Solved ldap bug

2025-10-31 10:19:09 +00:00 · 2025-01-30 12:14:18 +01:00
parent 45b56a7aaa
commit 61890dcf1f
8 changed files with 21 additions and 103 deletions
--- a/roles/docker-funkwhale/vars/main.yml
+++ b/roles/docker-funkwhale/vars/main.yml
@@ -1,4 +1,6 @@
-docker_compose_project_name:        "funkwhale"
+docker_compose_project_name:                    "funkwhale"
 nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 512M;"
-database_password:                  "{{funkwhale_database_password}}"
-database_type:                      "postgres"
+database_password:                              "{{funkwhale_database_password}}"
+database_type:                                  "postgres"
+
+ldap_network_enabled:                           true  # Activate LDAP network
--- a/roles/docker-gitea/README.md
+++ b/roles/docker-gitea/README.md
@@ -26,99 +26,4 @@ To access the database execute
  docker-compose exec -it database /bin/mysql -u gitea -p
 ```
 ## bash in application
-docker-compose exec -it application /bin/sh
-
-## update app.ini
-```bash
-cat > app.ini << EOF
-APP_NAME = test @test
-RUN_MODE = prod
-RUN_USER = git
-
-[repository]
-ROOT = /data/git/repositories
-
-[repository.local]
-LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
-
-[repository.upload]
-TEMP_PATH = /data/gitea/uploads
-
-[server]
-APP_DATA_PATH    = /data/gitea
-DOMAIN           = test.test
-SSH_DOMAIN       = test.test
-HTTP_PORT        = 3000
-ROOT_URL         = https://test.test/
-DISABLE_SSH      = false
-SSH_PORT         = 2201
-SSH_LISTEN_PORT  = 22
-LFS_START_SERVER = true
-LFS_CONTENT_PATH = /data/git/lfs
-LFS_JWT_SECRET   = testsecret
-OFFLINE_MODE     = false
-
-[database]
-PATH     = /data/gitea/gitea.db
-DB_TYPE  = mysql
-HOST     = database:3306
-NAME     = gitea
-USER     = gitea
-PASSWD   = testpasswort
-LOG_SQL  = false
-SCHEMA   =
-SSL_MODE = disable
-CHARSET  = utf8mb4
-
-[indexer]
-ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
-
-[session]
-PROVIDER_CONFIG = /data/gitea/sessions
-PROVIDER        = file
-
-[picture]
-AVATAR_UPLOAD_PATH            = /data/gitea/avatars
-REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
-DISABLE_GRAVATAR              = false
-ENABLE_FEDERATED_AVATAR       = true
-
-[attachment]
-PATH = /data/gitea/attachments
-
-[log]
-MODE                 = console
-LEVEL                = info
-REDIRECT_MACARON_LOG = true
-MACARON              = console
-ROUTER               = console
-ROOT_PATH            = /data/gitea/log
-
-[security]
-INSTALL_LOCK   = true
-SECRET_KEY     = test_secret_key
-INTERNAL_TOKEN = test_secret_internal_token
-
-[service]
-DISABLE_REGISTRATION              = true
-REQUIRE_SIGNIN_VIEW               = false
-REGISTER_EMAIL_CONFIRM            = false
-ENABLE_NOTIFY_MAIL                = false
-ALLOW_ONLY_EXTERNAL_REGISTRATION  = false
-ENABLE_CAPTCHA                    = false
-DEFAULT_KEEP_EMAIL_PRIVATE        = false
-DEFAULT_ALLOW_CREATE_ORGANIZATION = true
-DEFAULT_ENABLE_TIMETRACKING       = true
-NO_REPLY_ADDRESS                  = noreply.test.test
-
-[oauth2]
-JWT_SECRET = test_secret
-
-[mailer]
-ENABLED = false
-
-[openid]
-ENABLE_OPENID_SIGNIN = true
-ENABLE_OPENID_SIGNUP = true
-EOF
-```
+docker-compose exec -it application /bin/sh
--- a/roles/docker-ldap/templates/docker-compose.yml.j2
+++ b/roles/docker-ldap/templates/docker-compose.yml.j2
@@ -79,7 +79,7 @@ services:
      retries: 3
      start_period: 20s
 {% include 'templates/docker/container/networks.yml.j2' %}
-  central_ldap:
+
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  data:

--- a/roles/docker-ldap/vars/main.yml
+++ b/roles/docker-ldap/vars/main.yml
@@ -9,4 +9,7 @@ ldap_localhost_port:          389
 oauth2_proxy_upstream_application_and_port: "{{ ldap_webinterface }}:{% if ldap_webinterface == 'phpldapadmin' %}8080{% else %}80{% endif %}"
 oauth2_proxy_active:                        true

-enable_one_letsencrypt_cert_for_all:  false
+
+enable_one_letsencrypt_cert_for_all:  false # Activate dedicated Certificate
+
+ldap_network_enabled:                 true  # Activate LDAP network
--- a/roles/docker-openproject/templates/docker-compose.yml.j2
+++ b/roles/docker-openproject/templates/docker-compose.yml.j2
@@ -114,7 +114,7 @@ services:
    container_name: openproject-seeder
    restart: on-failure
 {% include 'templates/docker/container/networks.yml.j2' %}
-  central_ldap:
+
 {% include 'templates/docker/compose/networks.yml.j2' %}

 {% include 'templates/docker/compose/volumes.yml.j2' %}
--- a/roles/docker-openproject/vars/main.yml
+++ b/roles/docker-openproject/vars/main.yml
@@ -10,4 +10,6 @@ dummy_volume:                                 "{{repository_directory}}dummy_vol

 # OAuth2 Proxy Configuration
 oauth2_proxy_upstream_application_and_port:   "proxy:80"
-oauth2_proxy_active:                          true
+oauth2_proxy_active:                          true
+
+ldap_network_enabled:                         true  # Activate LDAP network
--- a/templates/docker/compose/networks.yml.j2
+++ b/templates/docker/compose/networks.yml.j2
@@ -3,6 +3,9 @@ networks:
 {% if enable_central_database | bool and database_type is defined %}
  central_{{ database_type }}:
    external: true
+{% endif %}
+{% if ldap_network_enabled %}
+  central_ldap:
 {% endif %}
  default:
 {{ "\n" }}
--- a/templates/docker/container/networks.yml.j2
+++ b/templates/docker/container/networks.yml.j2
@@ -2,6 +2,9 @@
    networks:
 {% if enable_central_database | bool and database_type is defined %}
      central_{{ database_type }}:
+{% endif %}
+{% if ldap_network_enabled %}
+      central_ldap:
 {% endif %}
      default:
 {{ "\n" }}