diff options
| author | feld <feld@feld.me> | 2024-09-17 18:15:35 +0000 |
|---|---|---|
| committer | feld <feld@feld.me> | 2024-09-17 18:15:35 +0000 |
| commit | f423534ef0689dd3537a8e98161167089bafbad9 (patch) | |
| tree | 16660c72f5b821a598be522b32b4c872c5a571f5 /config | |
| parent | e7176bb998a7e20f2bb3c9f32e1e2dfe8c3cd818 (diff) | |
| parent | 35ddb1d2c8a53dcb54178522811242ef40a63211 (diff) | |
| download | pleroma-f423534ef0689dd3537a8e98161167089bafbad9.tar.gz pleroma-f423534ef0689dd3537a8e98161167089bafbad9.zip | |
Merge branch 'ldap-tls' into 'develop'
LDAP: refactor to a GenServer
See merge request pleroma/pleroma!4268
Diffstat (limited to 'config')
| -rw-r--r-- | config/config.exs | 11 | ||||
| -rw-r--r-- | config/description.exs | 32 |
2 files changed, 23 insertions, 20 deletions
diff --git a/config/config.exs b/config/config.exs index f53a083d0..47ddfac5a 100644 --- a/config/config.exs +++ b/config/config.exs @@ -612,16 +612,17 @@ config :pleroma, Pleroma.Formatter, config :pleroma, :ldap, enabled: System.get_env("LDAP_ENABLED") == "true", - host: System.get_env("LDAP_HOST") || "localhost", - port: String.to_integer(System.get_env("LDAP_PORT") || "389"), + host: System.get_env("LDAP_HOST", "localhost"), + port: String.to_integer(System.get_env("LDAP_PORT", "389")), ssl: System.get_env("LDAP_SSL") == "true", sslopts: [], tls: System.get_env("LDAP_TLS") == "true", tlsopts: [], - base: System.get_env("LDAP_BASE") || "dc=example,dc=com", - uid: System.get_env("LDAP_UID") || "cn", + base: System.get_env("LDAP_BASE", "dc=example,dc=com"), + uid: System.get_env("LDAP_UID", "cn"), # defaults to CAStore's Mozilla roots - cacertfile: nil + cacertfile: System.get_env("LDAP_CACERTFILE", nil), + mail: System.get_env("LDAP_MAIL", "mail") oauth_consumer_strategies = System.get_env("OAUTH_CONSUMER_STRATEGIES") diff --git a/config/description.exs b/config/description.exs index 15faecb38..47f4771eb 100644 --- a/config/description.exs +++ b/config/description.exs @@ -2241,15 +2241,9 @@ config :pleroma, :config_description, [ label: "SSL options", type: :keyword, description: "Additional SSL options", - suggestions: [cacertfile: "path/to/file/with/PEM/cacerts", verify: :verify_peer], + suggestions: [verify: :verify_peer], children: [ %{ - key: :cacertfile, - type: :string, - description: "Path to file with PEM encoded cacerts", - suggestions: ["path/to/file/with/PEM/cacerts"] - }, - %{ key: :verify, type: :atom, description: "Type of cert verification", @@ -2268,15 +2262,9 @@ config :pleroma, :config_description, [ label: "TLS options", type: :keyword, description: "Additional TLS options", - suggestions: [cacertfile: "path/to/file/with/PEM/cacerts", verify: :verify_peer], + suggestions: [verify: :verify_peer], children: [ %{ - key: :cacertfile, - type: :string, - description: "Path to file with PEM encoded cacerts", - suggestions: ["path/to/file/with/PEM/cacerts"] - }, - %{ key: :verify, type: :atom, description: "Type of cert verification", @@ -2292,11 +2280,25 @@ config :pleroma, :config_description, [ }, %{ key: :uid, - label: "UID", + label: "UID Attribute", type: :string, description: "LDAP attribute name to authenticate the user, e.g. when \"cn\", the filter will be \"cn=username,base\"", suggestions: ["cn"] + }, + %{ + key: :cacertfile, + label: "CACertfile", + type: :string, + description: "Path to CA certificate file" + }, + %{ + key: :mail, + label: "Mail Attribute", + type: :string, + description: + "LDAP attribute name to use as the email address when automatically registering the user on first login", + suggestions: ["mail"] } ] }, |