A webtool in Python Flask that creates an LDAP user and his TrueNAS shares pool in ISCSI or NFS.
- There is an experimental part that store the above user info, directly to onepassword.
- The configuration file is encrypted with the master key.
- Is using the python LDAP3 libraries.
- Using the TrueNAS scale API.
Before you start, install python3 and his libraries with:
$ pip3 install -r requirements.txt
or for docker:$ docker build -t truenastools .Run the script with:
- WEB = python3 app.py
- DOCKER = docker run -it -p 8443:8443 -d truenastools
- Browser = https://x.x.x.x:8443/login
- Login = default key is “xj2wqXEdYsVGnb3ISAD4Ok3velzBNS7K3AHj7aTvQVw=” PLEASE CHANGE IT
The WEB version (beta) script is handling 2 main tasks:
- The first part is focusing on LDAP/AD connection, there are many frameworks for that, and this script is using the python LDAPv3 libraries.
- The second part is using a normal API HTTPS (GET/POST) request, to manage TrueNas and (the 1Password API).
Active Directory Creation steps:
- Create User and Group
- Create shares, encrypt, quota
- Credentials to 1Password
Active Directory Modify steps:
- Modify User Info
- Reset User Password
- Enabled User
- Disable User
- Delete User
- Add user to Group
- Remove User from Group
- Rename Group name
- Delete Group
iSCSI Creation Steps:
- Create User
- Create ZVOL
- Auth Meth (NONE, CHAP, MUTUAL_CHAP)
- Create Target
- Create Initiatior if new
- Use existing Target with Portal
LDAP Users and Groups syntax:
- User = CustomerID + HEX#3 = u12345-hex#3)
- Group = CustomerID only (u12345)
- Password = Complex, 12 characters
The repository: https://github.com/garanet/truenas_ldap_flask_tools/
LDAPv3 Docs: https://ldap3.readthedocs.io/en/latest/
TrueNas Docs: https://www.truenas.com/docs/core/api/
1Password Docs: https://developer.1password.com/docs/connect/connect-api-reference/
