fruworg/pgls
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Create krb5-cfg.yml

Browse Source
This commit is contained in:
Руслан 2023-08-04 19:34:57 +06:00 committed by GitHub
parent f0ac293904
commit e7082557a0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
config/krb5-cfg.yml Normal file
View File

@ -0,0 +1,35 @@
ldap_connection:
host: <dc>
port: 636
auth:
method: :gssapi
hostname: <dc.doma.in>
encryption:
method: :simple_tls
ldap_users:
base: DC=<doma>,DC=<in>
filter: CN=Users,DC=<doma>,DC=<in>
name_attribute: sAMAccountName
uppercase_name: true
ldap_groups:
base: DC=<doma>,DC=<in>
filter: fruw.org
name_attribute: cn
uppercase_name: true
member_attribute: "memberuid"
pg_connection:
host: <db.doma.in>
dbname: postgres
user: <db-username>
pg_users:
filter: oid IN (SELECT pam.member FROM pg_auth_members pam JOIN pg_roles pr ON pr.oid=pam.roleid WHERE pr.rolname='ldap_users')
create_options: LOGIN IN ROLE ldap_users
pg_groups:
filter: oid IN (SELECT pam.member FROM pg_auth_members pam JOIN pg_roles pr ON pr.oid=pam.roleid WHERE pr.rolname='ldap_groups')
create_options: NOLOGIN IN ROLE ldap_groups
grant_options: