From b32dd42672811a6a22cd4b747e32faee48b36c54 Mon Sep 17 00:00:00 2001
From: Hinrikus Wolf <hinrikus@fsmpi.rwth-aachen.de>
Date: Thu, 16 Jul 2020 22:42:42 +0200
Subject: [PATCH] add ldap authentication plugin to pretix

---
 uwsgi-python/tasks/apps/pretix.yml    |  1 +
 uwsgi-python/templates/apps/pretix.j2 | 12 ++++++++++++
 uwsgi-python/vars/pretix.yml          |  8 ++++++++
 3 files changed, 21 insertions(+)

diff --git a/uwsgi-python/tasks/apps/pretix.yml b/uwsgi-python/tasks/apps/pretix.yml
index 0e20830..a09a3c6 100644
--- a/uwsgi-python/tasks/apps/pretix.yml
+++ b/uwsgi-python/tasks/apps/pretix.yml
@@ -64,6 +64,7 @@
     chdir: "{{app_path}}"
   with_items:
     - rebuild
+    - compress
   notify:
     - "restart uwsgi instance {{app.instance}}"
 
diff --git a/uwsgi-python/templates/apps/pretix.j2 b/uwsgi-python/templates/apps/pretix.j2
index 50f4e6a..3225804 100644
--- a/uwsgi-python/templates/apps/pretix.j2
+++ b/uwsgi-python/templates/apps/pretix.j2
@@ -12,6 +12,10 @@ long_sessions={{ pretix_long_sessions }}
 ecb_rates={{ pretix_ecb_rates }}
 audit_comments={{ pretix_audit_comments }}
 
+{% if pretix_ldap %}
+auth_backend=pretix_ldap.LDAPAuthBackend
+{% endif %}
+
 [database]
 backend=postgresql
 name={{ app_db_name }}
@@ -66,6 +70,14 @@ dsn={{ pretix_sentry_dsn }}
 [tools]
 pdftk={{ pretix_tools_pdftk }}
 {% endif %}
+{% if pretix_ldap %}
+[ldap]
+bind_url={{ pretix_ldap_bind_url }}
+bind_dn={{ pretix_ldap_bind_dn }}
+bind_password={{ pretix_ldap_password }}
+search_base={{ pretix_ldap_search_base }}
+search_filter={{ pretix_ldap_search_filter }}
+{% endif %}
 
 [entropy]
 order_code={{ pretix_entropy_order_code }}
diff --git a/uwsgi-python/vars/pretix.yml b/uwsgi-python/vars/pretix.yml
index 32eccb4..f9f40e1 100644
--- a/uwsgi-python/vars/pretix.yml
+++ b/uwsgi-python/vars/pretix.yml
@@ -90,3 +90,11 @@ pretix_tools_pdftk: '/usr/bin/pdftk'
 pretix_entropy_order_code: 5  # <16
 pretix_entropy_ticket_secret: 32  # <64
 pretix_entropy_voucher_code: 16  # <255
+
+pretix_ldap: false # do not forget to enable it via plugins
+pretix_ldap_bind_url: "ldaps://ad.example.com"
+pretix_ldap_bind_dn: "EXAMPLE\user"
+pretix_ldap_password: "secret"
+pretix_ldap_search_base: "cn=User,dc=example,dc=com"
+pretix_ldap_search_filter: "(&(objectClass=inetOrgPerson)(mail={email}))"
+
-- 
GitLab