1 files changed, 31 insertions, 97 deletions
diff --git a/templates/config.php.epp b/templates/config.php.epp
index fe09a00..2031945 100644
--- a/templates/config.php.epp
+++ b/templates/config.php.epp
@@ -1,36 +1,3 @@
-<?php
-/**
- * The phpLDAPadmin config file
- * See: http://phpldapadmin.sourceforge.net/wiki/index.php/Config.php
- *
- * This is where you can customise some of the phpLDAPadmin defaults
- * that are defined in config_default.php.
- *
- * To override a default, use the $config->custom variable to do so.
- * For example, the default for defining the language in config_default.php
- *
- * $this->default->appearance['language'] = array(
- *  'desc'=>'Language',
- *  'default'=>'auto');
- *
- * to override this, use $config->custom->appearance['language'] = 'en_EN';
- *
- * This file is also used to configure your LDAP server connections.
- *
- * You must specify at least one LDAP server there. You may add
- * as many as you like. You can also specify your language, and
- * many other options.
- *
- * NOTE: Commented out values in this file prefixed by //, represent the
- * defaults that have been defined in config_default.php.
- * Commented out values prefixed by #, dont reflect their default value, you can
- * check config_default.php if you want to see what the default is.
- *
- * DONT change config_default.php, you changes will be lost by the next release
- * of PLA. Instead change this file - as it will NOT be replaced by a new
- * version of phpLDAPadmin.
- */
-
 /*********************************************
  * Useful important configuration overrides  *
  *********************************************/
@@ -42,9 +9,11 @@ $config->custom->debug['syslog'] = true;
 $config->custom->debug['file'] = '/tmp/pla_debug.log';
 <%- } -%>
 
-/* phpLDAPadmin can encrypt the content of sensitive cookies if you set this
-   to a big random string. */
-// $config->custom->session['blowfish'] = null;
+$config->custom->session['blowfish'] = <% if $phpldapadmin::blowfish_secret { -%>
+"<%= $phpldapadmin::blowfish_secret %>"
+<%- } else { -%>
+null
+<%- } -%>;
 
 /* If your auth_type is http, you can override your HTTP Authentication Realm. */
 // $config->custom->session['http_realm'] = sprintf('%s %s',app_name(),'login');
@@ -259,7 +228,7 @@ $config->custom->appearance['friendly_attrs'] = array(
  *********************************************/
 
 /* Add "modify group members" link to the attribute. */
-// $config->custom->modify_member['groupattr'] = array('member','uniqueMember','memberUid','sudoUser');
+$config->custom->modify_member['groupattr'] = array('member','uniqueMember','memberUid','sudoUser');
 
 /* Configure filter for member search. This only applies to "modify group members" feature */
 // $config->custom->modify_member['filter'] = '(objectclass=Person)';
@@ -268,9 +237,9 @@ $config->custom->appearance['friendly_attrs'] = array(
 // $config->custom->modify_member['attr'] = 'dn';
 
 /* For Posix attributes */
-// $config->custom->modify_member['posixattr'] = 'uid';
-// $config->custom->modify_member['posixfilter'] = '(uid=*)';
-// $config->custom->modify_member['posixgroupattr'] = 'memberUid';
+$config->custom->modify_member['posixattr'] = 'uid';
+$config->custom->modify_member['posixfilter'] = '(uid=*)';
+$config->custom->modify_member['posixgroupattr'] = 'memberUid';
 
 /*********************************************
  * Support for attrs display order           *
@@ -301,28 +270,26 @@ $config->custom->appearance['friendly_attrs'] = array(
 
 $servers = new Datastore();
 
-/* $servers->NewServer('ldap_pla') must be called before each new LDAP server
-   declaration. */
+<%- $phpldapadmin::ldap_servers.each |$server| { -%>
 $servers->newServer('ldap_pla');
+  <%- if $server['name'] { -%>
+    $servers->setValue('server','name','<%= $server['name'] %>');
+  <%- } -%>
+  $servers->setValue('server','host','<%= $server['server'] %>');
+  <%- if $server['port'] { -%>
+    $servers->setValue('server','name','<%= $server['port'] %>');
+  <%- } -%>
+<%- } -%>
 
