IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Devenv:LDAP: couple simplifications for LDAP (#17807)

Browse Source 
* Add LDAP config instead sed use

* Add container name

* Add SizeLimit option to client and to server.
  Probably useless at this point, but it's better to have it then otherwise
This commit is contained in:
Oleg Gaidarenko
2019-07-01 15:09:04 +03:00
committed by GitHub
parent 5836427794
commit ca136c7c22
6 changed files with 21 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
devenv/docker/blocks/openldap/Dockerfile
View File

@@ -19,6 +19,8 @@ EXPOSE 389
VOLUME ["/etc/ldap", "/var/lib/ldap"] VOLUME ["/etc/ldap", "/var/lib/ldap"]
COPY ldap.conf /etc/ldap.dist/ldap.conf
COPY modules/ /etc/ldap.dist/modules COPY modules/ /etc/ldap.dist/modules
COPY prepopulate/ /etc/ldap.dist/prepopulate COPY prepopulate/ /etc/ldap.dist/prepopulate

1
devenv/docker/blocks/openldap/docker-compose.yaml
View File

@@ -1,4 +1,5 @@
openldap: openldap:
container_name: ldap
build: docker/blocks/openldap build: docker/blocks/openldap
environment: environment:
SLAPD_PASSWORD: grafana SLAPD_PASSWORD: grafana

4
devenv/docker/blocks/openldap/entrypoint.sh
View File

@@ -49,10 +49,6 @@ EOF
dc_string="$dc_string,dc=$dc_part" dc_string="$dc_string,dc=$dc_part"
done done
base_string="BASE ${dc_string:1}"
sed -i "s/^#BASE.*/${base_string}/g" /etc/ldap/ldap.conf
if [[ -n "$SLAPD_CONFIG_PASSWORD" ]]; then if [[ -n "$SLAPD_CONFIG_PASSWORD" ]]; then
password_hash=`slappasswd -s "${SLAPD_CONFIG_PASSWORD}"` password_hash=`slappasswd -s "${SLAPD_CONFIG_PASSWORD}"`

16
devenv/docker/blocks/openldap/ldap.conf Normal file
View File

@@ -0,0 +1,16 @@
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
BASE dc=grafana,dc=org
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
SIZELIMIT 1000
#TIMELIMIT 15
#DEREF never
# TLS certificates (needed for GnuTLS)
TLS_CACERT /etc/ssl/certs/ca-certificates.crt

1
go.mod
View File

@@ -11,6 +11,7 @@ require (
github.com/bradfitz/gomemcache v0.0.0-20180710155616-bc664df96737 github.com/bradfitz/gomemcache v0.0.0-20180710155616-bc664df96737
github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd // indirect github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd // indirect
github.com/codegangsta/cli v1.20.0 github.com/codegangsta/cli v1.20.0
github.com/davecgh/go-spew v1.1.1
github.com/denisenkom/go-mssqldb v0.0.0-20190315220205-a8ed825ac853 github.com/denisenkom/go-mssqldb v0.0.0-20190315220205-a8ed825ac853
github.com/facebookgo/ensure v0.0.0-20160127193407-b4ab57deab51 // indirect github.com/facebookgo/ensure v0.0.0-20160127193407-b4ab57deab51 // indirect
github.com/facebookgo/inject v0.0.0-20180706035515-f23751cae28b github.com/facebookgo/inject v0.0.0-20180706035515-f23751cae28b

1
pkg/services/ldap/ldap.go
View File

@@ -261,6 +261,7 @@ func (server *Server) getSearchRequest(
return &ldap.SearchRequest{ return &ldap.SearchRequest{
BaseDN: base, BaseDN: base,
Scope: ldap.ScopeWholeSubtree, Scope: ldap.ScopeWholeSubtree,
SizeLimit: 1000,
DerefAliases: ldap.NeverDerefAliases, DerefAliases: ldap.NeverDerefAliases,
Attributes: attributes, Attributes: attributes,
Filter: filter, Filter: filter,