Arnaud Fornerot
1bd4f5bc72 templetisation du service wssnineboard 2021-12-07 15:00:22 +01:00
Arnaud Fornerot
da38947b4f Merge branch 'master' into dist/envole/7/master 2021-12-07 14:08:12 +01:00
Arnaud Fornerot
d71ac0df19 websocket server by service 2021-12-07 14:04:59 +01:00
Arnaud Fornerot
714a6e5a9c Merge branch 'master' into dist/envole/7/master 2021-12-07 09:12:56 +01:00
Arnaud Fornerot
f298298fb4 secretkey for amonecole 2021-12-06 17:03:32 +01:00
Arnaud Fornerot
ed36a30dfe configuration reverse proxy wss 2021-12-06 16:13:13 +01:00
Arnaud Fornerot
37531ca37c conf proxy wss 2021-12-06 14:46:37 +01:00
Arnaud Fornerot
5e814b948c Merge branch 'master' into dist/envole/7/master 2021-10-18 10:31:59 +02:00
Arnaud Fornerot
93f61c02ba correction orthographe (fixes #33009) 2021-10-18 10:07:17 +02:00
Arnaud Fornerot
bf650e537f Merge branch 'master' into dist/envole/7/master 2021-10-07 11:01:11 +02:00
Arnaud Fornerot
2a2f24222e rapatrier les variables eoledb dans la famille eoledb (ref #33188) 2021-10-07 11:00:24 +02:00
11 changed files with 115 additions and 98 deletions
Expand all files Collapse all files

18
dicos/90_nineschool.xml
View File

@ -2,6 +2,7 @@
<creole> <creole>
<files> <files>
<file filelist='nineschool' name='/etc/eole/eole-db.d/nineschool-db.yml' rm='True' mkdir='True'/> <file filelist='nineschool' name='/etc/eole/eole-db.d/nineschool-db.yml' rm='True' mkdir='True'/>
<file filelist='nineschool_nginx' name='/etc/nginx/web.d/nineschool.conf' source='nineschool-nginx.conf' rm='True' mkdir='True' />
</files> </files>
<containers> <containers>
@ -19,10 +20,11 @@
</containers> </containers>
<variables> <variables>
<family name='nineschool'> <family name='nineschool' icon='eye-open'>
<variable name="ninegate_test_ninegate" type="oui/non" hidden='True' exists='False'><value>non</value></variable> <variable name="ninegate_test_ninegate" type="oui/non" hidden='True' exists='False'><value>non</value></variable>
<variable name="activer_revprox" type="oui/non" description="Activer le reverse proxy Nginx" hidden='True' exists='False'><value>non</value></variable>
<variable name='activer_nineschool' type='oui/non' description='Activer nineschool'> <variable name='activer_nineschool' type='oui/non' description='Activer Nineschool'>
<value>oui</value> <value>oui</value>
</variable> </variable>
@ -52,8 +54,9 @@
<variable type='string' name='nineschool_smtppwd' description='Mot de passe associé du compte SMTP' mandatory='True' /> <variable type='string' name='nineschool_smtppwd' description='Mot de passe associé du compte SMTP' mandatory='True' />
<variable type='string' name='nineschool_smtpencryption' description='Type Encryptage du serveur SMTP' mandatory='True' /> <variable type='string' name='nineschool_smtpencryption' description='Type Encryptage du serveur SMTP' mandatory='True' />
<variable type='string' name='nineschool_smtpauthmode' description='Mode Authentification du serveur SMTP' mandatory='True' /> <variable type='string' name='nineschool_smtpauthmode' description='Mode Authentification du serveur SMTP' mandatory='True' />
</family>
<family name='EoleDB' icon='database' mode='expert'>
<!-- BDD --> <!-- BDD -->
<variable type='string' name='nineschool_db_mode' description='Serveur de bases de données à utiliser' mode='expert'/> <variable type='string' name='nineschool_db_mode' description='Serveur de bases de données à utiliser' mode='expert'/>
<variable type='string' name='nineschool_dbserver' description='Adresse du serveur de base de données' mode='expert'/> <variable type='string' name='nineschool_dbserver' description='Adresse du serveur de base de données' mode='expert'/>
@ -66,7 +69,7 @@
<separators> <separators>
<separator name="nineschool_ldaptemplate">Paramètres associés à l'Annuaire</separator> <separator name="nineschool_ldaptemplate">Paramètres associés à l'Annuaire</separator>
<separator name="nineschool_noreply">Paramètres associés aux Mails</separator> <separator name="nineschool_noreply">Paramètres associés aux Mails</separator>
<separator name="nineschool_db_mode">Paramètres associés à la Base de Données</separator> <separator name="nineschool_db_mode">Paramètres EoleDB associés à Nineschool</separator>
</separators> </separators>
</variables> </variables>
@ -75,9 +78,15 @@
<condition name='hidden_if_in' source='activer_apache'> <condition name='hidden_if_in' source='activer_apache'>
<param>non</param> <param>non</param>
<target type='filelist'>nineschool</target> <target type='filelist'>nineschool</target>
<target type='filelist'>nineschool_nginx</target>
<target type='servicelist'>nineschool</target> <target type='servicelist'>nineschool</target>
</condition> </condition>
<!-- AFFICHAGE EN FONCTION DE REVERSE PROXY -->
<condition name='hidden_if_in' source='activer_revprox'>
<param>non</param>
<target type='filelist'>nineschool_nginx</target>
</condition>
<!-- AFFICHAGE EN FONCTION DE NINESCHOOL --> <!-- AFFICHAGE EN FONCTION DE NINESCHOOL -->
<condition name='hidden_if_in' source='activer_nineschool'> <condition name='hidden_if_in' source='activer_nineschool'>
@ -107,6 +116,7 @@
<target type='variable'>nineschool_dbpass</target> <target type='variable'>nineschool_dbpass</target>
<target type='filelist'>nineschool</target> <target type='filelist'>nineschool</target>
<target type='filelist'>nineschool_nginx</target>
<target type='servicelist'>nineschool</target> <target type='servicelist'>nineschool</target>
</condition> </condition>

