# SOME DESCRIPTIVE TITLE. # Copyright (C) 2024, Yaal Coop # This file is distributed under the same license as the canaille package. # FIRST AUTHOR , 2024. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: canaille 0.0.56\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2024-11-22 17:21+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: fr \n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" "Generated-By: Babel 2.16.0\n" #: ../tutorial/databases.rst:2 34b6a5df315e4629b9710884e3f5be9e msgid "Databases" msgstr "" #: ../tutorial/databases.rst:4 31f93a60c87648478dfe7a6c74d5f36a msgid "" "Canaille can read and save data in different databases. This page presents " "the different database backends and their specificities:" msgstr "" #: ../tutorial/databases.rst:8 8dc081315c7a4eea8be2e81b8a049162 msgid "Memory" msgstr "" #: ../tutorial/databases.rst:10 08608b21b52a4a22ac26b3a2a2d29f6a msgid "" "Canaille comes with a lightweight inmemory backend by default. It is used " "when no other backend has been configured." msgstr "" #: ../tutorial/databases.rst:13 dbb9009fcf724d6290135aa1d6a32026 msgid "" "This backend is only for test purpose and should not be used in production " "environments." msgstr "" #: ../tutorial/databases.rst:16 06113268bf4a49d0880cdae75f961fc5 msgid "SQL" msgstr "" #: ../tutorial/databases.rst:18 2bb9cb1d3c4f4e4f93d649960bca123d msgid "" "Canaille can use any database supported by `SQLAlchemy `_, such as sqlite, postgresql or mariadb." msgstr "" #: ../tutorial/databases.rst:21 bb4ec73e439d430aa8dbdddb0301bf5b msgid "" "It is used when the ``CANAILLE_SQL`` configuration parameter is defined. For " "instance:" msgstr "" #: ../tutorial/databases.rst:23 ../tutorial/databases.rst:37 #: 7de375f96b054244a9fb0c7c60663f32 ebab073f2f894dfb87705d06ebb870af msgid "config.toml" msgstr "" #: ../tutorial/databases.rst:29 6e78f6be25cb4151951a1bc6994643a9 msgid "" "You can find more details on the SQL configuration in the :class:`dedicated " "section `." msgstr "" #: ../tutorial/databases.rst:32 bcfa707ba3b2494ab1af853bcdc7673f msgid "LDAP" msgstr "" #: ../tutorial/databases.rst:34 426e632fa07a44369bdadb8a290672bf msgid "" "Canaille can use OpenLDAP as its main database. It is used when the " "``CANAILLE_LDAP`` configuration parameter is defined. For instance:" msgstr "" #: ../tutorial/databases.rst:52 0c319bcdd3b649569745572bb2944fec msgid "" "You can find more details on the LDAP configuration in the :class:`dedicated " "section `." msgstr "" #: ../tutorial/databases.rst:55 ebc6e35e9a6049be8bc66eb127adf882 msgid "" "Currently, only the ``inetOrgPerson`` and ``groupOfNames`` schemas have been " "tested. If you want to use different schemas or LDAP servers, adaptations " "may be needed. Patches are welcome." msgstr "" #: ../tutorial/databases.rst:60 6a9ec2b8bf724122b5752c753bdaea7a msgid "OpenLDAP overlays integration" msgstr "" #: ../tutorial/databases.rst:62 ce6daa0ac4974084990221c2806a5549 msgid "Canaille can integrate with several OpenLDAP overlays:" msgstr "" #: ../tutorial/databases.rst:65 24a7dc4d61504545ac841910fbaca48b msgid "memberof / refint" msgstr "" #: ../tutorial/databases.rst:67 d24183e3349f42bfbbecde663f03f846 msgid "" "`memberof `_ and `refint `_ overlays " "are needed for the Canaille group membership to work correctly." msgstr "" #: ../tutorial/databases.rst:71 ../tutorial/databases.rst:94 #: 65357e9c96e341128f9448507ce02f1b 692bdeebfc9c40999c9b09c8d9371e52 msgid "Here is a configuration example compatible with canaille:" msgstr "" #: ../tutorial/databases.rst:73 511312387435410987a190cf7b68f2ab msgid "memberof-config.ldif" msgstr "" #: ../tutorial/databases.rst:77 c95e78d9dde84102b1a97c2399430c23 msgid "refint-config.ldif" msgstr "" #: ../tutorial/databases.rst:81 ../tutorial/databases.rst:104 #: 2e0fddced7e949f8a66653530c8a120b 8686380cd79949259b48f68fe6c4d3b8 msgid "You can adapt and load those configuration files with:" msgstr "" #: ../tutorial/databases.rst:90 af864ca7a8ef4d128d3fbe54749a944c msgid "ppolicy" msgstr "" #: ../tutorial/databases.rst:92 fc8d77f8ca4d48de9eba6c408a9f5fc2 msgid "" "If the `ppolicy `_ overlay is configured and the ``pwdEndTime`` attribute is " "available (since OpenLDAP 2.6), then account locking support will be enabled " "in canaille. To allow users to manage account expiration, they need to have " "a *write* permission on the :attr:`~canaille.core.models.User.lock_date` " "attribute." msgstr "" #: ../tutorial/databases.rst:96 15e6cfdc691149efbbdc2f3834c7a3d0 msgid "ppolicy-config.ldif" msgstr "" #: ../tutorial/databases.rst:100 ef7f7bd8dd0445be8596864cb1b50fa5 msgid "ppolicy.ldif" msgstr "" #: ../tutorial/deployment.rst:2 a7ef8cd4696b4e53a1ffdb87fb18c375 msgid "Deployment" msgstr "" #: ../tutorial/deployment.rst:5 0f1f7c0caa8a4dfcb659c15bedda5aae msgid "Application service" msgstr "" #: ../tutorial/deployment.rst:7 b93527ef33ad4a65af273da09bb780f3 msgid "" "After having finished Canaille installation you have to run it in a WSGI " "application server. Here are some WSGI server configuration examples you can " "pick. Do not forget to update the paths." msgstr "" #: ../tutorial/deployment.rst:11 1ffbe89a8ff744fc9686484ce526e541 msgid "gunicorn" msgstr "" #: ../tutorial/deployment.rst:13 418a0ab3603442f2b0a515962f003029 msgid "Todo" msgstr "" #: ../tutorial/deployment.rst:15 c40ad558fd584c01a6c564f8f72d12f3 msgid "Write a gunicorn configuration sample file." msgstr "" #: ../tutorial/deployment.rst:18 ec3a0c7c05b74be6b1640ff6a4090aec msgid "uwsgi" msgstr "" #: ../tutorial/deployment.rst:42 5c4862bc3810432195a2e9a353f60b54 msgid "Webserver" msgstr "" #: ../tutorial/deployment.rst:44 94e56452db9741f0a3eee45f672e73a8 msgid "" "Now you have to plug your WSGI application server to your webserver so it is " "accessible on the internet. Here are some webserver configuration examples " "you can pick:" msgstr "" #: ../tutorial/deployment.rst:48 7c4ae615fbd44c3f8ab3ece2d0201ed7 msgid "Nginx" msgstr "" #: ../tutorial/deployment.rst:114 ac66da9f7d1342bdad81dbdf97218b4e msgid "Apache" msgstr "" #: ../tutorial/deployment.rst:153 ad13e4fdf804422facdde8b1b619e9a2 msgid "Recurrent jobs" msgstr "" #: ../tutorial/deployment.rst:155 b9ba07959e7f4d57846b44490735d913 msgid "" "You might want to clean up your database to avoid it growing too much. You " "can regularly delete expired tokens and authorization codes with:" msgstr "" #: ../tutorial/deployment.rst:164 4a9929824eba46a883f1147dcdaa526e msgid "Webfinger" msgstr "" #: ../tutorial/deployment.rst:166 cbd15001d4a043e5a0ec93a5eff80b9f msgid "" "You may want to configure a `WebFinger`_ endpoint on your main website to " "allow the automatic discovery of your Canaille installation based on the " "account name of one of your users. For instance, suppose your domain is " "``mydomain.example`` and your Canaille domain is ``auth.mydomain.example`` " "and there is a user ``john.doe``. A third-party application could require to " "authenticate the user and ask them for a user account. The user would give " "their account ``john.doe@mydomain.example``, then the application would " "perform a WebFinger request at ``https://mydomain.example/.well-known/" "webfinger`` and the response would contain the address of the authentication " "server ``https://auth.mydomain.example``. With this information the third " "party application can redirect the user to the Canaille authentication page." msgstr "" #: ../tutorial/deployment.rst:168 e515d97f8d8248f98081746a9b723611 msgid "" "The difficulty here is that the WebFinger