aboutsummaryrefslogtreecommitdiff

A Realm smart proxy for the Foreman

Build Status

ldapsp is a simple smart proxy for the Foreman that creates LDAP entries on host creation and removes them on destroy. It uses Foreman's realm smart proxy API.

Running

To run in development mode use

make shell

The proxy will then listen on port 8080. You can check this like

$ curl http://localhost:8080/features
["realm"]

See tests/test.sh for more usage examples. To build releases, etc. check the rebar3 documentation.

Configuration in the Foreman

Add the smart proxy via Foreman Web-GUI (Infrastructure → Smart Proxies → New Smart Proxy). Foreman will detect the realm feature.

Configuration of ldapsp

priv/ldapsp.config has the ldap connection parameters while priv/policy.erl determines how the created ldap entries will look like. The default policy creates entries of the form:

dn: cn=<hostname>, dc=example, dc=com
objectclass: top
objectclass: groupOfUniqueNames
cn: <hostname>
uniqueMember: cn=<hostname>, dc=example, dc=com

You can replace the module with whatever Erlang module you like as long as it implements add_host/3 and del_host/2.

For SSL it's simplest to put e.g. apache in front of it.

generated by cgit v1.2.3 (git 2.39.1) at 2024-04-20 12:53:08 +0000