sora/nixconfig
1
0
Fork 1
Code Issues 2 Pull Requests Actions Releases Activity

Fix ldap

Browse Source
This commit is contained in:
soraefir
2026-05-14 20:41:28 +02:00
parent 4ccb941766
commit 4e7a348461
1 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
modules/server/containers/data/authentik/ldap.yaml
View File

@@ -39,7 +39,34 @@ entries:
username: "ldap-service" username: "ldap-service"
attrs: attrs:
name: "LDAP Bind Service Account" name: "LDAP Bind Service Account"
type: "service_account"
path: "goauthentik.io"
is_active: true is_active: true
password: !Env DEFAULT_LDAP_PASSWORD password: !Env DEFAULT_LDAP_PASSWORD
attributes: attributes:
ak_recovery_immutable: true ak_recovery_immutable: true
- model: authentik_rbac.role
state: present
identifiers:
name: "LDAP Search Role"
- model: authentik_core.group
state: present
identifiers:
name: "LDAP Search Group"
attrs:
users:
- !Find [authentik_core.user, [username, "ldap-service"]]
roles:
- !Find [authentik_rbac.role, [name, "LDAP Search Role"]]
- model: authentik_providers_ldap.ldapprovider
state: present
identifiers:
name: ldap-provider
attrs:
object_permissions:
- role: !Find [authentik_rbac.role, [name, "LDAP Search Role"]]
permissions:
- "authentik_providers_ldap.search_full_directory"