GLPI is now available

@nebulon Thanks, it’s my pleasure!
Thank you as well for the quick analysis and publication — great work!

@girish said in GLPI - Asset and IT Management Software:

@vitetj great stuff! I have asked @vladimir.d to look into this so we can get it published. Was there a reason to use LDAP and not OIDC ? https://help.glpi-project.org/doc-plugins/oauthsso ? Also, if we may reuse your work, can you please put in a LICENSE file at https://github.com/vitetj/Cloudron-GLPI ? Any opensource license (MIT, GPL etc) will work.

Hey — thanks!

On OIDC: the plugin you linked (oauthsso) is not free (it’s available through a GLPI subscription / GLPI Network), which is why I went with LDAP for a default setup.

That said, OIDC is definitely on my todo list. There are community/free options we can build on for OIDC SSO, for example:
https://github.com/edgardmessias/glpi-singlesignon

And yes — happy to help with reuse: I’ll add a LICENSE file to https://github.com/vitetj/Cloudron-GLPI so it can be published/used properly.

Technical update: LDAP authentication is now working.

The fix was to move the whole LDAP setup into start.sh and make it fully deterministic:
• wait for the MySQL service to be reachable
• inject the LDAP configuration directly into glpi_authldaps using Cloudron-provided env vars
• clear GLPI cache
• run an explicit ldap:sync

This avoids init-time race conditions and inconsistent behavior observed with glpi:ldap:create alone.
Current repo reflects the working implementation.

edit : My bad i just fix the marketplace directory permissions with symlink to persistent storage
Should be ok now

thank you — in GLPI you can fully configure authentication directly via the CLI, since all auth settings are stored in the database.

The idea is simply to inject the configuration at install time, during the app initialization phase, instead of doing anything in the GUI.

In a Cloudron context, that means:
• Enable the ldap addon in CloudronManifest.json
• Let Cloudron inject the LDAP environment variables
• Use the GLPI CLI (bin/console) to create and enable the LDAP directory
• Do all of this inside the init script, once the database is ready

Example of what I’m planning to wire into init-glpi.sh:

php bin/console glpi:ldap:create
--default
--active
--name="Cloudron LDAP"
--host="${CLOUDRON_LDAP_URL#ldap://}"
--port=389
--basedn="ou=users,${CLOUDRON_LDAP_BASE_DN}"
--rootdn="${CLOUDRON_LDAP_BIND_DN}"
--rootdn-pass="${CLOUDRON_LDAP_BIND_PASSWORD}"
--login-field="username"
--email-field="mail"
--firstname-field="givenName"
--realname-field="sn"
--use-tls=0

This config is written directly to the GLPI database, so no UI interaction is required.

I haven’t tested this end-to-end yet — I’m a bit short on time this week — but from GLPI’s CLI and schema, this should be the correct approach. I’ll validate and clean it up when I have more bandwidth.

Hi everyone

I’d like to share a first functional draft of GLPI 11 packaged for Cloudron.
It’s not a finished or “official” package yet, but the foundation is already solid and clean, and follows Cloudron best practices.

Git repository:
https://github.com/vitetj/Cloudron-GLPI

Current state

GLPI 11.x

MySQL via Cloudron addon

Persistent data stored in /app/data

Intentional manual installation via CLI script (for safety and clarity)

Cloudron post-install message (red warning box) to guide admins

Idempotent initialization script (init-glpi.sh)

Clean start.sh with no hidden automation

The goal was to build something that is:

admin-friendly

maintainable

Cloudron-native

explicit rather than “magic”

What’s coming next

I plan to continue improving the package with:

GLPI cron tasks (via Cloudron Cron)

Cloudron SMTP integration

LDAP / SSO

additional hardening and cleanup

better admin documentation

This is very much a work in progress, but I wanted to share early to get feedback from the Cloudron community, especially on:

the installation flow

the manual post-install approach

the overall package architecture

Any feedback is welcome