First time setup/Admin notes show incorrect + LDAP default role not functioning
-
Hi all,
it seems the either the docs or first time install notes are incorrect regarding setting the default ldap role, first time install says the path is "/app/data/env" while the docs say "/app/data/env.sh"
I am not sure which is correct, as I can not get either to work.
I am also having to assume you get the role ID from the url like this "/admin/settings/roles/524eadcb-5b8b-4bf6-ae4e-7f0e02c54ed6" as that is also not in the docs.Any clarification on this would be appreciated, as well as a correction of whichever location is wrong.
First time install notes
https://docs.cloudron.io/apps/directus/
Thanks all!
-
Looking at
start.shscript of the app, both files are currently treated the same essentially: https://git.cloudron.io/packages/directus-app/-/blob/master/start.sh?ref_type=heads#L112The one in the long run will be
/app/data/env.shand I have fixed up the postinstall for the next package version now.For the role value, the id from the browser URL bar is indeed the correct ID, this only applies to first time login
-
N nebulon marked this topic as a question on
-
Looking at
start.shscript of the app, both files are currently treated the same essentially: https://git.cloudron.io/packages/directus-app/-/blob/master/start.sh?ref_type=heads#L112The one in the long run will be
/app/data/env.shand I have fixed up the postinstall for the next package version now.For the role value, the id from the browser URL bar is indeed the correct ID, this only applies to first time login
-
Looking at
start.shscript of the app, both files are currently treated the same essentially: https://git.cloudron.io/packages/directus-app/-/blob/master/start.sh?ref_type=heads#L112The one in the long run will be
/app/data/env.shand I have fixed up the postinstall for the next package version now.For the role value, the id from the browser URL bar is indeed the correct ID, this only applies to first time login
@nebulon Thank you for the clarification but I'm still confused regarding roles id.
I understand there are 4 main key build-in roles in Directus (Admin, Editors, Viewer and Public).
For instance if I want all Cloudron's users (except the Admin that has logged first) to be given by default the build-in role "Viewer" in Directus what role id should I use in AUTH_LDAP_DEFAULT_ROLE_ID=<id of role>? Thank you for your support
-
At least in a fresh installation I cannot see those roles you refer to in the UI. So I also don't know where to get the ID or if those even exist or if those are just some convention.
@nebulon Thanks. No they don't exist by default. You start with only Admin and Public ones and have to create the other roles you need, along with their related policies, with or without Admin rights. So ultimately you got a custom id role for each new role created.
I've then edited the env.sh and add export AUTH_LDAP_DEFAULT_ROLE_ID=<id of new role without Admin rights> but whenever I log a new Cloudron user it still inherits the Admin rights by default..
-
OH! only now I realized the hint from @joseph about LDAP. So the env variable now has to be
AUTH_CLOUDRON_DEFAULT_ROLE_IDThe app uses
AUTH_<provider>_...schema for those variables and we have switched over from LDAP to a custom Cloudron OIDC provider. -
OH! only now I realized the hint from @joseph about LDAP. So the env variable now has to be
AUTH_CLOUDRON_DEFAULT_ROLE_IDThe app uses
AUTH_<provider>_...schema for those variables and we have switched over from LDAP to a custom Cloudron OIDC provider.@nebulon said in First time setup/Admin notes show incorrect + LDAP default role not functioning:
AUTH_CLOUDRON_DEFAULT_ROLE_ID
Thanks a lot. It works
! I really like this app. The UI is neat (dark mode from the start !) and it has a lot of potential. Let's try to develop something with it.
Best wishes
-
N nebulon has marked this topic as solved on
