From d90772d505629a31b7266297a3ee7ef6e7dd2302 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 24 Nov 2024 21:01:15 +0100 Subject: [PATCH 1/2] changed Files: docker-compose/authelia/configuration.yml.j2 docker-compose/nextcloud/ldap.sh.j2 Signed-off-by: Michael Grote --- docker-compose/authelia/configuration.yml.j2 | 4 ++-- docker-compose/nextcloud/ldap.sh.j2 | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/docker-compose/authelia/configuration.yml.j2 b/docker-compose/authelia/configuration.yml.j2 index e1b674a7..526b9e24 100644 --- a/docker-compose/authelia/configuration.yml.j2 +++ b/docker-compose/authelia/configuration.yml.j2 @@ -63,7 +63,7 @@ notifier: # https://github.com/lldap/lldap/blob/main/example_configs/authelia_config.yml authentication_backend: password_reset: - disable: true + disable: false refresh_interval: 1m ldap: implementation: custom @@ -83,4 +83,4 @@ authentication_backend: user: uid=authelia_bind_user,ou=people,dc=mgrote,dc=net password: '{{ lookup('viczem.keepass.keepass', 'authelia/lldap_authelia_bind_user', 'password') }}' -# Details/Doku: https://wiki.mgrote.net/pages/_Technik/hardware/rest/fpv/software/rest/ldap/ +# Details/Doku: https://wiki.mgrote.net/pages/_Technik/software/rest/ldap/ diff --git a/docker-compose/nextcloud/ldap.sh.j2 b/docker-compose/nextcloud/ldap.sh.j2 index b4f85b2b..5b602c4d 100644 --- a/docker-compose/nextcloud/ldap.sh.j2 +++ b/docker-compose/nextcloud/ldap.sh.j2 @@ -45,5 +45,6 @@ php occ ldap:set-config s01 ldapUuidGroupAttribute auto php occ ldap:set-config s01 ldapUuidUserAttribute auto php occ ldap:set-config s01 ldapExpertUsernameAttr user_id php occ ldap:set-config s01 ldap_mark_remnants_as_disabled 1 +php occ ldap:set-config s01 ldap_turn_on_pwd_change 1 # damit der Login über LDAP geht muss das Attribute "DisplayName" gesetzt sein! -- 2.43.0 From 9d6bc4c83d4c3b4d57abee803c52662d7f87c12a Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 24 Nov 2024 21:03:43 +0100 Subject: [PATCH 2/2] changed Files: docker-compose/authelia/docs.md Signed-off-by: Michael Grote --- docker-compose/authelia/docs.md | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 docker-compose/authelia/docs.md diff --git a/docker-compose/authelia/docs.md b/docker-compose/authelia/docs.md new file mode 100644 index 00000000..0de5d256 --- /dev/null +++ b/docker-compose/authelia/docs.md @@ -0,0 +1,7 @@ +# authelia function matrix + +| App | User | Password Reset | Group | +| - | - | - | - | +| ``authelia_*`` | `authelia_bind_user` | yes | `lldap_password_manager` | +| `forgejo` | `forgejo_bind_user` | no | `lldap_strict_readonly` + `lldap_password_manager` | +| `nextcloud` | `nextcloud_bind_user` | yes | `lldap_password_manager` | -- 2.43.0