HomeLab/ldap-user-manager
2
0
Fork 0
mirror of https://github.com/wheelybird/ldap-user-manager.git synced 2025-01-18 23:42:54 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Updated README

Browse Source
This commit is contained in:
Brian Lycett 2018-06-04 16:53:58 +01:00
parent 5ec202185c
commit f982e4df1f
1 changed files with 26 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@ -52,6 +52,8 @@ Mandatory:
Optional:
----
* `SERVER_HOSTNAME` (default: *example.com*): The hostname that this interface will be served from.
* `LDAP_USER_OU` (default: *people*): The name of the OU used to store user accounts (without the base DN appended).
* `LDAP_GROUP_OU` (default: *groups*): The name of the OU used to store groups (without the base DN appended).
@ -66,7 +68,7 @@ Optional:
* `DEFAULT_USER_SHELL` (default: */bin/bash*): The shell that will be launched when the user logs into a server.
* `EMAIL_DOMAIN` (no default): The domain name to append to the email address when creating an account (username@email_domain). If unset then the mail attribute won't be set.
* `USERNAME_FORMAT` (default: *{first_name}.{last_name}*): The template used to dynamically generate usernames. See the _Usernames_ section below.
* `USERNAME_FORMAT` (default: *{first_name}-{last_name}*): The template used to dynamically generate usernames. See the _Usernames_ section below.
* `USERNAME_REGEX` (default: *^[a-z][a-zA-Z0-9\._-]{3,32}$*): The regular expression used to ensure a username (and group name) is valid. See the _Usernames_ section below.
* `LOGIN_TIMEOUT_MINS` (default: 10 minutes): How long before an idle session will be timed out.
@ -74,6 +76,26 @@ Optional:
* `SITE_NAME` (default: *LDAP user manager*): Change this to replace the title in the menu. e.g. "My Company"
Webserver SSL setup
---
The webserver (Apache HTTPD) expects to find `/opt/ssl/server.key` and `/opt/ssl/server.crt`, and these certificates should match `SERVER_HOSTNAME`.
If those files aren't found then the startup script will create self-signed certificates based on `SERVER_HOSTNAME`. To use your own key and certificate then you need to bind-mount a directory containing them to `/opt/ssl`. The script will also look for `/opt/ssl/chain.pem` if you need to add a certificate chain file (the Apache `SSLCertificateChainFile` option).
e.g.:
```
docker run \
--detach \
--name=lum \
-p 80:80 \
-p 443:443 \
-e SERVER_HOSTNAME=lum.example.com \
-v /your/ssl/cert/dir:/opt/ssl \
...
...
```
Initial setup
---