fix: move binding dn

This commit is contained in:
vincent 2024-03-10 09:50:47 +01:00
parent b7dc26cc27
commit 0ebd087544
4 changed files with 20 additions and 13 deletions

View File

@ -1,11 +1,12 @@
$ANSIBLE_VAULT;1.1;AES256
61653964333030326633346130613633373333663037316165313436336235376362346237383463
3835663564663137643565636431353465386338363665620a343031373230623564616635373337
38653431623135313436643737633932656236666562623837303262323838663564343862653835
3332346662383935300a646437326262613231616137393664633963623832393633646530613037
35326335333432383939346132356465313164336434316439633236396465333366666435353535
35646465313336336466653964303533373133613861626634623363623036643363323063616630
64636135323431653235643364316238666135626230316537363132313138656532306636333734
64356532653432613535623761303634353964633162333465393135653338323437336362616164
63313430303438323535346331386463393535376564346564643363626434626432333031653838
3332616466306466336161393066633239363463363863323739
61326233336236343231396231306638373837653661313334313261313539316532373437346132
3931306637303530373032663236363466383433316161310a396439393564643731656664663639
32386130663837303663376432633930393663386436666263313939326631616466643237333138
3365346131636333330a376436323964656563363664336638653564656231636136663635303439
35346461356337303064623861326331346263373539336335393566623462343464323065366237
61346637326336613232643462323733366530656439626234663335633965376335623733336162
37323739376237323534613361333831396531663637666161666366656237353563626164626632
33326336353663356235373835666166643465666562616663336539316233373430633862613133
36363831623361393230653161626131353264366634326233363232336635306266376363363739
66373434343330633337633436316135656533613465613963363931383266323466653762623365
363332393662393532313063613066653964

View File

@ -49,7 +49,7 @@ job "backup-postgress" {
env = true
}
resources {
memory = 140
memory = 180
}
}

View File

@ -10,6 +10,12 @@ job "openldap" {
attribute = "${attr.cpu.arch}"
value = "amd64"
}
constraint {
attribute = "${node.class}"
operator = "set_contains"
value = "cluster"
}
vault {
policies = ["ldap"]
}

View File

@ -1,13 +1,13 @@
resource "vault_ldap_auth_backend" "ldap" {
path = "ldap"
url = "ldaps://ldaps.service.consul"
userdn = "dc=ducamps,dc=eu"
userdn = "ou=users,dc=ducamps,dc=eu"
userattr = "uid"
discoverdn = false
insecure_tls = true
groupdn = "ou=groups,dc=ducamps,dc=eu"
groupfilter = "(|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))"
binddn = "uid=vaultserviceaccount,ou=users,dc=ducamps,dc=eu"
binddn = "uid=vaultserviceaccount,ou=serviceAccount,ou=users,dc=ducamps,dc=eu"
groupattr = "cn"
bindpass = var.ldap_bindpass
}