lytedev/yourcloud
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Waiting for fix

Browse source 
https://github.com/kanidm/kanidm/pull/2956
This commit is contained in:
Daniel Flanagan 2024-08-07 20:54:51 -05:00
parent 9d3c7efbba
commit 56702af29c
3 changed files with 31 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
config/kanidm/basic-setup.sh
View file

@ -22,7 +22,7 @@ podman run -itd --rm \
--network host \ --network host \
--name kanidm-client \ --name kanidm-client \
-v "$PWD/client.toml:/root/.config/kanidm:ro" \ -v "$PWD/client.toml:/root/.config/kanidm:ro" \
docker.io/kanidm/tools \ docker.io/kanidm/tools:1.2.3 \
bash -c 'sleep 3600' \ bash -c 'sleep 3600' \
>/dev/null 2>&1 >/dev/null 2>&1
sleep 0.2 sleep 0.2
@ -43,31 +43,34 @@ function create_user {
krun kanidm person update "$username" --legalname "$username Lastname" --mail "${username}@example.com" --name idm_admin krun kanidm person update "$username" --legalname "$username Lastname" --mail "${username}@example.com" --name idm_admin
# TODO: this doesn't seem to work? can't seem to commit changes # TODO: this doesn't seem to work? can't seem to commit changes
( # (
sleep 0.1 # sleep 0.1
echo "pass" # echo "pass"
sleep 0.1 # sleep 0.1
echo "$FAKE_PASSWORD" # echo "$FAKE_PASSWORD"
sleep 0.1 # sleep 0.1
echo "$FAKE_PASSWORD" # echo "$FAKE_PASSWORD"
sleep 0.1 # sleep 0.1
echo "totp" # echo "totp"
sleep 0.1 # sleep 0.1
echo "totpname" # echo "totpname"
sleep 0.25 # sleep 0.25
totp_uri="$(rg 'TOTP URI: (.+)' /tmp/create-user-log.txt -r '$1')" # totp_uri="$(rg 'TOTP URI: (.+)' /tmp/create-user-log.txt -r '$1')"
totp_secret="$(echo "$totp_uri" | rg '.*?secret=([^&]+).*' -r '$1')" # totp_secret="$(echo "$totp_uri" | rg '.*?secret=([^&]+).*' -r '$1')"
totp_code="$(oathtool --totp=SHA256 -b "$totp_secret")" # totp_code="$(oathtool --totp=SHA256 -b "$totp_secret")"
echo "$totp_code" # echo "$totp_code"
sleep 0.1 # sleep 0.1
echo "commit" # echo "commit"
sleep 0.1 # sleep 0.1
echo "y" # echo "y"
sleep 0.1 # sleep 0.1
echo "end" # echo "end"
) | krun kanidm person credential update "$username" --name idm_admin | tee /tmp/create-user-log.txt # ) | krun kanidm person credential update "$username" --name idm_admin | tee /tmp/create-user-log.txt
} }
# setup loose policies for testing
krun kanidm group account-policy credential-type-minimum idm_all_persons any --name idm_admin
# some groups # some groups
app="yourcloud" app="yourcloud"
adm_group="${app}--admins" adm_group="${app}--admins"
@ -86,5 +89,5 @@ for u in gilfoyle dinesh; do
done done
# add users to groups # add users to groups
krun kanidm group add-members "$adm_group" gilfoyle --name idm_admin # krun kanidm group add-members "$adm_group" gilfoyle --name idm_admin
krun kanidm group add-members "$adm_group" dinesh --name idm_admin # krun kanidm group add-members "$adm_group" dinesh --name idm_admin

2
config/kanidm/run-in-podman.sh
View file

@ -5,4 +5,4 @@ podman run -itd --rm \
-v "$PWD/chain.pem:/data/chain.pem:ro" \ -v "$PWD/chain.pem:/data/chain.pem:ro" \
-v "$PWD/key.pem:/data/key.pem:ro" \ -v "$PWD/key.pem:/data/key.pem:ro" \
--name kanidm \ --name kanidm \
docker.io/kanidm/server:latest &>/dev/null || true docker.io/kanidm/server:1.2.3 &>/dev/null || true

1
config/kanidm/server.toml
View file

@ -3,4 +3,5 @@ db_path = "/data/kanidm.db"
tls_chain = "/data/chain.pem" tls_chain = "/data/chain.pem"
tls_key = "/data/key.pem" tls_key = "/data/key.pem"
domain = "localhost" domain = "localhost"
log_level = "debug"
origin = "https://localhost:8443" origin = "https://localhost:8443"