4
src/nineschool-1.0/config/services.yaml
View File

@ -28,6 +28,7 @@ parameters:
ldapModel: '%env(resolve:LDAP_MODEL)%' ldapModel: '%env(resolve:LDAP_MODEL)%'
ldapHost: '%env(resolve:LDAP_HOST)%' ldapHost: '%env(resolve:LDAP_HOST)%'
ldapPort: '%env(resolve:LDAP_PORT)%' ldapPort: '%env(resolve:LDAP_PORT)%'
ldapTls: '%env(resolve:LDAP_TLS)%'
ldapUser: '%env(resolve:LDAP_USER)%' ldapUser: '%env(resolve:LDAP_USER)%'
ldapPassword: '%env(resolve:LDAP_PASSWORD)%' ldapPassword: '%env(resolve:LDAP_PASSWORD)%'
ldapBasedn: '%env(resolve:LDAP_BASEDN)%' ldapBasedn: '%env(resolve:LDAP_BASEDN)%'
@ -66,6 +67,7 @@ services:
bind: bind:
$ldapHost: '%ldapHost%' $ldapHost: '%ldapHost%'
$ldapPort: '%ldapPort%' $ldapPort: '%ldapPort%'
$ldapTls: '%ldapTls%'
$ldapUser: '%ldapUser%' $ldapUser: '%ldapUser%'
$ldapPassword: '%ldapPassword%' $ldapPassword: '%ldapPassword%'
$ldapBasedn: '%ldapBasedn%' $ldapBasedn: '%ldapBasedn%'
@ -105,7 +107,7 @@ services:
app.ldap.service: app.ldap.service:
public: true public: true
class: App\Service\ldapService class: App\Service\ldapService
arguments: ["%ldapHost%","%ldapPort%","%ldapUser%","%ldapPassword%","%ldapBasedn%"] arguments: ["%ldapHost%","%ldapPort%","%ldapTls%","%ldapUser%","%ldapPassword%","%ldapBasedn%"]
app.upload.samename: app.upload.samename:
public: true public: true

2
src/nineschool-1.0/scripts/websocket.sh
View File

@ -32,6 +32,6 @@ then
if [ "$restart" == "yes" ] && [ "$1" != "stop" ] ; then if [ "$restart" == "yes" ] && [ "$1" != "stop" ] ; then
echo WEBSOCKET = START echo WEBSOCKET = START
bin/console app:Websocket --name $APP_ALIAS & disown systemctl restart wss$APP_ALIAS
fi fi
fi fi

