Configure Advanced Features¶
This section describes how to configure some advanced features:
- LDAP authentication
- Sending of emails
Outgoing Email Configuration¶
You have to set the SMTP server for outgoing mail using the environment variable EMAIL_URL
On Heroku¶
Simply configure EMAIL_URL
“Config Variable” in the Heroku application configuration.
EMAIL_URL=smtp://post-office.example.com
On Flynn¶
$ flynn env set EMAIL_URL=smtp://post-office.example.com
On Manual / Ansible Deployment¶
You have to set the variable similar to DATABASE_URL
in /etc/systemd/system/flowcelltool.service
.
When using Ansible, you best configure this in templates/flowcelltool.service.j2
.
Environment="EMAIL_URL=smtp://post-office.example.com"
LDAP Configuration¶
Flowcelltool can use up to two LDAP servers (ActiveDirectory is also supported) for authentication users.
The configuration of the second one is optional.
For one server, you can either configure the server to user username
for login or username@DOMAIN
with a configurable domain.
To enable this for the first server, define the following environment variables (see Outgoing Email Configuration on the appropriate places for the different deployment targets).
The configuration of AUTH_LDAP_USERNAME_DOMAIN
is optional when only using one server.
ENABLE_LDAP=1
AUTH_LDAP_BIND_DN='CN=user,DC=example,DC=com'
AUTH_LDAP_BIND_PASSWORD='password'
AUTH_LDAP_SERVER_URI='ldap://activedirectory.example.com'
AUTH_LDAP_USER_SEARCH_BASE='DC=example,DC=com'
AUTH_LDAP_USERNAME_DOMAIN='YOURDOMAIN'
For configuring the secondary LDAP server, use the following environment variables.
The configuration of AUTH_LDAP_USERNAME_DOMAIN
is required when using two servers.
export ENABLE_LDAP_SECONDARY=1
export AUTH_LDAP2_BIND_DN='CN=user,DC=example,DC=com'
export AUTH_LDAP2_BIND_PASSWORD='password'
export AUTH_LDAP2_SERVER_URI='ldap://activedirectory.example.com'
export AUTH_LDAP2_USER_SEARCH_BASE='DC=example,DC=com'
export AUTH_LDAP2_USERNAME_DOMAIN='YOURDOMAIN2'
Note that for users logging in via LDAP, the username must be in form of username@YOURDOMAIN
if the AUTH_LDAP*_USERNAME_DOMAIN
variable is set.
Note
If you alter the username domain configuration once the tool is in use, you must manually alter the user names already found in the Django Postgres database.
Login Message¶
You can specify a message to display on the login screen by setting the environment variable LOGIN_MESSAGE
.