-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #20 from alan-turing-institute/update-readme
Update readme
- Loading branch information
Showing
1 changed file
with
74 additions
and
27 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,35 +1,82 @@ | ||
| # guacamole-user-sync | ||
| Synchronise a Guacamole PostgreSQL database with an LDAP server, such as Microsoft Active Directory | ||
|
|
||
| [](https://github.com/alan-turing-institute/guacamole-user-sync/pkgs/container/guacamole-user-sync) | ||
| [](https://github.com/alan-turing-institute/guacamole-user-sync/pkgs/container/guacamole-user-sync) | ||
| [](https://github.com/alan-turing-institute/guacamole-user-sync/pkgs/) | ||
|
|
||
| ## Running with Docker | ||
|
|
||
| You can run this Docker image as follows | ||
|
|
||
| ```console | ||
| $ docker run -it \ | ||
| -e LDAP_HOST=$(your LDAP server host) \ | ||
| -e LDAP_GROUP_BASE_DN=$(your LDAP group DN) \ | ||
| -e LDAP_GROUP_FILTER=$(your LDAP group filter) \ | ||
| -e LDAP_USER_BASE_DN=$(your LDAP user DN) \ | ||
| -e LDAP_USER_FILTER=$(your LDAP user filter) \ | ||
| -e POSTGRESQL_HOST=$(your PostgreSQL server host) \ | ||
| -e POSTGRESQL_PASSWORD=$(your PostgreSQL connection password) \ | ||
| -e POSTGRESQL_USERNAME=$(your PostgreSQL connection username) \ | ||
| ghcr.io/alan-turing-institute/guacamole-user-sync:$(version you want to use) | ||
| ``` | ||
|
|
||
| ## Environment variables | ||
|
|
||
| - DEBUG: Enable debug output (default: 'False') | ||
| - LDAP_BIND_DN: (Optional) distinguished name of LDAP bind user | ||
| - LDAP_BIND_PASSWORD: (Optional) password of LDAP bind user | ||
| - LDAP_GROUP_BASE_DN: Base DN for groups | ||
| - LDAP_GROUP_FILTER: LDAP filter to select groups | ||
| - LDAP_GROUP_NAME_ATTR: Attribute used to extract group names (default: 'cn') | ||
| - LDAP_HOST: LDAP host | ||
| - LDAP_PORT: LDAP port (default: '389') | ||
| - LDAP_USER_BASE_DN: Base DN for users | ||
| - LDAP_USER_FILTER: LDAP filter to select users | ||
| - LDAP_USER_NAME_ATTR: Attribute used to extract user names (default: 'userPrincipalName') | ||
| - POSTGRESQL_DB_NAME: Database name for PostgreSQL server (default: 'guacamole') | ||
| - POSTGRESQL_HOST: PostgreSQL server host | ||
| - POSTGRESQL_PASSWORD: Password of PostgreSQL user | ||
| - POSTGRESQL_PORT: PostgreSQL server port (default: '5432') | ||
| - POSTGRESQL_USERNAME: Username of PostgreSQL user | ||
| - REPEAT_INTERVAL: How often (in seconds) to wait before attempting to synchronise again (default: '300') | ||
|
|
||
| ## Tests | ||
|
|
||
| To run the tests you will need to install | ||
|
|
||
| - `bats-core` | ||
| - `yq` | ||
|
|
||
| The tests can be run with: | ||
| - `DEBUG`: Enable debug output (default: 'False') | ||
| - `LDAP_BIND_DN`: (Optional) distinguished name of LDAP bind user | ||
| - `LDAP_BIND_PASSWORD`: (Optional) password of LDAP bind user | ||
| - `LDAP_GROUP_BASE_DN`: Base DN for groups | ||
| - `LDAP_GROUP_FILTER`: LDAP filter to select groups | ||
| - `LDAP_GROUP_NAME_ATTR`: Attribute used to extract group names (default: 'cn') | ||
| - `LDAP_HOST`: LDAP host | ||
| - `LDAP_PORT`: LDAP port (default: '389') | ||
| - `LDAP_USER_BASE_DN`: Base DN for users | ||
| - `LDAP_USER_FILTER`: LDAP filter to select users | ||
| - `LDAP_USER_NAME_ATTR`: Attribute used to extract user names (default: 'userPrincipalName') | ||
| - `POSTGRESQL_DB_NAME`: Database name for PostgreSQL server (default: 'guacamole') | ||
| - `POSTGRESQL_HOST`: PostgreSQL server host | ||
| - `POSTGRESQL_PASSWORD`: Password of PostgreSQL user | ||
| - `POSTGRESQL_PORT`: PostgreSQL server port (default: '5432') | ||
| - `POSTGRESQL_USERNAME`: Username of PostgreSQL user | ||
| - `REPEAT_INTERVAL`: How often (in seconds) to wait before attempting to synchronise again (default: '300') | ||
|
|
||
| ## Contributing | ||
|
|
||
| Pull requests are always welcome. | ||
|
|
||
| ### Running with Docker | ||
|
|
||
| Build the Docker image with | ||
|
|
||
| ```console | ||
| $ docker build . -t guacamole-user-sync | ||
| ``` | ||
|
|
||
| Run the Docker image you have just built with | ||
|
|
||
| ```console | ||
| $ docker run -it \ | ||
| -e LDAP_HOST=$(your LDAP server host) \ | ||
| -e LDAP_GROUP_BASE_DN=$(your LDAP group DN) \ | ||
| -e LDAP_GROUP_FILTER=$(your LDAP group filter) \ | ||
| -e LDAP_USER_BASE_DN=$(your LDAP user DN) \ | ||
| -e LDAP_USER_FILTER=$(your LDAP user filter) \ | ||
| -e POSTGRESQL_HOST=$(your PostgreSQL server host) \ | ||
| -e POSTGRESQL_PASSWORD=$(your PostgreSQL connection password) \ | ||
| -e POSTGRESQL_USERNAME=$(your PostgreSQL connection username) \ | ||
| guacamole-user-sync | ||
| ``` | ||
|
|
||
| ### Tests | ||
|
|
||
| In order to run the tests, you should install the following prerequisites: | ||
|
|
||
| - [`hatch`](https://hatch.pypa.io/latest/install/) | ||
|
|
||
| The tests can then be run with | ||
|
|
||
| ```console | ||
| $ bats tests | ||
| $ hatch run test:all | ||
| ``` |