bms
/
ilib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
ilib/README.md

3.1 KiB
Raw Permalink Blame History Unescape Escape

Установка I, Librarian

Основан на https://hub.docker.com/r/cgrima/i-librarian
Официальный сайт: https://i-librarian.net

Настройка LDAP ./configs/ilibrarian.ini

ldap_active = "1"
ldap_server = "ldap://ldap.example.com:389"
ldap_use_tls = "0"
ldap_basedn = "dc=example,dc=com"
ldap_binduser_dn = "cn=ldapsearch,ou=users,dc=example,dc=com"
ldap_binduser_pw = "password"
ldap_username_attr = "cn"
ldap_userlogin_attr = "cn"
ldap_user_filter = "(objectClass=user)"
ldap_group_rdn = "ou=groups"
ldap_admingroup_cn = "cn=ilib_admins"
ldap_admingroup_dn = ""
ldap_usergroup_cn = ""
ldap_usergroup_dn = ""
ldap_admin_users = ""
ldap_filter = "member"
ldap_version = "3"
ldap_opt_referrals = "0"
ldap_debug_enabled = "0"
ldap_opt_debug_level = "7"

Запуск

git clone https://git.badms.ru/bms/ilib.git
cd ilib
mkdir data
chown 33:33 data

# Предварительно отредактировать ./configs/ilibrarian.ini
docker compose up -d

После запуска

Зайти под пользователем с правами администратора Administrator > Global settings

User self-registration: disallow
Default user permissions: user

Настройка Authentik

Создать пользователей и группы

Directory > Users > Create

  • ldapseach

Directory > Groups > Create

  • ldapseach
  • ilib_admins
  • ilib_users

Добавить пользователя ldapseach в группу ldapseach

Пользователям добавить атрибуты:

mn: Отчество
sn: Фамилия
name: Имя
givenname: Имя

Добавить пользователей в группы ilib_admins и ilib_users

Создание провайдера

Applications > Providers > Create > LDAP Provider

Name: Provider for LDAP
Bind flow: default-authentication-flow (Welcome to authentik!)
Search group: ldapsearch
Bind mode: Direct binding
Search mode: Direct binding
Code-based MFA Support: V (?)

Base DN: DC=example,DC=com
Certificate: -
TLS Server name: -
UID start number: 2000
GID start number: 2000

Создание приложения

Applications > Applications > Create

Name: LDAP
Slug: ldap
Group: ---
Provider: Provider for LDAP
Backchannel Providers: ---
Policy engine mode: any

Launch URL: ---
Icon: ---
Publisher: ---
Description: ---

Создание Outpost

Applications > Applications > Outpost

Name: LDAP outpost
Tyoe: LDAP
Integration: ---
Applications: LDAP

Добавление пользователей и групп

Applications > Applications > LDAP> Policy/Group/User Bindings > Bind existing policy

Добавить группы ilib_admins и ilib_users Добавить пользователя ldapseach