kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-18 17:55:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Created own ldap.json.j2 for better readability in keycloak

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach 2025-08-17 11:49:41 +02:00
parent 5c9ca20e04
commit a524c52f89
No known key found for this signature in database
GPG Key ID: 44D8F11FD62F878E
2 changed files with 406 additions and 405 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

405
roles/web-app-keycloak/templates/import/ldap.json.j2 Normal file
View File

@ -0,0 +1,405 @@
{
"id": "bBD2l6kVRMaSABbfOJVRaw",
"name": "{{ KEYCLOAK_LDAP_CMP_NAME }}",
"providerId": "ldap",
"subComponents": {
"org.keycloak.storage.ldap.mappers.LDAPStorageMapper": [
{
"id": "2205e7fd-b8e6-4262-95b6-4cdf02729fec",
"name": "first name",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"givenName"
],
"attribute.force.default": [
"true"
],
"is.mandatory.in.ldap": [
"true"
],
"is.binary.attribute": [
"false"
],
"always.read.value.from.ldap": [
"true"
],
"read.only": [
"false"
],
"user.model.attribute": [
"firstName"
]
}
},
{
"id": "3db7787f-6eec-48dd-bf6d-f3c73e28e891",
"name": "creation date",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"createTimestamp"
],
"is.mandatory.in.ldap": [
"false"
],
"always.read.value.from.ldap": [
"true"
],
"read.only": [
"true"
],
"user.model.attribute": [
"createTimestamp"
]
}
},
{
"id": "12b99578-e0bf-4eeb-b0fb-8e400c0cd73e",
"name": "{{ ldap.user.attributes.nextcloud_quota }}",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"{{ ldap.user.attributes.nextcloud_quota }}"
],
"is.mandatory.in.ldap": [
"false"
],
"attribute.force.default": [
"false"
],
"is.binary.attribute": [
"false"
],
"always.read.value.from.ldap": [
"false"
],
"read.only": [
"false"
],
"user.model.attribute": [
"{{ ldap.user.attributes.nextcloud_quota }}"
]
}
},
{
"id": "24cd9c3b-e22d-4540-bddf-ae7faac0196c",
"name": "SSH Public Key",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"{{ ldap.user.attributes.ssh_public_key }}"
],
"is.mandatory.in.ldap": [
"false"
],
"attribute.force.default": [
"false"
],
"is.binary.attribute": [
"false"
],
"read.only": [
"false"
],
"always.read.value.from.ldap": [
"true"
],
"user.model.attribute": [
"{{ ldap.user.attributes.ssh_public_key }}"
]
}
},
{
"id": "f56e4551-c5b5-4596-b567-bc8309a74e72",
"name": "ldap-roles",
"providerId": "group-ldap-mapper",
"subComponents": {},
"config": {
"membership.attribute.type": [
"DN"
],
"group.name.ldap.attribute": [
"{{ ldap.user.attributes.fullname }}"
],
"membership.user.ldap.attribute": [
"{{ ldap.user.attributes.id }}"
],
"preserve.group.inheritance": [
"false"
],
"groups.dn": [
"{{ ldap.dn.ou.roles }}"
],
"mode": [
"LDAP_ONLY"
],
"user.roles.retrieve.strategy": [
"LOAD_GROUPS_BY_MEMBER_ATTRIBUTE"
],
"groups.ldap.filter": [
"(objectClass=groupOfNames)"
],
"membership.ldap.attribute": [
"member"
],
"ignore.missing.groups": [
"true"
],
"group.object.classes": [
"groupOfNames"
],
"memberof.ldap.attribute": [
"memberOf"
],
"drop.non.existing.groups.during.sync": [
