WIP: feat(authelia): Add authentication with authelia

2025-05-24 07:26:11 +08:00 · 2025-05-24 07:26:11 +08:00 · 27f28457b2
commit 27f28457b2
parent 94ec261a94
9 changed files with 256 additions and 9 deletions
--- a/configuration/services/auth/lldap-provisioning.nu
+++ b/configuration/services/auth/lldap-provisioning.nu
@ -0,0 +1,44 @@
+#!/usr/bin/env nushell
+
+let groups = [{
+
+}]
+
+let users = [
+
+]
+
+let settings = open $env.LLDAP_CONFIG
+let url = (
+  'http://' |
+  $in + ($settings | get http_host | default '127.0.0.1') |
+  $in + ':' |
+  $in + ($settings | get http_port | default '17170' | into string))
+let user = $settings | get ldap_user_dn | default admin
+let pass = open $env.LLDAP_LDAP_USER_PASS_FILE
+
+let token = { username: $user, password: $pass } | to json | http post $'($url)/auth/simple/login' | get token
+
+def query [operation: string, query: string, variables: list<string>] {
+  let body = {
+    query: $query,
+    operationName: $operation,
+    variables: $variables
+  }
+
+  let res = $body | to json | http post --headers [Authorization $'Bearer ($token)'] $'($url)/api/graphql'
+
+  if ("errors" in $res) {
+    let msg = "GraphQL query to LLDAP failed:\n" + ($res.errors | each {|e| $'- ($e)' | str join (char newline)})
+
+    error make {
+      msg: $msg,
+      label: {
+          text: "Query defined here",
+          span: (metadata $query).span
+      }
+    }
+  } else {
+    $res.data
+  }
+}