kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-30 07:18:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refactor LDAP variable schema to use top-level constant LDAP and nested ALL-CAPS keys.

Browse Source 
- Converted group_vars/all/13_ldap.yml from lower-case to ALL-CAPS nested keys.
- Updated all roles, tasks, templates, and filter_plugins to reference LDAP.* instead of ldap.*.
- Fixed Keycloak JSON templates to properly quote Jinja variables.
- Adjusted svc-db-openldap filter plugins and unit tests to handle new LDAP structure.
- Updated integration test to only check uniqueness of TOP-LEVEL ALL-CAPS constants, ignoring nested keys.

See: https://chatgpt.com/share/68b01017-efe0-800f-a508-7d7e2f1c8c8d
This commit is contained in:
Kevin Veen-Birkenbach
2025-08-28 10:15:48 +02:00
parent b9da6908ec
commit cb66fb2978
33 changed files with 238 additions and 249 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
roles/web-app-snipe-it/tasks/ldap.yml
View File

@@ -21,21 +21,21 @@
sh -c 'php artisan tinker << "EOF"
$s = \App\Models\Setting::getSettings();
$s->ldap_enabled = 1;
$s->ldap_server = "{{ ldap.server.uri }}";
$s->ldap_port = {{ ldap.server.port }};
$s->ldap_uname = "{{ ldap.dn.administrator.data }}";
$s->ldap_basedn = "{{ ldap.dn.ou.users }}";
$s->ldap_server = "{{ LDAP.SERVER.URI }}";
$s->ldap_port = {{ LDAP.SERVER.PORT }};
$s->ldap_uname = "{{ LDAP.DN.ADMINISTRATOR.DATA }}";
$s->ldap_basedn = "{{ LDAP.DN.OU.USERS }}";
$s->ldap_filter = "&(objectClass=inetOrgPerson)";
$s->ldap_username_field = "{{ ldap.user.attributes.id }}";
$s->ldap_fname_field = "{{ ldap.user.attributes.firstname }}";
$s->ldap_lname_field = "{{ ldap.user.attributes.surname }}";
$s->ldap_username_field = "{{ LDAP.USER.ATTRIBUTES.ID }}";
$s->ldap_fname_field = "{{ LDAP.USER.ATTRIBUTES.FIRSTNAME }}";
$s->ldap_lname_field = "{{ LDAP.USER.ATTRIBUTES.SURNAME }}";
$s->ldap_auth_filter_query = "uid=";
$s->ldap_version = 3;
$s->ldap_pw_sync = 0;
$s->is_ad = 0;
$s->ad_domain = "";
$s->ldap_default_group = "";
$s->ldap_email = "{{ ldap.user.attributes.mail }}";
$s->ldap_email = "{{ LDAP.USER.ATTRIBUTES.MAIL }}";
$s->custom_forgot_pass_url = "{{ OIDC.CLIENT.RESET_CREDENTIALS }}";
$s->save();
EOF'
@@ -62,7 +62,7 @@
use Illuminate\Support\Facades\DB;
/* encrypt the clear-text password */
\$encrypted = Crypt::encrypt('{{ ldap.bind_credential }}');
\$encrypted = Crypt::encrypt('{{ LDAP.BIND_CREDENTIAL }}');
/* write it straight into settings.ldap_pword */
/* update the one and only row in `settings` */