"false"
],
"groups.path": [
"{{ applications | get_app_conf(application_id, 'rbac_groups', True) }}"
]
}
},
{
"id": "1ffab19c-4aeb-4038-a3e4-6444254fdd53",
"name": "modify date",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"modifyTimestamp"
],
"is.mandatory.in.ldap": [
"false"
],
"always.read.value.from.ldap": [
"true"
],
"read.only": [
"true"
],
"user.model.attribute": [
"modifyTimestamp"
]
}
},
{
"id": "ca91c874-b92e-4b54-994d-db4b43a3e096",
"name": "last name",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"sn"
],
"is.mandatory.in.ldap": [
"true"
],
"always.read.value.from.ldap": [
"true"
],
"read.only": [
"false"
],
"user.model.attribute": [
"lastName"
]
}
},
{
"id": "785b89a9-48db-4bf2-aded-37ee1d2d9025",
"name": "full name",
"providerId": "full-name-ldap-mapper",
"subComponents": {},
"config": {
"read.only": [
"false"
],
"write.only": [
"true"
],
"ldap.full.name.attribute": [
"{{ ldap.user.attributes.fullname }}"
]
}
},
{
"id": "cc3b4018-81ac-47d5-818d-bdd22b6aa5e3",
"name": "username",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"{{ldap.user.attributes.id}}"
],
"is.mandatory.in.ldap": [
"true"
],
"attribute.force.default": [
"false"
],
"is.binary.attribute": [
"false"
],
"always.read.value.from.ldap": [
"false"
],
"read.only": [
"false"
],
"user.model.attribute": [
"username"
]
}
},
{
"id": "24cd9c3b-e22d-4540-bddf-ae7faac0196c",
"name": "SSH Public Key",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"{{ ldap.user.attributes.ssh_public_key }}"
],
"is.mandatory.in.ldap": [
"false"
],
"attribute.force.default": [
"false"
],
"is.binary.attribute": [
"false"
],
"read.only": [
"false"
],
"always.read.value.from.ldap": [
"true"
],
"user.model.attribute": [
"{{ ldap.user.attributes.ssh_public_key }}"
]
}
},
{
"id": "85cd9847-4063-4d8b-be03-fa16377cde56",
"name": "email",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"mail"
],
"is.mandatory.in.ldap": [
"false"
],
"read.only": [
"false"
],
"always.read.value.from.ldap": [
"false"
],
"user.model.attribute": [
"email"
]
}
}
]
},
"config": {
"fullSyncPeriod": [
"-1"
],
"pagination": [
"true"
],
"connectionTrace": [
"false"
],
"startTls": [
"false"
],
"usersDn": [
"{{ldap.dn.ou.users}}"
],
"connectionPooling": [
"true"
],
"cachePolicy": [
"DEFAULT"
],
"useKerberosForPasswordAuthentication": [
"false"
],
"importEnabled": [
"true"
],
"enabled": [
"true"
],
"bindCredential": [
"{{ldap.bind_credential}}"
],
"changedSyncPeriod": [
"-1"
],
"usernameLDAPAttribute": [
"{{ldap.user.attributes.id}}"
],
"bindDn": [
"{{ldap.dn.administrator.data}}"
],
"lastSync": [
"1737578007"
],
"vendor": [
"other"
],
"uuidLDAPAttribute": [
"{{ldap.user.attributes.id}}"
],
"allowKerberosAuthentication": [
"false"
],
"connectionUrl": [
"{{ldap.server.uri}}"
],
"syncRegistrations": [
"true"
],
"authType": [
"simple"
],
"krbPrincipalAttribute": [
"krb5PrincipalName"
],
"searchScope": [
"1"
],
"useTruststoreSpi": [
"always"
],
"usePasswordModifyExtendedOp": [
"true"
],
"trustEmail": [
"false"
],
"userObjectClasses": [
"{{ ldap.user.objects | join(', ') }}"
],
"rdnLDAPAttribute": [
