first commit

2024-06-03 18:43:35 +02:00
parent 2da01a3f6e
commit f501d519af
883 changed files with 71550 additions and 2 deletions
--- a/dockers/ldap/base/acl.ldif.tmpl
+++ b/dockers/ldap/base/acl.ldif.tmpl
@ -0,0 +1,21 @@
+dn: olcDatabase={2}mdb,cn=config
+changeType: modify
+replace: olcAccess
+olcAccess: {0}to attrs=userPassword,shadowLastChange
+  by self write
+  by anonymous auth
+  by dn="cn=ldapui,ou=applications,$LDAPROOT" write
+  by dn="$BINDDN" write
+  by * none
+olcAccess: {1}to dn.subtree="$LDAPROOT"
+  by self read
+  by dn="cn=ldapui,ou=applications,$LDAPROOT" read
+  by dn="cn=postfix,ou=applications,$LDAPROOT" read
+  by dn="cn=mattermost,ou=applications,$LDAPROOT" read
+  by dn="cn=cloud,ou=applications,$LDAPROOT" read
+  by dn="cn=mobilizon,ou=applications,$LDAPROOT" read
+  by dn="$BINDDN" write
+  by * none
+olcAccess: {2}to *
+  by dn="$BINDDN" write
+  by * none
--- a/dockers/ldap/base/kaz-schema.ldif.tmpl
+++ b/dockers/ldap/base/kaz-schema.ldif.tmpl
@ -0,0 +1,35 @@
+dn: cn={$KAZNUMBER}kaz,cn=schema,cn=config
+changeType: modify
+replace: olcAttributeTypes
+olcAttributeTypes: {0}( 1.3.6.1.4.1.5656.1.1.1 NAME 'mailDeSecours'
+        DESC 'Adresse mail de secours'
+        EQUALITY caseIgnoreIA5Match
+        SUBSTR caseIgnoreIA5SubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{320} )
+olcAttributeTypes: {1}( 1.3.6.1.4.1.5656.1.1.2 NAME 'quota'
+        DESC 'Quota en GO (integer)'
+        EQUALITY integerMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE)
+olcAttributeTypes: {2}( 1.3.6.1.4.1.5656.1.1.3 NAME 'agoraEnabled'
+        DESC 'acces a agora'
+        EQUALITY caseIgnoreMatch
+        SUBSTR caseIgnoreSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE)
+olcAttributeTypes: {3}( 1.3.6.1.4.1.5656.1.1.4 NAME 'mobilizonEnabled'
+        DESC 'acces a mobilizon'
+        EQUALITY caseIgnoreMatch
+        SUBSTR caseIgnoreSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE)
+olcAttributeTypes: {4}( 1.3.6.1.4.1.5656.1.1.5 NAME 'identifiantKaz'
+        DESC 'Identifiant Kaz prenom.nom'
+        EQUALITY caseIgnoreMatch
+        SUBSTR caseIgnoreSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{320} )
+-
+replace: olcObjectClasses
+olcObjectClasses: {0}( 1.3.6.1.4.1.5656.1.2.1 NAME 'kaznaute'
+        DESC 'Un kaznaute'
+        SUP top AUXILIARY
+        MUST ( cn $ quota $ mailDeSecours $ identifiantKaz )
+        MAY ( agoraEnabled $ mobilizonEnabled )
+        )
--- a/dockers/ldap/base/skeleton.ldif.tmpl
+++ b/dockers/ldap/base/skeleton.ldif.tmpl
@ -0,0 +1,36 @@
+dn: ou=users,$LDAPROOT
+objectClass: organizationalUnit
+ou: users
+
+dn: ou=applications,$LDAPROOT
+objectClass: organizationalUnit
+ou: system
+
+dn: ou=mailForwardings,$LDAPROOT
+objectClass: organizationalUnit
+ou: mailForwardings
+
+dn: cn=postfix,ou=applications,$LDAPROOT
+objectClass: person
+sn: postfix
+userPassword: $POSTFIX_PASSWORD
+
+dn: cn=ldapui,ou=applications,$LDAPROOT
+objectClass: person
+sn: ldapui
+userPassword: $LDAPUI_PASSWORD
+
+dn: cn=mattermost,ou=applications,$LDAPROOT
+objectClass: person
+sn: mattermost
+userPassword: $MATTERMOST_PASSWORD
+
+dn: cn=cloud,ou=applications,$LDAPROOT
+objectClass: person
+sn: cloud
+userPassword: $CLOUD_PASSWORD
+
+dn: cn=mobilizon,ou=applications,$LDAPROOT
+objectClass: person
+sn: mobilizon
+userPassword: $MOBILIZON_PASSWORD