LDAP intermediate API for ProxmoxAAS
Go to file
2024-11-15 00:47:29 +00:00
app generate session secret key randomly each application start, 2024-11-15 00:35:57 +00:00
configs generate session secret key randomly each application start, 2024-11-15 00:35:57 +00:00
init add Makefile, move systemd service file to init folder 2024-06-20 03:03:11 +00:00
scripts fix make PHONY targets 2024-10-23 18:58:06 +00:00
test generate session secret key randomly each application start, 2024-11-15 00:35:57 +00:00
.gitignore cleanup gitignore 2024-10-23 22:46:43 +00:00
go.mod update go.mod 2024-11-14 07:26:45 +00:00
Makefile rename make testsd target to test 2024-10-24 18:08:43 +00:00
proxmoxaas-ldap.go rewrite api in go/gin 2024-06-18 21:23:22 +00:00
README.md update README 2024-11-15 00:47:29 +00:00

ProxmoxAAS LDAP - Simple REST API for LDAP

ProxmoxAAS LDAP provides a simple API for managing users and groups in a simplified LDAP server. Expected LDAP configuration can be initialized using open-ldap-setup.

Installation

Prerequisites

  • Initialized LDAP server with the following configuration
    • Structure
      • Users: ou=people,...
        • objectType: inetOrgPerson
        • At least 1 user which is a member of admin group
      • Groups: ou=groups,...
        • objectType: groupOfNames
        • At least 1 admin group
    • Permissions:
      • Admin group should have write access
      • Users should have write access to own attributes (cn, sn, userPassword)
      • Enable anonymous binding
    • Load MemberOf Policy:
      • olcMemberOfDangling: ignore
      • olcMemberOfRefInt: TRUE
      • olcMemberOfGroupOC: groupOfNames
      • olcMemberOfMemberAD: member
      • olcMemberOfMemberOfAD: memberOf
    • Password Policy and TLS are recommended but not required

Installation

  1. Download proxmoxaas-ldap binary and template.config.json file from releases
  2. Rename template.config.json to config.json and modify:
    • listenPort: port for PAAS-LDAP to bind and listen on
    • ldapURL: url to the ldap server ie. ldap://ldap.domain.net
    • startTLS: true if backend LDAP supports StartTLS
    • basedn: base DN ie. dc=domain,dc=net
    • sessionCookieName: name of the session cookie
    • sessionCookie: specific cookie properties
      • path: cookie path
      • httpOnly: cookie http-only
      • secure: cookie secure
      • maxAge: cookie max-age
  3. Run the binary

Building and Testing from Source

Building requires the go toolchain. Testing requires the go toolchain, make, and apt. Currently only supports Debian.

Building from Source

  1. Clone the repository
  2. Run go get to get requirements
  3. Run make to build the binary

Testing Source

  1. Clone the repository
  2. Run go get to get requirements
  3. Run make dev-init to install test requirements including openldap (slapd), ldap-utils, debconf-utils
  4. Run make test to run all tests