From c654682ee571e003e593704453181eb04d27445d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Paul=20Gon=C3=A7alves=20Monnet?= Date: Fri, 31 May 2024 13:57:36 +0200 Subject: [PATCH] Add the linux server setup part with : - 3. Clone the Repository - 4. Create the .env File - 5. Build and Run the Docker Container - Add a summary --- Docs/server.md | 54 +++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 51 insertions(+), 3 deletions(-) diff --git a/Docs/server.md b/Docs/server.md index 1aa1384..231ec66 100644 --- a/Docs/server.md +++ b/Docs/server.md @@ -1,5 +1,15 @@ # Server install +# **Summary** +- [The Active Directory part](./server.md/#the-active-directory-part) + - [1. Modify the LDAP Schema](./server.md/#1-modify-the-ldap-schema) + - [2. Create an LDAP User for Sync](./server.md/#2-create-an-ldap-user-for-sync) +- [The Linux Part](./server.md/#the-linux-part) + - [3. Clone the Repository](./server.md/#3-clone-the-repository) + - [4. Create the .env File](./server.md/#4-create-the-env-file) + - [5. Build and Run the Docker Container](./server.md/#5-build-and-run-the-docker-container) +# The Active Directory part + ## 1. Modify the LDAP Schema To add the `rFIDUID` attribute to your LDAP schema, follow these steps: @@ -30,7 +40,7 @@ To add the `rFIDUID` attribute to your LDAP schema, follow these steps: 3. **Add the Attribute to a Class**: Update the user class to include the `rFIDUID` attribute. ```powershell # Find the user class - $userClass = Get-ADObject -LDAPFilter "(cn=user)" -SearchBase "CN=Schema,CN=Configuration,DC=ad,DC=bts,DC=com" -SearchScope Base + $userClass = Get-ADObject -LDAPFilter "(cn=user)" -SearchBase "CN=Schema,CN=Configuration,DC=your-domain,DC=com" -SearchScope Base # Add the new attribute to the user class Set-ADObject -Identity $userClass -Add @{mayContain="rFIDUID"} @@ -40,7 +50,7 @@ To add the `rFIDUID` attribute to your LDAP schema, follow these steps: Create a dedicated LDAP user for synchronizing data: ⚠️ Do not forget to replace the domain by yours and the password by a strong one. ```powershell - New-ADUser -Name "RO.RF-AD" ` + New-ADUser -Name "RO.RF-AD" ` #You can change this if you want -GivenName "ReadOnly" ` -Surname "AD" ` -UserPrincipalName "RO.RF-AD@your-domain.com" ` @@ -51,5 +61,43 @@ Create a dedicated LDAP user for synchronizing data: # Grant read permissions $ldapUser = Get-ADUser -Identity "RO.RF-AD" Add-ADPermission -Identity "OU=Users,DC=your-domain,DC=com" -User $ldapUser -AccessRights ReadProperty - ``` +``` + +# The Linux Part + +For this part you'll need docker, you can frollow this tutorial to install it proprely +➡️ [Official Guide to install docker](https://docs.docker.com/engine/install/) +⚠️ I cannot guarantee the accuracy of the information contained in this guide. ⚠️ +## 3. Clone the Repository + +```bash +git clone https://github.com/jeanGaston/RF-AD.git +``` +Then navigate into the server folder +```bash +cd ./RD-AD/Server +``` +## 4. Create the .env File + +Create a .env file in the [server directory](../Server/) with the following content: + +``` +LDAPUSER=[The user you have created earlier] +LDAPPASS=[The password you have created earlier] +LDAP_SERVER=ldap://[The IP of your DC] +DOOR_ACCESS_GROUPS_DN=[The DN of the OU containing groups assiociated with doors] +USERS_DN=[The DN of the OU containing the users] +DBFILE=/db/data.db #You can change this if you want +WebServerPORT=5000 #You can change this if you want +``` +⚠️ **IF YOU CHANGE THE WEB SERVER PORT** ⚠️ +You'll need to change it in the [reader code](../Client/main.py) and in the [docker-compose.yml](../Server/docker-compose.yml) and [dockerfile](../Server/Dockerfile) + +## 5. Build and Run the Docker Container + +Execute this code +```bash +docker-compose build --no-cache +docker-compose up +```