| Sergiusz Bazanski | d0ec2c6 | 2019-11-21 00:08:52 +0100 | [diff] [blame] | 1 | local mirko = import "../../kube/mirko.libsonnet"; |
| 2 | local kube = import "../../kube/kube.libsonnet"; |
| 3 | |
| 4 | { |
| 5 | cfg:: { |
| Piotr Dobrowolski | 9a89343 | 2021-10-16 18:28:48 +0200 | [diff] [blame] | 6 | # Manually built from code.hackerspace.pl/informatic/ldap-web-public. |
| 7 | image: "registry.k0.hswaw.net/informatic/ldap-web:1633769899", |
| Sergiusz Bazanski | d0ec2c6 | 2019-11-21 00:08:52 +0100 | [diff] [blame] | 8 | webFQDN: error "webFQDN must be set!", |
| 9 | }, |
| 10 | |
| 11 | component(cfg, env): mirko.Component(env, "ldapweb") { |
| 12 | local ldapweb = self, |
| 13 | cfg+: { |
| 14 | image: cfg.image, |
| 15 | volumes+: { |
| 16 | config: kube.ConfigMapVolume(ldapweb.configmap), |
| 17 | }, |
| 18 | container: ldapweb.Container("main") { |
| 19 | # Starts by default on port 8000. |
| 20 | volumeMounts_+: { |
| 21 | config: { mountPath: "/app/webapp/config.py", subPath: "config.py", }, |
| 22 | }, |
| 23 | }, |
| 24 | ports+: { |
| 25 | publicHTTP: { |
| 26 | web: { |
| 27 | port: 8000, |
| 28 | dns: cfg.webFQDN, |
| 29 | }, |
| 30 | }, |
| 31 | }, |
| 32 | }, |
| 33 | |
| 34 | configmap: kube.ConfigMap(ldapweb.makeName("config")) { |
| 35 | metadata+: ldapweb.metadata, |
| 36 | data: { |
| 37 | "config.py": ||| |
| 38 | # -*- coding: utf-8 -*- |
| 39 | import flask_wtf |
| 40 | import wtforms |
| Piotr Dobrowolski | 9a89343 | 2021-10-16 18:28:48 +0200 | [diff] [blame] | 41 | import secrets |
| 42 | |
| 43 | secret_key = secrets.token_hex(32) |
| 44 | |
| Sergiusz Bazanski | d0ec2c6 | 2019-11-21 00:08:52 +0100 | [diff] [blame] | 45 | ldap_url = 'ldap://ldap.hackerspace.pl' |
| 46 | dn_format = "uid=%s,ou=people,dc=hackerspace,dc=pl" |
| 47 | |
| 48 | admin_dn = 'cn=ldapweb,ou=Services,dc=hackerspace,dc=pl' |
| 49 | admin_pw = 'unused' |
| 50 | |
| 51 | hackerspace_name = 'Warsaw Hackerspace' |
| 52 | |
| 53 | readable_names = { |
| 54 | 'commonname': u'Common Name', |
| 55 | 'givenname': u'Given Name', |
| 56 | 'gecos': u'GECOS (public name)', |
| 57 | 'surname': u'Surname', |
| 58 | 'loginshell': u'Shell', |
| 59 | 'telephonenumber': 'Phone Number', |
| 60 | 'mobiletelephonenumber': 'Mobile Number', |
| 61 | 'sshpublickey': 'SSH Public Key', |
| 62 | } |
| 63 | |
| 64 | full_name = { |
| 65 | 'cn': 'commonname', |
| 66 | 'gecos': 'gecos', |
| 67 | 'sn': 'surname', |
| 68 | 'mobile': 'mobiletelephonenumber', |
| 69 | 'l': 'locality', |
| 70 | } |
| 71 | |
| 72 | can_add = set([ |
| 73 | 'telephonenumber', |
| 74 | 'mobiletelephonenumber', |
| 75 | 'sshpublickey', |
| 76 | ]) |
| 77 | can_delete = can_add |
| 78 | can_modify = can_add | set([ |
| 79 | 'givenname', 'surname', 'commonname', 'gecos', |
| 80 | ]) |
| 81 | can = { 'add':can_add, 'mod':can_modify, 'del':can_delete } |
| 82 | admin_required = set() |
| 83 | |
| 84 | |
| 85 | perm_errors = { |
| 86 | 'add': 'You cannot add this attribute!', |
| 87 | 'mod': 'You cannot change this attribute!', |
| 88 | 'del': 'You cannot delete this attribute!', |
| 89 | } |
| 90 | std_templates = { |
| 91 | 'add': 'ops/add.html', |
| 92 | 'mod': 'ops/mod.html', |
| 93 | 'del': 'ops/del.html', |
| 94 | } |
| 95 | |
| 96 | |
| 97 | |
| 98 | default_field = (wtforms.fields.StringField, {}) |
| 99 | fields = { 'telephonenumber': (wtforms.fields.StringField, {'validators': [wtforms.validators.Regexp(r'[+0-9 ]+')]})} |
| 100 | |
| 101 | kadmin_passwd = True |
| 102 | kadmin_principal_map = "{}@HACKERSPACE.PL" |
| 103 | |
| 104 | TOKEN_LENGTH = 32 |
| 105 | |||, |
| 106 | }, |
| 107 | }, |
| 108 | }, |
| 109 | } |