LemonLDAP-NG in Podman

Howto
, ,
23

add-module ghcr.io/stephdl/lemonldapng:firstrelease

now I have to autoconfigure the backend to ldap

2 Likes
24

add-module ghcr.io/stephdl/lemonldapng:1.0.0-dev.1

you have to make some dns entries to the fqdn you choose

auth.domain.com
manager.domain.com
reload.domain.com (not sure)
test1.domain.com
test2.domain.com

user pwd
rtyler rtyler (user)
dwho dwho (administrator)

go to auth.domain.com and test the demo app
go to the manager and play

what should work
configuration
restore/backup
clone
smarthost smtp if set in the server
ldap setting in the ui (todo autoconfiguration of the LDAP)

@danb35 what do you think ?

2 Likes
25

I do miss Rose, though they’ve had a number of good companions since her. I’ll have to take a look at the module.

3 Likes
26

Sorry for lack of reply the last 2 weeks we were dealing with a tropical cyclone it didn’t end up being as bad as they thought but it covered such a large area (we prepared and were fine but it mostly took out supply lines for a few days and power and internet)

I’ll have a look at the module as soon as I can thanks so much for your help

1 Like
27

using the add-module ghcr.io/stephdl/lemonldapng:1.0.0-dev.1 installs it but after configuration I just get bad gateway and using
add-module ghcr.io/nethserver/lemonldapng:latest 1

Results in

Error 
<7>podman-pull-missing ghcr.io/nethserver/lemonldapng:latest
Trying to pull ghcr.io/nethserver/lemonldapng:latest...
Error: initializing source docker://ghcr.io/nethserver/lemonldapng:latest: Requesting bearer token: invalid status code from registry 403 (Forbidden)
Traceback (most recent call last):
  File "/usr/local/agent/bin/podman-pull-missing", line 35, in <module>
    subprocess.run(['podman', 'pull', image_url]).check_returncode()
  File "/usr/lib64/python3.11/subprocess.py", line 502, in check_returncode
    raise CalledProcessError(self.returncode, self.args, self.stdout,
subprocess.CalledProcessError: Command '['podman', 'pull', 'ghcr.io/nethserver/lemonldapng:latest']' returned non-zero exit status 125.
Traceback (most recent call last):
  File "/var/lib/nethserver/cluster/actions/add-module/50update", line 64, in <module>
    agent.run_helper('podman-pull-missing', image_url, progress_callback=agent.get_progress_callback(0,33)).check_returncode()
  File "/usr/lib64/python3.11/subprocess.py", line 502, in check_returncode
    raise CalledProcessError(self.returncode, self.args, self.stdout,
subprocess.CalledProcessError: Command '('podman-pull-missing', 'ghcr.io/nethserver/lemonldapng:latest')' returned non-zero exit status 1.

which I’m assuming is because it’s not in Nethserver repo yet and the above cmd is a placeholder

