kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-30 15:28:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refactor LDAP variable schema to use top-level constant LDAP and nested ALL-CAPS keys.

Browse Source 
- Converted group_vars/all/13_ldap.yml from lower-case to ALL-CAPS nested keys.
- Updated all roles, tasks, templates, and filter_plugins to reference LDAP.* instead of ldap.*.
- Fixed Keycloak JSON templates to properly quote Jinja variables.
- Adjusted svc-db-openldap filter plugins and unit tests to handle new LDAP structure.
- Updated integration test to only check uniqueness of TOP-LEVEL ALL-CAPS constants, ignoring nested keys.

See: https://chatgpt.com/share/68b01017-efe0-800f-a508-7d7e2f1c8c8d
This commit is contained in:
Kevin Veen-Birkenbach
2025-08-28 10:15:48 +02:00
parent b9da6908ec
commit cb66fb2978
33 changed files with 238 additions and 249 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
roles/web-app-friendica/templates/ldapauth.config.php.j2
View File

@@ -9,26 +9,26 @@ return [
// ldap_server (String)
// ldap hostname server - required
// Example: ldap_server = host.example.com
'ldap_server' => '{{ ldap.server.uri }}',
'ldap_server' => '{{ LDAP.SERVER.URI }}',
// ldap_binddn (String)
// admin dn - optional - only if ldap server dont have anonymous access
// Example: ldap_binddn = cn=admin,dc=example,dc=com
'ldap_binddn' => '{{ ldap.dn.administrator.data }}',
'ldap_binddn' => '{{ LDAP.DN.ADMINISTRATOR.DATA }}',
// ldap_bindpw (String)
// admin password - optional - only if ldap server dont have anonymous access
'ldap_bindpw' => '{{ ldap.bind_credential }}',
'ldap_bindpw' => '{{ LDAP.BIND_CREDENTIAL }}',
// ldap_searchdn (String)
// dn to search users - required
// Example: ldap_searchdn = ou=users,dc=example,dc=com
'ldap_searchdn' => '{{ ldap.dn.ou.users }}',
'ldap_searchdn' => '{{ LDAP.DN.OU.USERS }}',
// ldap_userattr (String)
// attribute to find username - required
// Example: ldap_userattr = uid
'ldap_userattr' => '{{ ldap.user.attributes.id }}',
'ldap_userattr' => '{{ LDAP.USER.ATTRIBUTES.ID }}',
// ldap_group (String)
// DN of the group whose member can auth on Friendica - optional
@@ -42,10 +42,10 @@ return [
// ldap_autocreateaccount_emailattribute (String)
// attribute to get email - optional - default : 'mail'
'ldap_autocreateaccount_emailattribute' => '{{ ldap.user.attributes.mail }}',
'ldap_autocreateaccount_emailattribute' => '{{ LDAP.USER.ATTRIBUTES.MAIL }}',
// ldap_autocreateaccount_nameattribute (String)
// attribute to get nickname - optional - default : 'givenName'
'ldap_autocreateaccount_nameattribute' => '{{ ldap.user.attributes.firstname }}',
'ldap_autocreateaccount_nameattribute' => '{{ LDAP.USER.ATTRIBUTES.FIRSTNAME }}',
],
];