tronnet/ProxmoxAAS-LDAP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

Compare commits

base: tronnet:go-rewrite
Branches Tags
tronnet:main tronnet:go-rewrite
tronnet:v1.0.6 tronnet:v1.0.5 tronnet:v1.0.0 tronnet:v1.0.1 tronnet:v1.0.3 tronnet:v1.0.4 tronnet:v1.0.2
...
compare: tronnet:v1.0.0
Branches Tags
tronnet:main tronnet:go-rewrite
tronnet:v1.0.6 tronnet:v1.0.5 tronnet:v1.0.0 tronnet:v1.0.1 tronnet:v1.0.3 tronnet:v1.0.4 tronnet:v1.0.2

5 Commits
go-rewrite ... v1.0.0

Author SHA1 Message Date
Arthur Lu
f11e5ccc31 fix default session cookie max age, 
disable cgo in build
 2024-07-18 20:22:12 +00:00
Arthur Lu
8f8f6bd1e8 add installation instructions to README 2024-07-06 03:11:30 +00:00
Arthur Lu
d41bca141c add version route 2024-07-06 02:46:10 +00:00
Arthur Lu
05e0c02fe8 rename config.template,json to template.config.json 2024-06-27 02:40:09 +00:00
alu
eea5b8599e Merge pull request 'Rewrite API in GO' (#1) from go-rewrite into main 
Reviewed-on: #1
 2024-06-21 23:33:29 +00:00
4 changed files with 43 additions and 2 deletions
Expand all files Collapse all files

2
Makefile
View File

@@ -1,5 +1,5 @@
build: clean build: clean
go build -ldflags="-s -w" -o dist/ . CGO_ENABLED=0 go build -ldflags="-s -w" -o dist/ .
test: clean test: clean
go run . go run .

36
README.md
View File

@@ -0,0 +1,36 @@
# ProxmoxAAS LDAP - Simple REST API for LDAP
ProxmoxAAS LDAP provides a simple API for managing users and groups in a simplified LDAP server. Expected LDAP configuration can be initialized using [open-ldap-setup](https://git.tronnet.net/tronnet/open-ldap-setup).
## Installation
### Prerequisites
- Initialized LDAP server with the following configuration
- Structure
- Users: ou=people,...
- objectType: inetOrgPerson
- At least 1 user which is a member of admin group
- Groups: ou=groups,...
- objectType: groupOfNames
- At least 1 admin group
- Permissions:
- Admin group should have write access
- Users should have write access to own attributes (cn, sn, userPassword)
- Enable anonymous binding
- Load MemberOf Policy:
- olcMemberOfDangling: ignore
- olcMemberOfRefInt: TRUE
- olcMemberOfGroupOC: groupOfNames
- olcMemberOfMemberAD: member
- olcMemberOfMemberOfAD: memberOf
- Password Policy and TLS are recommended but not required
### Installation
1. Download `proxmoxaas-ldap` binary and `template.config.json` file from [releases](releases)
2. Rename `template.config.json` to `config.json` and modify:
- ldapURL: url to the ldap server ie. `ldap://ldap.domain.net`
- baseDN: base DN ie. `dc=domain,dc=net`
- sessionSecretKey: random value used to randomize cookie values, replace with any sufficiently large random string
3. Run the binary

5
app/app.go
View File

@@ -15,6 +15,7 @@ import (
) )
var LDAPSessions map[string]*LDAPClient var LDAPSessions map[string]*LDAPClient
var APIVersion = "1.0.0"
func Run() { func Run() {
gob.Register(LDAPClient{}) gob.Register(LDAPClient{})
@@ -38,6 +39,10 @@ func Run() {
LDAPSessions = make(map[string]*LDAPClient) LDAPSessions = make(map[string]*LDAPClient)
router.GET("/version", func(c *gin.Context) {
c.JSON(http.StatusOK, gin.H{"version": APIVersion})
})
router.POST("/ticket", func(c *gin.Context) { router.POST("/ticket", func(c *gin.Context) {
var body Login var body Login
if err := c.ShouldBind(&body); err != nil { // bad request from binding if err := c.ShouldBind(&body); err != nil { // bad request from binding

2
configs/config.template.json → configs/template.config.json
View File

@@ -8,6 +8,6 @@
"path": "/", "path": "/",
"httpOnly": true, "httpOnly": true,
"secure": false, "secure": false,
"maxAge": 7200000 "maxAge": 7200
} }
} }