*Update

ok I reinstalled it using add-module ghcr.io/stephdl/lemonldapng:latest 1

Summary 
<7>podman-pull-missing ghcr.io/stephdl/lemonldapng:latest
Trying to pull ghcr.io/stephdl/lemonldapng:latest...
Getting image source signatures
Copying blob sha256:37e83647a72b3ef2696e56e2e8323ec4142276b757df5157d573f54898c34200
Copying config sha256:a17f0833ac94fa67e4d2fc900c88b857fb7b5bacb6b03405cd615b9cc9e1bec7
Writing manifest to image destination
a17f0833ac94fa67e4d2fc900c88b857fb7b5bacb6b03405cd615b9cc9e1bec7
<7>extract-ui ghcr.io/stephdl/lemonldapng:latest
Extracting container filesystem ui to /var/lib/nethserver/cluster/ui/apps/lemonldapng5
ui/css/
ui/css/about~31ecd969.f3b8eb2f.css
ui/css/app~748942c6.b5333564.css
ui/i18n/
ui/i18n/de/
ui/i18n/de/translation.json
ui/i18n/en/
ui/i18n/en/translation.json
ui/i18n/es/
ui/i18n/es/translation.json
ui/i18n/eu/
ui/i18n/eu/translation.json
ui/i18n/it/
ui/i18n/it/translation.json
ui/i18n/pt/
ui/i18n/pt/translation.json
ui/i18n/pt_BR/
ui/i18n/pt_BR/translation.json
ui/img/
ui/img/module_default_logo.b3bbdb98.png
ui/index.html
ui/js/
ui/js/about~31ecd969.4bed3e85.js
ui/js/about~31ecd969.4bed3e85.js.map
ui/js/app~748942c6.341e9975.js
ui/js/app~748942c6.341e9975.js.map
ui/js/chunk-vendors~0605657e.7f254d6a.js
ui/js/chunk-vendors~0605657e.7f254d6a.js.map
ui/js/chunk-vendors~0f485567.68e9337c.js
ui/js/chunk-vendors~0f485567.68e9337c.js.map
ui/js/chunk-vendors~17faf02d.7f68aab6.js
ui/js/chunk-vendors~17faf02d.7f68aab6.js.map
ui/js/chunk-vendors~1d97ff09.290bda9d.js
ui/js/chunk-vendors~1d97ff09.290bda9d.js.map
ui/js/chunk-vendors~2a42e354.0df57e14.js
ui/js/chunk-vendors~2a42e354.0df57e14.js.map
ui/js/chunk-vendors~2aa62147.38204dba.js
ui/js/chunk-vendors~2aa62147.38204dba.js.map
ui/js/chunk-vendors~41d44f25.e7779fa1.js
ui/js/chunk-vendors~41d44f25.e7779fa1.js.map
ui/js/chunk-vendors~46852254.0b6d19c2.js
ui/js/chunk-vendors~46852254.0b6d19c2.js.map
ui/js/chunk-vendors~57473a66.f586d2ed.js
ui/js/chunk-vendors~57473a66.f586d2ed.js.map
ui/js/chunk-vendors~5bb1f863.3efba861.js
ui/js/chunk-vendors~5bb1f863.3efba861.js.map
ui/js/chunk-vendors~5eba3806.b8428291.js
ui/js/chunk-vendors~5eba3806.b8428291.js.map
ui/js/chunk-vendors~690b702c.fd888ae3.js
ui/js/chunk-vendors~690b702c.fd888ae3.js.map
ui/js/chunk-vendors~7274e1de.72bc2eab.js
ui/js/chunk-vendors~7274e1de.72bc2eab.js.map
ui/js/chunk-vendors~86f6b1bc.6688193d.js
ui/js/chunk-vendors~86f6b1bc.6688193d.js.map
ui/js/chunk-vendors~b5906859.deff14e4.js
ui/js/chunk-vendors~b5906859.deff14e4.js.map
ui/js/chunk-vendors~bc21d4b3.68b10b46.js
ui/js/chunk-vendors~bc21d4b3.68b10b46.js.map
ui/js/chunk-vendors~be71a85b.9c367aa3.js
ui/js/chunk-vendors~be71a85b.9c367aa3.js.map
ui/js/chunk-vendors~c8728516.dd1ccc58.js
ui/js/chunk-vendors~c8728516.dd1ccc58.js.map
ui/js/chunk-vendors~d2305125.6a99a4ff.js
ui/js/chunk-vendors~d2305125.6a99a4ff.js.map
ui/js/chunk-vendors~d9886323.1a1a66f6.js
ui/js/chunk-vendors~d9886323.1a1a66f6.js.map
ui/js/chunk-vendors~db300d2f.ddb8641c.js
ui/js/chunk-vendors~db300d2f.ddb8641c.js.map
ui/js/chunk-vendors~ec8c427e.5c1734c3.js
ui/js/chunk-vendors~ec8c427e.5c1734c3.js.map
ui/js/chunk-vendors~fdc6512a.81c5c86c.js
ui/js/chunk-vendors~fdc6512a.81c5c86c.js.map
ui/js/lang-de-translation-json~3c620948.e0b5ebcd.js
ui/js/lang-de-translation-json~3c620948.e0b5ebcd.js.map
ui/js/lang-en-translation-json~9b60384d.f9865989.js
ui/js/lang-en-translation-json~9b60384d.f9865989.js.map
ui/js/lang-es-translation-json~f7c30340.434383b0.js
ui/js/lang-es-translation-json~f7c30340.434383b0.js.map
ui/js/lang-eu-translation-json~8ed4c5c2.33ab4b3c.js
ui/js/lang-eu-translation-json~8ed4c5c2.33ab4b3c.js.map
ui/js/lang-it-translation-json~e043826f.e33749b0.js
ui/js/lang-it-translation-json~e043826f.e33749b0.js.map
ui/js/lang-pt-translation-json~45d767f3.8b3eaa68.js
ui/js/lang-pt-translation-json~45d767f3.8b3eaa68.js.map
ui/js/lang-pt_BR-translation-json~eef7148a.487e22b9.js
ui/js/lang-pt_BR-translation-json~eef7148a.487e22b9.js.map
ui/metadata.json
ui/shortcuts.json
a2c1a65f195f855d65f329dbfd2fe59c4759eaca743ef99e5b809d44f92399f2
{'module_id': 'lemonldapng5', 'image_name': 'lemonldapng', 'image_url': 'ghcr.io/stephdl/lemonldapng:latest'}