144
src/nineschool-1.0/src/Command/SynchroUsersCommand.php
View File

@ -7,22 +7,17 @@ use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Output\OutputInterface; use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\DependencyInjection\ContainerInterface; use Symfony\Component\DependencyInjection\ContainerInterface;
use Doctrine\ORM\EntityManagerInterface; use Doctrine\ORM\EntityManagerInterface;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Filesystem\Filesystem; use Symfony\Component\Filesystem\Filesystem;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface; use Symfony\Component\Security\Core\Encoder\EncoderFactory;
use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;
use Ramsey\Uuid\Uuid; use Ramsey\Uuid\Uuid;
use App\Entity\Group as Group; use App\Entity\Group;
use App\Entity\User as User; use App\Entity\User;
use App\Entity\Answer as Answer;
use App\Entity\Message as Message;
use App\Service\mailService;
class SynchroUsersCommand extends Command class SynchroUsersCommand extends Command
{ {
private $container; private $container;
private $router;
private $em; private $em;
private $output; private $output;
private $filesystem; private $filesystem;
@ -30,15 +25,12 @@ class SynchroUsersCommand extends Command
private $ldap; private $ldap;
private $ldap_basedn; private $ldap_basedn;
private $ldapgroups=[]; private $ldapgroups=[];
private $mail;
public function __construct(ContainerInterface $container,EntityManagerInterface $em,RouterInterface $router, mailService $mail) public function __construct(ContainerInterface $container,EntityManagerInterface $em)
{ {
parent::__construct(); parent::__construct();
$this->container = $container; $this->container = $container;
$this->em = $em; $this->em = $em;
$this->router = $router;
$this->mail = $mail;
} }
protected function configure() protected function configure()
@ -110,6 +102,17 @@ class SynchroUsersCommand extends Command
$ldapusers = array(); $ldapusers = array();
$ldapmails = array(); $ldapmails = array();
// Suppression des groupe ninegate
$groups=$this->em->getRepository("App:Group")->findAll();
foreach($groups as $group) {
if($group->getIdexternal()) {
$this->writeln(" - Suppression dans Bundle >> ".$group->getName());
if(!$simulate) {
$this->em->remove($group);
$this->em->flush();
}
}
}
if($ldap_model=="scribe") { if($ldap_model=="scribe") {
$this->writeln(''); $this->writeln('');
@ -155,6 +158,32 @@ class SynchroUsersCommand extends Command
if(!$simulate) $this->addmodGroup($label,$ldapfilter,true); if(!$simulate) $this->addmodGroup($label,$ldapfilter,true);
} }
// Elèves des Classes
$this->writeln('');
$this->writeln('== ELEVES DES CLASSES ==========================================');
$results = $this->ldap->search("type=Classe", ['cn','description','gidNumber'], $this->ldap_basedn);
foreach($results as $result) {
$cn=$result["cn"];
$ldapfilter="(&(type=Classe)(cn=$cn))";
$label="ELEVES - ".$result["cn"];
$this->writeln(" - $label");
if(!$simulate) $this->addmodGroup($label,$ldapfilter,false);
}
// Professeurs des Classes
$this->writeln('');
$this->writeln('== PROFESSEURS DES CLASSES ==========================================');
$results = $this->ldap->search("type=Classe", ['cn','description','gidNumber'], $this->ldap_basedn);
foreach($results as $result) {
$cn=$result["cn"];
$ldapfilter="(|(&(type=Equipe)(cn=profs-$cn))(&(ENTPersonProfils=Administratif)(divcod=$cn)))";
$label="PROFESSEURS - ".$result["cn"];
$this->writeln(" - $label");
if(!$simulate) $this->addmodGroup($label,$ldapfilter,false);
}
// Options // Options
$this->writeln(''); $this->writeln('');
$this->writeln('== OPTIONS =========================================='); $this->writeln('== OPTIONS ==========================================');
@ -387,15 +416,6 @@ class SynchroUsersCommand extends Command
$this->writeln('== GROUPS ============================================'); $this->writeln('== GROUPS ============================================');
$groups=$this->em->getRepository("App:Group")->findAll(); $groups=$this->em->getRepository("App:Group")->findAll();
foreach($groups as $group) { foreach($groups as $group) {
if($group->getIdexternal()) {
$this->writeln(" - Suppression dans Bundle >> ".$group->getName());
if(!$simulate) {
$this->em->remove($group);
$this->em->flush();
}
}
if(!$group->getLdapfilter()) continue; if(!$group->getLdapfilter()) continue;
if(!in_array($group->getId(),$this->ldapgroups)) { if(!in_array($group->getId(),$this->ldapgroups)) {
@ -424,12 +444,25 @@ class SynchroUsersCommand extends Command
$this->writeln('== SYNCHONISATION NINEGATE TO BUNDLE ================'); $this->writeln('== SYNCHONISATION NINEGATE TO BUNDLE ================');
$this->writeln('====================================================='); $this->writeln('=====================================================');
