LDAP authorization for homer and grafana in docker-compose

[perrfect]

Hello.
Is it possible to enable LDAP authorization for homer and grafana in docker-compose?
And which parameters for docker-compose should I use?

[lmangani]

Hello @perrfect no the docker-compose doesn't include any variables for enabling LDAP so the options are:

1. create a PR to extend the entrypoint and config template behaviour
2. map your own custom JSON config with the desired settings off your filesystem

[perrfect]

Hello @perrfect no the docker-compose doesn't include any variables for enabling LDAP so the options are:

1. create a PR to extend the [entrypoint](https://github.com/sipcapture/homer-app/blob/master/docker/docker-entrypoint.d/1) and [config template](https://github.com/sipcapture/homer-app/blob/master/docker/webapp_config.json#L57) behaviour

2. map your own custom JSON config with the desired settings off your filesystem

Hello. Thank you for your reply.
I've checked and seems parameters from the endpoint work fine.
But I didn't find how to create mapping for my LDAP groups and groups in homer.
Is it possible mapping separate groups for admins and users?

[lmangani]

perhaps @adubovikov and his team might have a suggestion here

[lmangani]

@perrfect I would start by extending the template config with a variable for any fields you need to be configurable through ENV like you see for the other supported dynamic parameters, and then add it to the entrypoint. It's a copy-paste job using the examples already available - feel free to do a PR and we will correct if needed.

[perrfect]

@perrfect I would start by extending the template config with a variable for any fields you need to be configurable through ENV like you see for the other supported dynamic parameters, and then add it to the entrypoint. It's a copy-paste job using the examples already available - feel free to do a PR and we will correct if needed.

First of all I need understand why LDAP group mapping not working and then create a PR, because now I have not full working LDAP configuration(

[lmangani]

Sure. Unfortunately we can't help with that part but feel free to share any observations.

[perrfect]

Works fine for FreeIPA in this configuration in docker-compose:

      - "AUTH_TYPE=ldap"
      - "LDAP_BASE=dc=ipa,dc=example,dc=com"
      - "LDAP_HOST=ipa-1.example.com"
      - "LDAP_PORT=636"
      - "LDAP_SSL=true"
      - "LDAP_SKIP_TLS=false"
      - "LDAP_SKIP_VERIFY=true"
      - "LDAP_ANONYMOUS=false"
      - "LDAP_BIND_DN=uid=homer,cn=users,cn=accounts,dc=ipa,dc=example,dc=com"
      - "LDAP_BIND_PASS=PASSWORD"
      - "LDAP_USER_FILTER=(\\&(objectClass=person)(uid=%s))"
      - "LDAP_GROUP_FILTER=(member=%s)"
      - "LDAP_USER_DN=uid=%s,cn=users,cn=accounts,dc=ipa,dc=example,dc=com"
      - "LDAP_ADMINGROUP=admin"
      - "LDAP_USERGROUP=sec_homer_users"
      - "LDAP_USERMODE=false"
      - "LDAP_ADMINMODE=false"

Still only the problem described in this issue 127

Thank you.
This issue can close.