-/* A convenient name that will appear in the tree viewer and throughout
-   phpLDAPadmin to identify this LDAP server to users. */
-$servers->setValue('server','name','<%= $phpldapadmin::servername %>');
-
-/* Examples:
-   'ldap.example.com',
-   'ldaps://ldap.example.com/',
-   'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
-           (Unix socket at /usr/local/var/run/ldap) */
-$servers->setValue('server','host','<%= $phpldapadmin::server_uri %>');
 
-/* The port your LDAP server listens on (no quotes). 389 is standard. */
-$servers->setValue('server','port',<%= $phpldapadmin::port %>);
+<% unless $phpldapadmin::base_dn =~ Undef { -%>
+$servers->setValue('server','base',array(
+  <%- $phpldapadmin::base_dn.each |$dn| { -%>
+  '<%= $dn %>',
+  <%- } -%>
+));
+<% } -%>
 
-/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
-   auto-detect it for you. */
-// TODO
-// $servers->setValue('server','base',array(''));
 
 /* Five options for auth_type:
    1. 'cookie': you will login via a web form, and a client-side cookie will
@@ -450,11 +417,9 @@ $servers->setValue('login','auth_type','<%= $phpldapadmin::auth_type %>');
    setup. */
 // $servers->setValue('login','class',array());
 
-/* If login_attr was set to 'dn', it is possible to specify a template string to
-   build the DN from. Use '%s' where user input should be inserted. A user may
-   still enter the complete DN. In this case the template will not be used. */
-// $servers->setValue('login','bind_dn_template',null);
-#  $servers->setValue('login','bind_dn_template','cn=%s,ou=people,dc=example,dc=com');
+<% if $phpldapadmin::bind_dn_template { -%>
+$servers->setValue('login','bind_dn_template', '<%= $phpldapadmin::bind_dn_template %>');
+<% } %>
 
 /* If you specified something different from 'dn', for example 'uid', as the
    login_attr above, you can optionally specify here to fall back to
@@ -474,40 +439,11 @@ $servers->setValue('login','auth_type','<%= $phpldapadmin::auth_type %>');
 // $servers->setValue('appearance','show_create',true);
 
 /* Set to true if you would like to initially open the first level of each tree. */
-// $servers->setValue('appearance','open_tree',false);
+$servers->setValue('appearance','open_tree',<%= $phpldapadmin::open_tree %>);
 
 /* Set to true to display authorization ID in place of login dn (PHP 7.2+) */
 // $servers->setValue('appearance','show_authz',false);
 
-/* This feature allows phpLDAPadmin to automatically determine the next
-   available uidNumber for a new entry. */
-// $servers->setValue('auto_number','enable',true);
-
-/* The mechanism to use when finding the next available uidNumber. Two possible
-   values: 'uidpool' or 'search'.
-   The 'uidpool' mechanism uses an existing uidPool entry in your LDAP server to
-   blindly lookup the next available uidNumber. The 'search' mechanism searches
-   for entries with a uidNumber value and finds the first available uidNumber
-   (slower). */
-// $servers->setValue('auto_number','mechanism','search');
-
-/* The DN of the search base when the 'search' mechanism is used above. */
-#  $servers->setValue('auto_number','search_base','ou=People,dc=example,dc=com');
-
-/* The minimum number to use when searching for the next available number
-   (only when 'search' is used for auto_number. */
-// $servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
-
-/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
-   searching for the uidnumber. The idea is, this user id would have full
-   (readonly) access to uidnumber in your ldap directory (the logged in user
-   may not), so that you can be guaranteed to get a unique uidnumber for your
-   directory. */
-// $servers->setValue('auto_number','dn',null);
-
-/* The password for the dn above. */
-// $servers->setValue('auto_number','pass',null);
-
 /* Enable anonymous bind login. */
 // $servers->setValue('login','anon_bind',true);
 
@@ -644,7 +580,5 @@ $servers->setValue('server','force_may',array('uidNumber','gidNumber','sambaSID'
 
 
 $config->custom->session['reCAPTCHA-enable'] = false;
-$config->custom->session['reCAPTCHA-key-site'] = '<put-here-key-site>';
-$config->custom->session['reCAPTCHA-key-server'] = '<put-here-key-server>';
-
-?>
+$config->custom->session['reCAPTCHA-key-site'] = 'put-here-key-site';
+$config->custom->session['reCAPTCHA-key-server'] = 'put-here-key-server';