endpoint must be hosted at the top-" "level domain (i.e. ``mydomain.example``) while the authentication server " "might be hosted on a sublevel (i.e. ``auth.mydomain.example``). Canaille " "provides a WebFinger endpoint, but if it is not hosted at the top-level " "domain, a web redirection is required on the ``/.well-known/webfinger`` path." msgstr "" #: ../tutorial/deployment.rst:170 3c7cb4cd4a2d498098fe4387a5ae3b2a msgid "Here are configuration examples for Nginx or Apache:" msgstr "" #: ../tutorial/deployment.rst:172 a11ff6002ffc46b7b401b29c222cb984 msgid "Nginx webfinger configuration for a top level domain" msgstr "" #: ../tutorial/deployment.rst:181 cc81b2ca58b842bab2583d46cd8ac1dc msgid "Apache webfinger configuration for a top level domain" msgstr "" #: ../tutorial/deployment.rst:191 b9b3713c6f724e5cb3cad50756e8211c msgid "Create the first user" msgstr "" #: ../tutorial/deployment.rst:193 02df7f55e6df4452ac60d899b5a98cc2 msgid "" "Once canaille is installed, soon enough you will need to add users. To " "create your first user you can use the :ref:`canaille create ` " "CLI." msgstr "" #: ../tutorial/index.rst:2 3deeb02f520e41b4a510d72bdd446046 msgid "Tutorial" msgstr "" #: ../tutorial/install.rst:2 36b529fead5242468a36bdbbbdd28544 msgid "Installation" msgstr "" #: ../tutorial/install.rst:6 c717982f410e46a28e3f97a9a1096146 msgid "" "Canaille is under heavy development and may not fit a production environment " "yet." msgstr "" #: ../tutorial/install.rst:8 6e7bc4fde5d74dceb03c1f03a95fa779 msgid "" "The installation of canaille consist in several steps, some of which you can " "do manually or with command line tool:" msgstr "" #: ../tutorial/install.rst:11 25f53875201f4538b26df4d537d355ea msgid "Get the code" msgstr "" #: ../tutorial/install.rst:13 ac342d74e14244c4badfab8c1f829d94 msgid "" "As the moment there is no distribution package for canaille. However, it can " "be installed with the ``pip`` package manager. Let us choose a place for the " "canaille environment, like ``/opt/canaille/env``." msgstr "" #: ../tutorial/install.rst:24 15d4a0b372c44934a05f1ed6eb327a87 msgid "Extras" msgstr "" #: ../tutorial/install.rst:26 6c563bb9847e4766a5c3d0d461a35c2f msgid "Canaille provides different package options:" msgstr "" #: ../tutorial/install.rst:28 65dbf1cc88e14dcda675a7a20f71477b msgid "`front` provides all the things needed to produce the user interface;" msgstr "" #: ../tutorial/install.rst:29 932751ee90ac445f8271d5f0bf062139 msgid "`oidc` provides the dependencies to perform OAuth2/OIDC authentication;" msgstr "" #: ../tutorial/install.rst:30 33ba6546cbf94064ab5290438b1120a8 msgid "`ldap` provides the dependencies to enable the LDAP backend;" msgstr "" #: ../tutorial/install.rst:31 e65f505181e448e58b1aa158e8af5d42 msgid "`sqlite` provides the dependencies to enable the SQLite backend;" msgstr "" #: ../tutorial/install.rst:32 f3fa4d1a59674077b16bdc0e432f326e msgid "" "`postgresql` provides the dependencies to enable the PostgreSQL backend;" msgstr "" #: ../tutorial/install.rst:33 f914db4dca274ab9bc725faba6cc6e86 msgid "`mysql` provides the dependencies to enable the MySQL backend;" msgstr "" #: ../tutorial/install.rst:34 7dad7a35aea54e549ac3328577c8e3e1 msgid "`sentry` provides sentry integration to watch Canaille exceptions;" msgstr "" #: ../tutorial/install.rst:35 1cd7e38d50bd4f439e285c870a8b005c msgid "`all` provides all the extras above." msgstr "" #: ../tutorial/install.rst:37 cf6a1f2144114c7abfe4177c427d72f8 msgid "They can be installed with:" msgstr "" #: ../tutorial/install.rst:44 51d6f24a101c4511aa3d49db1914fa3a msgid "Configure" msgstr "" #: ../tutorial/install.rst:46 4efc51c21f274c449ecdd33dcc439625 msgid "" "Choose a path where to store your configuration file. You can pass any " "configuration path with the ``CONFIG`` environment variable." msgstr "" #: ../tutorial/install.rst:54 90dd73339c3e43f18395eb80d9749456 msgid "" "You should then edit your configuration file to adapt the values to your " "needs. Look at the configuration details in the :doc:`configuration <../" "references/configuration>` page." msgstr "" #: ../tutorial/install.rst:57 3ff3b9dbf5904b3dbb2494ee61825d15 msgid "Install" msgstr "" #: ../tutorial/install.rst:59 56e161c2e2ed4ae7a7d55bcc024135a1 msgid "" "The :ref:`install command ` will apply most of the things " "needed to get Canaille working. Depending on the configured :doc:`database " "` it will create the SQL tables, or install the LDAP schemas for " "instance." msgstr "" #: ../tutorial/install.rst:68 e4b60f64108549189d9627699af12a91 msgid "Check" msgstr "" #: ../tutorial/install.rst:70 1a9056c774724a0491bcb5060e8903f2 msgid "" "After a manual installation, you can check your configuration file using " "the :ref:`check command `:" msgstr "" #: ../tutorial/troubleshooting.rst:2 8e2c5e7ea5f14416a11a2ec648a32593 msgid "Troubleshooting" msgstr "" #: ../tutorial/troubleshooting.rst:5 d1d6667b4caa4506a5be55cc7c4df22a msgid "The web interface throws useless error messages" msgstr "" #: ../tutorial/troubleshooting.rst:7 a71c850aa84d41e99550cc54f23e5441 msgid "" "Unless the current user has admin :class:`permissions `, or the installation is in :attr:`~canaille.app." "configuration.RootSettings.DEBUG` mode, error messages won't be too " "technical. For instance, you can see *The request you made is invalid*. To " "enable detailed error messages, you can **temporarily** enable the :attr:" "`~canaille.app.configuration.RootSettings.DEBUG` configuration parameter." msgstr "" #: ../tutorial/troubleshooting.rst:12 cc846be11ca448ddb1c1913d1e41ccbf msgid "How to manually install LDAP schemas?" msgstr "" #: ../tutorial/troubleshooting.rst:16 c9a20d92290541c0b5536e5cd150999d msgid "" "Schema installation can be automatically done using the :ref:`install " "command `." msgstr "" #: ../tutorial/troubleshooting.rst:18 830b3a72844a44d386308540cc44f1e4 msgid "As of OpenLDAP 2.4, two configuration methods are available:" msgstr "" #: ../tutorial/troubleshooting.rst:20 02db4b758cfd40f7b64bfb79bea9f5c3 msgid "" "The `deprecated `_ " "one, based on a configuration file (generally ``/etc/ldap/slapd.conf``);" msgstr "" #: ../tutorial/troubleshooting.rst:21 0b24de0faa944ae3b1af5c604a71098f msgid "" "The new one, based on a configuration directory (generally ``/etc/ldap/slapd." "d``)." msgstr "" #: ../tutorial/troubleshooting.rst:23 7acd99c26fd7480e8733523fbd29db13 msgid "" "Depending on the configuration method you use with your OpenLDAP " "installation, you need to chose how to add the canaille schemas:" msgstr "" #: ../tutorial/troubleshooting.rst:26 3917d45c79604f16ba0aca4887ff6dac msgid "Old fashion: Copy the schemas in your filesystem" msgstr "" #: ../tutorial/troubleshooting.rst:35 430b74fa77a94624bcae8606289222a3 msgid "New fashion: Use slapadd to add the schemas" msgstr "" #: ../tutorial/troubleshooting.rst:37 9fdc2c09b2dc44b3b5e45ed1271b3e7c msgid "Be careful to stop your ldap server before running ``slapadd``" msgstr "" #: ../tutorial/troubleshooting.rst:46 cc6bfd549bd541eead7a37af15a25aef msgid "How to manually generate the OIDC keypair?" msgstr "" #: ../tutorial/troubleshooting.rst:50 6dc2d317536b41ff839d98287a84f358 msgid "" "The keypair generation can be automatically done using the :ref:`install " "command `." msgstr "" #: ../tutorial/troubleshooting.rst:52 31db4facc32b4691b3625065562ef5c3 msgid "" "Canaille needs a key pair to sign OIDC tokens. You can customize those " "commands, as long as they match the ``JWT`` section of your configuration " "file." msgstr ""