-
Notifications
You must be signed in to change notification settings - Fork 29
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
1e849e4
commit 25b6fed
Showing
1 changed file
with
31 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,32 @@ | ||
| # bitwarden_rs_ldap | ||
| LDAP directory connector for bitwarden_rs | ||
| A simple LDAP connector for [bitwarden_rs](https://github.com/dani-garcia/bitwarden_rs) | ||
|
|
||
| After configuring, simply run `bitwarden_rs_ldap` and it will invite any users it finds in LDAP to your `bitwarden_rs` instance. | ||
|
|
||
| ## Configuration | ||
|
|
||
| Configuration is read from a TOML file. The default location is `config.toml`, but this can be configured by setting the `CONFIG_PATH` env variable to whatever path you would like. | ||
|
|
||
| Configuration values are as follows: | ||
|
|
||
| |Name|Type|Optional|Description| | ||
| |----|----|--------|-----------| | ||
| |`bitwarden_url`|String||The root URL for accessing `bitwarden_rs`. Eg: `https://bw.example.com`| | ||
| |`bitwarden_admin_token`|String||The value passed as `ADMIN_TOKEN` to `bitwarden_rs`| | ||
| |`ldap_host`|String||The hostname or IP address for your ldap server| | ||
| |`ldap_scheme`|String|Optional|The that should be used to connect. `ldap` or `ldaps`. This is set by default based on SSL settings| | ||
| |`ldap_ssl`|Boolean|Optional|Indicates if SSL should be used. Defaults to `false`| | ||
| |`ldap_port`|Integer|Optional|Port used to connect to the LDAP server. This will default to 389 or 636, depending on your SSL settings| | ||
| |`ldap_bind_dn`|String||The dn for the bind user that will connect to LDAP. Eg. `cn=admin,dc=example,dc=org`| | ||
| |`ldap_bind_password`|String||The password for the provided bind user.| | ||
| |`ldap_search_base_dn`|String||Base dn that will be used when searching LDAP for users. Eg. `dc=example,dc=org`| | ||
| |`ldap_search_filter`|String||Filter used when searching LDAP for users. Eg. `(&(objectClass=*)(uid=*))`| | ||
| |`ldap_mail_field`|String|Optional|Field for each user record that contains the email address to use. Defaults to `mail`| | ||
| |`ldap_sync_interval_seconds`|Integer|Optional|Number of seconds to wait between each LDAP request. Defaults to `60`| | ||
|
|
||
| ## Future | ||
|
|
||
| * Query existing users to avoid redundant invites | ||
| * Command line flags to select if polling is desired | ||
| * Any kind of proper logging | ||
| * Tests |