Implemented OIDC für LDAP

2025-08-29 15:06:26 +02:00 · 2025-06-26 21:16:07 +02:00
parent f86568fb85
commit 6d4723b321
18 changed files with 187 additions and 21 deletions
--- a/group_vars/all/08_ports.yml
+++ b/group_vars/all/08_ports.yml
@@ -13,6 +13,7 @@ ports:
      pgadmin:          4185
      phpldapadmin:     4186
      fusiondirectory:  4187
+      gitea:            4188
    ldap:
      ldap:             389
    http:
--- a/group_vars/all/12_iam.yml
+++ b/group_vars/all/12_iam.yml
@@ -57,13 +57,16 @@ ldap:
    application_roles:  "ou=application_roles,{{_ldap_dn_base}}"
  attributes:
    # Attribut to identify the user
-    user_id:            "{{ _ldap_user_id }}" 
+    user_id:            "{{ _ldap_user_id }}"
+    mail:               "mail"
+    name:               "cn"
  # Password to access dn.bind
  bind_credential:      "{{applications.ldap.credentials.administrator_database_password}}"
  server:
    domain:             "{{applications.ldap.hostname if applications.ldap.network.docker | bool else domains.ldap}}" # Mapping for public or locale access
    port:               "{{_ldap_server_port}}"
    uri:                "{% if applications.ldap.network.docker | bool %}ldap://{{ applications.ldap.hostname }}{% else %}ldaps://{{ domains.ldap }}{% endif %}:{{ _ldap_server_port }}"
+    security:           "" #TLS, SSL - Leave empty for none
  network:
    local:              "{{applications.ldap.network.docker}}" # Uses the application configuration to define if local network should be available or not
  user_objects: