lemonldap-ng/doc/sources/admin/restconfbackend.rst

REST configuration backend
==========================

You can share your configuration over the network using REST proxy
system:

-  GET /config/latest: get the last config metadata
-  GET /config/<cfgNum>: get the metadata for config n° <cfgNum>
-  GET /config/<latest|cfgNum>/<key>: get conf key value
-  GET /config/<latest|cfgNum>?full=1: get the full configuration

You can retrieve "human readable" error messages:

-  GET /error/<lang>/<errNum>: get <errNum> error reference and <lang>
   errors file.

If no <lang> provided, 'en' errors file is returned.


.. tip::

    Note that REST is not a real configuration backend, but just a
    proxy system to access to your configuration over the network

Configuration
-------------

First, configure your real backend
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-  On your main server, configure a
   :doc:`File<fileconfbackend>`,
   :doc:`SQL<sqlconfbackend>` or
   :doc:`LDAP<ldapconfbackend>` backend
-  Enable REST server in the configuration using the manager (in portal
   plugins)
-  Configure your web server to allow remote access. Remote REST access
   is disabled by default. Change it as follow:

\* In ``portal-apache2.conf``:

.. code-block:: apache

   # REST functions for configuration access (disabled by default)
   <Location /index.fcgi/config>
       Require ip 192.168.2.0/24
   </Location>

\* In ``portal-nginx.conf``:

.. code-block:: nginx

   # REST functions for configuration access (disabled by default)
   location /index.psgi/config {
     allow 192.168.2.0/24;
   }

Next, configure REST for your remote servers
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Change configuration in lemonldap-ng.ini :

.. code-block:: ini

   type         = REST
   ; Apache
   baseUrl      = https://auth.example.com/index.fcgi/config
   ; Nginx
   baseUrl      = https://auth.example.com/index.psgi/config

You can also add some other parameters

.. code-block:: ini

   User         = lemonldap
   Password     = mypassword
   # LWP::UserAgent parameters
   proxyOptions = { timeout => 5 }
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00			`REST configuration backend`
			`==========================`

			`You can share your configuration over the network using REST proxy`
			`system:`

			`- GET /config/latest: get the last config metadata`
			`- GET /config/<cfgNum>: get the metadata for config n° <cfgNum>`
			`- GET /config/<latest\|cfgNum>/<key>: get conf key value`
			`- GET /config/<latest\|cfgNum>?full=1: get the full configuration`

			`You can retrieve "human readable" error messages:`

			`- GET /error/<lang>/<errNum>: get <errNum> error reference and <lang>`
			`errors file.`

			`If no <lang> provided, 'en' errors file is returned.`


doc: fix formatting 2020-05-18 09:56:39 +02:00			`.. tip::`
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00
			`Note that REST is not a real configuration backend, but just a`
			`proxy system to access to your configuration over the network`

			`Configuration`
			`-------------`

			`First, configure your real backend`
			`~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

			`- On your main server, configure a`
			:doc:`File<fileconfbackend>`,
			:doc:`SQL<sqlconfbackend>` or
			:doc:`LDAP<ldapconfbackend>` backend
			`- Enable REST server in the configuration using the manager (in portal`
			`plugins)`
			`- Configure your web server to allow remote access. Remote REST access`
			`is disabled by default. Change it as follow:`

			\* In ``portal-apache2.conf``:

doc: fix markup 2020-05-21 15:13:24 +02:00			`.. code-block:: apache`
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00
			`# REST functions for configuration access (disabled by default)`
			`<Location /index.fcgi/config>`
			`Require ip 192.168.2.0/24`
			`</Location>`

			\* In ``portal-nginx.conf``:

doc: fix markup 2020-05-21 15:13:24 +02:00			`.. code-block:: nginx`
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00
			`# REST functions for configuration access (disabled by default)`
			`location /index.psgi/config {`
			`allow 192.168.2.0/24;`
			`}`

			`Next, configure REST for your remote servers`
			`~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

			`Change configuration in lemonldap-ng.ini :`

doc: fix markup 2020-05-21 15:13:24 +02:00			`.. code-block:: ini`
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00
			`type = REST`
			`; Apache`
			`baseUrl = https://auth.example.com/index.fcgi/config`
			`; Nginx`
			`baseUrl = https://auth.example.com/index.psgi/config`

			`You can also add some other parameters`

doc: fix markup 2020-05-21 15:13:24 +02:00			`.. code-block:: ini`
First version of imported doc (#1646) 2020-05-14 23:29:41 +02:00
			`User = lemonldap`
			`Password = mypassword`
			`# LWP::UserAgent parameters`
			`proxyOptions = { timeout => 5 }`