From b9f6b915ac77a49cb92f1c4a4db7e6b571dab799 Mon Sep 17 00:00:00 2001 From: Christian Kracher Date: Thu, 28 Oct 2021 18:07:07 +0200 Subject: [PATCH] Create .env Jitsi Meet Docker LDAP Authentication configuration --- example_configs/.env | 56 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 example_configs/.env diff --git a/example_configs/.env b/example_configs/.env new file mode 100644 index 0000000..5cafdda --- /dev/null +++ b/example_configs/.env @@ -0,0 +1,56 @@ +# Jitsi Meet Docker LDAP Authentication configuration +# .env + +# Enable authentication +ENABLE_AUTH=1 + +# Enable guest access +ENABLE_GUESTS=0 + +# Select authentication type: internal, jwt or ldap +AUTH_TYPE=ldap + +# LDAP authentication (for more information see the Cyrus SASL saslauthd.conf man page) +# + +# LDAP url for connection +LDAP_URL=ldap://IP:3890 + +# LDAP base DN. Can be empty +LDAP_BASE=dc=example,dc=com + +# LDAP user DN. Do not specify this parameter for the anonymous bind +LDAP_BINDDN=cn=admin,ou=people,dc=example,dc=com + +# LDAP user password. Do not specify this parameter for the anonymous bind +LDAP_BINDPW=LLDAP admin password + +# LDAP filter. Tokens example: +# %1-9 - if the input key is user@mail.domain.com, then %1 is com, %2 is domain and %3 is mail +# %s - %s is replaced by the complete service string +# %r - %r is replaced by the complete realm string +LDAP_FILTER=(&(uid=%u)(objectClass=person)) + +# LDAP authentication method +LDAP_AUTH_METHOD=bind + +# LDAP version +#LDAP_VERSION=3 + +# LDAP TLS using +#LDAP_USE_TLS=0 + +# List of SSL/TLS ciphers to allow +#LDAP_TLS_CIPHERS=SECURE256:SECURE128:!AES-128-CBC:!ARCFOUR-128:!CAMELLIA-128-CBC:!3DES-CBC:!CAMELLIA-128-CBC + +# Require and verify server certificate +#LDAP_TLS_CHECK_PEER=1 + +# Path to CA cert file. Used when server certificate verify is enabled +#LDAP_TLS_CACERT_FILE=/etc/ssl/certs/ca-certificates.crt + +# Path to CA certs directory. Used when server certificate verify is enabled +#LDAP_TLS_CACERT_DIR=/etc/ssl/certs + +# Wether to use starttls, implies LDAPv3 and requires ldap:// instead of ldaps:// +# LDAP_START_TLS=1