feat(cli): allow setting config vars via cli

This commit is contained in:
simon 2020-02-28 10:31:14 +01:00
parent e8b9462c58
commit d9ff95bbbb
4 changed files with 59 additions and 21 deletions

View File

@ -23,10 +23,10 @@ module.exports = {
authentication: 'GoogleLDAPAuth',
authenticationOptions: {
base: 'dc=hokify,dc=com',
tlsOptions: {
// get your keys from http://admin.google.com/ -> Apps -> LDAP -> Client
key: fs.readFileSync('ldap.gsuite.key'),
cert: fs.readFileSync('ldap.gsuite.crt')
tls: {
keyFile: 'ldap.gsuite.key',
certFile: 'ldap.gsuite.crt'
}
}
@ -35,9 +35,11 @@ module.exports = {
authenticationOptions: {
url: 'ldaps://ldap.google.com',
base: 'dc=hokify,dc=com',
tls: {
keyFile: 'ldap.gsuite.key',
certFile: 'ldap.gsuite.crt'
},
tlsOptions: {
key: fs.readFileSync('ldap.gsuite.key'),
cert: fs.readFileSync('ldap.gsuite.crt'),
servername: 'ldap.google.com'
}
}

View File

@ -1,3 +1,4 @@
import * as yargs from 'yargs';
import { UDPServer } from './server/UDPServer';
import { RadiusService } from './radius/RadiusService';
@ -15,9 +16,25 @@ if (typeof (testSocket.tls as any).exportKeyingMaterial !== 'function') {
process.exit(-1);
}
console.log(`Listener Port: ${config.port || 1812}`);
console.log(`RADIUS Secret: ${config.secret}`);
console.log(`Auth Mode: ${config.authentication}`);
const { argv } = yargs
.usage('NODE RADIUS Server\nUsage: radius-server')
.example('radius-server --port 1812 -s radiussecret')
.default({
port: config.port || 1812,
s: config.secret || 'testing123',
authentication: config.authentication,
authenticationOptions: config.authenticationOptions
})
.describe('port', 'RADIUS server listener port')
.alias('s', 'secret')
.describe('secret', 'RADIUS secret')
.number('port')
.string(['secret', 'authentication']);
console.log(`Listener Port: ${argv.port || 1812}`);
console.log(`RADIUS Secret: ${argv.secret}`);
console.log(`Auth ${argv.authentication}`);
console.log(`Auth Config: ${JSON.stringify(argv.authenticationOptions, undefined, 3)}`);
(async () => {
/* configure auth mechansim */

View File

@ -1,6 +1,7 @@
import { ClientOptions, createClient } from 'ldapjs';
import debug from 'debug';
import * as tls from 'tls';
import * as fs from 'fs';
import { IAuthentication } from '../types/Authentication';
const usernameFields = ['posixUid', 'mail'];
@ -13,12 +14,16 @@ interface IGoogleLDAPAuthOptions {
/** base DN
* e.g. 'dc=hokify,dc=com', */
base: string;
tls: {
keyFile: string;
certFile: string;
};
/** tls options
* e.g. {
key: fs.readFileSync('ldap.gsuite.key'),
cert: fs.readFileSync('ldap.gsuite.crt')
} */
tlsOptions: tls.TlsOptions;
tlsOptions?: tls.TlsOptions;
}
export class GoogleLDAPAuth implements IAuthentication {
@ -33,12 +38,16 @@ export class GoogleLDAPAuth implements IAuthentication {
constructor(config: IGoogleLDAPAuthOptions) {
this.base = config.base;
const tlsOptions = {
key: fs.readFileSync(config.tls.keyFile),
cert: fs.readFileSync(config.tls.certFile),
servername: 'ldap.google.com',
...config.tlsOptions
};
this.config = {
url: 'ldaps://ldap.google.com:636',
tlsOptions: {
...config.tlsOptions,
servername: 'ldap.google.com'
}
tlsOptions
};
this.fetchDNs();

View File

@ -1,4 +1,5 @@
import * as LdapAuth from 'ldapauth-fork';
import * as fs from 'fs';
import { IAuthentication } from '../types/Authentication';
interface ILDAPAuthOptions {
@ -9,10 +10,13 @@ interface ILDAPAuthOptions {
/** base DN
* e.g. 'dc=hokify,dc=com', */
base: string;
tls: {
keyFile: string;
certFile: string;
};
/** tls options
* e.g. {
key: fs.readFileSync('ldap.gsuite.key'),
cert: fs.readFileSync('ldap.gsuite.crt'),
servername: 'ldap.google.com'
} */
tlsOptions?: any;
@ -25,12 +29,18 @@ interface ILDAPAuthOptions {
export class LDAPAuth implements IAuthentication {
private ldap: LdapAuth;
constructor(options: ILDAPAuthOptions) {
constructor(config: ILDAPAuthOptions) {
const tlsOptions = {
key: fs.readFileSync(config.tls.keyFile),
cert: fs.readFileSync(config.tls.certFile),
...config.tlsOptions
};
this.ldap = new LdapAuth({
url: options.url,
searchBase: options.base,
tlsOptions: options.tlsOptions,
searchFilter: options.searchFilter || '(uid={{username}})',
url: config.url,
searchBase: config.base,
tlsOptions,
searchFilter: config.searchFilter || '(uid={{username}})',
reconnect: true
});
this.ldap.on('error', function(err) {