and here is the log

Log 
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Queued start job for default target Main User Target.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Created slice User Application Slice.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Started Mark boot as successful after the user session has run 2 minutes.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Started Daily Cleanup of User's Temporary Directories.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Reached target Paths.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Reached target Timers.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Starting D-Bus User Message Bus Socket...
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Starting Create User's Volatile Files and Directories...
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Listening on D-Bus User Message Bus Socket.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Reached target Sockets.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Finished Create User's Volatile Files and Directories.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Reached target Basic System.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Started Rootless module/lemonldapng5 agent.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Reached target Main User Target.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:systemd] Startup finished in 336ms.
2025-03-17T10:08:39+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/4e1d80b3-2bb5-4139-a8dd-d9277e43c4cf: create-module/05pullimages is starting
2025-03-17T10:08:40+10:00 [1:lemonldapng5:agent@lemonldapng5] Add to module/lemonldapng5 environment LEMONLDAP_NG_IMAGE=docker.io/lemonldapng/lemonldap-ng:2.20.2
2025-03-17T10:08:40+10:00 [1:lemonldapng5:agent@lemonldapng5] podman-pull-missing docker.io/lemonldapng/lemonldap-ng:2.20.2
2025-03-17T10:08:42+10:00 [1:lemonldapng5:systemd] Starting D-Bus User Message Bus...
2025-03-17T10:08:42+10:00 [1:lemonldapng5:dbus-broker-launch] Policy to allow eavesdropping in /usr/share/dbus-1/session.conf +33: Eavesdropping is deprecated and ignored
2025-03-17T10:08:42+10:00 [1:lemonldapng5:dbus-broker-launch] Policy to allow eavesdropping in /usr/share/dbus-1/session.conf +31: Eavesdropping is deprecated and ignored
2025-03-17T10:08:42+10:00 [1:lemonldapng5:systemd] Started D-Bus User Message Bus.
2025-03-17T10:08:42+10:00 [1:lemonldapng5:] Ready
2025-03-17T10:08:42+10:00 [1:lemonldapng5:systemd] Created slice Slice /user.
2025-03-17T10:08:42+10:00 [1:lemonldapng5:systemd] podman-pause-f0cd5adb.scope: unit configures an IP firewall, but not running as root.
2025-03-17T10:08:42+10:00 [1:lemonldapng5:systemd] (This warning is only shown for the first unit using IP firewalling.)
2025-03-17T10:08:42+10:00 [1:lemonldapng5:systemd] Started podman-pause-f0cd5adb.scope.
2025-03-17T10:08:42+10:00 [1:lemonldapng5:agent@lemonldapng5] Trying to pull docker.io/lemonldapng/lemonldap-ng:2.20.2...
2025-03-17T10:08:46+10:00 [1:lemonldapng5:agent@lemonldapng5] Getting image source signatures
2025-03-17T10:08:46+10:00 [1:lemonldapng5:agent@lemonldapng5] Copying blob sha256:02508d19d486a7cbdc3f59e4cc023682a8889e8c154e68ad99ec06b8be1e4417
2025-03-17T10:08:46+10:00 [1:lemonldapng5:agent@lemonldapng5] Copying blob sha256:4ac7be88906ac271433a18feaf7017b091687b2d0fd9eb99e4fe96fd5d5fc7f6
2025-03-17T10:08:46+10:00 [1:lemonldapng5:agent@lemonldapng5] Copying blob sha256:fb2f953d61a74ddb42bd7b8929db539e4a8b9ad4b3f97d87bc3987971899c9c6
2025-03-17T10:08:46+10:00 [1:lemonldapng5:agent@lemonldapng5] Copying blob sha256:35442ebc756098b2dfffc9ca9e20b654e6b595ad5cf251752db4db7853f87934
2025-03-17T10:08:46+10:00 [1:lemonldapng5:agent@lemonldapng5] Copying blob sha256:84ac79118ba1b870c8b2f4da2b40e8a8371f15d1fe928be496dfa5127051d636
2025-03-17T10:08:46+10:00 [1:lemonldapng5:agent@lemonldapng5] Copying blob sha256:0d5304ce9fda24b168d8bf57508061704631da7ed0a6831fb007ff6e39d4d94c