// Suppression des groupe annuaire
$groups=$this->em->getRepository("App:Group")->findAll();
foreach($groups as $group) {
if($group->getLdapfilter()) {
$this->writeln(" - Suppression dans Bundle >> ".$group->getName());
if(!$simulate) {
$this->em->remove($group);
$this->em->flush();
}
}
}
$appmasterurl = $this->container->getParameter("appMasterurl"); $appmasterurl = $this->container->getParameter("appMasterurl");
$appmasterkey = $this->container->getParameter("appMasterkey"); $appmasterkey = $this->container->getParameter("appMasterkey");
// Généraltion de l'urol de communication // Généraltion de l'urol de communication
if(stripos($appmasterurl,"/")===0) { if(stripos($appmasterurl,"/")===0) {
$url="https://".$this->container->getParameter("appWeburl").$appmasterurl; $url="http://".$this->container->getParameter("appWeburl").$appmasterurl;
} }
else else
$url=$appmasterurl; $url=$appmasterurl;
@ -568,7 +601,7 @@ class SynchroUsersCommand extends Command
$this->writeln($group->getName()); $this->writeln($group->getName());
$usergroups=[]; $usergroups=[];
if(array_key_exists($group->getIdexternal(),$tabgroups)&&$tabgroups[$group->getIdexternal()]) if($tabgroups[$group->getIdexternal()])
$usergroups = $tabgroups[$group->getIdexternal()]["users"]; $usergroups = $tabgroups[$group->getIdexternal()]["users"];
$tbusers=[]; $tbusers=[];
foreach($usergroups as $user) { foreach($usergroups as $user) {
@ -599,12 +632,6 @@ class SynchroUsersCommand extends Command
$this->em->persist($group); $this->em->persist($group);
$this->em->flush(); $this->em->flush();
// On s'assure que l'ensemble des activité active soit bien distribué en fonction
$activitys=$this->em->getRepository("App:Activity")->findAllGroupActivityActive($group,true);
foreach($activitys as $activity) {
$this->initAnswer($activity);
}
} }
$this->writeln(''); $this->writeln('');
@ -637,15 +664,6 @@ class SynchroUsersCommand extends Command
$this->writeln('== GROUPS ============================================'); $this->writeln('== GROUPS ============================================');
$groups=$this->em->getRepository("App:Group")->findAll(); $groups=$this->em->getRepository("App:Group")->findAll();
foreach($groups as $group) { foreach($groups as $group) {
if($group->getLdapfilter()) {
$this->writeln(" - Suppression dans Bundle >> ".$group->getName());
if(!$simulate) {
$this->em->remove($group);
$this->em->flush();
}
}
if(!$group->getIdexternal()) continue; if(!$group->getIdexternal()) continue;
if(!in_array($group->getIdexternal(),$lstgroups)) { if(!in_array($group->getIdexternal(),$lstgroups)) {
@ -696,13 +714,15 @@ class SynchroUsersCommand extends Command
protected function addUser($username,$firstname,$lastname,$email,$usersadmin) { protected function addUser($username,$firstname,$lastname,$email,$usersadmin) {
$user = new User(); $user = new User();
$key = Uuid::uuid4();
$user->setUsername($username); $user->setUsername($username);
$user->setPassword("NOPASSWORD"); $user->setPassword("NOPASSWORD");
$user->setLastname($lastname); $user->setLastname($lastname);
$user->setFirstname($firstname); $user->setFirstname($firstname);
$user->setEmail($email); $user->setEmail($email);
$user->setApiKey($key);
// Definition du role // Definition du role
if(in_array($username,$usersadmin)) if(in_array($username,$usersadmin))
$role="ROLE_ADMIN"; $role="ROLE_ADMIN";
@ -746,48 +766,4 @@ class SynchroUsersCommand extends Command
$this->em->flush(); $this->em->flush();
} }
protected function initAnswer($activity) {
$em = $this->em;
// Pour chaque élève
$group=$activity->getGroup();
foreach($group->getUsers() as $user) {
// Existe-t-il une réponse pour l'élève
if($user->hasRole("ROLE_USER")) {
$answer=$em->getRepository("App:Answer")->findOneBy(["user"=>$user,"activity"=>$activity]);
if(!$answer) {
$answer=new Answer;
$answer->setActivity($activity);
$answer->setUser($user);
$answer->setStatus(-1);
$em->persist($answer);
$em->flush();
// Message
$message=new Message;
$message->setMessage("Distribution de l'Activité");
$message->setDeletable(false);
$message->setUser($activity->getUser());
$message->setAnswer($answer);
$message->addReader($activity->getUser());
$em->persist($message);
$em->flush();
// Notification par mail de la distribution de l'activité
$to = $user->getEmail();
$from = $activity->getUser()->getEmail();
$subject="Nineschool : Nouvelle Activité à réaliser";
$body ="Activité = ".$activity->getName()."<br>";
$body.="Professeur = ".$activity->getUser()->getDisplayname()."<br>";
$body.="Matière = ".$activity->getSubject()."<br>";
$body.="Url = ".$this->router->generate('app_answer_update', ["id"=>$answer->getId()], UrlGeneratorInterface::ABSOLUTE_URL);
$this->mail->sendEmail($subject, $body, $to, $from);
}
}
}
}
} }

