91a3eb6a1a
ldap: use the home given in the ldap, will allow for custom homes
2023-05-24 15:54:00 +01:00
d63ebabc85
ldap: able to deal with up to ssha512 passwords
2023-05-24 15:31:58 +01:00
d056929a18
ldap: extended class
2023-05-24 00:35:17 +01:00
934b1ff1c4
ldap: using ladps seems to work
2023-05-23 23:47:57 +01:00
41449dd28c
ldap: fixced the encryption key required
2023-05-23 23:30:27 +01:00
44921afecd
acme: may as well be patient
2023-05-21 22:45:40 +01:00
de76e8eee6
ldap: now got secure mode
2023-05-21 22:45:20 +01:00
a660a60346
fix: group should be able to write to it as well
2023-05-21 21:51:17 +01:00
693043b081
dns: new functions work well
...
Will try to figure out if the two functions can be merged so its a single function called
2023-05-21 21:48:30 +01:00
f8f2f6fa15
dns: better function for the etc files (basically using a nice wrapper)
2023-05-21 21:30:14 +01:00
c6b766bd65
dns: function to handle opn domains
2023-05-21 21:25:21 +01:00
e47f2c85f2
dns: a function to give thw whitelist for the cache networks
2023-05-21 20:22:54 +01:00
126db6e3cb
dns: now have a proper primary and secondary
2023-05-21 19:38:13 +01:00
1e9b63e13d
dns: added more otehr domains, will tidy up config better later
2023-05-21 19:06:30 +01:00
be0868b860
dns: added a reverse dns option
2023-05-21 19:05:47 +01:00
d3e1e3e67f
dns: added csn.ul.ie
2023-05-21 16:18:53 +01:00
9618d87c67
dns: parametrised the config
2023-05-21 16:18:39 +01:00
c42b13b990
fix: ports are numbers not strings
2023-05-21 12:23:57 +01:00
81b41087fe
feat: added ldaps
2023-05-21 12:17:06 +01:00
ad2c9dad6b
fix: better handling of domain
2023-05-21 12:08:26 +01:00
6e58eac8c1
fix: properly use the port
2023-05-21 12:05:19 +01:00
b15b07ae36
fix: move base into teh config
2023-05-21 12:02:52 +01:00
48a23519e9
fix: got permissions "working" for teh password reset, not ideal though
2023-05-21 03:09:24 +01:00
60e33e2abb
ldap: give users a home dir
2023-05-21 01:39:01 +01:00
e73e15f524
ldap: client is properly working now
2023-05-21 01:38:19 +01:00
67a0d1b8bf
fix: had to give the file the right permissions
...
Also need to restart openlpad.service on password change
2023-05-21 00:19:20 +01:00
ee28f2047a
fix: nano was adding a new line on close
2023-05-21 00:18:29 +01:00
32577ecebc
fix: typo in name
2023-05-20 22:20:06 +01:00
47c615d7a5
fix: moved the group permissions into teh base config
2023-05-20 22:17:21 +01:00
4e664ce1bc
feat: ldap now has secrets properly stored
2023-05-20 21:33:04 +01:00
b61a645824
secrets ldap: set up teh secrets for teh ldap
2023-05-20 21:28:15 +01:00
144f3bce54
ldap: got a tool to manage the password resets and ssh key
2023-05-20 19:33:08 +01:00
f8312b76ef
ldap: working config to limit groups
2023-05-20 17:26:14 +01:00
c17a28d7a9
ldap: now got skMemberOf to replace memberof (memberof does not work on unixgroups)
2023-05-20 15:26:03 +01:00
0c57b35778
ldap: is working as intended, working on scripting to add and manage users
2023-05-20 03:08:30 +01:00
f6183c1b10
podman: was working, now it isnt AGHHHHHHHHH
2023-05-19 19:15:22 +01:00
bc8b294469
doc: added the commands to make them easier to follow
2023-05-19 18:28:35 +01:00
f8bb79adbd
fix: typos
2023-05-19 18:21:33 +01:00
614d905dfd
docker: now using podman
...
had to reboot to make ti come into effect
2023-05-19 18:18:41 +01:00
7e380d6932
ldap: a mostly working ldaish setup
2023-05-18 21:59:23 +01:00
baa226cacf
ldap: cant have uppercase letters in username
2023-05-16 23:58:34 +01:00
a930a980dc
secret: added kitt and rekeyed
2023-05-16 23:18:40 +01:00
1a08dd66f9
retired: if ash is dead then no need for this either
2023-05-16 23:18:05 +01:00
53696c927e
ldap: first attempt at ldap
2023-05-16 22:23:04 +01:00
fbbefc1e2a
retired: Ash never got a chance to be online
2023-05-16 22:08:24 +01:00
1738ed16a5
fmt: small tidyup
2023-05-16 18:34:53 +01:00
4ef6c14a32
feat: basic gitlab setup
2023-05-16 16:40:49 +01:00
960a5c8772
nodes: not using ash
2023-05-10 11:41:30 +01:00
a5d6ca55ed
firewall: I think this is the correct network config for the firewall
2023-05-10 11:40:28 +01:00
5579de7e7c
dns: fixed issue that could cause a DOS attach (via DNS amplification)
...
ITD's router was setting teh IP of all external traffic as 193.1.99.65, which was part of the 193.1.99.64/26 subnet.
The fix is to explisitly list all our IP's
2023-05-05 14:40:27 +01:00