2025-03-17T10:08:47+10:00 [1:lemonldapng5:agent@lemonldapng5] Copying blob sha256:f8816cca4cae1aea578c8d8e941a990a4cfb6e785efd7b27f5f4f6293cf83e55
2025-03-17T10:08:48+10:00 [1:lemonldapng5:agent@lemonldapng5] Copying blob sha256:67cbac1479e0ca0b63d4f50b58ee283fbf8c9110bd323e5dcfa03ae530c23f26
2025-03-17T10:08:48+10:00 [1:lemonldapng5:agent@lemonldapng5] Copying blob sha256:1674377cf61390bd304219ce38701aa3ba6373dd47427049315a6334efc75534
2025-03-17T10:08:48+10:00 [1:lemonldapng5:agent@lemonldapng5] Copying blob sha256:9ad2cd93ad05c64dcd743e23f2b972dab635816539472a809457a44ef73ab8ca
2025-03-17T10:10:04+10:00 [1:lemonldapng5:agent@lemonldapng5] Copying config sha256:0ea8d0388a80de66c20a28646a902ab13b87e1f3f00b8eca82c471985b836c10
2025-03-17T10:10:04+10:00 [1:lemonldapng5:agent@lemonldapng5] Writing manifest to image destination
2025-03-17T10:10:04+10:00 [1:lemonldapng5:agent@lemonldapng5] 0ea8d0388a80de66c20a28646a902ab13b87e1f3f00b8eca82c471985b836c10
2025-03-17T10:10:04+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/4e1d80b3-2bb5-4139-a8dd-d9277e43c4cf: create-module/10selfadm_role is starting
2025-03-17T10:10:05+10:00 [1:lemonldapng5:agent@lemonldapng5] 1
2025-03-17T10:10:05+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/4e1d80b3-2bb5-4139-a8dd-d9277e43c4cf: action "create-module" status is "completed" (0) at step 10selfadm_role
2025-03-17T10:10:47+10:00 [1:lemonldapng5:systemd] Starting Mark boot as successful...
2025-03-17T10:10:47+10:00 [1:lemonldapng5:systemd] Finished Mark boot as successful.
2025-03-17T10:11:01+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/ad2da56a-ba39-4eea-9bca-ccae1033cad9: get-name/50get_name is starting
2025-03-17T10:11:02+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/14b00a97-2fcf-40a8-9a9d-9db614131dc1: get-configuration/20read is starting
2025-03-17T10:11:02+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/eef70af9-c063-4c0e-ac55-f5ba229f523b: get-status/20read is starting
2025-03-17T10:11:02+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/ad2da56a-ba39-4eea-9bca-ccae1033cad9: action "get-name" status is "completed" (0) at step 50get_name
2025-03-17T10:11:02+10:00 [1:lemonldapng5:agent@lemonldapng5] agent.ldapproxy: domain ad.ksatdesign.com.au should not be used by lemonldapng5. Invoke agent.bind_user_domains(["ad.ksatdesign.com.au"]) to fix this warning.
2025-03-17T10:11:02+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/14b00a97-2fcf-40a8-9a9d-9db614131dc1: action "get-configuration" status is "completed" (0) at step validate-output.json
2025-03-17T10:11:03+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/eef70af9-c063-4c0e-ac55-f5ba229f523b: action "get-status" status is "completed" (0) at step validate-output.json
2025-03-17T10:11:07+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/bfe4b1ab-545e-4600-9a58-252f7f758a79: get-configuration/20read is starting
2025-03-17T10:11:08+10:00 [1:lemonldapng5:agent@lemonldapng5] agent.ldapproxy: domain ad.ksatdesign.com.au should not be used by lemonldapng5. Invoke agent.bind_user_domains(["ad.ksatdesign.com.au"]) to fix this warning.
2025-03-17T10:11:08+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/bfe4b1ab-545e-4600-9a58-252f7f758a79: action "get-configuration" status is "completed" (0) at step validate-output.json
2025-03-17T10:11:38+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/ac3436cb-2377-4f73-89a5-3d65dc82417d: configure-module/01Hostname_validation is starting
2025-03-17T10:11:39+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/ac3436cb-2377-4f73-89a5-3d65dc82417d: configure-module/10configure_environment_vars is starting
2025-03-17T10:11:40+10:00 [1:lemonldapng5:agent@lemonldapng5] _acontrol_task request attempt failed (WS reached EOF while waiting for cluster/task/ef415974-10e6-4af8-8dee-2090308bd255). Retrying...
2025-03-17T10:11:45+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/ac3436cb-2377-4f73-89a5-3d65dc82417d: configure-module/20configure_traefik is starting
2025-03-17T10:11:45+10:00 [1:lemonldapng5:agent@lemonldapng5] dump_env() is deprecated and implemented as a no-op
