Document LDAP server setup
This commit is contained in:
parent
5bf9b26180
commit
05642c01a3
|
|
@ -14,3 +14,4 @@ Spaceport Documentation
|
||||||
dev
|
dev
|
||||||
apioverview
|
apioverview
|
||||||
api
|
api
|
||||||
|
ldap
|
||||||
|
|
|
||||||
68
apiserver/docs/source/ldap.rst
Normal file
68
apiserver/docs/source/ldap.rst
Normal file
|
|
@ -0,0 +1,68 @@
|
||||||
|
LDAP Server Setup
|
||||||
|
=================
|
||||||
|
|
||||||
|
.. contents:: :depth: 3
|
||||||
|
|
||||||
|
This guide assumes you are on a Debian-based distro.
|
||||||
|
|
||||||
|
Install dependencies:
|
||||||
|
|
||||||
|
.. sourcecode:: bash
|
||||||
|
|
||||||
|
$ sudo apt update
|
||||||
|
$ sudo apt install python3 python3-pip python-virtualenv python3-virtualenv supervisor
|
||||||
|
|
||||||
|
Clone the repo:
|
||||||
|
|
||||||
|
.. sourcecode:: bash
|
||||||
|
|
||||||
|
$ git clone https://github.com/Protospace/spaceport.git
|
||||||
|
$ cd spaceport
|
||||||
|
|
||||||
|
Main Script
|
||||||
|
-----------
|
||||||
|
|
||||||
|
Create a venv, activate it, and install:
|
||||||
|
|
||||||
|
.. sourcecode:: bash
|
||||||
|
|
||||||
|
$ cd ldapserver
|
||||||
|
$ virtualenv -p python3 env
|
||||||
|
$ source env/bin/activate
|
||||||
|
(env) $ pip install -r requirements.txt
|
||||||
|
|
||||||
|
Edit ``ldapserver/secrets.py.example`` and save it as ``ldapserver/secrets.py``.
|
||||||
|
|
||||||
|
Securely move the auth token to ``apiserver/secrets.py`` on the server running Spaceport.
|
||||||
|
|
||||||
|
Now you can run the script to test:
|
||||||
|
|
||||||
|
.. sourcecode:: bash
|
||||||
|
|
||||||
|
(env) $ python main.py
|
||||||
|
|
||||||
|
Flask will now be running on port 5000, connect to localhost:5000 to test it.
|
||||||
|
|
||||||
|
Process Management
|
||||||
|
------------------
|
||||||
|
|
||||||
|
The script is kept alive with `supervisor <https://pypi.org/project/supervisor/>`_.
|
||||||
|
|
||||||
|
Configure ``/etc/supervisor/conf.d/ldapserver.conf``:
|
||||||
|
|
||||||
|
.. sourcecode:: text
|
||||||
|
|
||||||
|
[program:ldapserver]
|
||||||
|
user=ldapserver
|
||||||
|
directory=/opt/spaceport/ldapserver
|
||||||
|
command=/opt/spaceport/ldapserver/env/bin/gunicorn -w 2 --bind 0.0.0.0:5000 server:app
|
||||||
|
stopasgroup=true
|
||||||
|
stopsignal=INT
|
||||||
|
autostart=true
|
||||||
|
autorestart=true
|
||||||
|
stderr_logfile=/var/log/ldapserver.log
|
||||||
|
stderr_logfile_maxbytes=10MB
|
||||||
|
stdout_logfile=/var/log/ldapserver.log
|
||||||
|
stdout_logfile_maxbytes=10MB
|
||||||
|
|
||||||
|
Script logs to ``/var/log/ldapserver.log``.
|
||||||
19
ldapserver/README.md
Normal file
19
ldapserver/README.md
Normal file
|
|
@ -0,0 +1,19 @@
|
||||||
|
# LDAP Server
|
||||||
|
|
||||||
|
Runs inside Protospace's network and talks to Active Directory.
|
||||||
|
|
||||||
|
Exposes a REST API to Spaceport that allows managing AD users and passwords.
|
||||||
|
|
||||||
|
## Setup
|
||||||
|
|
||||||
|
https://docs.my.protospace.ca/ldap.html
|
||||||
|
|
||||||
|
## License
|
||||||
|
|
||||||
|
This program is free and open-source software licensed under the MIT License. Please see the `LICENSE` file for details.
|
||||||
|
|
||||||
|
That means you have the right to study, change, and distribute the software and source code to anyone and for any purpose. You deserve these rights.
|
||||||
|
|
||||||
|
## Acknowledgements
|
||||||
|
|
||||||
|
Thanks to Pat S for all his help integrating with Active Directory.
|
||||||
Loading…
Reference in New Issue
Block a user