mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-30 15:28:12 +02:00
Added all LDAP changes before removing, because it doesn't work. Will trty to replace it by OIDC
This commit is contained in:
68
roles/web-app-joomla/templates/ldap/cli.php.j2
Normal file
68
roles/web-app-joomla/templates/ldap/cli.php.j2
Normal file
@@ -0,0 +1,68 @@
|
||||
<?php
|
||||
// Joomla CLI script to enable and configure the Authentication - LDAP plugin.
|
||||
// Safe to run multiple times. Uses only Factory::getDbo() (no web/administrator app context required).
|
||||
|
||||
define('_JEXEC', 1);
|
||||
define('JPATH_BASE', __DIR__ . '/..');
|
||||
|
||||
// Load Joomla framework
|
||||
require JPATH_BASE . '/includes/defines.php';
|
||||
require JPATH_BASE . '/includes/framework.php';
|
||||
|
||||
use Joomla\CMS\Factory;
|
||||
|
||||
// Database driver from Factory
|
||||
$dbo = Factory::getDbo();
|
||||
|
||||
// Locate the LDAP plugin row in #__extensions
|
||||
$query = $dbo->getQuery(true)
|
||||
->select('*')
|
||||
->from($dbo->quoteName('#__extensions'))
|
||||
->where($dbo->quoteName('type') . ' = ' . $dbo->quote('plugin'))
|
||||
->where($dbo->quoteName('folder') . ' = ' . $dbo->quote('authentication'))
|
||||
->where($dbo->quoteName('element') . ' = ' . $dbo->quote('ldap'));
|
||||
$dbo->setQuery($query);
|
||||
$ext = $dbo->loadObject();
|
||||
|
||||
if (!$ext) {
|
||||
fwrite(STDERR, "LDAP plugin not found.\n");
|
||||
exit(2);
|
||||
}
|
||||
|
||||
// Helper to strip quotes if present in env-file values
|
||||
$get = static fn($k) => preg_replace('/^(["\'])(.*)\1$/', '$2', getenv($k) ?: '');
|
||||
|
||||
// Desired plugin parameters (must match Joomla LDAP plugin schema)
|
||||
$desired = [
|
||||
// Connection settings
|
||||
"host" => $get('JOOMLA_LDAP_HOST'),
|
||||
"port" => (int) $get('JOOMLA_LDAP_PORT'),
|
||||
"use_ldapV3" => true,
|
||||
"negotiate_tls" => (bool) $get('JOOMLA_LDAP_USE_STARTTLS'),
|
||||
"no_referrals" => false,
|
||||
|
||||
// Authentication settings
|
||||
"auth_method" => $get('JOOMLA_LDAP_AUTH_METHOD') ?: "search", // "search" or "bind"
|
||||
"base_dn" => $get('JOOMLA_LDAP_BASE_DN'),
|
||||
"search_string" => $get('JOOMLA_LDAP_USER_SEARCH_STRING'), // e.g. uid=[username]
|
||||
"users_dn" => $get('JOOMLA_LDAP_USER_TREE_DN'), // required for "bind" mode
|
||||
"username" => $get('JOOMLA_LDAP_BIND_DN'),
|
||||
"password" => $get('JOOMLA_LDAP_BIND_PASSWORD'),
|
||||
|
||||
// Attribute mapping
|
||||
"ldap_uid" => $get('JOOMLA_LDAP_UID_ATTR') ?: "uid",
|
||||
"ldap_email" => $get('JOOMLA_LDAP_EMAIL_ATTR') ?: "mail",
|
||||
"ldap_fullname" => $get('JOOMLA_LDAP_NAME_ATTR') ?: "cn",
|
||||
];
|
||||
|
||||
// Merge current parameters with desired values
|
||||
$current = json_decode($ext->params ?: "{}", true) ?: [];
|
||||
$clean = array_filter($desired, static fn($v) => $v !== null && $v !== '');
|
||||
$merged = array_replace($current, $clean);
|
||||
|
||||
// Save back to database and enable the plugin
|
||||
$ext->params = json_encode($merged, JSON_UNESCAPED_SLASHES);
|
||||
$ext->enabled = 1;
|
||||
$dbo->updateObject('#__extensions', $ext, 'extension_id');
|
||||
|
||||
echo "LDAP plugin enabled={$ext->enabled} and configured.\n";
|
||||
Reference in New Issue
Block a user