2025-03-17T10:11:46+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/1b0d574e-8500-4636-b2c0-3000a0abc67b: get-configuration/20read is starting
2025-03-17T10:11:46+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/58948a59-2249-402b-9f77-31d5e1307efd: get-status/20read is starting
2025-03-17T10:11:47+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/1b0d574e-8500-4636-b2c0-3000a0abc67b: action "get-configuration" status is "completed" (0) at step validate-output.json
2025-03-17T10:11:47+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/58948a59-2249-402b-9f77-31d5e1307efd: action "get-status" status is "completed" (0) at step validate-output.json
2025-03-17T10:11:57+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/b04e7a4f-8288-4503-a09f-1defc52d0e8a: get-configuration/20read is starting
2025-03-17T10:11:57+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/3472577d-7795-4d96-a257-2f221481f5b3: get-configuration/20read is starting
2025-03-17T10:11:58+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/54444191-bc66-4d3e-9f0f-bd2fd19824c0: get-status/20read is starting
2025-03-17T10:11:58+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/b04e7a4f-8288-4503-a09f-1defc52d0e8a: action "get-configuration" status is "completed" (0) at step validate-output.json
2025-03-17T10:11:58+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/3472577d-7795-4d96-a257-2f221481f5b3: action "get-configuration" status is "completed" (0) at step validate-output.json
2025-03-17T10:11:58+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/54444191-bc66-4d3e-9f0f-bd2fd19824c0: action "get-status" status is "completed" (0) at step validate-output.json
2025-03-17T10:12:02+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/ac3436cb-2377-4f73-89a5-3d65dc82417d: configure-module/80start_services is starting
2025-03-17T10:12:02+10:00 [1:lemonldapng5:agent@lemonldapng5] Created symlink /home/lemonldapng5/.config/systemd/user/default.target.wants/lemonldapng.service → /home/lemonldapng5/.config/systemd/user/lemonldapng.service.
2025-03-17T10:12:02+10:00 [1:lemonldapng5:systemd] Reloading.
2025-03-17T10:12:03+10:00 [1:lemonldapng5:systemd] Starting Podman lemonldapng.service...
2025-03-17T10:12:04+10:00 [1:lemonldapng5:systemd] Created slice cgroup user-libpod_pod_f6415a420be4b729c73994965c421d278b0d933af311638aee6fac3ed8cbfdf1.slice.
2025-03-17T10:12:05+10:00 [1:lemonldapng5:podman] f6415a420be4b729c73994965c421d278b0d933af311638aee6fac3ed8cbfdf1
2025-03-17T10:12:05+10:00 [1:lemonldapng5:systemd] Started libcrun container.
2025-03-17T10:12:05+10:00 [1:lemonldapng5:podman] f6415a420be4b729c73994965c421d278b0d933af311638aee6fac3ed8cbfdf1
2025-03-17T10:12:05+10:00 [1:lemonldapng5:systemd] Started Podman lemonldapng.service.
2025-03-17T10:12:05+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/ac3436cb-2377-4f73-89a5-3d65dc82417d: action "configure-module" status is "completed" (0) at step 80start_services
2025-03-17T10:12:05+10:00 [1:lemonldapng5:systemd] Starting Podman  lemonldapng-app.service...
2025-03-17T10:12:06+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/a1199764-4d69-4747-bae6-3d531a9bbdc3: get-configuration/20read is starting
2025-03-17T10:12:07+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/a1199764-4d69-4747-bae6-3d531a9bbdc3: action "get-configuration" status is "completed" (0) at step validate-output.json
2025-03-17T10:12:09+10:00 [1:lemonldapng5:systemd] Started libcrun container.
2025-03-17T10:12:09+10:00 [1:lemonldapng5:lemonldapng-app] Starting periodic command scheduler: cron.
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] Starting anac(h)ronistic cron: anacron.
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] # Changing nginx port to 80
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng5] d064565d4b5d142008304107db0f7f5bf8675c09e548a586da52ebf3bce01885
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] Remove the SOCKET variable
