looks like the these guys https://www.authelia.com/
Have now added OIDC and Ldap support.
1 Like
i am Facing an Installation error
failure: repodata/repomd.xml from lemonldap-ng: [Errno 256] No more mirrors to try.
https://lemonldap-ng.org/redhat/stable//noarch/repodata/repomd.xml: [Errno -1] Error importing repomd.xml for lemonldap-ng: Damaged repomd.xml file
[root@nethserver-ad ~]# /root/lemon_config.sh
-bash: /root/lemon_config.sh: No such file or directory
what could be the problem?
Hi
Your installer-script canāt reach the server https://lemonldap-ng.org - the reason could be either DNS or routing. But I assume DNS, as you can reach that server.
Can you ping google with FQDN? www.google.com ?
yes, i am able to ping google
Itās more accurate to say that yum isnāt downloading, at least, the complete/correct repomd.xml file, and if youād shown a few more lines of the messages, it might be more obvious why. Letās make sure the repo file has the correct contentsāwhat are the complete contents of /etc/yum.repos.d/lemonldap-ng.repo?
complete message
Loaded plugins: changelog, fastestmirror, langpacks, nethserver_events
nethserver-danb35-1.1.0-1.ns7.noarch.rpm | 55 kB 00:00:00
Examining /var/tmp/yum-root-igh_Yq/nethserver-danb35-1.1.0-1.ns7.noarch.rpm: nethserver-danb35-1.1.0-1.ns7.noarch
/var/tmp/yum-root-igh_Yq/nethserver-danb35-1.1.0-1.ns7.noarch.rpm: does not update installed package.
Error: Nothing to do
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1694 100 1694 0 0 5162 0 --:--:-- --:--:-- --:--:-- 5164
Loaded plugins: changelog, fastestmirror, langpacks, nethserver_events
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 21 kB 00:00:00
* ce-base: mirror.freethought-internet.co.uk
* ce-extras: mirror.freethought-internet.co.uk
* ce-sclo-rh: mirror.freethought-internet.co.uk
* ce-sclo-sclo: mirror.freethought-internet.co.uk
* ce-updates: mirror.freethought-internet.co.uk
* epel: mirror.freethought-internet.co.uk
* nethforge: nethserver.de-labrusse.fr
* nethserver-base: nethserver.de-labrusse.fr
* nethserver-updates: nethserver.de-labrusse.fr
ce-base/7/x86_64/signature | 811 B 00:00:00
ce-base/7/x86_64/signature | 3.6 kB 00:00:00 !!!
ce-extras/7/x86_64/signature | 811 B 00:00:00
ce-extras/7/x86_64/signature | 2.9 kB 00:00:00 !!!
ce-sclo-rh | 3.0 kB 00:00:00
ce-sclo-sclo | 3.0 kB 00:00:00
ce-updates/7/x86_64/signature | 811 B 00:00:00
ce-updates/7/x86_64/signature | 2.9 kB 00:00:00 !!!
danb35/7/signature | 230 B 00:00:00
danb35/7/signature | 2.9 kB 00:00:00 !!!
lemonldap-ng | 13 kB 00:00:00
https://lemonldap-ng.org/redhat/stable//noarch/repodata/repomd.xml: [Errno -1] Error importing repomd.xml for lemonldap-ng: Damaged repomd.xml file
Trying other mirror.
One of the configured repositories failed (LemonLDAP::NG packages),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:
1. Contact the upstream for the repository and get them to fix the problem.
2. Reconfigure the baseurl/etc. for the repository, to point to a working
upstream. This is most often useful if you are using a newer
distribution release than is supported by the repository (and the
packages for the previous distribution release still work).
3. Run the command with the repository temporarily disabled
yum --disablerepo=lemonldap-ng ...
4. Disable the repository permanently, so yum won't use it by default. Yum
will then just ignore the repository until you permanently enable it
again or use --enablerepo for temporary usage:
yum-config-manager --disable lemonldap-ng
or
subscription-manager repos --disable=lemonldap-ng
5. Configure the failing repository to be skipped, if it is unavailable.
Note that yum will try to contact the repo. when it runs most commands,
so will have to try and fail each time (and thus. yum will be be much
slower). If it is a very temporary problem though, this is often a nice
compromise:
yum-config-manager --save --setopt=lemonldap-ng.skip_if_unavailable=true
failure: repodata/repomd.xml from lemonldap-ng: [Errno 256] No more mirrors to try.
