Dev

.env.docker

@@ -0,0 +1,109 @@
+##################################################
+# Application
+##################################################
+APP_NAME=Deming
+APP_ENV=production
+APP_FORCE_HTTPS=false
+APP_KEY=
+APP_DEBUG=true
+APP_URL=http://deming.yourdomain.com
+APP_TIMEZONE='Europe/Paris'
+APP_EDITOR=
+
+##################################################
+# Database
+##################################################
+DB_CONNECTION=mysql
+DB_HOST=mysql
+DB_PORT=3306
+DB_DATABASE=deming
+DB_USERNAME=deming_user
+DB_PASSWORD=demPasssword-123
+
+LOG_CHANNEL=stack
+
+BROADCAST_DRIVER=log
+CACHE_DRIVER=file
+QUEUE_CONNECTION=sync
+SESSION_DRIVER=file
+SESSION_LIFETIME=120
+
+##################################################
+# Mail
+##################################################
+MAIL_HOST='smtp.localhost'
+MAIL_PORT=2525
+MAIL_AUTH=true
+MAIL_SMTP_SECURE='ssl'     # 'ssl', 'tls' or null
+MAIL_SMTP_AUTO_TLS=false   # true / false
+MAIL_USERNAME=
+MAIL_PASSWORD=
+
+# MAIL_DKIM_DOMAIN = 'admin.local';
+# MAIL_DKIM_PRIVATE = '/path/to/private/key';
+# MAIL_DKIM_SELECTOR = 'default';   # Match your DKIM DNS selector
+# MAIL_DKIM_PASSPHRASE = '';        # Only if your key has a passphrase
+
+##################################################
+# LDAP
+##################################################
+# - If LDAP_ENABLED=true => try LDAP; on success, log the mapped local user in.
+#  - If LDAP fails and LDAP_FALLBACK_LOCAL=true => try local DB credentials.
+#  - If LDAP_ENABLED=false => only local DB credentials.
+
+LDAP_ENABLED=false
+LDAP_FALLBACK_LOCAL=true
+LDAP_AUTO_PROVISION=false
+
+# Config
+LDAP_LOGGING=false
+LDAP_CONNECTION=default
+LDAP_HOST=127.0.0.1
+LDAP_USERNAME="cn=admin,dc=example,dc=org"
+LDAP_PASSWORD=admin
+LDAP_PORT=389
+LDAP_BASE_DN="dc=example,dc=org"
+LDAP_TIMEOUT=5
+LDAP_SSL=false
+LDAP_TLS=false
+
+# Candidate attributes to identify the username entered in the form
+# Order matters: the first match wins.
+# OpenLDAP: uid, cn, mail ; AD: sAMAccountName, userPrincipalName, mail
+LDAP_LOGIN_ATTRIBUTES="uid,cn,mail,sAMAccountName,userPrincipalName"
+
+# Match user group or null for any group
+LDAP_GROUP=
+
+##################################################
+# Socialite
+##################################################
+
+# List of socialite providers separated by a space. Possible value : keycloak, oidc
+SOCIALITE_PROVIDERS=""
+
+KEYCLAOK_DISPLAY_NAME="Keycloak"
+KEYCLOAK_ALLOW_CREATE_USER=false
+KEYCLOAK_ALLOW_UPDATE_USER=false
+KEYCLOAK_DEFAULT_ROLE="auditee"
+KEYCLOAK_ROLE_CLAIM="resource_access.deming.roles.0"
+KEYCLOAK_ADDITIONAL_SCOPES="roles"
+
+KEYCLOAK_CLIENT_ID=deming
+KEYCLOAK_CLIENT_SECRET=secret
+KEYCLOAK_REDIRECT_URI=${APP_URL}auth/callback/keycloak
+KEYCLOAK_BASE_URL=https://keycloak.local
+KEYCLOAK_REALM=main
+
+OIDC_DISPLAY_NAME="Generic OIDC"
+OIDC_ALLOW_CREATE_USER=false
+OIDC_ALLOW_UPDATE_USER=false
+OIDC_DEFAULT_ROLE="auditee"
+OIDC_ROLE_CLAIM=""
+OIDC_ADDITIONAL_SCOPES="deming_role"
+
+OIDC_CLIENT_ID=deming
+OIDC_CLIENT_SECRET=deming
+OIDC_BASE_URL=http://auth.lan
+OIDC_SUFFIX=""
+OIDC_REDIRECT_URI=${APP_URL}auth/callback/oidc

.env.example

@@ -2,13 +2,13 @@
 # Application
 ##################################################
 APP_NAME=Deming
-APP_ENV=production
+APP_ENV=local
 APP_FORCE_HTTPS=false
-APP_KEY=
+APP_KEY=base64:zEAYO9a2F2XWcbgqNitf9gP/U8Qu6qIt95zy3uBYwwk=
 APP_DEBUG=true
-APP_URL=http://deming.yourdomain.com
+APP_URL=
 APP_TIMEZONE='Europe/Paris'
-APP_EDITOR=
+APP_BANNER_TEST=
 
 ##################################################
 # Database
@@ -50,7 +50,6 @@ MAIL_PASSWORD=
 # - If LDAP_ENABLED=true => try LDAP; on success, log the mapped local user in.
 #  - If LDAP fails and LDAP_FALLBACK_LOCAL=true => try local DB credentials.
 #  - If LDAP_ENABLED=false => only local DB credentials.
-
 LDAP_ENABLED=false
 LDAP_FALLBACK_LOCAL=true
 LDAP_AUTO_PROVISION=false
@@ -62,23 +61,15 @@ LDAP_HOST=127.0.0.1
 LDAP_USERNAME="cn=admin,dc=example,dc=org"
 LDAP_PASSWORD=admin
 LDAP_PORT=389
-LDAP_BASE_DN="dc=example,dc=org"
+LDAP_BASE_DN="cn=users,dc=example,dc=org"
 LDAP_TIMEOUT=5
 LDAP_SSL=false
 LDAP_TLS=false
-
-# Candidate attributes to identify the username entered in the form
-# Order matters: the first match wins.
-# OpenLDAP: uid, cn, mail ; AD: sAMAccountName, userPrincipalName, mail
-LDAP_LOGIN_ATTRIBUTES="uid,cn,mail,sAMAccountName,userPrincipalName"
-
-# Match user group or null for any group
-LDAP_GROUP=
+LDAP_LOGIN_ATTRIBUTES="cn"
 
 ##################################################
 # Socialite
 ##################################################
-
 # List of socialite providers separated by a space. Possible value : keycloak, oidc
 SOCIALITE_PROVIDERS=""
 
@@ -105,8 +96,5 @@ OIDC_ADDITIONAL_SCOPES="deming_role"
 OIDC_CLIENT_ID=deming
 OIDC_CLIENT_SECRET=deming
 OIDC_BASE_URL=http://auth.lan
-OIDC_SUFFIX=""
-OIDC_USE_ID_TOKEN=false     # true pour décoder le JWT
-OIDC_JWT_ALG=RS256          # RS256 ou HS256. utile uniquement avec OIDC_USE_ID_TOKEN=true
-OIDC_JWT_SECRET_OR_KEY=""   # secret pour HS256 ou clé au format PEM pour RS256
 OIDC_REDIRECT_URI=${APP_URL}auth/callback/oidc
+