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] Add LISTEN variable
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] Update NGinx configuration from UNIX socket to TCP socket
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] sed: can't read /etc/nginx/sites-enabled/*-nginx.conf: No such file or directory
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] Update upstream llng fastcgi to tcpsocket
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] sed: can't read /etc/nginx/sites-enabled/portal-nginx.conf: No such file or directory
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] Exporting environment variables
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] Starting fast-cgi-server
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] Starting llng-fastcgi-server: llng-fastcgi-serverFastCGI daemon started (pid 50)
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] .
2025-03-17T10:12:10+10:00 [1:lemonldapng5:lemonldapng-app] Starting nginx
2025-03-17T10:12:11+10:00 [1:lemonldapng5:lemonldapng5] podman exec lemonldapng-app /usr/share/lemonldap-ng/bin/lemonldap-ng-cli -yes 1 set SMTPAuthPass '' SMTPAuthUser '' SMTPServer 10.6.4.1 SMTPTLS '' SMTPPort 25
2025-03-17T10:12:11+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/d2f0ca37-6896-48de-a04d-23a2af8c66cb: get-configuration/20read is starting
2025-03-17T10:12:12+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/d2f0ca37-6896-48de-a04d-23a2af8c66cb: action "get-configuration" status is "completed" (0) at step validate-output.json
2025-03-17T10:12:12+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/01466109-7dc4-40f4-a1f5-847cc0f30936: get-configuration/20read is starting
2025-03-17T10:12:12+10:00 [1:lemonldapng5:lemonldapng5] Saved under number 2
2025-03-17T10:12:12+10:00 [1:lemonldapng5:lemonldapng5] [Mon Mar 17 00:12:12 2025] [LLNG:65] [error] Apply configuration for localhost: error 500 (Can't connect to localhost:80 (Connection refused))
2025-03-17T10:12:12+10:00 [1:lemonldapng5:lemonldapng5]             'localhost' => 'Error 500 (Can\'t connect to localhost:80 (Connection refused))'
2025-03-17T10:12:12+10:00 [1:lemonldapng5:lemonldapng5]           {
2025-03-17T10:12:12+10:00 [1:lemonldapng5:lemonldapng5]           }
2025-03-17T10:12:12+10:00 [1:lemonldapng5:lemonldapng5]         ];
2025-03-17T10:12:12+10:00 [1:lemonldapng5:lemonldapng5] Status  : [
2025-03-17T10:12:12+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/347637a3-26d3-4a3e-8f67-bbcfe194269b: get-status/20read is starting
2025-03-17T10:12:12+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/01466109-7dc4-40f4-a1f5-847cc0f30936: action "get-configuration" status is "completed" (0) at step validate-output.json
2025-03-17T10:12:13+10:00 [1:lemonldapng5:systemd] Started Podman  lemonldapng-app.service.
2025-03-17T10:12:13+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/347637a3-26d3-4a3e-8f67-bbcfe194269b: action "get-status" status is "completed" (0) at step validate-output.json
2025-03-17T10:12:37+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/cdb60444-75ca-4207-8eae-3864ff6885b6: get-configuration/20read is starting
2025-03-17T10:12:38+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/cdb60444-75ca-4207-8eae-3864ff6885b6: action "get-configuration" status is "completed" (0) at step validate-output.json
2025-03-17T10:12:38+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/770b67bb-3576-4de3-a4e4-0a222edc7ffb: get-configuration/20read is starting
2025-03-17T10:12:39+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/ed076936-a6ad-468e-93be-849727b59ebf: get-status/20read is starting
2025-03-17T10:12:39+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/770b67bb-3576-4de3-a4e4-0a222edc7ffb: action "get-configuration" status is "completed" (0) at step validate-output.json
2025-03-17T10:12:40+10:00 [1:lemonldapng5:agent@lemonldapng5] task/module/lemonldapng5/ed076936-a6ad-468e-93be-849727b59ebf: action "get-status" status is "completed" (0) at step validate-output.json