https://lemonldap-ng.org/redhat/stable//noarch/repodata/repomd.xml: [Errno -1] Error importing repomd.xml for lemonldap-ng: Damaged repomd.xml file
./LemonLDAP-NG.sh: line 25: /root/lemon_config.sh: No such file or directory
[lemonldap-ng]
name=LemonLDAP::NG packages
baseurl=https://lemonldap-ng.org/redhat/stable//noarch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
[lemonldap-ng-extras]
name=LemonLDAP::NG extra packages
baseurl=https://lemonldap-ng.org/redhat/extras/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
/etc/yum.repos.d/lemonldap-ng.repo
[lemonldap-ng]
name=LemonLDAP::NG packages
baseurl=https://lemonldap-ng.org/redhat/stable//noarch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
[lemonldap-ng-extras]
name=LemonLDAP::NG extra packages
baseurl=https://lemonldap-ng.org/redhat/extras/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
should be
[lemonldap-ng]
name=LemonLDAP::NG packages
baseurl=https://lemonldap-ng.org/redhat/stable/$releasever/noarch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
[lemonldap-ng-extras]
name=LemonLDAP::NG extra packages
baseurl=https://lemonldap-ng.org/redhat/extras/$releasever
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
as your running into the error that your server cannot connect to https://lemonldap-ng.org/redhat/stable//noarch
not sure why it did that but if you replace the contents in /etc/yum.repos.d/lemonldap-ng.repo with
[lemonldap-ng]
name=LemonLDAP::NG packages
baseurl=https://lemonldap-ng.org/redhat/stable/$releasever/noarch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
[lemonldap-ng-extras]
name=LemonLDAP::NG extra packages
baseurl=https://lemonldap-ng.org/redhat/extras/$releasever
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-OW2
and run yum -y update
you should be able to the issue
curl https://lemonldap-ng.org/_media/rpm-gpg-key-ow2 > /etc/pki/rpm-gpg/RPM-GPG-KEY-OW2 && yum -y install nethserver-lemonldap-ng --enablerepo=lemonldap-ng,lemonldap-ng-extras && ~/lemon_config.sh
that should install it
seems to have installed, as i can access the manager interface
but this came up, not sure it has no effect or not.
Complete!
Saved under number 2
[Fri Mar 18 03:10:58 2022] [LLNG:9052] [error] Apply configuration for localhost: error 500 (read timeout)
Status : [
{
'localhost' => 'Error 500 (read timeout)'
}
];
Saved under number 3
[Fri Mar 18 03:11:05 2022] [LLNG:11006] [error] Apply configuration for localhost: error 500 (read timeout)
Status : [
{
'localhost' => 'Error 500 (read timeout)'
}
];
Saved under number 4
[Fri Mar 18 03:11:12 2022] [LLNG:11040] [error] Apply configuration for localhost: error 500 (read timeout)
Status : [
{
'localhost' => 'Error 500 (read timeout)'
}
];
Saved under number 5
[Fri Mar 18 03:11:19 2022] [LLNG:11068] [error] Apply configuration for localhost: error 500 (read timeout)
Warnings: [
{
'message' => 'Portal URL should end with a /'
}
];
Status : [
{
'localhost' => 'Error 500 (read timeout)'
}
];
Saved under number 6
[Fri Mar 18 03:11:26 2022] [LLNG:11095] [error] Apply configuration for localhost: error 500 (read timeout)
Warnings: [
{
'message' => 'Your version of IO::Socket::IP is too old to enforce connection timeouts on ldaps:// URLs. Use ldap+tls:// instead'
}
];
Status : [
{
'localhost' => 'Error 500 (read timeout)'
}
];
Saved under number 7
[Fri Mar 18 03:11:32 2022] [LLNG:11132] [error] Apply configuration for localhost: error 500 (read timeout)
Warnings: [
{
'message' => 'Your version of IO::Socket::IP is too old to enforce connection timeouts on ldaps:// URLs. Use ldap+tls:// instead'
}
];
Status : [
{
'localhost' => 'Error 500 (read timeout)'
}
];
Saved under number 8
[Fri Mar 18 03:11:39 2022] [LLNG:11157] [error] Apply configuration for localhost: error 500 (read timeout)
Warnings: [
{
'message' => 'Your version of IO::Socket::IP is too old to enforce connection timeouts on ldaps:// URLs. Use ldap+tls:// instead'
}
];
Status : [
{
'localhost' => 'Error 500 (read timeout)'
}
];
Saved under number 9
[Fri Mar 18 03:11:46 2022] [LLNG:11196] [error] Apply configuration for localhost: error 500 (read timeout)
Warnings: [
{
'message' => 'Your version of IO::Socket::IP is too old to enforce connection timeouts on ldaps:// URLs. Use ldap+tls:// instead'
}
];
Status : [
{
'localhost' => 'Error 500 (read timeout)'
}
];
ignore that it will be fixed when you configure the server
1 Like
Iāve added a new install script; you can now install LLNG by running a single command: curl https://raw.githubusercontent.com/danb35/nethserver-lemonldap-ng/master/install-llng.sh | sh
Be aware that this runs the lemon_config.sh script with all the defaults, so if you want to customize it, you should follow the previous instructions. The Wiki and GitHub README have been updated to reflect this.
4 Likes
@danb35 How do you map these 2 attributes correctly in nextcloud, making use of LLNG
i cant edit them in NC, and there are not being pulled form what entered in cockpit on phpldapadmin
Iāve got the mapping set correctly in mine take a look at my manager
Iāve updated the Nethserver Module LemonLDAP-NG wiki to add Zabbix SAML login intergration instructions and updated the nextcloud section to enable signing
and updated the instructions for zammad for extra security
3 Likes