add ldap support | simplify authentications

1 files changed, 121 insertions, 0 deletions

diff --git a/docker-compose.yml b/docker-compose.yml
index 7509bbc9..4b4cd02d 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -63,6 +63,9 @@ services:
       # What to send to Outgoing Webhook, or leave out. Example, that includes all that are default: cardId,listId,oldListId,boardId,comment,user,card,commentId .
       # example: WEBHOOKS_ATTRIBUTES=cardId,listId,oldListId,boardId,comment,user,card,commentId
       - WEBHOOKS_ATTRIBUTES=''
+      # Enable the OAuth2 connection
+      # example: OAUTH2_ENABLED=true
+      - OAUTH2_ENABLED=false
       # OAuth2 docs: https://github.com/wekan/wekan/wiki/OAuth2
       # OAuth2 Client ID, for example from Rocket.Chat. Example: abcde12345
       # example: OAUTH2_CLIENT_ID=abcde12345
@@ -82,6 +85,124 @@ services:
       # OAuth2 Token Endpoint. Example: /oauth/token
       # example: OAUTH2_TOKEN_ENDPOINT=/oauth/token
       - OAUTH2_TOKEN_ENDPOINT=''
+      # LDAP_ENABLE : Enable or not the connection by the LDAP
+      # example : LDAP_ENABLE=true
+      - LDAP_ENABLE=false
+      # LDAP_PORT : The port of the LDAP server
+      # example : LDAP_PORT=389
+      - LDAP_PORT=389
+      # LDAP_HOST : The host server for the LDAP server
+      # example : LDAP_HOST=localhost
+      - LDAP_HOST=''
+      # LDAP_BASEDN : The base DN for the LDAP Tree
+      # example : LDAP_BASEDN=ou=user,dc=example,dc=org
+      - LDAP_BASEDN=''
+      # LDAP_LOGIN_FALLBACK : Fallback on the default authentication method
+      # example : LDAP_LOGIN_FALLBACK=true
+      - LDAP_LOGIN_FALLBACK=false
+      # LDAP_RECONNECT : Reconnect to the server if the connection is lost
+      # example : LDAP_RECONNECT=false
+      - LDAP_RECONNECT=true
+      # LDAP_TIMEOUT : Overall timeout, in milliseconds
+      # example : LDAP_TIMEOUT=12345
+      - LDAP_TIMEOUT=10000
+      # LDAP_IDLE_TIMEOUT : Specifies the timeout for idle LDAP connections in milliseconds
+      # example : LDAP_IDLE_TIMEOUT=12345
+      - LDAP_IDLE_TIMEOUT=10000
+      # LDAP_CONNECT_TIMEOUT : Connection timeout, in milliseconds
+      # example : LDAP_CONNECT_TIMEOUT=12345
+      - LDAP_CONNECT_TIMEOUT=10000
+      # LDAP_AUTHENTIFICATION : If the LDAP needs a user account to search
+      # example : LDAP_AUTHENTIFICATION=true
+      - LDAP_AUTHENTIFICATION=false
+      # LDAP_AUTHENTIFICATION_USERDN : The search user DN
+      # example : LDAP_AUTHENTIFICATION_USERDN=cn=admin,dc=example,dc=org
+      - LDAP_AUTHENTIFICATION_USERDN=''
+      # LDAP_AUTHENTIFICATION_PASSWORD : The password for the search user
+      # example : AUTHENTIFICATION_PASSWORD=admin
+      - LDAP_AUTHENTIFICATION_PASSWORD=''
+      # LDAP_LOG_ENABLED : Enable logs for the module
+      # example : LDAP_LOG_ENABLED=true
+      - LDAP_LOG_ENABLED=false
+      # LDAP_BACKGROUND_SYNC : If the sync of the users should be done in the background
+      # example : LDAP_BACKGROUND_SYNC=true
+      - LDAP_BACKGROUND_SYNC=false
+      # LDAP_BACKGROUND_SYNC_INTERVAL : At which interval does the background task sync in milliseconds
+      # example : LDAP_BACKGROUND_SYNC_INTERVAL=12345
+      - LDAP_BACKGROUND_SYNC_INTERVAL=100
+      # LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED : 
+      # example : LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=true
+      - LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED=false
+      # LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS : 
+      # example : LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=true