Screen Shot 2025-03-17 at 10.20.18 am
Screen Shot 2025-03-17 at 10.20.18 am1920×1080 108 KB

Screen Shot 2025-03-17 at 10.20.35 am
Screen Shot 2025-03-17 at 10.20.35 am1920×1080 116 KB

and unfortunately still results in Bad Gateway

1 Like
28

I try, maybe I have a fast machine and we need to implement a test to verify the container is fully up

1 Like
29

i can reproduce, but I still do not understand why

1 Like
30

To be fair I’ve done absolutely nothing in regard to debugging yet (it could be my machine or setup)

31

absolutely not, the concern is inside the container I use, I should check today

32

add-module ghcr.io/stephdl/lemonldapng:1.0.0-dev.2

The container itself got an issue, I switched to coudot’s container, I need to make a bug report

2 Likes
33

Openldap workable, lets go to samba AD

2 Likes
34

this one loads

2 Likes
35

add-module ghcr.io/stephdl/lemonldapng:1.0.0-dev.4

the LDAP should be workable, AD and LDAP, basically the administrator is the master user, but any user of the ldap could login
user inside domain admins are also administrator

We could create a dedicated group for this
like ssoadmins
thoughts ???

@shane @danb35 if you want to play to allow apps inside the SSO, I am curious

2 Likes
36

image
image1235×567 16.4 KB

And we have the mail field
thanks @davidep

3 Likes
37

this version works well, if I go through and workout the mapping for the additional variable do you think we could add those to the default exported variables (i.e., sn- surname, givenName, etc.) it would make things a lot easier in terms of setting up saml.

at the moment the variables I have are

Screen Shot 2025-03-20 at 09.51.11 am
Screen Shot 2025-03-20 at 09.51.11 am1884×1478 209 KB

I’m sure there is more to add (i.e., address, website, etc) but this gives a good amount of integration options for apps

Update: I’ve tried locating the image files (i.e., logos, apps and backgrounds) but I can’t find them maybe they need to be created as separate volumes that link to the Podman image

Screen Shot 2025-03-20 at 10.42.49 am
Screen Shot 2025-03-20 at 10.42.49 am2122×838 62.7 KB

2 Likes
38

No problem
continue to study your needs we can implement it

2 Likes
39

is that what you are looking for, so

runagent -m lemonldapng1
cd llng

I need to write the readme

2 Likes
40

@Shane_Treweek what do you think

What you showed seemed a bit specific, anyway please argue if not

1 Like
41

This is good your right about mine being a bit specific

42

Ok
let me release a new testing version
after what it could be fun is to write a howto on how to protect some apps like mattermost or nextcloud

1 Like