"{{ldap.user.attributes.id}}"
],
"editMode": [
"WRITABLE"
],
"validatePasswordPolicy": [
"false"
]
}
}

406
roles/web-app-keycloak/templates/import/realm.json.j2
View File

@ -1758,411 +1758,7 @@
} }
], ],
"org.keycloak.storage.UserStorageProvider": [ "org.keycloak.storage.UserStorageProvider": [
{ {% include "client.json.j2" %}
"id": "bBD2l6kVRMaSABbfOJVRaw",
"name": "{{ KEYCLOAK_LDAP_CMP_NAME }}",
"providerId": "ldap",
"subComponents": {
"org.keycloak.storage.ldap.mappers.LDAPStorageMapper": [
{
"id": "2205e7fd-b8e6-4262-95b6-4cdf02729fec",
"name": "first name",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"givenName"
],
"attribute.force.default": [
"true"
],
"is.mandatory.in.ldap": [
"true"
],
"is.binary.attribute": [
"false"
],
"always.read.value.from.ldap": [
"true"
],
"read.only": [
"false"
],
"user.model.attribute": [
"firstName"
]
}
},
{
"id": "3db7787f-6eec-48dd-bf6d-f3c73e28e891",
"name": "creation date",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"createTimestamp"
],
"is.mandatory.in.ldap": [
"false"
],
"always.read.value.from.ldap": [
"true"
],
"read.only": [
"true"
],
"user.model.attribute": [
"createTimestamp"
]
}
},
{
"id": "12b99578-e0bf-4eeb-b0fb-8e400c0cd73e",
"name": "{{ ldap.user.attributes.nextcloud_quota }}",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"{{ ldap.user.attributes.nextcloud_quota }}"
],
"is.mandatory.in.ldap": [
"false"
],
"attribute.force.default": [
"false"
],
"is.binary.attribute": [
"false"
],
"always.read.value.from.ldap": [
"false"
],
"read.only": [
"false"
],
"user.model.attribute": [
"{{ ldap.user.attributes.nextcloud_quota }}"
]
}
},
{
"id": "24cd9c3b-e22d-4540-bddf-ae7faac0196c",
"name": "SSH Public Key",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"{{ ldap.user.attributes.ssh_public_key }}"
],
"is.mandatory.in.ldap": [
"false"
],
"attribute.force.default": [
"false"
],
"is.binary.attribute": [
"false"
],
"read.only": [
"false"
],
"always.read.value.from.ldap": [
"true"
],
"user.model.attribute": [
"{{ ldap.user.attributes.ssh_public_key }}"
]
}
},
{
"id": "f56e4551-c5b5-4596-b567-bc8309a74e72",
"name": "ldap-roles",
"providerId": "group-ldap-mapper",
"subComponents": {},
"config": {
"membership.attribute.type": [
"DN"
],
"group.name.ldap.attribute": [
"{{ ldap.user.attributes.fullname }}"
],
"membership.user.ldap.attribute": [
"{{ ldap.user.attributes.id }}"
],
"preserve.group.inheritance": [
"false"
],
"groups.dn": [
"{{ ldap.dn.ou.roles }}"
],
"mode": [
"LDAP_ONLY"
],
"user.roles.retrieve.strategy": [
"LOAD_GROUPS_BY_MEMBER_ATTRIBUTE"
],
"groups.ldap.filter": [
"(objectClass=groupOfNames)"
],
"membership.ldap.attribute": [
"member"
],
"ignore.missing.groups": [
"true"
],
"group.object.classes": [
"groupOfNames"
],
"memberof.ldap.attribute": [
"memberOf"
],
"drop.non.existing.groups.during.sync": [
"false"
],
"groups.path": [
"{{ applications | get_app_conf(application_id, 'rbac_groups', True) }}"
]
}
},
{
"id": "1ffab19c-4aeb-4038-a3e4-6444254fdd53",
"name": "modify date",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"modifyTimestamp"
