HEre, I found One of the LAMP stacks, wodby/docker4php: Docker-based PHP stack (github.com)
its PHP image has granuler modules/extensions.
Might this be of help in helping reducing time to market?
whatever happened to this?
Came accross sso for mattermost, which is interesting, then remmebered this
For now it wonât be an official feature. Keycloak like the POC I tested relays on gitlab to authenticate and you will see the logo of gitlab for the login. This is not nice and could prone an error
Maybe it could be used as a separated module
How about implementing a bridge module, so that the official mattermost remains as is, but allows the ldap sync, for those that wantâŠ
I came accross this
- Introduce PORTAL_ENABLE_GITLAB_OAUTH environment variable to support mattermost authentication via Gitlab
LLNG works so well, i have never had the need to update it to the latest version since installing it on, infact i think it was designed for just that case, install, never think about updating. @danb35 is your module updated for NS7?
It was developed for NS7.
I know this, I was asking is the NS7 version update to the Latest LLNG?
Equally, i would like to link this here under BRINGING LLNG TO NS8 Install LemonLDAP::NG SSO/IAM on Nethserver - #145 by oneitonitram
The NS7 version doesnât depend on any particular version of LLNG. I havenât done anything to update it to the latest version, but it works fine for me with the latest version of LLNG.
As to bringing it to NS8, Iâd much prefer to see one capable, well-integrated[1] SSO solution for NS8 rather than several, none of which work all that well.
which would at a minimum mean that all of the âofficialâ NS8 apps can use it to authenticate, interchangeably with their ânativeâ authentication â©ïž
2 Likes
I would prefer that Much too as well⊠However i have been searching, ALOT
All available options can integrate with all available Apps at varied levels.
The biggest challenge has been.
getting one that checks all the boxes. Directly integrates with NS8 Ldap, Automatically without manual configs(i cant find any info for doing this with Authentik or Zitadel) abd both their communities, which ussually asnwers questions, have bene quier about this question.
KANIDM can do this, and even features SSH , SSO authentication, however alot of functions are still being implemented, And lacks a proper GUI, I have no intention of building one.
Others like Keycloack,Orxy Hydra, Gluu have no much difference with LLNG, so would rather retain what is already being used, than impelment another one that has nothing beyond to offer.
Solutions Like Defguard, while nifty, interesting and feature rich, currently Supports Defguard to Ldap one way sync, and not LDap to defguard⊠while it has wireguard VPN, which could work with what we already have for ns8, SSH SSO and others, still also leaves alot to be desiredâŠ
Others feature rich have very punitive License models beyond the core OSS
So Unless Nethesis and Nethserver Builds and Implements an OIDC/SAML/Outh2 provider that directly links with the integrated Ldap, and the provided SAML can be connected to the desired, or even those functions directly integrated to the apps, thats the best i could come up with thus far.
On this Note, i think the community as well as the Dev team should organise a video hangout to discuss this Matter.
That is a huge step forward! I will test it definetly.
Maybe you can add more parameters to php management?
2 Likes
which php settings ?
PHP Version
Time Out
⊠like in NS7 vhost
1 Like
for now only one php version, 8.3, but i can build a version to be 8.0, 8.1, 8.2
I wanted something simple, webserver and another module for database seems a bit complicated to be used, by non IT guys
in fact once configured you do
runagent -m lamp1 podman exec -ti lamp-app bash
then you can rsync, wget, sftp, git clone your web content to /app folder, set accordingly you config.php files and start to use it
3 Likes
Do you happen to know whether software firewalls also run in full WAF mode?
That would be important.
no firewall, but i do not understand, could you explain with a use case
Thatâs my use case
auto_prepend_file = "/path/to/your/file.php"
this is a really particular use case I suppose you need to set the path to the php file of the ninja firewall ?
