mirror of
https://github.com/nitnelave/lldap.git
synced 2023-04-12 14:25:13 +00:00
readme: Add badges, client configuration guide
This commit is contained in:
parent
7d9c1b1eec
commit
fa937cc337
44
README.md
44
README.md
@ -1,5 +1,9 @@
|
|||||||
# lldap - Light LDAP implementation for authentication
|
# lldap - Light LDAP implementation for authentication
|
||||||
|
|
||||||
|
![Build](https://github.com/nitnelave/lldap/actions/workflows/rust.yml/badge.svg)
|
||||||
|
![Discord](https://img.shields.io/discord/898492935446876200)
|
||||||
|
![Twitter Follow](https://img.shields.io/twitter/follow/nitnelave1?style=social)
|
||||||
|
|
||||||
WARNING: This project is still in alpha, with the basic core functionality
|
WARNING: This project is still in alpha, with the basic core functionality
|
||||||
implemented but still very rough. For updates, follow
|
implemented but still very rough. For updates, follow
|
||||||
[@nitnelave1](https://twitter.com/nitnelave1) or join our [Discord
|
[@nitnelave1](https://twitter.com/nitnelave1) or join our [Discord
|
||||||
@ -13,7 +17,7 @@ only speak LDAP protocol can talk to it and use it as an authentication server.
|
|||||||
![Screenshot of the user list page](screenshot.png)
|
![Screenshot of the user list page](screenshot.png)
|
||||||
|
|
||||||
The goal is _not_ to provide a full LDAP server; if you're interested in that,
|
The goal is _not_ to provide a full LDAP server; if you're interested in that,
|
||||||
check out OpenLDAP. This server is made to be:
|
check out OpenLDAP. This server is a user management system that is:
|
||||||
* simple to setup (no messing around with `slapd`)
|
* simple to setup (no messing around with `slapd`)
|
||||||
* simple to manage (friendly web UI)
|
* simple to manage (friendly web UI)
|
||||||
* opinionated with basic defaults so you don't have to understand the
|
* opinionated with basic defaults so you don't have to understand the
|
||||||
@ -23,6 +27,10 @@ It mostly targets self-hosting servers, with open-source components like
|
|||||||
Nextcloud, Airsonic and so on that only support LDAP as a source of external
|
Nextcloud, Airsonic and so on that only support LDAP as a source of external
|
||||||
authentication.
|
authentication.
|
||||||
|
|
||||||
|
For more features (OAuth/OpenID support, reverse proxy, ...) you can install
|
||||||
|
other components (KeyCloak, Authelia, ...) using this server as the source of
|
||||||
|
truth for users, via LDAP.
|
||||||
|
|
||||||
## Setup
|
## Setup
|
||||||
|
|
||||||
### With Docker
|
### With Docker
|
||||||
@ -61,22 +69,6 @@ services:
|
|||||||
Then the service will listen on two ports, one for LDAP and one for the web
|
Then the service will listen on two ports, one for LDAP and one for the web
|
||||||
front-end.
|
front-end.
|
||||||
|
|
||||||
To configure the services that will talk to LLDAP, here are the values:
|
|
||||||
- The LDAP user DN is from the configuration. By default,
|
|
||||||
`cn=admin,dc=example,dc=com`.
|
|
||||||
- The LDAP password is from the configuration (same as to log in to the web
|
|
||||||
UI).
|
|
||||||
- The users are all located in `ou=people,` + the base DN, so by default user
|
|
||||||
`bob` is at `cn=bob,ou=people,dc=example,dc=com`.
|
|
||||||
- Similarly, the groups are located in `ou=groups`, so the group `family`
|
|
||||||
will be at `cn=family,ou=groups,dc=example,dc=com`.
|
|
||||||
|
|
||||||
Testing group membership through `membeOf` is supported, so you can have a
|
|
||||||
filter like: `(memberOf=cn=admins,ou=groups,dc=example,dc=com)`.
|
|
||||||
|
|
||||||
The administrator group for LLDAP is `lldap_admin`: anyone in this group has
|
|
||||||
admin rights in the Web UI.
|
|
||||||
|
|
||||||
### From source
|
### From source
|
||||||
|
|
||||||
To bring up the server, you'll need to compile the frontend. In addition to
|
To bring up the server, you'll need to compile the frontend. In addition to
|
||||||
@ -93,6 +85,24 @@ To bring up the server, just run `cargo run`. The default config is in
|
|||||||
`lldap_config.toml`, setting environment variables or passing arguments to
|
`lldap_config.toml`, setting environment variables or passing arguments to
|
||||||
`cargo run`.
|
`cargo run`.
|
||||||
|
|
||||||
|
## Client configuration
|
||||||
|
|
||||||
|
To configure the services that will talk to LLDAP, here are the values:
|
||||||
|
- The LDAP user DN is from the configuration. By default,
|
||||||
|
`cn=admin,dc=example,dc=com`.
|
||||||
|
- The LDAP password is from the configuration (same as to log in to the web
|
||||||
|
UI).
|
||||||
|
- The users are all located in `ou=people,` + the base DN, so by default user
|
||||||
|
`bob` is at `cn=bob,ou=people,dc=example,dc=com`.
|
||||||
|
- Similarly, the groups are located in `ou=groups`, so the group `family`
|
||||||
|
will be at `cn=family,ou=groups,dc=example,dc=com`.
|
||||||
|
|
||||||
|
Testing group membership through `membeOf` is supported, so you can have a
|
||||||
|
filter like: `(memberOf=cn=admins,ou=groups,dc=example,dc=com)`.
|
||||||
|
|
||||||
|
The administrator group for LLDAP is `lldap_admin`: anyone in this group has
|
||||||
|
admin rights in the Web UI.
|
||||||
|
|
||||||
## Architecture
|
## Architecture
|
||||||
|
|
||||||
The server is entirely written in Rust, using [actix](https://actix.rs) for the
|
The server is entirely written in Rust, using [actix](https://actix.rs) for the
|
||||||
|
Loading…
Reference in New Issue
Block a user