+      - LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS=false
+      # LDAP_ENCRYPTION : If using LDAPS
+      # example : LDAP_ENCRYPTION=true
+      - LDAP_ENCRYPTION=false
+      # LDAP_CA_CERT : The certification for the LDAPS server
+      # example : LDAP_CA_CERT=-----BEGIN CERTIFICATE-----MIIE+zCCA+OgAwIBAgIkAhwR/6TVLmdRY6hHxvUFWc0+Enmu/Hu6cj+G2FIdAgIC...-----END CERTIFICATE-----
+      - LDAP_CA_CERT=''
+      # LDAP_REJECT_UNAUTHORIZED : Reject Unauthorized Certificate
+      # example : LDAP_REJECT_UNAUTHORIZED=true
+      - LDAP_REJECT_UNAUTHORIZED=false
+      # LDAP_USER_SEARCH_FILTER : Optional extra LDAP filters. Don't forget the outmost enclosing parentheses if needed
+      # example : LDAP_USER_SEARCH_FILTER=
+      - LDAP_USER_SEARCH_FILTER=''
+      # LDAP_USER_SEARCH_SCOPE : Base (search only in the provided DN), one (search only in the provided DN and one level deep), or subtree (search the whole subtree)
+      # example : LDAP_USER_SEARCH_SCOPE=one
+      - LDAP_USER_SEARCH_SCOPE=''
+      # LDAP_USER_SEARCH_FIELD : Which field is used to find the user
+      # example : LDAP_USER_SEARCH_FIELD=uid
+      - LDAP_USER_SEARCH_FIELD=''
+      # LDAP_SEARCH_PAGE_SIZE : Used for pagination (0=unlimited)
+      # example : LDAP_SEARCH_PAGE_SIZE=12345
+      - LDAP_SEARCH_PAGE_SIZE=0
+      # LDAP_SEARCH_SIZE_LIMIT : The limit number of entries (0=unlimited)
+      # example : LDAP_SEARCH_SIZE_LIMIT=12345
+      - LDAP_SEARCH_SIZE_LIMIT=0
+      # LDAP_GROUP_FILTER_ENABLE : Enable group filtering
+      # example : LDAP_GROUP_FILTER_ENABLE=true
+      - LDAP_GROUP_FILTER_ENABLE=false
+      # LDAP_GROUP_FILTER_OBJECTCLASS : The object class for filtering
+      # example : LDAP_GROUP_FILTER_OBJECTCLASS=group
+      - LDAP_GROUP_FILTER_OBJECTCLASS=''
+      # LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE : 
+      # example : 
+      - LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE=''
+      # LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE : 
+      # example : 
+      - LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE=''
+      # LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT : 
+      # example : 
+      - LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT=''
+      # LDAP_GROUP_FILTER_GROUP_NAME : 
+      # example : 
+      - LDAP_GROUP_FILTER_GROUP_NAME=''
+      # LDAP_UNIQUE_IDENTIFIER_FIELD : This field is sometimes class GUID (Globally Unique Identifier)
+      # example : LDAP_UNIQUE_IDENTIFIER_FIELD=guid
+      - LDAP_UNIQUE_IDENTIFIER_FIELD=''
+      # LDAP_UTF8_NAMES_SLUGIFY : Convert the username to utf8
+      # example : LDAP_UTF8_NAMES_SLUGIFY=false
+      - LDAP_UTF8_NAMES_SLUGIFY=true
+      # LDAP_USERNAME_FIELD : Which field contains the ldap username
+      # example : LDAP_USERNAME_FIELD=username
+      - LDAP_USERNAME_FIELD=''
+      # LDAP_MERGE_EXISTING_USERS : 
+      # example : LDAP_MERGE_EXISTING_USERS=true
+      - LDAP_MERGE_EXISTING_USERS=false
+      # LDAP_SYNC_USER_DATA : 
+      # example : LDAP_SYNC_USER_DATA=true
+      - LDAP_SYNC_USER_DATA=false
+      # LDAP_SYNC_USER_DATA_FIELDMAP : 
+      # example : LDAP_SYNC_USER_DATA_FIELDMAP={\"cn\":\"name\", \"mail\":\"email\"}
+      - LDAP_SYNC_USER_DATA_FIELDMAP=''
+      # LDAP_SYNC_GROUP_ROLES : 
+      # example : 
+      - LDAP_SYNC_GROUP_ROLES=''
+      # LDAP_DEFAULT_DOMAIN : The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
+      # example : 
+      - LDAP_DEFAULT_DOMAIN=''
+
     depends_on:
       - wekandb