From b269fa0fc73eb186711871cda3baa11226da549b Mon Sep 17 00:00:00 2001 From: Ishan Jain Date: Wed, 13 Sep 2023 03:59:29 +0530 Subject: [PATCH] example_configs: Add thelounge configuration example --- example_configs/thelounge.md | 43 +++++++++++++++++++++++++++++------- 1 file changed, 35 insertions(+), 8 deletions(-) diff --git a/example_configs/thelounge.md b/example_configs/thelounge.md index 3d8cf31..0472d60 100644 --- a/example_configs/thelounge.md +++ b/example_configs/thelounge.md @@ -2,15 +2,42 @@ [Main documentation here.](https://thelounge.chat/docs/configuration#ldap-support) -For simple user auth with LLDAP on localhost adapt this in the main config.js: +## Simple Config: + +In this config, The Lounge will use the credentials provided in web ui to authenticate with lldap. It'll allow access if authentication was successful. ``` -ldap: { - enable: true, - url: "ldap://127.0.0.1:3890", - tlsOptions: {}, - primaryKey: "uid", - baseDN : "ou=people,dc=example,dc=com", + ldap: { + enable: true, + url: "ldap://localhost:389", + tlsOptions: {}, + primaryKey: "uid", + baseDN: "ou=people,dc=example,dc=com", + }, +``` + + +## Advanced Config: + +`rootDN` is similar to bind DN in other applications. It is used in combination with `rootPassword` to query lldap. `ldap-viewer` user in `lldap` is a member of the group `lldap_strict_readonly` group. This gives `ldap-viewer` user permission to query `lldap`. + + +With the `filter`, You can limit The Lounge access to users who are a member of the group `thelounge`. + + +``` + ldap: { + enable: true, + url: "ldap://localhost:389", + tlsOptions: {}, + primaryKey: "uid", + searchDN: { + rootDN: "uid=ldap-viewer,ou=people,dc=example,dc=com", + rootPassword: "" + filter: "(memberOf=cn=thelounge,ou=groups,dc=example,dc=com)", + base: "dc=example,dc=com", + scope: "sub", + }, + }, ``` -And comment out with ```//``` the entire ```searchDN``` block.