2
src/nineschool-1.0/src/Form/ActivityType.php
View File

@ -40,7 +40,7 @@ class ActivityType extends AbstractType
"attr" => [ "attr" => [
"class" => "btn btn-success", "class" => "btn btn-success",
"data-method" => "submit", "data-method" => "submit",
"data-confirm" => "Confirmez vous la distribution de l'activité ? Une foi validée, vous ne pourrez plus modifier son entête et son énoncé." ], "data-confirm" => "Confirmez vous la distribution de l'activité ? Une fois validée, vous ne pourrez plus modifier son entête et son énoncé." ],
] ]
); );
} }

2
src/nineschool-1.0/src/Form/AnswerType.php
View File

@ -40,7 +40,7 @@ class AnswerType extends AbstractType
"attr" => [ "attr" => [
"class" => "btn btn-success", "class" => "btn btn-success",
"data-method" => "submit", "data-method" => "submit",
"data-confirm" => "Confirmez vous ? Une foi rendues, vous ne pourrez plus modifier l'activité."], "data-confirm" => "Confirmez vous ? Une fois rendue, vous ne pourrez plus modifier l'activité."],
] ]
); );
} }

2
src/nineschool-1.0/src/Form/CorrectedType.php
View File

@ -40,7 +40,7 @@ class CorrectedType extends AbstractType
"attr" => [ "attr" => [
"class" => "btn btn-success", "class" => "btn btn-success",
"data-method" => "submit", "data-method" => "submit",
"data-confirm" => "Confirmez vous ? Une foi corrigé, vous ne pourrez plus modifier l'activité."], "data-confirm" => "Confirmez vous ? Une fois corrigée, vous ne pourrez plus modifier l'activité."],
] ]
); );

