FusionIAM issueshttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues2021-09-28T10:50:38Zhttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/1Graphical theme for all products2021-09-28T10:50:38ZClément OUDOTGraphical theme for all productsWe should start to create a FusionIAM for each product:
* Fusion Directory
* LemonLDAP::NG
* LTB White Pages
I propose this image as background: https://fusioniam.org//wp-content//uploads//2018//06//fusioniam-wallpaper-blue-1600px.jpgWe should start to create a FusionIAM for each product:
* Fusion Directory
* LemonLDAP::NG
* LTB White Pages
I propose this image as background: https://fusioniam.org//wp-content//uploads//2018//06//fusioniam-wallpaper-blue-1600px.jpgv1.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/2Documentation2023-10-30T13:59:32ZClément OUDOTDocumentationAs first step, we should have a documentation to install all components and configure them so they work together.
This documentation should be done for Debian and CentOS.As first step, we should have a documentation to install all components and configure them so they work together.
This documentation should be done for Debian and CentOS.v1.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/3OpenLDAP LTB initial configuration and data2023-12-11T16:46:33ZClément OUDOTOpenLDAP LTB initial configuration and dataWe can discuss here of which feature should be activated in OpenLDAP LTB configuration.
This configuration needs to be provided inside our repository.
We also need to import initial data (branches, default admin user, default password ...We can discuss here of which feature should be activated in OpenLDAP LTB configuration.
This configuration needs to be provided inside our repository.
We also need to import initial data (branches, default admin user, default password policy, DSA accounts).v1.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/4LemonLDAP::NG initial configuration2021-09-14T20:20:16ZClément OUDOTLemonLDAP::NG initial configurationWe need to decide which features will be enabled by default.We need to decide which features will be enabled by default.v1.0Clément OUDOTClément OUDOThttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/5Fusion Directory initial configuration2023-01-06T09:55:46ZClément OUDOTFusion Directory initial configurationWe need to select which plugins will be installed, and which configuration will be used.
The SSO mode must be configured in include FD in LL::NG.We need to select which plugins will be installed, and which configuration will be used.
The SSO mode must be configured in include FD in LL::NG.v1.0dcoutadeur dcoutadeurdcoutadeur dcoutadeurhttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/7Kerberos server2023-07-18T11:49:35ZClément OUDOTKerberos serverWe could include a Kerberos server, using our LDAP directory as authentication backendWe could include a Kerberos server, using our LDAP directory as authentication backendWishlisthttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/9Dashboards2021-07-04T20:19:30ZClément OUDOTDashboardsDeploy grafana and check open metrics of every componentsDeploy grafana and check open metrics of every componentsWishlisthttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/12duplicate keys in postgresql during lemonldap initial configuration2023-07-18T11:36:53Zdcoutadeur dcoutadeurduplicate keys in postgresql during lemonldap initial configurationHi,
During lemonldap initial configuration, we get these types of messages:
```
2022-03-07 16:50:04.771 UTC [116] ERROR: duplicate key value violates unique constraint "lmconfig_pkey"
2022-03-07 16:50:04.771 UTC [116] DETAIL: Key (cf...Hi,
During lemonldap initial configuration, we get these types of messages:
```
2022-03-07 16:50:04.771 UTC [116] ERROR: duplicate key value violates unique constraint "lmconfig_pkey"
2022-03-07 16:50:04.771 UTC [116] DETAIL: Key (cfgnum)=(1) already exists.
2022-03-07 16:50:04.771 UTC [116] STATEMENT: INSERT INTO lmConfig (data,cfgNum) VALUES ($1,$2)
2022-03-07 16:50:05.245 UTC [118] ERROR: duplicate key value violates unique constraint "lmconfig_pkey"
2022-03-07 16:50:05.245 UTC [118] DETAIL: Key (cfgnum)=(1) already exists.
2022-03-07 16:50:05.245 UTC [118] STATEMENT: INSERT INTO lmConfig (data,cfgNum) VALUES ($1,$2)
2022-03-07 16:50:05.409 UTC [119] ERROR: duplicate key value violates unique constraint "lmconfig_pkey"
2022-03-07 16:50:05.409 UTC [119] DETAIL: Key (cfgnum)=(1) already exists.
