2018-06-01 17:10:45 +01:00
< ? php
2020-12-24 18:24:41 +00:00
$log_prefix = " " ;
2018-06-01 17:10:45 +01:00
#Mandatory
$LDAP [ 'uri' ] = getenv ( 'LDAP_URI' );
$LDAP [ 'base_dn' ] = getenv ( 'LDAP_BASE_DN' );
$LDAP [ 'admins_group' ] = getenv ( 'LDAP_ADMINS_GROUP' );
$LDAP [ 'admin_bind_dn' ] = getenv ( 'LDAP_ADMIN_BIND_DN' );
$LDAP [ 'admin_bind_pwd' ] = getenv ( 'LDAP_ADMIN_BIND_PWD' );
#Optional
$LDAP [ 'group_ou' ] = ( getenv ( 'LDAP_GROUP_OU' ) ? getenv ( 'LDAP_GROUP_OU' ) : 'groups' );
$LDAP [ 'user_ou' ] = ( getenv ( 'LDAP_USER_OU' ) ? getenv ( 'LDAP_USER_OU' ) : 'people' );
2020-12-24 18:24:41 +00:00
$LDAP [ 'forced_rfc2308bis' ] = (( strcasecmp ( getenv ( 'FORCE_RFC2307BIS' ), 'TRUE' ) == 0 ) ? TRUE : FALSE );
2020-05-06 17:19:20 +01:00
2020-12-24 18:24:41 +00:00
if ( getenv ( 'LDAP_GROUP_MEMBERSHIP_ATTRIBUTE' )) { $LDAP [ 'group_membership_attribute' ] = getenv ( 'LDAP_GROUP_MEMBERSHIP_ATTRIBUTE' ); }
if ( getenv ( 'LDAP_GROUP_MEMBERSHIP_USES_UID' ) and strtoupper ( getenv ( 'LDAP_GROUP_MEMBERSHIP_USES_UID' )) == TRUE ) { $LDAP [ 'group_membership_uses_uid' ] = TRUE ; }
2018-06-01 17:10:45 +01:00
2020-01-10 12:01:31 +00:00
$LDAP [ 'account_attribute' ] = 'uid' ;
2020-05-01 17:14:04 +01:00
$LDAP [ 'require_starttls' ] = (( strcasecmp ( getenv ( 'LDAP_REQUIRE_STARTTLS' ), 'TRUE' ) == 0 ) ? TRUE : FALSE );
2020-11-28 18:00:01 +00:00
$LDAP [ 'ignore_cert_errors' ] = (( strcasecmp ( getenv ( 'LDAP_IGNORE_CERT_ERRORS' ), 'TRUE' ) == 0 ) ? TRUE : FALSE );
2020-12-24 18:24:41 +00:00
$LDAP [ 'rfc2307bis_check_run' ] = FALSE ;
2018-06-01 17:10:45 +01:00
$DEFAULT_USER_GROUP = ( getenv ( 'DEFAULT_USER_GROUP' ) ? getenv ( 'DEFAULT_USER_GROUP' ) : 'everybody' );
2020-05-22 11:03:23 +01:00
$DEFAULT_USER_SHELL = ( getenv ( 'DEFAULT_USER_SHELL' ) ? getenv ( 'DEFAULT_USER_SHELL' ) : '/bin/bash' );
2020-11-28 18:00:01 +00:00
$ORGANISATION_NAME = ( getenv ( 'ORGANISATION_NAME' ) ? getenv ( 'ORGANISATION_NAME' ) : 'LDAP' );
$SITE_NAME = ( getenv ( 'SITE_NAME' ) ? getenv ( 'SITE_NAME' ) : " $ORGANISATION_NAME user manager " );
2020-11-30 16:14:53 +00:00
$SERVER_HOSTNAME = ( getenv ( 'SERVER_HOSTNAME' ) ? getenv ( 'SERVER_HOSTNAME' ) : " ldapusermanager.org " );
2018-06-01 17:10:45 +01:00
2018-07-12 11:05:25 +01:00
$USERNAME_FORMAT = ( getenv ( 'USERNAME_FORMAT' ) ? getenv ( 'USERNAME_FORMAT' ) : '{first_name}-{last_name}' );
2020-07-06 09:31:56 +01:00
$USERNAME_REGEX = ( getenv ( 'USERNAME_REGEX' ) ? getenv ( 'USERNAME_REGEX' ) : '^[a-z][a-zA-Z0-9\._-]{3,32}$' );
2018-06-01 17:10:45 +01:00
#We'll use the username regex for groups too.
