feat: add ldap configuration

- add group members to jupyterhub_user
- add svc_jupyterhub user for ldap binding
- paramatarise all ldap fields required
- manage the notebook data directory
This commit is contained in:
2024-11-10 20:28:10 +11:00
parent 61f5f1ce1f
commit 42ad972697
4 changed files with 37 additions and 20 deletions
@@ -16,12 +16,11 @@ c.DockerSpawner.image = '<%= @docker_image %>'
c.DockerSpawner.network_name = '<%= @docker_network %>'
# Notebook directory and mount location
notebook_dir = '/home/jupyter/work'
c.DockerSpawner.notebook_dir = notebook_dir
c.DockerSpawner.notebook_dir = '<%= @notebook_path %>'
# Optional: Volume mapping for user data persistence
c.DockerSpawner.volumes = {
'jupyterhub-user-{username}': notebook_dir
'jupyterhub-user-{username}': '<%= @notebook_path %>'
}
# DockerSpawner options
@@ -33,11 +32,20 @@ c.JupyterHub.authenticator_class = 'ldapauthenticator.LDAPAuthenticator'
# LDAP Server settings
c.LDAPAuthenticator.server_address = '<%= @ldap_server_address %>'
c.LDAPAuthenticator.bind_dn_template = '<%= @ldap_bind_dn_template %>'
c.LDAPAuthenticator.use_ssl = <%= @ldap_use_ssl ? 'True' : 'False' %>
c.LDAPAuthenticator.tls_strategy = '<%= @ldap_tls_strategy %>'
# Restrict access to a specific LDAP group
c.LDAPAuthenticator.allowed_groups = <%= @ldap_allowed_groups.to_s %>
# List LDAP users as admins
c.LDAPAuthenticator.admin_users = <%= @ldap_admin_users.to_s %>
# Lookup settings
c.LDAPAuthenticator.lookup_dn = True
c.LDAPAuthenticator.lookup_dn_search_filter = '<%= @ldap_user_search_filter %>'
c.LDAPAuthenticator.lookup_dn_search_user = '<%= @ldap_bind_user %>'
c.LDAPAuthenticator.lookup_dn_search_password = '<%= @ldap_bind_pass %>'
c.LDAPAuthenticator.user_search_base = '<%= @ldap_user_search_base %>'
c.LDAPAuthenticator.user_attribute = '<%= @ldap_user_attribute %>'
c.LDAPAuthenticator.lookup_dn_user_dn_attribute = '<%= @ldap_user_dn_attribute %>'
c.LDAPAuthenticator.group_search_filter = '<%= @ldap_group_search_filter %>'