From f3e9cd01ef32653e0da6c20f3b368895cadd711f Mon Sep 17 00:00:00 2001 From: enggnr <129082112+enggnr@users.noreply.github.com> Date: Fri, 24 Nov 2023 18:39:33 +0530 Subject: [PATCH] Add LDAP integration --- .../sftpgo/{sftpgo.json => sftpgo.json.tmpl} | 21 +++++++++++++++++-- software.yml | 10 +++++++++ 2 files changed, 29 insertions(+), 2 deletions(-) rename home/dot_local/etc/sftpgo/{sftpgo.json => sftpgo.json.tmpl} (89%) diff --git a/home/dot_local/etc/sftpgo/sftpgo.json b/home/dot_local/etc/sftpgo/sftpgo.json.tmpl similarity index 89% rename from home/dot_local/etc/sftpgo/sftpgo.json rename to home/dot_local/etc/sftpgo/sftpgo.json.tmpl index f67fc976..3ff6cac4 100644 --- a/home/dot_local/etc/sftpgo/sftpgo.json +++ b/home/dot_local/etc/sftpgo/sftpgo.json.tmpl @@ -412,5 +412,22 @@ "domain": "", "templates_path": "templates" }, - "plugins": [] -} + "plugins": [ + { + "cmd": "/usr/local/bin/sftpgo-plugin-auth", + "type": "auth", + "auth_options": { + "scope": 1 + }, + "args": [ + "serve", + "--ldap-url=ldap://ldap.jumpcloud.com:389", + "--ldap-base-dn=ou=Users,o={{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "JUMPCLOUD_ORG_ID")) }}{{ includeTemplate "secrets/JUMPCLOUD_ORG_ID" | decrypt | trim }}{{ else }}{{ env "JUMPCLOUD_ORG_ID" }},dc=jumpcloud,dc=com", + "--ldap-bind-dn=uid={{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "JUMPCLOUD_BINDDN_USER")) }}{{ includeTemplate "secrets/JUMPCLOUD_BINDDN_USER" | decrypt | trim }}{{ else }}{{ env "JUMPCLOUD_BINDDN_USER" }},ou=Users,o={{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "JUMPCLOUD_ORG_ID")) }}{{ includeTemplate "secrets/JUMPCLOUD_ORG_ID" | decrypt | trim }}{{ else }}{{ env "JUMPCLOUD_ORG_ID" }},dc=jumpcloud,dc=com", + "--ldap-password={{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "JUMPCLOUD_BINDDN_PASSWORD")) }}{{ includeTemplate "secrets/JUMPCLOUD_BINDDN_PASSWORD" | decrypt | trim }}{{ else }}{{ env "JUMPCLOUD_BINDDN_PASSWORD" }}", + "--ldap-search-query=(objectClass=inetOrgPerson)" + ], + "auto_mtls": true + } + ] + } diff --git a/software.yml b/software.yml index 25073f9a..0db0637c 100644 --- a/software.yml +++ b/software.yml @@ -8401,6 +8401,8 @@ softwarePackages: sftpgo: _bin: sftpgo _desc: Fully featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support - S3, Google Cloud Storage, Azure Blob + _deps: + - sftpgo-plugin-auth _docs: null _github: https://github.com/drakkan/sftpgo _home: null @@ -8413,6 +8415,14 @@ softwarePackages: github: github.com/drakkan/sftpgo pkg: sftpgo yay: sftpgo-bin + sftpgo-plugin-auth: + _bin: sftpgo-plugin-auth + _desc: A plugin for SFTPGo to enable LDAP/Active Directory authentication + _docs: null + _github: https://github.com/sftpgo/sftpgo-plugin-auth + _home: null + _name: sftpgo-plugin-auth + github: github.com/sftpgo/sftpgo-plugin-auth share: _bin: share _desc: Quickly share files from your command line