7
src/nineschool-1.0/src/Service/ldapService.php
View File

@ -10,16 +10,18 @@ class ldapService
protected $host; protected $host;
protected $port; protected $port;
protected $tls;
protected $user = null; protected $user = null;
protected $password = null; protected $password = null;
protected $basedn; protected $basedn;
private $connection = null; private $connection = null;
public function __construct($ldapHost, $ldapPort, $ldapUser, $ldapPassword, $ldapBasedn) public function __construct($ldapHost, $ldapPort, $ldapTls, $ldapUser, $ldapPassword, $ldapBasedn)
{ {
$this->host = $ldapHost; $this->host = $ldapHost;
$this->port = $ldapPort; $this->port = $ldapPort;
$this->tls = $ldapTls;
$this->user = $ldapUser; $this->user = $ldapUser;
$this->password = $ldapPassword; $this->password = $ldapPassword;
$this->basedn = $ldapBasedn; $this->basedn = $ldapBasedn;
@ -32,6 +34,9 @@ class ldapService
$ldapConn = ldap_connect($this->host, $this->port); $ldapConn = ldap_connect($this->host, $this->port);
if($ldapConn){ if($ldapConn){
ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
if($this->tls) ldap_start_tls($ldapConn);
if(ldap_bind( $ldapConn, $this->user, $this->password)){ if(ldap_bind( $ldapConn, $this->user, $this->password)){
$this->connection = $ldapConn; $this->connection = $ldapConn;
return $this->connection; return $this->connection;

14
tmpl/nineschool-apache.conf
View File

@ -6,4 +6,16 @@ Alias /nineschool /var/www/html/nineschool/public
Allow from All Allow from All
Options Indexes FollowSymLinks MultiViews Options Indexes FollowSymLinks MultiViews
php_admin_flag allow_url_fopen On php_admin_flag allow_url_fopen On
</Directory> </Directory>
# Pour activer un serveur websocket sur l'application
# Attention choisir un port libre dans
# 5546 = nineskeletor
# 5556 = ninegate
# 5566 = nineboard
# 5576 = nineschool
# 5586 = ninesurvey
# 5587 = ninetraining
# 5596 = janus
ProxyPass "/wssnineschool" "ws://0.0.0.0:5576" retry=0 keepalive=On
ProxyPassReverse "/wssnineschool" "ws://0.0.0.0:5576" retry=0

12
tmpl/nineschool-env.local
View File

@ -1,6 +1,7 @@
# SYMFONY # SYMFONY
APP_ENV=PROD APP_ENV=PROD
APP_SECRET=%%pwdreader("","/var/www/html/nineschool/.key") %set keyfile = %%getVar('container_path_web','') + '/var/www/html/nineschool/.key'
APP_SECRET=%%pwdreader("",%%keyfile)
#TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 #TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
#TRUSTED_HOSTS='^(localhost|example\.com)$' #TRUSTED_HOSTS='^(localhost|example\.com)$'
@ -62,6 +63,11 @@ LDAP_MODEL=open
%end if %end if
LDAP_HOST=%%adresse_ip_ldap LDAP_HOST=%%adresse_ip_ldap
LDAP_PORT=%%ldap_port LDAP_PORT=%%ldap_port
%if %%getVar("ldap_tls","non") == "oui"
LDAP_TLS=1
%else
LDAP_TLS=0
%end if
LDAP_USER=%%ldap_reader LDAP_USER=%%ldap_reader
LDAP_PASSWORD=%%pwdreader("",%%ldap_reader_passfile) LDAP_PASSWORD=%%pwdreader("",%%ldap_reader_passfile)
LDAP_BASEDN=%%ldap_base_dn LDAP_BASEDN=%%ldap_base_dn
@ -70,8 +76,8 @@ LDAP_USERNAME=uid
LDAP_FIRSTNAME=givenname LDAP_FIRSTNAME=givenname
LDAP_LASTNAME=sn LDAP_LASTNAME=sn
LDAP_EMAIL=mail LDAP_EMAIL=mail
LDAP_FILTERGROUP=(cn=*) LDAP_FILTERGROUP='(&(ObjectClass=posixGroup)(cn=*))'
LDAP_FILTERUSER=(uid=*) LDAP_FILTERUSER='(&(ObjectClass=person)(uid=*))'
%else %else
LDAP_USERNAME=%%nineschool_ldapuid LDAP_USERNAME=%%nineschool_ldapuid
LDAP_FIRSTNAME=%%nineschool_ldapfirstname LDAP_FIRSTNAME=%%nineschool_ldapfirstname

6
tmpl/nineschool-nginx.conf Normal file
View File

@ -0,0 +1,6 @@
location /wssnineschool {
proxy_pass https://%%container_ip_web;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}