diff --git a/defaults/config.js b/defaults/config.js index aaaf0276..f4b1acf2 100644 --- a/defaults/config.js +++ b/defaults/config.js @@ -65,7 +65,7 @@ module.exports = { // These settings are used to run The Lounge's web server using encrypted TLS. // // If you want more control over the webserver, - // [use a reverse proxy instead](https://thelounge.chat/docs/guides/reverse-proxies.html). + // [use a reverse proxy instead](https://thelounge.chat/docs/guides/reverse-proxies). // // The available keys for the `https` object are: // @@ -93,7 +93,7 @@ module.exports = { // // The Lounge ships with two themes (`default` and `morning`) and can be // extended by installing more themes. Read more about how to manage them - // [here](https://thelounge.chat/docs/plugins/themes.html). + // [here](https://thelounge.chat/docs/guides/theme-creation). // // This value needs to be the package name and not the display name. For // example, the value for Morning would be `morning`, and the value for @@ -385,10 +385,13 @@ module.exports = { // The available keys for the `ldap` object are: ldap: { // - `enable`: when set to `false`, LDAP support is disabled and all other - // values are ignored. + // values are ignored. enable: false, - // - `url` + + // - `url`: A url of the form `ldaps://:`. + // For plain connections, use the `ldap` scheme. url: "ldaps://example.com", + // - `tlsOptions`: LDAP connection TLS options (only used if scheme is // `ldaps://`). It is an object whose values are Node.js' `tls.connect()` // options. It is set to `{}` by default. @@ -400,11 +403,14 @@ module.exports = { // } // ``` tlsOptions: {}, - // - `baseDN`: LDAP base DN, alternative to `searchDN`. For example, set it - // to `"ou=accounts,dc=example,dc=com"`. - // It is not set by default, to use `searchDN` instead. + // - `primaryKey`: LDAP primary key. It is set to `"uid"` by default. primaryKey: "uid", + + // - `baseDN`: LDAP base DN, alternative to `searchDN`. For example, set it + // to `"ou=accounts,dc=example,dc=com"`. + // When unset, the LDAP auth logic with use `searchDN` instead to locate users. + // - `searchDN`: LDAP search DN settings. This defines the procedure by // which The Lounge first looks for the user DN before authenticating them. // It is ignored if `baseDN` is specified. It is an object with the @@ -416,14 +422,18 @@ module.exports = { // It is set to `"cn=thelounge,ou=system-users,dc=example,dc=com"` by // default. rootDN: "cn=thelounge,ou=system-users,dc=example,dc=com", + // - `rootPassword`: Password of The Lounge LDAP system user. rootPassword: "1234", + // - `ldapFilter`: it is set to `"(objectClass=person)(memberOf=ou=accounts,dc=example,dc=com)"` // by default. filter: "(objectClass=person)(memberOf=ou=accounts,dc=example,dc=com)", + // - `base`: LDAP search base (search only within this node). It is set // to `"dc=example,dc=com"` by default. base: "dc=example,dc=com", + // - `scope`: LDAP search scope. It is set to `"sub"` by default. scope: "sub", },