Userdir Ldap

Channel Revision Published Runs on
latest/stable 18 01 Nov 2023
Ubuntu 22.04 Ubuntu 20.04
latest/candidate 18 18 Oct 2023
Ubuntu 22.04 Ubuntu 20.04
latest/edge 21 09 Feb 2024
Ubuntu 22.04 Ubuntu 20.04
juju deploy userdir-ldap
Show information

Learn to deploy on juju >

Platform:

Ubuntu
22.04 20.04

Learn about configurations >

  • apt-repo-keys | string

    Default: FD9070E51DF0D4FBDF6FB5C8C018BA5B562AD4EF

    Apt repository key, typically needed for apt-repo-spec.

  • apt-repo-spec | string

    Default: ppa:canonical-sysadmins/ud-ldap

    Apt repository to install userdir-ldap from.

  • ciphers | string

    Default: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com

    List of ciphers allowed. Defaults chacha20-poly1305@openssh.com available since OpenSSH 6.5, aes256-gcm@openssh.com and aes128-gcm@openssh.com available since OpenSSH 6.2. All supported in both Trusty and Xenial.

  • domain | string

    Fallback domain when none present. This is mostly to work around MAAS's failure to add DNS for LXC containers - LP#1274947.

  • kex-algorithms | string

    Default: curve25519-sha256@libssh.org

    KEX (Key Exchange) algorithms allowed. Default curve25519-sha256@libssh.org which has been available since OpenSSH 6.5 so already supported on both Trusty and Xenial.

  • macs | string

    Default: umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-256

    List of MAC (message authentication code) algorithms allowed. Default MACs available since OpenSSH 6.2 so already supported on both Trusty and Xenial.

  • root-id-rsa | string

    An openssh-format RSA private key with no passphrase. (This option is a trapdoor; setting it back to null has no real effect.)

  • sudoer-group | string

    Default: bootstack-squad

    Comma separated groups of sudoers who do not require password

  • sudoer-password-groups | string

    Comma separated groups of sudoers who require a password

  • template-hostname | string

    If the files rsynced from sshdist don't match our hostname, create a symlink to bridge the gap from /var/lib/misc/thishost.

  • userdb-host | string

    Default: userdb.internal

    Name of the userdb host

  • userdb-ip | string

    Default: 91.189.90.139

    IP address of the userdb host

  • userdb-known-hosts | string

    A (possibly multiple-line) string of known_hosts entries to seed the userdb trust during install. If none specified, ssh-keyscan will be used.

  • users-to-migrate | string

    Default: ubuntu

    A space-separated list of usernames whose authorized_keys files should be migrated from ~/.ssh/authorized_keys to /etc/ssh/user-authorized-keys on install.