Added LDAP draft for snipe it

2025-07-25 17:51:10 +02:00 · 2025-06-30 11:06:25 +02:00 · 2025-06-30 11:06:25 +02:00 · 02d478186c
commit 02d478186c
parent 227c206d69
3 changed files with 36 additions and 0 deletions
--- a/roles/docker-snipe-it/tasks/ldap.yml
+++ b/roles/docker-snipe-it/tasks/ldap.yml
@ -0,0 +1,30 @@
+# @See https://raw.githubusercontent.com/snipe/snipe-it/master/app/Models/Setting.php
+---
+- name: "Enable und konfiguriere LDAP in Snipe-IT"
+  community.mysql.mysql_query:
+    login_host: "{{ database_host }}"
+    login_port: "{{ database_port }}"
+    login_user: "{{ database_username }}"
+    login_password: "{{ database_password }}"
+    db: "{{ database_name }}"
+    query: |
+      UPDATE settings SET
+        ldap_enabled              = 1,
+        ldap_server               = '{{ ldap.server.uri }}',
+        ldap_port                 = '{{ ldap.server.port }}',
+        ldap_uname                = '{{ ldap.dn.administrator.data }}',
+        ldap_pword                = '{{ ldap.bind_credential }}',
+        ldap_basedn               = '{{ ldap.dn.root }}',
+        ldap_filter               = '{{ ldap.filters.users.all }}',
+        ldap_username_field       = '{{ ldap.attributes.user_id }}',
+        ldap_lname_field          = '{{ ldap.attributes.surname }}',
+        ldap_fname_field          = '{{ ldap.attributes.firstname }}',
+        ldap_auth_filter_query    = '{{ ldap.filters.users.login }}',
+        ldap_version              = 3,
+        ldap_pw_sync              = 0,
+        is_ad                     = 0,
+        ad_domain                 = '',
+        ldap_default_group        = '',
+        ldap_email                = '{{ ldap.attributes.mail }}',
+        ldap_mem_lim              = '{{ LDAP_MEM_LIM }}',
+        ldap_time_lim             = '{{ LDAP_TIME_LIM }}';
--- a/roles/docker-snipe-it/tasks/main.yml
+++ b/roles/docker-snipe-it/tasks/main.yml
@ -11,3 +11,7 @@
    http_port:   "{{ ports.localhost.http[application_id] }}"

 - include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
+
+- name: "Configure Snipe-IT LDAP settings"
+  import_tasks: ldap.yml
+  when: applications | is_feature_enabled('ldap',application_id)
--- a/roles/docker-snipe-it/vars/configuration.yml
+++ b/roles/docker-snipe-it/vars/configuration.yml
@ -4,6 +4,8 @@ features:
  css:                false
  portfolio_iframe:   false
  central_database:   true
+  ldap:               false
+  oauth2:             false
 domains:
  canonical:
    - "inventory.{{ primary_domain }}"