mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
Documentation fixes and attempt to fix Travis
This commit is contained in:
parent
925bc0ef9a
commit
3d32de8cad
14
.travis.yml
14
.travis.yml
@ -1,16 +1,14 @@
|
||||
sudo: false
|
||||
sudo: required
|
||||
language: python
|
||||
dist: trusty
|
||||
python:
|
||||
#- "2.6"
|
||||
#- "2.7"
|
||||
#- "3.2"
|
||||
- "3.3"
|
||||
- "3.4"
|
||||
- "3.5"
|
||||
- "2.7"
|
||||
after_success:
|
||||
- codecov
|
||||
virtualenv:
|
||||
system_site_packages: true
|
||||
before_install:
|
||||
# codecov.io
|
||||
- apt-get install -qq python-configparser python-cffi
|
||||
- pip install codecov pytest-cov
|
||||
install:
|
||||
- pip install -r requirements.txt
|
||||
|
10
README.rst
10
README.rst
@ -77,9 +77,9 @@ To install Certidude:
|
||||
apt-get install -y python python-pip python-dev cython python-configparser \
|
||||
python-pysqlite2 python-mysql.connector python-ldap \
|
||||
build-essential libffi-dev libssl-dev libkrb5-dev \
|
||||
ldap-utils krb5-user default-mta \
|
||||
ldap-utils krb5-user \
|
||||
libsasl2-modules-gssapi-mit
|
||||
pip3 install certidude
|
||||
pip install certidude
|
||||
|
||||
Make sure you're running PyOpenSSL 0.15+ from PyPI,
|
||||
not the outdated one provided by APT.
|
||||
@ -279,8 +279,8 @@ Restart the services:
|
||||
service nginx restart
|
||||
|
||||
|
||||
Setting up Kerberos authentication
|
||||
----------------------------------
|
||||
Setting up Active Directory authentication
|
||||
------------------------------------------
|
||||
|
||||
Following assumes you have already set up Kerberos infrastructure and
|
||||
Certidude is simply one of the servers making use of that infrastructure.
|
||||
@ -349,7 +349,7 @@ Reconfigure /etc/certidude/server.conf:
|
||||
backend = ldap
|
||||
ldap gssapi credential cache = /run/certidude/krb5cc
|
||||
ldap user filter = (&(objectclass=user)(objectcategory=person)(samaccountname=%s))
|
||||
ldap admin filter = (&(objectclass=user)(objectclass=person)(memberOf=cn=Domain Admins,cn=Users,dc=example,dc=com)(samaccountname=%s))
|
||||
ldap admin filter = (&(memberOf=cn=Domain Admins,cn=Users,dc=example,dc=com)(samaccountname=%s))
|
||||
|
||||
User filter here specified which users can log in to Certidude web interface
|
||||
at all eg. for generating user certificates for HTTPS.
|
||||
|
@ -12,20 +12,12 @@ backend = posix
|
||||
[authorization]
|
||||
backend = posix
|
||||
#backend = ldap
|
||||
whitelist admin users = root administrator
|
||||
ldap gssapi credential cache = /run/certidude/krb5cc
|
||||
|
||||
ldap computer filter = (&(objectclass=user)(objectclass=computer)(samaccountname=%s))
|
||||
ldap user filter = (&(objectclass=user)(objectclass=person)(samaccountname=%s))
|
||||
ldap admins filter = (&(objectclass=user)(objectclass=person)(memberOf=cn=Domain Admins,cn=Users,dc=koodur,dc=com)(samaccountname=%s))
|
||||
ldap member of filter = (&(objectclass=user)(objectclass=person)(samaccountname=%s)(memberOf=%s))
|
||||
ldap members filter = (&(objectclass=group)(cn=%s)(member=%s))
|
||||
|
||||
ldap group filter = (&(objectClass=group)(cn=%s)(member=%s))
|
||||
ldap user group =
|
||||
ldap admin group = domain admins
|
||||
posix user group =
|
||||
posix admin group = certidude
|
||||
ldap admins filter = (&(memberOf=cn=Domain Admins,cn=Users,dc=example,dc=com)(samaccountname=%s))
|
||||
posix user group = users
|
||||
posix admin group = sudo
|
||||
user subnets = 0.0.0.0/0
|
||||
admin subnets = 0.0.0.0/0
|
||||
request subnets = 0.0.0.0/0
|
||||
|
Loading…
Reference in New Issue
Block a user