2020-08-03 17:35:13 +01:00
if ( getenv ( 'PASSWORD_HASH' )) { $PASSWORD_HASH = strtoupper ( getenv ( 'PASSWORD_HASH' )); }
2020-05-22 11:03:23 +01:00
$ACCEPT_WEAK_PASSWORDS = (( strcasecmp ( getenv ( 'ACCEPT_WEAK_PASSWORDS' ), 'TRUE' ) == 0 ) ? TRUE : FALSE );
2020-12-24 18:24:41 +00:00
$SESSION_TIMEOUT = ( getenv ( 'SESSION_TIMEOUT' ) ? getenv ( 'SESSION_TIMEOUT' ) : 10 );
2020-05-22 11:03:23 +01:00
2020-05-01 17:14:04 +01:00
$LDAP_DEBUG = (( strcasecmp ( getenv ( 'LDAP_DEBUG' ), 'TRUE' ) == 0 ) ? TRUE : FALSE );
2020-11-28 18:00:01 +00:00
$LDAP_VERBOSE_CONNECTION_LOGS = (( strcasecmp ( getenv ( 'LDAP_VERBOSE_CONNECTION_LOGS' ), 'TRUE' ) == 0 ) ? TRUE : FALSE );
2020-05-04 10:48:46 +01:00
$SESSION_DEBUG = (( strcasecmp ( getenv ( 'SESSION_DEBUG' ), 'TRUE' ) == 0 ) ? TRUE : FALSE );
2018-06-01 17:10:45 +01:00
###
$LDAP [ 'group_dn' ] = " ou= ${ LDAP['group_ou']},${LDAP['base_dn'] } " ;
$LDAP [ 'user_dn' ] = " ou= ${ LDAP['user_ou']},${LDAP['base_dn'] } " ;
###
2020-11-28 18:00:01 +00:00
$SMTP [ 'host' ] = getenv ( 'SMTP_HOSTNAME' );
$SMTP [ 'user' ] = getenv ( 'SMTP_USERNAME' );
$SMTP [ 'pass' ] = getenv ( 'SMTP_PASSWORD' );
$SMTP [ 'port' ] = ( getenv ( 'SMTP_HOST_PORT' ) ? getenv ( 'SMTP_HOST_PORT' ) : 25 );
$SMTP [ 'tls' ] = (( strcasecmp ( getenv ( 'SMTP_USE_TLS' ), 'TRUE' ) == 0 ) ? TRUE : FALSE );
$SMTP [ 'debug_level' ] = getenv ( 'SMTP_LOG_LEVEL' );
2020-11-30 16:14:53 +00:00
if ( ! is_numeric ( $SMTP [ 'debug_level' ]) or $SMTP [ 'debug_level' ] > 4 or $SMTP [ 'debug_level' ] < 0 ) { $SMTP [ 'debug_level' ] = 0 ; }
2020-11-28 18:00:01 +00:00
$EMAIL_DOMAIN = ( getenv ( 'EMAIL_DOMAIN' ) ? getenv ( 'EMAIL_DOMAIN' ) : Null );
$default_email_from_domain = ( $EMAIL_DOMAIN ? $EMAIL_DOMAIN : 'ldapusermanger.org' );
$EMAIL [ 'from_address' ] = ( getenv ( 'EMAIL_FROM_ADDRESS' ) ? getenv ( 'EMAIL_FROM_ADDRESS' ) : " admin@ " . $default_email_from_domain );
$EMAIL [ 'from_name' ] = ( getenv ( 'EMAIL_FROM_NAME' ) ? getenv ( 'EMAIL_FROM_NAME' ) : $SITE_NAME );
2020-12-24 18:24:41 +00:00
if ( $SMTP [ 'host' ] != " " ) { $EMAIL_SENDING_ENABLED = TRUE ; } else { $EMAIL_SENDING_ENABLED = FALSE ; }
2020-11-28 18:00:01 +00:00
###
2020-12-24 18:24:41 +00:00
$ACCOUNT_REQUESTS_ENABLED = (( strcasecmp ( getenv ( 'ACCOUNT_REQUESTS_ENABLED' ), 'TRUE' ) == 0 ) ? TRUE : FALSE );
2020-12-30 11:02:39 +00:00
if (( $EMAIL_SENDING_ENABLED == FALSE ) && ( $ACCOUNT_REQUESTS_ENABLED == TRUE )) {
2020-12-24 18:24:41 +00:00
$ACCOUNT_REQUESTS_ENABLED = FALSE ;
error_log ( " $log_prefix Config: ACCOUNT_REQUESTS_ENABLED was set to TRUE but SMTP_HOSTNAME wasn't set, so account requesting has been disabled as we can't send out the request email " , 0 );
}
$ACCOUNT_REQUESTS_EMAIL = ( getenv ( 'ACCOUNT_REQUESTS_EMAIL' ) ? getenv ( 'ACCOUNT_REQUESTS_EMAIL' ) : $EMAIL [ 'from_address' ]);
###
$NO_HTTPS = (( strcasecmp ( getenv ( 'NO_HTTPS' ), 'TRUE' ) == 0 ) ? TRUE : FALSE );
2020-11-28 18:00:01 +00:00
###
2020-05-06 17:19:20 +01:00
2018-06-01 17:10:45 +01:00
$errors = " " ;
if ( empty ( $LDAP [ 'uri' ])) {
$errors .= " <div class='alert alert-warning'><p class='text-center'>LDAP_URI isn't set</p></div> \n " ;
}
if ( empty ( $LDAP [ 'base_dn' ])) {
$errors .= " <div class='alert alert-warning'><p class='text-center'>LDAP_BASE_DN isn't set</p></div> \n " ;
}
if ( empty ( $LDAP [ 'admin_bind_dn' ])) {
$errors .= " <div class='alert alert-warning'><p class='text-center'>LDAP_ADMIN_BIND_DN isn't set</p></div> \n " ;
}
if ( empty ( $LDAP [ 'admin_bind_pwd' ])) {
$errors .= " <div class='alert alert-warning'><p class='text-center'>LDAP_ADMIN_BIND_PWD isn't set</p></div> \n " ;
}
if ( empty ( $LDAP [ 'admins_group' ])) {
$errors .= " <div class='alert alert-warning'><p class='text-center'>LDAP_ADMINS_GROUP isn't set</p></div> \n " ;
}
if ( $errors != " " ) {
render_header ();
print $errors ;
render_footer ();
exit ( 1 );
}
#POSIX accounts
$min_uid = 2000 ;
$min_gid = 2000 ;
?>
