The flexible authentication solution - built for small organisations and non-profits as a drop-in replacement for manually managing everything.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Moritz Marquardt d3b571100c Update various TODO comments 2 months ago
.vscode Implement core, the API, basic hook structure & memeory hooks, switch to Svelte and start with the implementation of the login screen 2 months ago
api Update various TODO comments 2 months ago
core Fix JSON name of UID, GID and MemberUIDs 2 months ago
hooks Update various TODO comments 2 months ago
test Implement core, the API, basic hook structure & memeory hooks, switch to Svelte and start with the implementation of the login screen 2 months ago
ui Update various TODO comments 2 months ago
.editorconfig Implement core, the API, basic hook structure & memeory hooks, switch to Svelte and start with the implementation of the login screen 2 months ago
API.apib Add plans for features, deployment and the API 3 months ago
Dockerfile Add basic structure for frontend, backend and run scripts 3 months ago
README.md Add plans for features, deployment and the API 3 months ago
go.mod Implement core, the API, basic hook structure & memeory hooks, switch to Svelte and start with the implementation of the login screen 2 months ago
go.sum Implement core, the API, basic hook structure & memeory hooks, switch to Svelte and start with the implementation of the login screen 2 months ago
hooks.go Implement core, the API, basic hook structure & memeory hooks, switch to Svelte and start with the implementation of the login screen 2 months ago
server.go Implement core, the API, basic hook structure & memeory hooks, switch to Svelte and start with the implementation of the login screen 2 months ago

README.md

peopled - the flexible authentication solution

Built for small organisations and non-profits as a drop-in replacement for manually managing everything.

Features

  • OpenLDAP-based for perfect compatibility
  • Easily embeddable web frontend for administration and self-service
  • Customizable schema with custom fields
  • Secure configuration out-of-the-box
  • Easy-to-use REST API if you need to build your own tools
  • Rock-solid mobile-friendly web frontend built on Elm

Future plans

  • SAML support for Single-Sign-On
  • Two-Factor-Authentication via U2F & TOTP (LDAP: <password><token> as the password)
  • Sync to Active Directory
  • Simple OpenLDAP slave deployment

Deploy it on your server

docker run \
  --name peopled \
  -v /var/people:/var/people \
  -p 389:389 -p 636:636 -p 16:16 \
  -e DOMAIN=example.org \
  momar/peopled

Use docker logs --follow peopled to show the logs of the container.

You can access the web UI at https://127.0.0.1:16/ui/. You need to follow the initial setup wizard for the LDAP server to come alive.

Ports

  • 389 - unencrypted LDAP
  • 636 - encrypted LDAPS
  • 16 - HTTP(S) with web UI, API & SAML

Environment

  • DOMAIN is the root domain of the organisation; if set to example.org, the LDAP domain will be dc=example,dc=org
  • CERT contains information about the TLS certificate for LDAPS and the webserver at port 16:
    • @ (or empty) - use Let’s Encrypt to obtain a certificate at $DOMAIN (the default)
    • @example.org - use Let’s Encrypt to obtain a certificate at example.org
    • /var/people/cert/mykey.pem - use a private key from the filesystem with auto-reload on file changes; an absolute path is required
    • self-signed - use a self-signed certificate
    • disabled - disable LDAPS and use HTTP without TLS on port 16

Volumes

  • /var/people contains all files required to persist the installation
  • /var/people/cert contains the TLS certificates
  • /var/people/ldap contains the OpenLDAP configuration
  • /var/people/config contains the peopled configuration
  • /var/people/backup contains hourly backups of everything

Embed the web UI

Using an iFrame

<iframe src="https://example.org:16/ui/embed.html" id="peopled" frameborder="0" width="100%"></iframe>
<script>window.addEventListener("message",e=>e.data&&e.data.peopledScrollHeight&&(document.getElementById("peopled").style.height=e.data.peopledScrollHeight+"px"))</script>

Using JavaScript

You need to use Bulma on the parent site to embed peopled using JavaScript. The advantage is a more seamless user experience.

<script src="https://example.org:16/ui/embed.js"></script>