2022-03-07 16:50:05.409 UTC [119] STATEMENT: INSERT INTO lmConfig (data,cfgNum) VALUES ($1,$2)
2022-03-07 16:51:41.316 UTC [511] ERROR: duplicate key value violates unique constraint "lmconfig_pkey"
2022-03-07 16:51:41.316 UTC [511] DETAIL: Key (cfgnum)=(193) already exists.
2022-03-07 16:51:41.316 UTC [511] STATEMENT: INSERT INTO lmConfig (data,cfgNum) VALUES ($1,$2)
```
Maybe the process that store each key is launched in parallel, causing duplicate configuration number?https://gitlab.ow2.org/fusioniam/fusioniam/-/issues/26make reloadUrl work2023-07-26T16:53:31Zdcoutadeur dcoutadeurmake reloadUrl workcurrently, reloadUrl is blocked on localhost.
- reloadUrl should use reload.[domain]:[local_port]
- /reload nginx endpoint should be authorized from fastcgi container
- /reload nginx endpoint should be reachable from fastcgi containercurrently, reloadUrl is blocked on localhost.
- reloadUrl should use reload.[domain]:[local_port]
- /reload nginx endpoint should be authorized from fastcgi container
- /reload nginx endpoint should be reachable from fastcgi containerv1.0dcoutadeur dcoutadeurdcoutadeur dcoutadeurhttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/27Configure access to FD REST services2023-06-05T09:55:33ZClément OUDOTConfigure access to FD REST servicesCurrently FD vhost is protected by LL::NG, we should unprotect `^/rest.php` and add HTTP Basic authentication instead. User/Password should be provided by configuration.Currently FD vhost is protected by LL::NG, we should unprotect `^/rest.php` and add HTTP Basic authentication instead. User/Password should be provided by configuration.v1.0dcoutadeur dcoutadeurdcoutadeur dcoutadeurhttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/28manage wp logs when container not started as root2023-07-18T11:19:37Zdcoutadeur dcoutadeurmanage wp logs when container not started as root- must test with kubernetes / oc for container not started as root- must test with kubernetes / oc for container not started as rootv1.0https://gitlab.ow2.org/fusioniam/fusioniam/-/issues/29manage sd logs when container not started as root2023-07-18T11:19:24Zdcoutadeur dcoutadeurmanage sd logs when container not started as root- must test with kubernetes / oc for container not started as root- must test with kubernetes / oc for container not started as rootv1.0https://gitlab.ow2.org/fusioniam/fusioniam/-/issues/36import accountcreation component2023-04-04T09:46:19Zdcoutadeur dcoutadeurimport accountcreation componentadd new importcreation tool into FusionIAMadd new importcreation tool into FusionIAMhttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/42Make lighter image2023-07-19T18:14:28Zdcoutadeur dcoutadeurMake lighter imagecurrent docker image:
- are too heavy
- contains too much useless packages, which are marked as compromised by security analysis tools.
We should use a lighter base image, and remove useless tools for production (vim)current docker image:
- are too heavy
- contains too much useless packages, which are marked as compromised by security analysis tools.
We should use a lighter base image, and remove useless tools for production (vim)v1.0https://gitlab.ow2.org/fusioniam/fusioniam/-/issues/44provide files and documentation for kubernetes / openshift2023-07-19T09:51:55Zdcoutadeur dcoutadeurprovide files and documentation for kubernetes / openshiftprovide files and documentation for kubernetes / openshift
Maybe these files should be in a different, dedicated repository? (to discuss)provide files and documentation for kubernetes / openshift
Maybe these files should be in a different, dedicated repository? (to discuss)v1.0https://gitlab.ow2.org/fusioniam/fusioniam/-/issues/48add new map feature in white-pages2023-07-24T15:33:06Zdcoutadeur dcoutadeuradd new map feature in white-pagesThis feature is available since 0.4:
https://white-pages.readthedocs.io/en/latest/mapmenu.html
Take care about these topics:
- use cache
- make a crontab task for updating the cache
- unprotect /geoip url in lemonldap manager is quite i...This feature is available since 0.4:
https://white-pages.readthedocs.io/en/latest/mapmenu.html
Take care about these topics:
- use cache
- make a crontab task for updating the cache
- unprotect /geoip url in lemonldap manager is quite insecure. We should fine a better way to access this urldcoutadeur dcoutadeurdcoutadeur dcoutadeurhttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/50Adapt README for 1.0 release2023-10-30T13:59:33Zdcoutadeur dcoutadeurAdapt README for 1.0 release- explain deployement from scratch with docker-compose (creation of volume directories,...)