],
"is.mandatory.in.ldap": [
"false"
],
"always.read.value.from.ldap": [
"true"
],
"read.only": [
"true"
],
"user.model.attribute": [
"modifyTimestamp"
]
}
},
{
"id": "ca91c874-b92e-4b54-994d-db4b43a3e096",
"name": "last name",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"sn"
],
"is.mandatory.in.ldap": [
"true"
],
"always.read.value.from.ldap": [
"true"
],
"read.only": [
"false"
],
"user.model.attribute": [
"lastName"
]
}
},
{
"id": "785b89a9-48db-4bf2-aded-37ee1d2d9025",
"name": "full name",
"providerId": "full-name-ldap-mapper",
"subComponents": {},
"config": {
"read.only": [
"false"
],
"write.only": [
"true"
],
"ldap.full.name.attribute": [
"{{ ldap.user.attributes.fullname }}"
]
}
},
{
"id": "cc3b4018-81ac-47d5-818d-bdd22b6aa5e3",
"name": "username",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"{{ldap.user.attributes.id}}"
],
"is.mandatory.in.ldap": [
"true"
],
"attribute.force.default": [
"false"
],
"is.binary.attribute": [
"false"
],
"always.read.value.from.ldap": [
"false"
],
"read.only": [
"false"
],
"user.model.attribute": [
"username"
]
}
},
{
"id": "24cd9c3b-e22d-4540-bddf-ae7faac0196c",
"name": "SSH Public Key",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"{{ ldap.user.attributes.ssh_public_key }}"
],
"is.mandatory.in.ldap": [
"false"
],
"attribute.force.default": [
"false"
],
"is.binary.attribute": [
"false"
],
"read.only": [
"false"
],
"always.read.value.from.ldap": [
"true"
],
"user.model.attribute": [
"{{ ldap.user.attributes.ssh_public_key }}"
]
}
},
{
"id": "85cd9847-4063-4d8b-be03-fa16377cde56",
"name": "email",
"providerId": "user-attribute-ldap-mapper",
"subComponents": {},
"config": {
"ldap.attribute": [
"mail"
],
"is.mandatory.in.ldap": [
"false"
],
"read.only": [
"false"
],
"always.read.value.from.ldap": [
"false"
],
"user.model.attribute": [
"email"
]
}
}
]
},
"config": {
"fullSyncPeriod": [
"-1"
],
"pagination": [
"true"
],
"connectionTrace": [
"false"
],
"startTls": [
"false"
],
"usersDn": [
"{{ldap.dn.ou.users}}"
],
"connectionPooling": [
"true"
],
"cachePolicy": [
"DEFAULT"
],
"useKerberosForPasswordAuthentication": [
"false"
],
"importEnabled": [
"true"
],
"enabled": [
"true"
],
"bindCredential": [
"{{ldap.bind_credential}}"
],
"changedSyncPeriod": [
"-1"
],
"usernameLDAPAttribute": [
"{{ldap.user.attributes.id}}"
],
"bindDn": [
"{{ldap.dn.administrator.data}}"
],
"lastSync": [
"1737578007"
],
"vendor": [
"other"
],
"uuidLDAPAttribute": [
"{{ldap.user.attributes.id}}"
],
"allowKerberosAuthentication": [
"false"
],
"connectionUrl": [
"{{ldap.server.uri}}"
],
"syncRegistrations": [
"true"
],
"authType": [
"simple"
],
"krbPrincipalAttribute": [
"krb5PrincipalName"
],
"searchScope": [
"1"
],
"useTruststoreSpi": [
"always"
],
"usePasswordModifyExtendedOp": [
"true"
],
"trustEmail": [
"false"
],
"userObjectClasses": [
"{{ ldap.user.objects | join(', ') }}"
],
"rdnLDAPAttribute": [
"{{ldap.user.attributes.id}}"
],
"editMode": [
"WRITABLE"
],
"validatePasswordPolicy": [
"false"
]
}
}
], ],
"org.keycloak.keys.KeyProvider": [ "org.keycloak.keys.KeyProvider": [
{ {