- explain how to use it with kubernetes/openshift
- make an upgrade section? (to explain how to upgrade from fusioniam-1.x to 1.y)- explain deployement from scratch with docker-compose (creation of volume directories,...)
- explain how to use it with kubernetes/openshift
- make an upgrade section? (to explain how to upgrade from fusioniam-1.x to 1.y)v1.0https://gitlab.ow2.org/fusioniam/fusioniam/-/issues/58install Fusion Directory via packages and not from sources2023-12-11T16:55:16Zdcoutadeur dcoutadeurinstall Fusion Directory via packages and not from sourcesIt is a more simple and maintainable option to install Fusion Directory via packages.
This topic is opened to discussion. (for example, continuing fetching the source is a way to have more frequent updates)It is a more simple and maintainable option to install Fusion Directory via packages.
This topic is opened to discussion. (for example, continuing fetching the source is a way to have more frequent updates)Wishlisthttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/65Missing use of LDAP_PROTO in FD deploy-schema.sh2024-02-12T18:13:00ZAlban Espié-GuillonMissing use of LDAP_PROTO in FD deploy-schema.shIn the deploy-schema.sh file used for FusionDirectory, the LDAP protocol is hard coded as `ldap`
e.g. :
```bash
SCHEMAS=$( php -d include_path=${FD_HOME_PATH}/tools ${FD_HOME_PATH}/tools/fusiondirectory-schema-manager --simplebind --l...In the deploy-schema.sh file used for FusionDirectory, the LDAP protocol is hard coded as `ldap`
e.g. :
```bash
SCHEMAS=$( php -d include_path=${FD_HOME_PATH}/tools ${FD_HOME_PATH}/tools/fusiondirectory-schema-manager --simplebind --ldapuri "ldap://${LDAP_HOST}:${LDAP_PORT}" --binddn "cn=config" --bindpwd "${ACCCONFIGROOTPW}" --list-schemas | grep -v -E '^Schemas:' | sed -e 's/[ \t]*\([^:]\+\):.*/\1/' )
```
It should use the LDAP_PROTO variablehttps://gitlab.ow2.org/fusioniam/fusioniam/-/issues/66pull access denied with docker-compose2024-02-08T10:56:58ZClément OUDOTpull access denied with docker-compose```
sudo docker compose up -d
[+] Running 11/11
✘ fusioniam-directory-server Error 1.8s
✘ fusioniam-access-manager-nginx Error 1.8s
✘ fusioniam-white-pages-nginx Error 1.8s
✘ fusioniam-service-desk-nginx Error 1.8s
✘ fusioniam-database E...```
sudo docker compose up -d
[+] Running 11/11
✘ fusioniam-directory-server Error 1.8s
✘ fusioniam-access-manager-nginx Error 1.8s
✘ fusioniam-white-pages-nginx Error 1.8s
✘ fusioniam-service-desk-nginx Error 1.8s
✘ fusioniam-database Error 1.8s
✘ fusioniam-service-desk-php-fpm Error 1.8s
✘ fusioniam-white-pages-php-fpm Error 1.8s
✘ fusioniam-access-manager-cron Error 1.8s
✘ fusioniam-fusiondirectory-php-fpm Error 1.8s
✘ fusioniam-fusiondirectory-nginx Error 1.8s
✘ fusioniam-access-manager-fastcgi-server Error 1.8s
Error response from daemon: pull access denied for fusioniam-openldap-ltb, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
```